Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Concerned about dialer infection and redirect and host file


  • This topic is locked This topic is locked
11 replies to this topic

#1 jacqgal

jacqgal

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:16 AM

Posted 07 March 2011 - 02:29 PM

Hello, and thank you in advance for your time in reviewing this and in volunteering your time and expertise to help others such as myself.
My computer has some weird symptoms, so I finally decided to bite the bullet and I researched your site and found the instructions page so I am posting these logs. I had to block a suspicious service by Motive because it kept trying to dial out and I haven't had Verizon in months. Also I think I am experiencing some re-directs and when I ran a Hijack This scan it said that my system would not allow write access to the hosts file.
Maybe I'm just being paranoid, but as I did have problems w/a previous computer due to spyware being remotely installed which emailed logs and screenshots of my activities, I would like to be sure my system is clean. Thank you very much ahead of time!

.
DDS (Ver_11-03-05.01) - NTFS_AMD64
Run by Jacquie at 14:14:13.91 on Mon 03/07/2011
Internet Explorer: 8.0.7601.17514
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3838.2163 [GMT -5:00]
.
AV: Norton Internet Security *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Norton Internet Security *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
C:\Program Files (x86)\Mamutu\a2service.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\System32\spoolsv.exe
C:\Program Files (x86)\a-squared Anti-Dialer\a2service.exe
C:\windows\system32\atieclxx.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\lxeecoms.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\ThpSrv.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\ThpSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\TECO\Teco.exe
C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\Program Files (x86)\Lexmark Pro700 Series\lxeemon.exe
C:\Program Files (x86)\Lexmark Pro700 Series\ezprint.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Windows Sidebar\sidebar.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Olympus\ib\olycamdetect.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
C:\Program Files (x86)\TOSHIBA\Toshiba DetectAC Utility\DetectAC.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Mamutu\mamutu.exe
C:\windows\system32\DllHost.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\windows\SysWOW64\Macromed\Flash\FlashUtil10n_ActiveX.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
C:\windows\notepad.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\Users\Jacquie\Desktop\dds.scr
C:\windows\system32\conhost.exe
C:\windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
uRun: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
uRun: [Olympus ib] "C:\Program Files (x86)\Olympus\ib\olycamdetect.exe" /Startup
mRun: [TUSBSleepChargeSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot
mRun: [Toshiba DetectAC Utility] "C:\Program Files (x86)\TOSHIBA\Toshiba DetectAC Utility\DetectAC.exe"
mRun: [Toshiba DetectAC Utility1] "C:\Program Files (x86)\TOSHIBA\Toshiba DetectAC Utility\CollectInfo.exe"
mRun: [MDS_Menu] "C:\Program Files (x86)\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0"
mRun: [Olympus ib] "C:\Program Files (x86)\Olympus\ib\olycamdetect.exe" /Startup
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [Mamutu Guard] "C:\PROGRAM FILES (X86)\MAMUTU\mamutu.exe" /silent
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
Trusted Zone: microsoft.com\go
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {2FF8D282-F78A-4A33-ABC2-49E72A341482} - hxxp://riteaid.storefront.com/images/global/activex/SFImageUpload1_10.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Partner BHO Class: {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner64.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
mRun-x64: [(Default)]
mRun-x64: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
mRun-x64: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
mRun-x64: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
mRun-x64: [ThpSrv] C:\windows\system32\thpsrv /logon
mRun-x64: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
mRun-x64: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
mRun-x64: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
mRun-x64: [TosWaitSrv] %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe
mRun-x64: [Teco] "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r
mRun-x64: [SmartFaceVWatcher] %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
mRun-x64: [ConexantAudioPatch] %ProgramFiles%\ConexantAudioPatch\Audioreset.exe
mRun-x64: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
mRun-x64: [TosNC] %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe
mRun-x64: [TosReelTimeMonitor] %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
mRun-x64: [lxeemon.exe] "C:\Program Files (x86)\Lexmark Pro700 Series\lxeemon.exe"
mRun-x64: [EzPrint] "C:\Program Files (x86)\Lexmark Pro700 Series\ezprint.exe"
.
============= SERVICES / DRIVERS ===============
.
R0 Thpdrv;TOSHIBA HDD Protection Driver;C:\Windows\System32\drivers\thpdrv.sys [2009-6-29 34880]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;C:\Windows\System32\drivers\Thpevm.sys [2009-6-29 14784]
R1 a2injectiondriver;a2injectiondriver;C:\Program Files (x86)\Mamutu\a2dix64.sys [2011-3-1 48216]
R1 a2util;a-squared Malware-IDS utility driver;C:\Program Files (x86)\Mamutu\a2util64.sys [2011-3-1 14720]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
R2 a2AntiDialer;a-squared Anti-Dialer Service;C:\Program Files (x86)\a-squared Anti-Dialer\a2service.exe [2011-3-2 425080]
R2 a2AntiMalware;Emsisoft Anti-Malware 5.0 - Service;C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [2010-9-19 2855440]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-5-10 203264]
R2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-10-27 252784]
R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-3-10 46448]
R2 lxee_device;lxee_device;C:\windows\system32\lxeecoms.exe -service --> C:\windows\system32\lxeecoms.exe -service [?]
R2 Mamutu;Mamutu Service;C:\Program Files (x86)\Mamutu\a2service.exe [2011-3-1 2855440]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2009-9-28 251760]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\Windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]
R3 a2acc;a2acc;C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys [2010-9-19 85800]
R3 CnxtHdmiAudService;Conexant UAA HDMI Function Driver for High Definition Audio Service;C:\Windows\System32\drivers\CHDMI64.sys [2009-8-18 688128]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\System32\drivers\L1C62x64.sys [2009-7-27 58880]
R3 PGEffect;Pangu effect driver;C:\Windows\System32\drivers\PGEffect.sys [2010-5-10 35008]
R3 QIOMem;Generic IO & Memory Access;C:\Windows\System32\drivers\QIOMem.sys [2009-6-15 12800]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\Windows\System32\drivers\rtl8192se.sys [2010-4-26 1103904]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-5-10 54136]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-9-17 137560]
R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2009-8-4 826224]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-6-23 136176]
S2 lxeeCATSCustConnectService;lxeeCATSCustConnectService;C:\Windows\System32\spool\drivers\x64\3\lxeeserv.exe [2011-3-2 45736]
S2 NIS;Norton Internet Security;"C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\diMaster.dll" /prefetch:1 --> C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe [?]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2011-2-9 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 McciCMService64;McciCMService64;C:\Program Files\Common Files\Motive\McciCMService.exe [2010-6-21 517632]
S3 OlyCamComm;OLYMPUS USB Communication Device;C:\Windows\System32\drivers\OlyCamComm.sys [2009-9-9 24208]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-5-10 225280]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-3-1 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-6-16 1255736]
S4 Partner Service;Partner Service;C:\ProgramData\Partner\Partner.exe [2010-5-10 332272]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2011-03-04 21:54:53 -------- d-----w- C:\windows\SysWow64\Adobe
2011-03-04 10:18:35 7947600 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{5218FEF5-05C1-4386-B4E9-0EE23A372DDA}\mpengine.dll
2011-03-03 22:47:40 -------- d-----w- C:\Users\Jacquie\AppData\Roaming\Malwarebytes
2011-03-03 22:47:26 38224 ----a-w- C:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-03-03 22:47:26 -------- d-----w- C:\PROGRA~3\Malwarebytes
2011-03-03 22:47:21 24152 ----a-w- C:\windows\System32\drivers\mbam.sys
2011-03-03 22:47:20 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-03-03 02:11:16 -------- d-----w- C:\Program Files (x86)\a-squared Anti-Dialer
2011-03-03 01:28:48 -------- d-----w- C:\PROGRA~3\Ezprint
2011-03-02 23:16:41 -------- d-----w- C:\PROGRA~3\Lexmark Pro700 Series
2011-03-02 22:33:58 -------- d-----w- C:\PROGRA~3\Lx_cats
2011-03-02 22:33:40 189440 ----a-w- C:\windows\System32\Spool\prtprocs\x64\lxeedrpp.dll
2011-03-02 22:32:15 109056 ----a-w- C:\windows\System32\lxeevs.dll
2011-03-02 22:32:13 836608 ----a-w- C:\windows\System32\lxeecoin.dll
2011-03-02 22:32:13 1462272 ----a-w- C:\windows\System32\lxk_g.dll
2011-03-02 22:32:10 983121 ----a-w- C:\windows\System32\lxk_gf.dll
2011-03-02 22:32:10 65536 ----a-w- C:\windows\System32\lxeegcfg.dll
2011-03-02 22:32:10 399360 ----a-w- C:\windows\System32\lxeecui.dll
2011-03-02 22:32:10 148480 ----a-w- C:\windows\System32\lxeecuir.dll
2011-03-02 22:31:46 510464 ----a-w- C:\windows\System32\LXEEwupd.dll
2011-03-02 22:31:46 295592 ----a-w- C:\windows\System32\LXEEwupd.exe
2011-03-02 22:28:38 -------- d-----w- C:\Lexmark
2011-03-01 22:25:08 -------- d-----w- C:\Program Files (x86)\Mamutu
2011-03-01 19:06:14 -------- d-----w- C:\windows\PCHEALTH
2011-03-01 19:01:37 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8
2011-03-01 19:01:32 -------- d-----w- C:\windows\System32\SPReview
2011-03-01 18:59:44 -------- d-----w- C:\windows\System32\EventProviders
2011-03-01 18:52:08 48976 ----a-w- C:\windows\System32\netfxperf.dll
2011-03-01 18:52:08 1942856 ----a-w- C:\windows\System32\dfshim.dll
2011-03-01 18:50:58 263168 ----a-w- C:\windows\System32\spwizui.dll
2011-03-01 18:49:59 642944 ----a-w- C:\windows\System32\winload.efi
2011-03-01 18:48:59 69120 ----a-w- C:\windows\System32\dot3cfg.dll
2011-03-01 18:47:59 9728 ----a-w- C:\windows\System32\spwmp.dll
2011-03-01 18:46:58 606208 ----a-w- C:\windows\SysWow64\wbem\fastprox.dll
2011-03-01 18:46:58 363008 ----a-w- C:\windows\SysWow64\wbemcomn.dll
2011-03-01 18:41:00 529408 ----a-w- C:\windows\System32\wbemcomn.dll
2011-03-01 18:41:00 1225216 ----a-w- C:\windows\System32\wbem\wbemcore.dll
2011-03-01 18:40:59 524288 ----a-w- C:\windows\System32\wmicmiplugin.dll
2011-03-01 18:40:46 933376 ----a-w- C:\windows\System32\SmiEngine.dll
2011-03-01 18:40:29 199168 ----a-w- C:\windows\System32\PkgMgr.exe
2011-03-01 18:39:36 422912 ----a-w- C:\windows\System32\drvstore.dll
2011-03-01 18:39:35 399872 ----a-w- C:\windows\System32\dpx.dll
2011-03-01 18:29:48 -------- d-----w- C:\Program Files (x86)\Microsoft Easy Assist
2011-02-27 23:22:08 -------- d-----w- C:\Users\Jacquie\AppData\Roaming\Windows Live Writer
2011-02-27 23:22:08 -------- d-----w- C:\Users\Jacquie\AppData\Local\Windows Live Writer
2011-02-27 23:07:29 -------- d-----w- C:\Program Files (x86)\LizardTech
2011-02-27 23:06:47 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2011-02-27 23:06:47 32768 ------w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2011-02-27 23:06:47 225280 ------w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2011-02-27 23:06:47 176128 ------w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2011-02-27 23:06:46 614532 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2011-02-26 21:55:47 -------- d-----w- C:\Program Files (x86)\JRE
2011-02-24 19:09:54 870912 ----a-w- C:\windows\SysWow64\XpsPrint.dll
2011-02-24 19:09:54 475648 ----a-w- C:\windows\System32\XpsGdiConverter.dll
2011-02-24 19:09:54 1465344 ----a-w- C:\windows\System32\XpsPrint.dll
2011-02-24 19:09:53 288256 ----a-w- C:\windows\SysWow64\XpsGdiConverter.dll
2011-02-20 13:37:49 -------- d-----w- C:\Users\Jacquie\AppData\Local\OLYMPUS
2011-02-20 13:35:56 -------- d-----w- C:\Program Files (x86)\Olympus
2011-02-09 23:59:57 -------- d-----w- C:\windows\en
2011-02-09 23:57:01 48488 ----a-w- C:\windows\System32\drivers\fssfltr.sys
2011-02-09 23:56:14 -------- d-----w- C:\Program Files (x86)\MSN Toolbar
2011-02-09 23:55:55 -------- d-----w- C:\Program Files (x86)\Bing Bar Installer
2011-02-09 23:55:48 69464 ----a-w- C:\windows\SysWow64\XAPOFX1_3.dll
2011-02-09 23:55:48 515416 ----a-w- C:\windows\SysWow64\XAudio2_5.dll
2011-02-09 23:55:47 523088 ----a-w- C:\windows\System32\d3dx10_42.dll
2011-02-09 23:55:47 453456 ----a-w- C:\windows\SysWow64\d3dx10_42.dll
2011-02-09 23:27:10 469256 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\de00f7f01cbc8b02d\InstallManager_WLE_WLE.exe
2011-02-09 23:26:44 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\d00c06781cbc8b022\MeshBetaRemover.exe
2011-02-09 23:26:22 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c2efb2381cbc8b01a\DSETUP.dll
2011-02-09 23:26:22 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c2efb2381cbc8b01a\DXSETUP.exe
2011-02-09 23:26:22 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c2efb2381cbc8b01a\dsetup32.dll
2011-02-09 23:26:19 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c04225ea1cbc8b019\DXSETUP.exe
2011-02-09 23:26:19 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c04225ea1cbc8b019\dsetup32.dll
2011-02-09 23:26:18 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c04225ea1cbc8b019\DSETUP.dll
2011-02-09 23:25:12 -------- d-----w- C:\Users\Jacquie\AppData\Local\Windows Live
2011-02-09 22:08:36 1638912 ----a-w- C:\windows\SysWow64\mshtml.tlb
2011-02-09 22:08:36 1638912 ----a-w- C:\windows\System32\mshtml.tlb
2011-02-09 22:08:20 715776 ----a-w- C:\windows\System32\kerberos.dll
2011-02-09 22:08:20 542208 ----a-w- C:\windows\SysWow64\kerberos.dll
2011-02-09 22:08:14 3129344 ----a-w- C:\windows\System32\win32k.sys
2011-02-09 22:07:58 214016 ----a-w- C:\windows\System32\winsrv.dll
2011-02-09 22:07:42 612864 ----a-w- C:\windows\System32\vbscript.dll
2011-02-09 22:07:41 428032 ----a-w- C:\windows\SysWow64\vbscript.dll
2011-02-09 22:07:16 366592 ----a-w- C:\windows\System32\atmfd.dll
2011-02-09 22:07:16 294400 ----a-w- C:\windows\SysWow64\atmfd.dll
2011-02-09 22:07:15 70656 ----a-w- C:\windows\SysWow64\fontsub.dll
2011-02-09 22:07:15 46080 ----a-w- C:\windows\System32\atmlib.dll
2011-02-09 22:07:15 34304 ----a-w- C:\windows\SysWow64\atmlib.dll
2011-02-09 22:07:15 100864 ----a-w- C:\windows\System32\fontsub.dll
.
==================== Find3M ====================
.
2011-03-01 19:18:31 152576 ----a-w- C:\windows\SysWow64\msclmd.dll
2011-03-01 19:18:30 175616 ----a-w- C:\windows\System32\msclmd.dll
2011-02-03 02:40:23 472808 ----a-w- C:\windows\SysWow64\deployJava1.dll
2011-02-02 22:11:20 270720 ------w- C:\windows\System32\MpSigStub.exe
2011-02-02 13:31:16 499712 ----a-w- C:\windows\SysWow64\msvcp71.dll
2011-02-02 13:31:16 348160 ----a-w- C:\windows\SysWow64\msvcr71.dll
2010-05-21 15:59:50 3095040 ----a-w- C:\Program Files\openofficeorg32.msi
2010-05-21 15:58:20 460088 ----a-w- C:\Program Files\setup.exe
.
============= FINISH: 14:16:25.90 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 6/16/2010 10:20:44 PM
System Uptime: 3/7/2011 1:36:33 PM (1 hours ago)
.
Motherboard: TOSHIBA | | Satellite T135D
Processor: AMD Turion™ Neo X2 Dual Core Processor L625 | S1G1/BGA | 1600/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 288 GiB total, 245.958 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP70: 3/1/2011 2:00:51 PM - Windows 7 Service Pack 1
RP71: 3/1/2011 8:00:15 PM - Windows Update
RP72: 3/2/2011 8:00:13 PM - Windows Update
RP73: 3/2/2011 10:06:40 PM - Windows Update
RP74: 3/3/2011 8:00:20 PM - Windows Update
.
==== Installed Programs ======================
.
a-squared Anti-Dialer 3.0
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader 9.3.4
Adobe Shockwave Player 11.5
Amazon Links
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
Bejeweled 2 Deluxe
Bing Bar
Bing Bar Platform
Blackhawk Striker 2
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Compatibility Pack for the 2007 Office system
Costco Photo Organizer
D3DX10
Emsisoft Anti-Malware 5.0
Faerie Solitaire
FATE Undiscovered Realms
Google Chrome
Google Earth Plug-in
Google Toolbar for Internet Explorer
Google Update Helper
HijackThis 2.0.2
Java Auto Updater
Java™ 6 Update 24
Junk Mail filter update
Lizardtech DjVu Control
Malwarebytes' Anti-Malware
Mamutu 3.0
Mesh Runtime
Messenger Companion
Microsoft Easy Assist v2
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Research AutoCollage 2008 version 1.1
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
Monopoly
MSVCRT
MSVCRT_amd64
Mystery P.I. - The Vegas Heist
NetZero Launcher
Norton Internet Security
OLYMPUS ib
OpenOffice.org 3.2
Polar Bowler
Quickbooks Financial Center
Realtek USB 2.0 Card Reader
Realtek WLAN Driver
Scrabble Plus
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Skype Launcher
Skype Toolbars
Skype™ 5.1
TOSHIBA Application Installer
TOSHIBA Assist
TOSHIBA Bulletin Board
TOSHIBA ConfigFree
Toshiba DetectAC Utility
TOSHIBA eco Utility
TOSHIBA Extended Tiles for Windows Mobility Center
TOSHIBA Face Recognition
TOSHIBA Hardware Setup
TOSHIBA HDD/SSD Alert
TOSHIBA Media Controller
Toshiba Online Backup
TOSHIBA Quality Application
TOSHIBA ReelTime
TOSHIBA Service Station
TOSHIBA Supervisor Password
TOSHIBA USB Sleep and Charge Utility
TOSHIBA Value Added Package
TOSHIBA Web Camera Application
ToshibaRegistration
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2492475)
Verizon Help and Support Tool
Virtual Families
Virtual Villagers - The Secret City
WildTangent Games
WildTangent ORB Game Console
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinPatrol
.
==== Event Viewer Messages From Past Week ========
.
3/7/2011 1:37:00 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the lxeeCATSCustConnectService service to connect.
3/7/2011 1:37:00 PM, Error: Service Control Manager [7000] - The Norton Internet Security service failed to start due to the following error: The system cannot find the file specified.
3/7/2011 1:37:00 PM, Error: Service Control Manager [7000] - The lxeeCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/7/2011 1:36:49 PM, Error: atikmdag [52236] - CPLIB :: General - Invalid Parameter
3/7/2011 1:36:49 PM, Error: atikmdag [43029] - Display is not active
3/2/2011 9:12:07 PM, Error: Service Control Manager [7030] - The a-squared Anti-Dialer Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
3/2/2011 8:22:33 PM, Error: Service Control Manager [7000] - The MRESP50a64 NDIS Protocol Driver service failed to start due to the following error: The system cannot find the file specified.
3/2/2011 5:30:37 PM, Error: Service Control Manager [7030] - The lxee_device service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
3/1/2011 2:15:52 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706be: Windows 7 Service Pack 1 for x64-based Systems (KB976932).
.
==== End Of File ===========================

BC AdBot (Login to Remove)

 


#2 jacqgal

jacqgal
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:16 AM

Posted 11 March 2011 - 11:31 AM

Could somebody PLEASE PLEASE reply to my post which is four days old. PLEASE? I know you're busy volunteers, please at least let me know it's been seen by somebody.

===========

Hello

While we understand your frustration at having to wait, please note that Bleeping Computer deals with several hundred requests for assistance such as yours on a daily basis. As a result, our backlog is quite large as are other comparable sites that help others with malware issues. Although our HJT Team members work on hundreds of requests each day, they are all volunteers who work logs when they can and are able to do so. No one is paid by Bleeping Computer for their assistance to our members.

Further, our malware removal staff is comprised of team members with various levels of skill and expertise to deal with thousands of malware variants, some more complex than others. Although we try to take DDS/HJT logs in order (starting with the oldest), it is often the skill level of the particular helper and sometimes the operating system that dictates which logs get selected first. Some infections are more complicated than others and require a higher skill level to remove. Without that skill level attempted removal could result in disastrous results. In other instances, the helper may not be familiar with the operating system that you are using, since they use another. In either case, neither of us want someone to assist you who is not familiar with your issue and attempt to fix it.

We ask that once you have posted your log and are waiting, please DO NOT "bump" your thread or make further replies until it has been responded to by a member of the Malware Response Team. The reason we ask this or do not respond to your requests is because that would remove you from the active queue that Techs and Staff have access to. The malware staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response, there will be 1 reply. A team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond.

That is why I have made an edit to your last post, instead of a reply. Please do not multiple post here, as that only pushes you further down the queue and causes confusion to the staff.

Please be patient. It may take several days, up to more than a week, perhaps less, to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

Thank you for understanding.

Elise - forum moderator

Edited by elise025, 12 March 2011 - 12:46 PM.


#3 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,771 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:05:16 PM

Posted 13 March 2011 - 06:57 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.
If you are unable to create a log because your computer cannot start up successfully please provide detailed information about the Windows version you are using: What we in particular need to know is version, edition and if it is a 32bit or a 64bit system. [/b]
If you are unsure about any of these caracteristics, just let us know and we'll help you figuring it out. Please also tell us if you have your Windows CD/DVD handy.


Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.
We need to create an OTL Report
  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • In the custom scan box paste the following:
    msconfig
    safebootminimal
    activex
    drivers32
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    explorer.exe
    winlogon.exe
    wininit.exe
    hlp.dat
    /md5stop
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt<--Will be minimized

In the upper right hand corner of the topic you will see a button called Watch Topic.I suggest you click it and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#4 jacqgal

jacqgal
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:16 AM

Posted 15 March 2011 - 03:46 PM

Hello, I am very sorry for the bump. I didn't know that posting a reply to my original posting caused it to bump (I always wondered what that meant.)

I am concerned about a dialer infection, and also possible keylogging spyware (b/c I've had it remotely installed on previous occasion).
Also, my cursor gets frozen at least once or twice each time I'm on-line, and I've tried all the FN-F9 fixes. Nothing works except to hard boot.
Also, more than once my yahoo email loads weirdly, that is to say that the emails will be all jumbled around, not in chronological order, or else new ones will be in my in-box, way out of order, perhaps way below many that I have already viewed. Also, I have my yahoo configured to auto sign-in, but whenever I have to re-boot after the cursor freezes, I have to re-sign in. This last time, the facebook page I was on previously, when it reloaded it was in German, whereas before I had to shut down, and the pages were recovered, it had been in English.
Plus, the old verizon service (Motive) or services running under that name kept trying to dial out, even though I haven't had verizon for many months, until I configured it to be blocked. Because of the cursor freezing, I even configured SynTPhelper.exe to be blocked by Mamatu (Emisoft) active guard b/c I kept getting prompts to allow or block it when I wasn't doing anything differently. I have noticed that even though it is blocked, it still asks to be allowed from time to time.
Also, often when I try to open a new IE page , it will shut down and won't re-open w/o me manually doing it.
I am running the OTL scan right now and will soon post the results. *** I will have to post more than one posting b/c it won't allow me to post all the results in one post.
I can't even begin to express my appreciation for your assistance, but please know that I am sincerely very grateful.

OTL logfile created on: 3/15/2011 4:13:24 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Jacquie\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 59.00% Memory free
7.00 Gb Paging File | 6.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 287.73 Gb Total Space | 241.99 Gb Free Space | 84.10% Space Free | Partition Type: NTFS

Computer Name: JACQUIESLAPTOP | User Name: Jacquie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/03/15 16:11:53 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Jacquie\Desktop\OTL.exe
PRC - [2011/03/07 09:36:59 | 000,234,656 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10n_ActiveX.exe
PRC - [2011/03/02 22:12:35 | 000,425,080 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\a-squared Anti-Dialer\a2service.exe
PRC - [2011/03/01 18:28:59 | 002,855,440 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\Mamutu\a2service.exe
PRC - [2011/03/01 18:20:42 | 002,855,440 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
PRC - [2011/01/23 20:37:02 | 000,148,280 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro700 Series\ezprint.exe
PRC - [2011/01/23 20:37:00 | 000,770,728 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro700 Series\lxeemon.exe
PRC - [2010/11/20 08:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe
PRC - [2010/10/14 10:09:42 | 004,296,048 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\Mamutu\mamutu.exe
PRC - [2010/09/30 12:47:44 | 000,093,360 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files (x86)\Olympus\ib\olycamdetect.exe
PRC - [2010/08/18 10:44:34 | 000,221,184 | ---- | M] () -- C:\Program Files (x86)\TOSHIBA\Toshiba DetectAC Utility\DetectAC.exe
PRC - [2010/05/31 07:18:16 | 000,323,976 | ---- | M] (BillP Studios) -- C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2009/10/28 14:15:10 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2009/07/28 23:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2009/07/02 15:05:00 | 000,252,288 | ---- | M] (TOSHIBA) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe
PRC - [2009/03/10 21:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2008/06/03 13:37:40 | 001,497,744 | ---- | M] (a-squared) -- C:\Program Files (x86)\a-squared Anti-Dialer\a2adguard.exe


========== Modules (SafeList) ==========

MOD - [2011/03/15 16:11:53 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Jacquie\Desktop\OTL.exe
MOD - [2011/03/11 09:39:40 | 000,212,648 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\Mamutu\a2hooks32.dll
MOD - [2010/11/20 07:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/11/11 15:36:38 | 000,282,616 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2010/11/11 15:36:38 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/04/14 15:01:44 | 001,052,328 | ---- | M] ( ) [Auto | Running] -- C:\windows\SysNative\lxeecoms.exe -- (lxee_device)
SRV:64bit: - [2010/04/14 15:01:37 | 000,045,736 | ---- | M] () [Auto | Stopped] -- C:\windows\SysNative\spool\DRIVERS\x64\3\\lxeeserv.exe -- (lxeeCATSCustConnectService)
SRV:64bit: - [2009/10/21 12:30:36 | 000,531,520 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\ThpSrv.exe -- (Thpsrv)
SRV:64bit: - [2009/09/28 17:46:02 | 000,251,760 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2009/09/17 19:41:36 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009/08/21 12:31:06 | 000,488,800 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2009/08/04 14:15:06 | 000,826,224 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2009/07/30 02:54:22 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/28 19:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/03/02 22:12:35 | 000,425,080 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files (x86)\a-squared Anti-Dialer\a2service.exe -- (a2AntiDialer)
SRV - [2011/03/01 18:28:59 | 002,855,440 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files (x86)\Mamutu\a2service.exe -- (Mamutu)
SRV - [2011/03/01 18:20:42 | 002,855,440 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2010/11/29 15:58:30 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/05/10 17:44:58 | 000,332,272 | ---- | M] (Google Inc.) [Disabled | Stopped] -- C:\ProgramData\Partner\Partner.exe -- (Partner Service)
SRV - [2010/04/14 15:01:23 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\windows\SysWow64\lxeecoms.exe -- (lxee_device)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/10/27 23:12:14 | 000,252,784 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
SRV - [2009/08/27 14:28:00 | 000,238,328 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/10 21:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 09:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 09:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/10/24 22:25:38 | 000,072,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2010/09/23 01:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/04/26 17:23:08 | 001,103,904 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192se.sys -- (rtl8192se)
DRV:64bit: - [2009/10/16 17:56:40 | 000,701,952 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2009/09/22 20:39:56 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/09/09 11:13:26 | 000,024,208 | ---- | M] (OLYMPUS IMAGING CORP.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\OlyCamComm.sys -- (OlyCamComm)
DRV:64bit: - [2009/08/18 03:54:08 | 000,688,128 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDMI64.sys -- (CnxtHdmiAudService)
DRV:64bit: - [2009/07/31 00:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/30 15:07:12 | 006,037,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/07/27 18:04:36 | 000,058,880 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)
DRV:64bit: - [2009/07/14 18:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/29 19:16:20 | 000,014,784 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Thpevm.sys -- (Thpevm)
DRV:64bit: - [2009/06/29 13:25:22 | 000,034,880 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\thpdrv.sys -- (Thpdrv)
DRV:64bit: - [2009/06/22 20:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2009/06/19 22:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009/06/15 16:58:00 | 000,012,800 | ---- | M] (TOSHIBA) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\QIOMem.sys -- (QIOMem)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/29 21:54:14 | 000,269,360 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/05/05 03:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV - [2011/03/01 18:28:55 | 000,085,800 | ---- | M] (Emsi Software GmbH) [File_System | On_Demand | Running] -- C:\Program Files (x86)\Mamutu\a2accx64.sys -- (a2acc)
DRV - [2010/09/05 12:25:22 | 000,048,216 | ---- | M] (Emsi Software GmbH) [File_System | System | Running] -- C:\Program Files (x86)\Mamutu\a2dix64.sys -- (a2injectiondriver)
DRV - [2010/05/05 09:40:54 | 000,014,720 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files (x86)\Mamutu\a2util64.sys -- (a2util)
DRV - [2010/03/17 16:53:38 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010/03/17 16:53:22 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009/09/22 20:39:56 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RtsUStor.sys -- (RSUSBSTOR)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3816284200-437857660-2917846397-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3816284200-437857660-2917846397-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\S-1-5-21-3816284200-437857660-2917846397-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll (Google Inc.)
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-3816284200-437857660-2917846397-1001\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll ()
O3:64bit: - HKU\S-1-5-21-3816284200-437857660-2917846397-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [ConexantAudioPatch] C:\Program Files\ConexantAudioPatch\AudioReset.exe ()
O4:64bit: - HKLM..\Run: [EzPrint] C:\Program Files (x86)\Lexmark Pro700 Series\ezprint.exe ()
O4:64bit: - HKLM..\Run: [lxeemon.exe] C:\Program Files (x86)\Lexmark Pro700 Series\lxeemon.exe ()
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4:64bit: - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [ThpSrv] C:\windows\SysNative\thpsrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [a-squared Anti-Dialer] C:\Program Files (x86)\a-squared Anti-Dialer\a2adguard.exe (a-squared)
O4 - HKLM..\Run: [Mamutu Guard] C:\PROGRAM FILES (X86)\MAMUTU\mamutu.exe (Emsi Software GmbH)
O4 - HKLM..\Run: [MDS_Menu] C:\Program Files (x86)\Olympus\ib\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Olympus ib] C:\Program Files (x86)\Olympus\ib\olycamdetect.exe (OLYMPUS IMAGING CORP.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Toshiba DetectAC Utility] C:\Program Files (x86)\TOSHIBA\Toshiba DetectAC Utility\DetectAC.exe ()
O4 - HKLM..\Run: [Toshiba DetectAC Utility1] C:\Program Files (x86)\TOSHIBA\Toshiba DetectAC Utility\CollectInfo.exe ()
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TUSBSleepChargeSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe (TOSHIBA)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3816284200-437857660-2917846397-1001..\Run: [Olympus ib] C:\Program Files (x86)\Olympus\ib\olycamdetect.exe (OLYMPUS IMAGING CORP.)
O4 - HKU\S-1-5-21-3816284200-437857660-2917846397-1001..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3816284200-437857660-2917846397-1001\..Trusted Domains: microsoft.com ([go] http in Trusted sites)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {2FF8D282-F78A-4A33-ABC2-49E72A341482} http://riteaid.storefront.com/images/global/activex/SFImageUpload1_10.CAB (SFImageUpload1_10.ImageUpload)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab (Photo Upload Plugin Class)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

MsConfig:64bit - StartUpReg: Verizon_McciTrayApp - hkey= - key= - C:\Program Files\Verizon\McciTrayApp.exe (Alcatel-Lucent)
MsConfig:64bit - State: "startup" - Reg Error: Key error.

SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: MsMpSvc - c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} -
ActiveX:64bit: >{CAF60E73-F952-4768-8489-2A52296EC18D} - RunDLL32 IEDKCS32.DLL,BrandIE4 CUSTOM
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)

#5 jacqgal

jacqgal
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:16 AM

Posted 15 March 2011 - 03:50 PM

Okay, here's first the rest of the OTL.txt scan and then I'll add the Extras.txt. THANK YOU!!

========== Files/Folders - Created Within 30 Days ==========

[2011/03/15 16:11:43 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Jacquie\Desktop\OTL.exe
[2011/03/11 15:02:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Citrix
[2011/03/11 09:34:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011/03/10 22:36:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2011/03/10 22:36:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/03/10 22:34:20 | 009,920,304 | ---- | C] (Microsoft Corporation) -- C:\Users\Jacquie\Desktop\MS Security Essentials.exe
[2011/03/10 09:35:28 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll
[2011/03/10 09:35:28 | 001,076,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\DWrite.dll
[2011/03/10 09:35:28 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d2d1.dll
[2011/03/10 09:35:28 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d2d1.dll
[2011/03/10 09:35:26 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\CPFilters.dll
[2011/03/10 09:35:26 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\EncDec.dll
[2011/03/10 09:35:26 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\CPFilters.dll
[2011/03/10 09:35:26 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\EncDec.dll
[2011/03/10 09:35:25 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sbe.dll
[2011/03/10 09:35:25 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sbe.dll
[2011/03/10 09:35:25 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mpg2splt.ax
[2011/03/10 09:35:25 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mpg2splt.ax
[2011/03/08 00:52:59 | 000,695,391 | ---- | C] (iLivid.com) -- C:\Users\Jacquie\Desktop\iLivid_Setup.exe
[2011/03/04 22:11:01 | 000,000,000 | ---D | C] -- C:\Users\Jacquie\Documents\TTM
[2011/03/04 17:54:53 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\Adobe
[2011/03/03 18:47:40 | 000,000,000 | ---D | C] -- C:\Users\Jacquie\AppData\Roaming\Malwarebytes
[2011/03/03 18:47:26 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysWow64\drivers\mbamswissarmy.sys
[2011/03/03 18:47:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/03/03 18:47:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/03/03 18:47:21 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2011/03/03 18:47:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/03/03 18:41:17 | 000,000,000 | ---D | C] -- C:\Users\Jacquie\Desktop\a2cmd
[2011/03/03 18:26:07 | 000,000,000 | ---D | C] -- C:\Users\Jacquie\Documents\a-squared Anti-Dialer
[2011/03/03 17:21:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2011/03/02 22:11:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\a-squared Anti-Dialer
[2011/03/02 22:11:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\a-squared Anti-Dialer
[2011/03/02 22:10:01 | 003,987,320 | ---- | C] (Emsi Software GmbH ) -- C:\Users\Jacquie\Desktop\a2AntiDialerSetup.exe
[2011/03/02 21:28:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Ezprint
[2011/03/02 19:16:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Lexmark Pro700 Series
[2011/03/02 18:33:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Lx_cats
[2011/03/02 18:32:13 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lxk_g.dll
[2011/03/02 18:32:13 | 000,836,608 | ---- | C] ( ) -- C:\windows\SysNative\lxeecoin.dll
[2011/03/02 18:32:10 | 000,983,121 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lxk_gf.dll
[2011/03/02 18:31:46 | 000,510,464 | ---- | C] (Lexmark International, Inc.) -- C:\windows\SysNative\LXEEwupd.dll
[2011/03/02 18:31:46 | 000,295,592 | ---- | C] (Lexmark International, Inc.) -- C:\windows\SysNative\LXEEwupd.exe
[2011/03/02 18:30:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lexmark Toolbar
[2011/03/02 18:30:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark
[2011/03/02 18:30:52 | 000,007,680 | ---- | C] (eaio) -- C:\windows\SysWow64\NativeCall.dll
[2011/03/02 18:30:52 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark
[2011/03/02 18:30:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lexmark
[2011/03/02 18:30:50 | 001,048,576 | ---- | C] ( ) -- C:\windows\SysWow64\lxeeserv.dll
[2011/03/02 18:30:50 | 000,847,872 | ---- | C] ( ) -- C:\windows\SysWow64\lxeeusb1.dll
[2011/03/02 18:30:50 | 000,688,128 | ---- | C] ( ) -- C:\windows\SysWow64\lxeehbn3.dll
[2011/03/02 18:30:50 | 000,643,072 | ---- | C] ( ) -- C:\windows\SysWow64\lxeepmui.dll
[2011/03/02 18:30:50 | 000,577,536 | ---- | C] ( ) -- C:\windows\SysWow64\lxeelmpm.dll
[2011/03/02 18:30:50 | 000,364,544 | ---- | C] ( ) -- C:\windows\SysWow64\lxeeinpa.dll
[2011/03/02 18:30:50 | 000,344,064 | ---- | C] ( ) -- C:\windows\SysWow64\lxeeiesc.dll
[2011/03/02 18:30:50 | 000,324,264 | ---- | C] ( ) -- C:\windows\SysWow64\lxeeih.exe
[2011/03/02 18:30:50 | 000,126,976 | ---- | C] (Lexmark International Inc.) -- C:\windows\SysWow64\lxeelnks.dll
[2011/03/02 18:30:49 | 000,802,816 | ---- | C] ( ) -- C:\windows\SysWow64\lxeecomc.dll
[2011/03/02 18:30:49 | 000,598,696 | ---- | C] ( ) -- C:\windows\SysWow64\lxeecoms.exe
[2011/03/02 18:30:49 | 000,373,416 | ---- | C] ( ) -- C:\windows\SysWow64\lxeecfg.exe
[2011/03/02 18:30:49 | 000,372,736 | ---- | C] ( ) -- C:\windows\SysWow64\lxeecomm.dll
[2011/03/02 18:30:49 | 000,086,183 | ---- | C] (Lexmark International) -- C:\windows\SysWow64\LXEEcfg.dll
[2011/03/02 18:30:36 | 000,557,568 | ---- | C] ( ) -- C:\windows\SysNative\lxeeinpa.dll
[2011/03/02 18:30:36 | 000,547,840 | ---- | C] ( ) -- C:\windows\SysNative\LXEEhcp.dll
[2011/03/02 18:30:36 | 000,515,584 | ---- | C] ( ) -- C:\windows\SysNative\lxeeiesc.dll
[2011/03/02 18:30:35 | 001,631,744 | ---- | C] ( ) -- C:\windows\SysNative\lxeeserv.dll
[2011/03/02 18:30:35 | 001,371,648 | ---- | C] ( ) -- C:\windows\SysNative\lxeecomc.dll
[2011/03/02 18:30:35 | 001,331,712 | ---- | C] ( ) -- C:\windows\SysNative\lxeeusb1.dll
[2011/03/02 18:30:35 | 001,104,384 | ---- | C] ( ) -- C:\windows\SysNative\lxeehbn3.dll
[2011/03/02 18:30:35 | 001,052,328 | ---- | C] ( ) -- C:\windows\SysNative\lxeecoms.exe
[2011/03/02 18:30:35 | 000,979,968 | ---- | C] ( ) -- C:\windows\SysNative\lxeepmui.dll
[2011/03/02 18:30:35 | 000,892,416 | ---- | C] ( ) -- C:\windows\SysNative\lxeelmpm.dll
[2011/03/02 18:30:35 | 000,612,008 | ---- | C] ( ) -- C:\windows\SysNative\lxeecfg.exe
[2011/03/02 18:30:35 | 000,579,584 | ---- | C] ( ) -- C:\windows\SysNative\lxeecomm.dll
[2011/03/02 18:30:35 | 000,520,872 | ---- | C] ( ) -- C:\windows\SysNative\lxeeih.exe
[2011/03/02 18:30:35 | 000,075,264 | ---- | C] (Lexmark International) -- C:\windows\SysNative\LXEEcfg.dll
[2011/03/02 18:30:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lexmark Pro700 Series
[2011/03/02 18:30:21 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark Pro700 Series
[2011/03/02 18:28:38 | 000,000,000 | ---D | C] -- C:\Lexmark
[2011/03/01 18:25:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mamutu
[2011/03/01 18:25:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mamutu
[2011/03/01 15:07:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2011/03/01 15:07:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2011/03/01 15:06:14 | 000,000,000 | ---D | C] -- C:\windows\PCHEALTH
[2011/03/01 15:01:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011/03/01 15:01:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2011/03/01 15:01:32 | 000,000,000 | ---D | C] -- C:\windows\SysNative\SPReview
[2011/03/01 14:59:44 | 000,000,000 | ---D | C] -- C:\windows\SysNative\EventProviders
[2011/03/01 14:55:38 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2011/03/01 14:52:08 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dfshim.dll
[2011/03/01 14:52:08 | 000,048,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netfxperf.dll
[2011/03/01 14:51:54 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dfshim.dll
[2011/03/01 14:51:47 | 005,563,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2011/03/01 14:51:45 | 003,715,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstscax.dll
[2011/03/01 14:51:45 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\TsUsbFlt.sys
[2011/03/01 14:51:45 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2011/03/01 14:51:44 | 001,838,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10warp.dll
[2011/03/01 14:51:38 | 003,215,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstscax.dll
[2011/03/01 14:51:33 | 001,171,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d10warp.dll
[2011/03/01 14:51:32 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc40.dll
[2011/03/01 14:51:32 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc40u.dll
[2011/03/01 14:51:26 | 014,633,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmp.dll
[2011/03/01 14:51:26 | 002,314,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tquery.dll
[2011/03/01 14:51:24 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssrch.dll
[2011/03/01 14:51:23 | 003,205,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mmcndmgr.dll
[2011/03/01 14:51:23 | 001,731,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll
[2011/03/01 14:51:20 | 004,120,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mf.dll
[2011/03/01 14:51:20 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc_isv.dll
[2011/03/01 14:51:19 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc.dll
[2011/03/01 14:51:19 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc_isv.dll
[2011/03/01 14:51:19 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate_isv.exe
[2011/03/01 14:51:19 | 000,359,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate.exe
[2011/03/01 14:51:18 | 003,008,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xpsservices.dll
[2011/03/01 14:51:17 | 001,219,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rpcrt4.dll
[2011/03/01 14:51:17 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc.dll
[2011/03/01 14:51:17 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate_isv.exe
[2011/03/01 14:51:16 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate.exe
[2011/03/01 14:51:06 | 002,086,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ole32.dll
[2011/03/01 14:50:58 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spwizui.dll
[2011/03/01 14:50:55 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\esent.dll
[2011/03/01 14:50:51 | 001,197,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskschd.dll
[2011/03/01 14:50:49 | 001,556,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RacEngn.dll
[2011/03/01 14:50:47 | 001,340,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\diagperf.dll
[2011/03/01 14:50:45 | 526,443,824 | ---- | C] (Microsoft Corporation) -- C:\Users\Jacquie\Desktop\MS OFFICE ENTERPRISE 2007.exe
[2011/03/01 14:50:45 | 003,207,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mf.dll
[2011/03/01 14:50:44 | 003,966,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2011/03/01 14:50:44 | 001,866,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ExplorerFrame.dll
[2011/03/01 14:50:44 | 001,753,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vssapi.dll
[2011/03/01 14:50:43 | 001,334,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\CertEnroll.dll
[2011/03/01 14:50:43 | 001,326,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\NaturalLanguage6.dll
[2011/03/01 14:50:42 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssrch.dll
[2011/03/01 14:50:41 | 003,860,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UIRibbon.dll
[2011/03/01 14:50:41 | 002,872,320 | ---- | C] (Microsoft Corporation) -- C:\windows\explorer.exe
[2011/03/01 14:50:41 | 000,299,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mcupdate_GenuineIntel.dll
[2011/03/01 14:50:39 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmp.dll
[2011/03/01 14:50:38 | 001,698,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\esent.dll
[2011/03/01 14:50:37 | 003,027,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMVCORE.DLL
[2011/03/01 14:50:37 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PresentationHost.exe
[2011/03/01 14:50:37 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PresentationHostProxy.dll
[2011/03/01 14:50:36 | 003,911,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2011/03/01 14:50:36 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PresentationHost.exe
[2011/03/01 14:50:36 | 000,109,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PresentationHostProxy.dll
[2011/03/01 14:50:35 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\CertEnroll.dll
[2011/03/01 14:50:35 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spinstall.exe
[2011/03/01 14:50:35 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spreview.exe
[2011/03/01 14:50:35 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpdd.dll
[2011/03/01 14:50:34 | 003,957,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WinSAT.exe
[2011/03/01 14:50:33 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMVDECOD.DLL
[2011/03/01 14:50:33 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tquery.dll
[2011/03/01 14:50:32 | 002,067,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d9.dll
[2011/03/01 14:50:31 | 001,115,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RacEngn.dll
[2011/03/01 14:50:30 | 000,867,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SearchFolder.dll
[2011/03/01 14:50:29 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AuthFWSnapin.dll
[2011/03/01 14:50:29 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AuthFWSnapin.dll
[2011/03/01 14:50:28 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll
[2011/03/01 14:50:27 | 003,391,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dbgeng.dll
[2011/03/01 14:50:27 | 001,632,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dwmcore.dll
[2011/03/01 14:50:25 | 001,456,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\crypt32.dll
[2011/03/01 14:50:24 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ExplorerFrame.dll
[2011/03/01 14:50:23 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[2011/03/01 14:50:23 | 000,958,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\actxprxy.dll
[2011/03/01 14:50:23 | 000,750,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TSWorkspace.dll
[2011/03/01 14:50:23 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll
[2011/03/01 14:50:21 | 001,116,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstsc.exe
[2011/03/01 14:50:21 | 000,244,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sqmapi.dll
[2011/03/01 14:50:20 | 001,244,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imapi2fs.dll
[2011/03/01 14:50:20 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netlogon.dll
[2011/03/01 14:50:19 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\explorer.exe
[2011/03/01 14:50:19 | 001,828,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d9.dll
[2011/03/01 14:50:19 | 001,212,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\propsys.dll
[2011/03/01 14:50:19 | 000,787,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d11.dll
[2011/03/01 14:50:18 | 001,900,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\setupapi.dll
[2011/03/01 14:50:18 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\taskschd.dll
[2011/03/01 14:50:17 | 001,927,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\authui.dll
[2011/03/01 14:50:17 | 001,281,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\werconcpl.dll
[2011/03/01 14:50:17 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbc32.dll
[2011/03/01 14:50:17 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskeng.exe
[2011/03/01 14:50:16 | 001,008,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\user32.dll
[2011/03/01 14:50:16 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\oleaut32.dll
[2011/03/01 14:50:16 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2011/03/01 14:50:16 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dnsapi.dll
[2011/03/01 14:50:15 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\certmgr.dll
[2011/03/01 14:50:15 | 001,049,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstsc.exe
[2011/03/01 14:50:15 | 000,376,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\netio.sys
[2011/03/01 14:50:13 | 000,955,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\localspl.dll
[2011/03/01 14:50:13 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PortableDeviceApi.dll
[2011/03/01 14:50:13 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\webio.dll
[2011/03/01 14:50:13 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wer.dll
[2011/03/01 14:50:13 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\certcli.dll
[2011/03/01 14:50:13 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scavengeui.dll
[2011/03/01 14:50:12 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdrm.dll
[2011/03/01 14:50:12 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tsmf.dll
[2011/03/01 14:50:12 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncsi.dll
[2011/03/01 14:50:11 | 001,371,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dwmcore.dll
[2011/03/01 14:50:11 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shlwapi.dll
[2011/03/01 14:50:10 | 002,652,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netshell.dll
[2011/03/01 14:50:10 | 001,509,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdtctm.dll
[2011/03/01 14:50:10 | 000,295,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\framedynos.dll
[2011/03/01 14:50:09 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbc32.dll
[2011/03/01 14:50:09 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netcfgx.dll
[2011/03/01 14:50:09 | 000,390,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winlogon.exe
[2011/03/01 14:50:09 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tcpmonui.dll
[2011/03/01 14:50:08 | 001,572,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\quartz.dll
[2011/03/01 14:50:08 | 000,800,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usp10.dll
[2011/03/01 14:50:08 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\comdlg32.dll
[2011/03/01 14:50:08 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsm.exe
[2011/03/01 14:50:08 | 000,297,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ws2_32.dll
[2011/03/01 14:50:07 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\quartz.dll
[2011/03/01 14:50:07 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxgi.dll
[2011/03/01 14:50:07 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\TSWorkspace.dll
[2011/03/01 14:50:07 | 000,481,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpps.dll
[2011/03/01 14:50:07 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\apphelp.dll
[2011/03/01 14:50:07 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1core.dll
[2011/03/01 14:50:07 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\windows\SysNative\drivers\amdsata.sys
[2011/03/01 14:50:06 | 002,543,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpdshext.dll
[2011/03/01 14:50:06 | 002,055,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Query.dll
[2011/03/01 14:50:06 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tsmf.dll
[2011/03/01 14:50:06 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dot3api.dll
[2011/03/01 14:50:05 | 000,897,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\azroles.dll
[2011/03/01 14:50:05 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeeds.dll
[2011/03/01 14:50:05 | 000,266,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\QAGENT.DLL
[2011/03/01 14:50:04 | 001,098,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Vault.dll
[2011/03/01 14:50:04 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\samsrv.dll
[2011/03/01 14:50:04 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.efi
[2011/03/01 14:50:04 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cmd.exe
[2011/03/01 14:50:03 | 002,522,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dbgeng.dll
[2011/03/01 14:50:03 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssvp.dll
[2011/03/01 14:50:03 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32spl.dll
[2011/03/01 14:50:03 | 000,653,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lpksetup.exe
[2011/03/01 14:50:03 | 000,281,600 | ---- | C] (Microsoft) -- C:\windows\SysNative\DShowRdpFilter.dll
[2011/03/01 14:50:02 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.exe
[2011/03/01 14:50:02 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d11.dll
[2011/03/01 14:50:01 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMVDECOD.DLL
[2011/03/01 14:50:01 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netcfgx.dll
[2011/03/01 14:50:00 | 001,363,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Query.dll
[2011/03/01 14:50:00 | 001,190,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecs.dll
[2011/03/01 14:50:00 | 000,582,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sxs.dll
[2011/03/01 14:50:00 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\webio.dll
[2011/03/01 14:49:59 | 001,808,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pnidui.dll
[2011/03/01 14:49:59 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.efi
[2011/03/01 14:49:59 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskcomp.dll
[2011/03/01 14:49:59 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfds.dll
[2011/03/01 14:49:59 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Wldap32.dll
[2011/03/01 14:49:59 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mcbuilder.exe
[2011/03/01 14:49:59 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\upnp.dll
[2011/03/01 14:49:59 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\storport.sys
[2011/03/01 14:49:58 | 002,151,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mmcndmgr.dll
[2011/03/01 14:49:58 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ipsmsnap.dll
[2011/03/01 14:49:58 | 000,252,928 | ---- | C] (Microsoft) -- C:\windows\SysWow64\DShowRdpFilter.dll
[2011/03/01 14:49:58 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hgprint.dll
[2011/03/01 14:49:57 | 001,158,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\webservices.dll
[2011/03/01 14:49:57 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\imapi2fs.dll
[2011/03/01 14:49:57 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netfxperf.dll
[2011/03/01 14:49:56 | 001,792,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\authui.dll
[2011/03/01 14:49:56 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.exe
[2011/03/01 14:49:56 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msdrm.dll
[2011/03/01 14:49:56 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsta.dll
[2011/03/01 14:49:55 | 000,933,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sqlsrv32.dll
[2011/03/01 14:49:55 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PortableDeviceApi.dll
[2011/03/01 14:49:55 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gdi32.dll
[2011/03/01 14:49:55 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fveapi.dll
[2011/03/01 14:49:55 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2011/03/01 14:49:55 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dot3api.dll
[2011/03/01 14:49:54 | 001,009,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mcmde.dll
[2011/03/01 14:49:54 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSNP.ax
[2011/03/01 14:49:54 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mcbuilder.exe
[2011/03/01 14:49:54 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\prncache.dll
[2011/03/01 14:49:53 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\certmgr.dll
[2011/03/01 14:49:53 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlanpref.dll
[2011/03/01 14:49:53 | 001,243,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMNetMgr.dll
[2011/03/01 14:49:53 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\schtasks.exe
[2011/03/01 14:49:52 | 001,712,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xpsservices.dll
[2011/03/01 14:49:52 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapi.dll
[2011/03/01 14:49:52 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vpnike.dll
[2011/03/01 14:49:52 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d10_1core.dll
[2011/03/01 14:49:52 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\userenv.dll
[2011/03/01 14:49:51 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\evr.dll
[2011/03/01 14:49:51 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\photowiz.dll
[2011/03/01 14:49:51 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wintrust.dll
[2011/03/01 14:49:50 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpmde.dll
[2011/03/01 14:49:50 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AudioSes.dll
[2011/03/01 14:49:50 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\framedyn.dll
[2011/03/01 14:49:49 | 002,262,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SyncCenter.dll
[2011/03/01 14:49:49 | 002,072,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMPEncEn.dll
[2011/03/01 14:49:49 | 001,082,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppobjs.dll
[2011/03/01 14:49:49 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpeffects.dll
[2011/03/01 14:49:49 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2011/03/01 14:49:49 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cmd.exe
[2011/03/01 14:49:49 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfreadwrite.dll
[2011/03/01 14:49:48 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[2011/03/01 14:49:47 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\win32spl.dll
[2011/03/01 14:49:47 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\framedynos.dll
[2011/03/01 14:49:47 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fde.dll
[2011/03/01 14:49:46 | 000,503,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imapi2.dll
[2011/03/01 14:49:46 | 000,501,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WinSATAPI.dll
[2011/03/01 14:49:46 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfds.dll
[2011/03/01 14:49:46 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\stobject.dll
[2011/03/01 14:49:45 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\localsec.dll
[2011/03/01 14:49:45 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netdiagfx.dll
[2011/03/01 14:49:45 | 000,298,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bcryptprimitives.dll
[2011/03/01 14:49:45 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\credui.dll
[2011/03/01 14:49:45 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cdd.dll
[2011/03/01 14:49:44 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetpp.dll
[2011/03/01 14:49:44 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netid.dll
[2011/03/01 14:49:43 | 000,762,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\azroles.dll
[2011/03/01 14:49:43 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\biocpl.dll
[2011/03/01 14:49:43 | 000,253,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tcpipcfg.dll
[2011/03/01 14:49:43 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spp.dll
[2011/03/01 14:49:43 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\QSHVHOST.DLL
[2011/03/01 14:49:43 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ncsi.dll
[2011/03/01 14:49:43 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\davclnt.dll
[2011/03/01 14:49:42 | 002,746,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gameux.dll
[2011/03/01 14:49:42 | 001,050,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\printui.dll
[2011/03/01 14:49:42 | 000,378,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msinfo32.exe
[2011/03/01 14:49:41 | 002,755,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\themeui.dll
[2011/03/01 14:49:41 | 000,571,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mspbda.dll
[2011/03/01 14:49:41 | 000,337,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe
[2011/03/01 14:49:41 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scansetting.dll
[2011/03/01 14:49:41 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\credui.dll
[2011/03/01 14:49:41 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\splwow64.exe
[2011/03/01 14:49:40 | 000,477,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PhotoScreensaver.scr
[2011/03/01 14:49:39 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdri.dll
[2011/03/01 14:49:39 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wusa.exe
[2011/03/01 14:49:39 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wintrust.dll
[2011/03/01 14:49:39 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IPHLPAPI.DLL
[2011/03/01 14:49:39 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aitagent.exe
[2011/03/01 14:49:38 | 000,854,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dbghelp.dll
[2011/03/01 14:49:38 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mscms.dll
[2011/03/01 14:49:38 | 000,508,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dxgi.dll
[2011/03/01 14:49:38 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winspool.drv
[2011/03/01 14:49:38 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfreadwrite.dll
[2011/03/01 14:49:38 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rpchttp.dll
[2011/03/01 14:49:38 | 000,144,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\basecsp.dll
[2011/03/01 14:49:37 | 003,211,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msi.dll
[2011/03/01 14:49:37 | 000,934,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FirewallControlPanel.dll
[2011/03/01 14:49:37 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wisptis.exe
[2011/03/01 14:49:37 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsRasterService.dll
[2011/03/01 14:49:37 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ocsetup.exe
[2011/03/01 14:49:36 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\evr.dll
[2011/03/01 14:49:36 | 000,418,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppwinob.dll
[2011/03/01 14:49:36 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\taskcomp.dll
[2011/03/01 14:49:35 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcore.dll
[2011/03/01 14:49:35 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\calc.exe
[2011/03/01 14:49:35 | 000,459,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DXP.dll
[2011/03/01 14:49:35 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WinSATAPI.dll
[2011/03/01 14:49:35 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cfgmgr32.dll
[2011/03/01 14:49:35 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ocsetapi.dll
[2011/03/01 14:49:34 | 000,780,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ci.dll
[2011/03/01 14:49:34 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sqlsrv32.dll
[2011/03/01 14:49:34 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\eapp3hst.dll
[2011/03/01 14:49:33 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UIRibbon.dll
[2011/03/01 14:49:33 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mmsys.cpl
[2011/03/01 14:49:33 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntshrui.dll
[2011/03/01 14:49:33 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\eapphost.dll
[2011/03/01 14:49:33 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\upnp.dll
[2011/03/01 14:49:33 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mprapi.dll
[2011/03/01 14:49:33 | 000,128,000 | ---- | C] (Microsoft) -- C:\windows\SysNative\Robocopy.exe
[2011/03/01 14:49:32 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ie4uinit.exe
[2011/03/01 14:49:32 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\t2embed.dll
[2011/03/01 14:49:32 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\thumbcache.dll
[2011/03/01 14:49:32 | 000,078,720 | ---- | C] (Hewlett-Packard Company) -- C:\windows\SysNative\drivers\HpSAMD.sys
[2011/03/01 14:49:31 | 002,494,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netshell.dll
[2011/03/01 14:49:31 | 001,457,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DxpTaskSync.dll
[2011/03/01 14:49:31 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PerfCenterCPL.dll
[2011/03/01 14:49:31 | 000,263,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hal.dll
[2011/03/01 14:49:30 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSMPEG2ENC.DLL
[2011/03/01 14:49:30 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scecli.dll
[2011/03/01 14:49:30 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dwmredir.dll
[2011/03/01 14:49:29 | 002,851,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\themeui.dll
[2011/03/01 14:49:29 | 000,675,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DXPTaskRingtone.dll
[2011/03/01 14:49:29 | 000,429,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\puiobj.dll
[2011/03/01 14:49:29 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\onex.dll
[2011/03/01 14:49:29 | 000,179,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Classpnp.sys
[2011/03/01 14:49:29 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspicli.dll
[2011/03/01 14:49:29 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\prncache.dll
[2011/03/01 14:49:29 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msasn1.dll
[2011/03/01 14:49:29 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\windows\SysNative\drivers\amdxata.sys
[2011/03/01 14:49:28 | 002,341,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msi.dll
[2011/03/01 14:49:28 | 000,932,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\printui.dll
[2011/03/01 14:49:28 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpeffects.dll
[2011/03/01 14:49:28 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aaclient.dll
[2011/03/01 14:49:27 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll
[2011/03/01 14:49:27 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\net1.exe
[2011/03/01 14:49:27 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rpchttp.dll
[2011/03/01 14:49:26 | 001,363,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wdc.dll
[2011/03/01 14:49:26 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc42u.dll
[2011/03/01 14:49:26 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\scansetting.dll
[2011/03/01 14:49:25 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msftedit.dll
[2011/03/01 14:49:25 | 000,475,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlangpui.dll
[2011/03/01 14:49:25 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scesrv.dll
[2011/03/01 14:49:24 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netcenter.dll
[2011/03/01 14:49:24 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sdengin2.dll
[2011/03/01 14:49:24 | 000,691,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\VAN.dll
[2011/03/01 14:49:24 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\StructuredQuery.dll
[2011/03/01 14:49:24 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wiadefui.dll
[2011/03/01 14:49:24 | 000,239,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dskquoui.dll
[2011/03/01 14:49:24 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MMDevAPI.dll
[2011/03/01 14:49:23 | 002,621,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wucltux.dll
[2011/03/01 14:49:23 | 002,504,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMVCORE.DLL
[2011/03/01 14:49:23 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlangpui.dll
[2011/03/01 14:49:23 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SndVol.exe
[2011/03/01 14:49:23 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\aaclient.dll
[2011/03/01 14:49:23 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\regapi.dll
[2011/03/01 14:49:23 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\davclnt.dll
[2011/03/01 14:49:23 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\samcli.dll
[2011/03/01 14:49:23 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wscapi.dll
[2011/03/01 14:49:22 | 001,750,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pnidui.dll
[2011/03/01 14:49:22 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srchadmin.dll
[2011/03/01 14:49:22 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\QSHVHOST.DLL
[2011/03/01 14:49:22 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\consent.exe
[2011/03/01 14:49:22 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\t2embed.dll
[2011/03/01 14:49:22 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\QUTIL.DLL
[2011/03/01 14:49:21 | 002,311,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wpdshext.dll
[2011/03/01 14:49:21 | 000,782,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\webservices.dll
[2011/03/01 14:49:21 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\timedate.cpl
[2011/03/01 14:49:21 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wksprt.exe
[2011/03/01 14:49:21 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fde.dll
[2011/03/01 14:49:21 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\setupcl.exe
[2011/03/01 14:49:20 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SyncCenter.dll
[2011/03/01 14:49:20 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rastls.dll
[2011/03/01 14:49:20 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netdiagfx.dll
[2011/03/01 14:49:20 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskhost.exe
[2011/03/01 14:49:19 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appwiz.cpl
[2011/03/01 14:49:19 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TabletPC.cpl
[2011/03/01 14:49:19 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapi.dll
[2011/03/01 14:49:19 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wscapi.dll
[2011/03/01 14:49:18 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hgcpl.dll
[2011/03/01 14:49:18 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msconfig.exe
[2011/03/01 14:49:18 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netiohlp.dll
[2011/03/01 14:49:18 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WinSCard.dll
[2011/03/01 14:49:18 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mimefilt.dll
[2011/03/01 14:49:17 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\clusapi.dll
[2011/03/01 14:49:17 | 000,166,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\basecsp.dll
[2011/03/01 14:49:17 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fdeploy.dll
[2011/03/01 14:49:17 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsmproxy.dll
[2011/03/01 14:49:16 | 001,538,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2011/03/01 14:49:16 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSMPEG2ENC.DLL
[2011/03/01 14:49:16 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdpcore.dll
[2011/03/01 14:49:16 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AuxiliaryDisplayCpl.dll
[2011/03/01 14:49:16 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\winsta.dll
[2011/03/01 14:49:15 | 000,974,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WFS.exe
[2011/03/01 14:49:15 | 000,633,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\riched20.dll
[2011/03/01 14:49:15 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\imapi2.dll
[2011/03/01 14:49:15 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mtxclu.dll
[2011/03/01 14:49:15 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2011/03/01 14:49:15 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TsUsbGDCoInstaller.dll
[2011/03/01 14:49:15 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Diskdump.sys
[2011/03/01 14:49:14 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\gameux.dll
[2011/03/01 14:49:14 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\DXPTaskRingtone.dll
[2011/03/01 14:49:14 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dnscmmc.dll
[2011/03/01 14:49:13 | 001,624,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMPEncEn.dll
[2011/03/01 14:49:13 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\powercpl.dll
[2011/03/01 14:49:13 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\onex.dll
[2011/03/01 14:49:13 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\logoncli.dll
[2011/03/01 14:49:13 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RpcRtRemote.dll
[2011/03/01 14:49:12 | 002,250,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SensorsCpl.dll
[2011/03/01 14:49:12 | 002,193,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\themecpl.dll
[2011/03/01 14:49:12 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssvp.dll
[2011/03/01 14:49:12 | 000,359,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\eudcedit.exe
[2011/03/01 14:49:12 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sharemediacpl.dll
[2011/03/01 14:49:12 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nci.dll
[2011/03/01 14:49:11 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Narrator.exe
[2011/03/01 14:49:11 | 000,668,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\autochk.exe
[2011/03/01 14:49:11 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\autofmt.exe
[2011/03/01 14:49:11 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Faultrep.dll
[2011/03/01 14:49:11 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netjoin.dll
[2011/03/01 14:49:11 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netiohlp.dll
[2011/03/01 14:49:11 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\hbaapi.dll
[2011/03/01 14:49:11 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2011/03/01 14:49:10 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\comctl32.dll
[2011/03/01 14:49:10 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\IPHLPAPI.DLL
[2011/03/01 14:49:10 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vpnikeapi.dll
[2011/03/01 14:49:09 | 000,777,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\autochk.exe
[2011/03/01 14:49:09 | 000,763,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\autofmt.exe
[2011/03/01 14:49:09 | 000,679,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\autoconv.exe
[2011/03/01 14:49:09 | 000,303,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msinfo32.exe
[2011/03/01 14:49:09 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppcomapi.dll
[2011/03/01 14:49:09 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AudioSes.dll
[2011/03/01 14:49:09 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msutb.dll
[2011/03/01 14:49:09 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cabview.dll
[2011/03/01 14:49:09 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\regapi.dll
[2011/03/01 14:49:09 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\proquota.exe
[2011/03/01 14:49:08 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\autoconv.exe
[2011/03/01 14:49:08 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nshipsec.dll
[2011/03/01 14:49:08 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ipsmsnap.dll
[2011/03/01 14:49:08 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\srchadmin.dll
[2011/03/01 14:49:08 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shsetup.dll
[2011/03/01 14:49:08 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\audiodg.exe
[2011/03/01 14:49:08 | 000,116,224 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\windows\SysNative\fms.dll
[2011/03/01 14:49:08 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mimefilt.dll
[2011/03/01 14:49:07 | 001,264,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sdclt.exe
[2011/03/01 14:49:07 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpd_ci.dll
[2011/03/01 14:49:07 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\powercpl.dll
[2011/03/01 14:49:07 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msihnd.dll
[2011/03/01 14:49:07 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\eapphost.dll
[2011/03/01 14:49:07 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\framedyn.dll
[2011/03/01 14:49:07 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tcpipcfg.dll
[2011/03/01 14:49:07 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\schtasks.exe
[2011/03/01 14:49:07 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bcdsrv.dll
[2011/03/01 14:49:06 | 001,466,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2011/03/01 14:49:06 | 000,905,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mmsys.cpl
[2011/03/01 14:49:06 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlanui.dll
[2011/03/01 14:49:06 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wwanconn.dll
[2011/03/01 14:49:06 | 000,171,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\scsiport.sys
[2011/03/01 14:49:06 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\prntvpt.dll
[2011/03/01 14:49:06 | 000,155,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscorier.dll
[2011/03/01 14:49:06 | 000,154,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mscorier.dll
[2011/03/01 14:49:05 | 001,066,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Display.dll
[2011/03/01 14:49:05 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fontext.dll
[2011/03/01 14:49:05 | 000,665,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AuxiliaryDisplayCpl.dll
[2011/03/01 14:49:05 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\timedate.cpl
[2011/03/01 14:49:05 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mprddm.dll
[2011/03/01 14:49:05 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\QAGENT.DLL
[2011/03/01 14:49:05 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netid.dll
[2011/03/01 14:49:04 | 000,749,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\batmeter.dll
[2011/03/01 14:49:04 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qedit.dll
[2011/03/01 14:49:04 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FXSCOVER.exe
[2011/03/01 14:49:04 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSNP.ax
[2011/03/01 14:49:04 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\hidclass.sys
[2011/03/01 14:49:03 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wdc.dll
[2011/03/01 14:49:03 | 000,957,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mblctr.exe
[2011/03/01 14:49:03 | 000,372,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rastls.dll
[2011/03/01 14:49:03 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\untfs.dll
[2011/03/01 14:49:03 | 000,307,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\scesrv.dll
[2011/03/01 14:49:03 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpsrcwp.dll
[2011/03/01 14:49:03 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nci.dll
[2011/03/01 14:49:02 | 001,326,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlanpref.dll
[2011/03/01 14:49:02 | 001,202,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DiagCpl.dll
[2011/03/01 14:49:02 | 001,003,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMNetMgr.dll
[2011/03/01 14:49:02 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Vault.dll
[2011/03/01 14:49:02 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rtutils.dll
[2011/03/01 14:49:02 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2011/03/01 14:49:01 | 002,217,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bootres.dll
[2011/03/01 14:49:01 | 000,812,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpccpl.dll
[2011/03/01 14:49:01 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usercpl.dll
[2011/03/01 14:49:01 | 000,433,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MCEWMDRMNDBootstrap.dll
[2011/03/01 14:49:01 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ksproxy.ax
[2011/03/01 14:49:01 | 000,098,816 | ---- | C] (Microsoft) -- C:\windows\SysWow64\Robocopy.exe
[2011/03/01 14:49:01 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSTPager.ax
[2011/03/01 14:49:00 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\DxpTaskSync.dll
[2011/03/01 14:49:00 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\taskmgr.exe
[2011/03/01 14:49:00 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SndVolSSO.dll
[2011/03/01 14:49:00 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rasppp.dll
[2011/03/01 14:48:59 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Display.dll
[2011/03/01 14:48:59 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mtxclu.dll
[2011/03/01 14:48:59 | 000,279,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxdiagn.dll
[2011/03/01 14:48:59 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dot3cfg.dll
[2011/03/01 14:48:58 | 000,416,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\prnfldr.dll
[2011/03/01 14:48:58 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\puiobj.dll
[2011/03/01 14:48:58 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskmgr.exe
[2011/03/01 14:48:58 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssphtb.dll
[2011/03/01 14:48:58 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shdocvw.dll
[2011/03/01 14:48:58 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsRasterService.dll
[2011/03/01 14:48:58 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hbaapi.dll
[2011/03/01 14:48:57 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\termmgr.dll
[2011/03/01 14:48:57 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pdh.dll
[2011/03/01 14:48:57 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\eudcedit.exe
[2011/03/01 14:48:57 | 000,155,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\ataport.sys
[2011/03/01 14:48:57 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WPDShServiceObj.dll
[2011/03/01 14:48:57 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\proquota.exe
[2011/03/01 14:48:56 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wiadefui.dll
[2011/03/01 14:48:56 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\untfs.dll
[2011/03/01 14:48:56 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSAC3ENC.DLL
[2011/03/01 14:48:56 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sppcomapi.dll
[2011/03/01 14:48:56 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rasppp.dll
[2011/03/01 14:48:56 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cabview.dll
[2011/03/01 14:48:56 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\logoncli.dll
[2011/03/01 14:48:56 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\shsetup.dll
[2011/03/01 14:48:55 | 003,745,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\accessibilitycpl.dll
[2011/03/01 14:48:55 | 000,856,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\FirewallControlPanel.dll
[2011/03/01 14:48:55 | 000,649,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\appwiz.cpl
[2011/03/01 14:48:55 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorekmts.dll
[2011/03/01 14:48:54 | 002,202,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SensorsCpl.dll
[2011/03/01 14:48:54 | 002,157,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\themecpl.dll
[2011/03/01 14:48:53 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PhotoScreensaver.scr
[2011/03/01 14:48:53 | 000,366,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\zipfldr.dll
[2011/03/01 14:48:53 | 000,349,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\slui.exe
[2011/03/01 14:48:53 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msieftp.dll
[2011/03/01 14:48:53 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\defaultlocationcpl.dll
[2011/03/01 14:48:53 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\FWPUCLNT.DLL
[2011/03/01 14:48:53 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dnscmmc.dll
[2011/03/01 14:48:52 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\hgcpl.dll
[2011/03/01 14:48:52 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Mpeg2Data.ax
[2011/03/01 14:48:51 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fontext.dll
[2011/03/01 14:48:51 | 000,769,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sud.dll
[2011/03/01 14:48:51 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DeviceCenter.dll
[2011/03/01 14:48:51 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscms.dll
[2011/03/01 14:48:51 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\localsec.dll
[2011/03/01 14:48:51 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mprddm.dll
[2011/03/01 14:48:51 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\scecli.dll
[2011/03/01 14:48:51 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscories.dll
[2011/03/01 14:48:50 | 002,146,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\networkmap.dll
[2011/03/01 14:48:50 | 001,065,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptui.dll
[2011/03/01 14:48:50 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskbarcpl.dll
[2011/03/01 14:48:50 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\OnLineIDCpl.dll
[2011/03/01 14:48:50 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SndVolSSO.dll
[2011/03/01 14:48:50 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\psisrndr.ax
[2011/03/01 14:48:49 | 001,644,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netcenter.dll
[2011/03/01 14:48:49 | 000,780,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ActionCenter.dll
[2011/03/01 14:48:49 | 000,740,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\batmeter.dll
[2011/03/01 14:48:49 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\VAN.dll
[2011/03/01 14:48:49 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PerfCenterCPL.dll
[2011/03/01 14:48:49 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\usercpl.dll
[2011/03/01 14:48:49 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qedit.dll
[2011/03/01 14:48:49 | 000,503,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srcore.dll
[2011/03/01 14:48:49 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlanui.dll
[2011/03/01 14:48:49 | 000,373,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\intl.cpl
[2011/03/01 14:48:49 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qdvd.dll
[2011/03/01 14:48:49 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\twext.dll
[2011/03/01 14:48:49 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\prntvpt.dll
[2011/03/01 14:48:49 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpwsx.dll
[2011/03/01 14:48:48 | 000,898,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\OobeFldr.dll
[2011/03/01 14:48:48 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qdvd.dll
[2011/03/01 14:48:48 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\azroleui.dll
[2011/03/01 14:48:48 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bcdedit.exe
[2011/03/01 14:48:48 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SndVol.exe
[2011/03/01 14:48:48 | 000,288,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\FWPKCLNT.SYS
[2011/03/01 14:48:48 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\uxlib.dll
[2011/03/01 14:48:48 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\recovery.dll
[2011/03/01 14:48:48 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\w32tm.exe
[2011/03/01 14:48:47 | 003,727,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\accessibilitycpl.dll
[2011/03/01 14:48:47 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bthprops.cpl
[2011/03/01 14:48:47 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dsuiext.dll
[2011/03/01 14:48:47 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\spwizeng.dll
[2011/03/01 14:48:47 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MediaMetadataHandler.dll
[2011/03/01 14:48:47 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\zipfldr.dll
[2011/03/01 14:48:47 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\azroleui.dll
[2011/03/01 14:48:47 | 000,304,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\efscore.dll
[2011/03/01 14:48:47 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\VBICodec.ax
[2011/03/01 14:48:47 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cca.dll
[2011/03/01 14:48:47 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\isoburn.exe
[2011/03/01 14:48:47 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tzutil.exe
[2011/03/01 14:48:47 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sisbkup.dll
[2011/03/01 14:48:46 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sdcpl.dll
[2011/03/01 14:48:46 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\main.cpl
[2011/03/01 14:48:46 | 000,451,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shwebsvc.dll
[2011/03/01 14:48:46 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\systemcpl.dll
[2011/03/01 14:48:46 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\recdisc.exe
[2011/03/01 14:48:46 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSAC3ENC.DLL
[2011/03/01 14:48:46 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\syncui.dll
[2011/03/01 14:48:46 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netplwiz.dll
[2011/03/01 14:48:46 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\autoplay.dll
[2011/03/01 14:48:46 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fdeploy.dll
[2011/03/01 14:48:46 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\httpapi.dll
[2011/03/01 14:48:45 | 002,130,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\networkmap.dll
[2011/03/01 14:48:45 | 001,003,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cryptui.dll
[2011/03/01 14:48:45 | 000,549,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ActionCenterCPL.dll
[2011/03/01 14:48:45 | 000,460,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\certcli.dll
[2011/03/01 14:48:45 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlanmsm.dll
[2011/03/01 14:48:45 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Faultrep.dll
[2011/03/01 14:48:45 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sysclass.dll
[2011/03/01 14:48:45 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\adsldp.dll
[2011/03/01 14:48:45 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netjoin.dll
[2011/03/01 14:48:45 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncryptui.dll
[2011/03/01 14:48:45 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspisrv.dll
[2011/03/01 14:48:44 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wusa.exe
[2011/03/01 14:48:44 | 000,312,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MCEWMDRMNDBootstrap.dll
[2011/03/01 14:48:44 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AuxiliaryDisplayServices.dll
[2011/03/01 14:48:44 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ksxbar.ax
[2011/03/01 14:48:43 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sud.dll
[2011/03/01 14:48:43 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ActionCenter.dll
[2011/03/01 14:48:43 | 000,474,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sysmon.ocx
[2011/03/01 14:48:43 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spwizeng.dll
[2011/03/01 14:48:43 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\termmgr.dll
[2011/03/01 14:48:43 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\prnfldr.dll
[2011/03/01 14:48:43 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msieftp.dll
[2011/03/01 14:48:43 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\photowiz.dll
[2011/03/01 14:48:43 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MediaMetadataHandler.dll
[2011/03/01 14:48:43 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MFPlay.dll
[2011/03/01 14:48:43 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\OnLineIDCpl.dll
[2011/03/01 14:48:43 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vdsutil.dll
[2011/03/01 14:48:43 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2011/03/01 14:48:42 | 000,641,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msscp.dll
[2011/03/01 14:48:42 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sysmon.ocx
[2011/03/01 14:48:42 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ReAgent.dll
[2011/03/01 14:48:42 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rstrui.exe
[2011/03/01 14:48:42 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sethc.exe
[2011/03/01 14:48:42 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iprtrmgr.dll
[2011/03/01 14:48:42 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\defaultlocationcpl.dll
[2011/03/01 14:48:42 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbccp32.dll
[2011/03/01 14:48:42 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntlanman.dll
[2011/03/01 14:48:41 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\bthprops.cpl
[2011/03/01 14:48:41 | 000,446,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sqlcese30.dll
[2011/03/01 14:48:41 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\intl.cpl
[2011/03/01 14:48:41 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SmartcardCredentialProvider.dll
[2011/03/01 14:48:41 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ifsutil.dll
[2011/03/01 14:48:41 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2011/03/01 14:48:41 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dot3cfg.dll
[2011/03/01 14:48:41 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tsgqec.dll
[2011/03/01 14:48:41 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ftp.exe
[2011/03/01 14:48:41 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sisbkup.dll
[2011/03/01 14:48:39 | 000,537,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ActionCenterCPL.dll
[2011/03/01 14:48:39 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\shwebsvc.dll
[2011/03/01 14:48:39 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ssText3d.scr
[2011/03/01 14:48:39 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\unimdm.tsp
[2011/03/01 14:48:39 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbcjt32.dll
[2011/03/01 14:48:39 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iTVData.dll
[2011/03/01 14:48:39 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iprtrmgr.dll
[2011/03/01 14:48:39 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbctrac.dll
[2011/03/01 14:48:39 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\efscore.dll
[2011/03/01 14:48:39 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2011/03/01 14:48:39 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UserAccountControlSettings.dll
[2011/03/01 14:48:39 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpd3d.dll
[2011/03/01 14:48:39 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wwanprotdim.dll
[2011/03/01 14:48:39 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secur32.dll
[2011/03/01 14:48:38 | 000,781,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmdrmsdk.dll
[2011/03/01 14:48:38 | 000,495,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drmmgrtn.dll
[2011/03/01 14:48:38 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\syncui.dll
[2011/03/01 14:48:38 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\autoplay.dll
[2011/03/01 14:48:38 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\slwga.dll
[2011/03/01 14:48:37 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\OobeFldr.dll
[2011/03/01 14:48:37 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpmde.dll
[2011/03/01 14:48:37 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\DeviceCenter.dll
[2011/03/01 14:48:37 | 000,344,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntprint.dll
[2011/03/01 14:48:37 | 000,255,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wavemsp.dll
[2011/03/01 14:48:37 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DevicePairingFolder.dll
[2011/03/01 14:48:37 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dskquoui.dll
[2011/03/01 14:48:37 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\NAPHLPR.DLL
[2011/03/01 14:48:37 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srvcli.dll
[2011/03/01 14:48:37 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nslookup.exe
[2011/03/01 14:48:37 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntlanman.dll
[2011/03/01 14:48:37 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WSTPager.ax
[2011/03/01 14:48:37 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rtutils.dll
[2011/03/01 14:48:36 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nshwfp.dll
[2011/03/01 14:48:36 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\riched20.dll
[2011/03/01 14:48:36 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\systemcpl.dll
[2011/03/01 14:48:36 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntprint.dll
[2011/03/01 14:48:36 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srrstr.dll
[2011/03/01 14:48:36 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sethc.exe
[2011/03/01 14:48:36 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bcdboot.exe
[2011/03/01 14:48:36 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\powercfg.cpl
[2011/03/01 14:48:36 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SmartcardCredentialProvider.dll
[2011/03/01 14:48:36 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\acppage.dll
[2011/03/01 14:48:35 | 001,672,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\networkexplorer.dll
[2011/03/01 14:48:35 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\blackbox.dll
[2011/03/01 14:48:35 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\activeds.dll
[2011/03/01 14:48:35 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ksproxy.ax
[2011/03/01 14:48:35 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpsrcwp.dll
[2011/03/01 14:48:35 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netplwiz.dll
[2011/03/01 14:48:35 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\NAPHLPR.DLL
[2011/03/01 14:48:35 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppnp.dll
[2011/03/01 14:48:35 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\migisol.dll
[2011/03/01 14:48:35 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\windows\SysWow64\fms.dll
[2011/03/01 14:48:34 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cdosys.dll
[2011/03/01 14:48:34 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\remotepg.dll
[2011/03/01 14:48:34 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cabinet.dll
[2011/03/01 14:48:34 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wkscli.dll
[2011/03/01 14:48:34 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\httpapi.dll
[2011/03/01 14:48:33 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cdosys.dll
[2011/03/01 14:48:33 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dfrgui.exe
[2011/03/01 14:48:33 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msftedit.dll
[2011/03/01 14:48:33 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlanmsm.dll
[2011/03/01 14:48:33 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpdxm.dll
[2011/03/01 14:48:33 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nshipsec.dll
[2011/03/01 14:48:33 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ReAgent.dll
[2011/03/01 14:48:33 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wavemsp.dll
[2011/03/01 14:48:33 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WinSCard.dll
[2011/03/01 14:48:33 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuwebv.dll
[2011/03/01 14:48:33 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kstvtune.ax
[2011/03/01 14:48:33 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\isoburn.exe
[2011/03/01 14:48:33 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ftp.exe
[2011/03/01 14:48:32 | 000,840,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\blackbox.dll
[2011/03/01 14:48:32 | 000,685,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dsuiext.dll
[2011/03/01 14:48:32 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmdrmdev.dll
[2011/03/01 14:48:32 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wvc.dll
[2011/03/01 14:48:32 | 000,586,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dfrgui.exe
[2011/03/01 14:48:32 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dot3ui.dll
[2011/03/01 14:48:32 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wsqmcons.exe
[2011/03/01 14:48:32 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ocsetup.exe
[2011/03/01 14:48:32 | 000,178,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuwebv.dll
[2011/03/01 14:48:32 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\net1.exe
[2011/03/01 14:48:32 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wsnmp32.dll
[2011/03/01 14:48:32 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tzutil.exe
[2011/03/01 14:48:32 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WerFaultSecure.exe
[2011/03/01 14:48:31 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wvc.dll
[2011/03/01 14:48:31 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wimgapi.dll
[2011/03/01 14:48:31 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\unimdm.tsp
[2011/03/01 14:48:31 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dxgmms1.sys
[2011/03/01 14:48:31 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstask.dll
[2011/03/01 14:48:31 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfps.dll
[2011/03/01 14:48:31 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\twext.dll
[2011/03/01 14:48:31 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mapistub.dll
[2011/03/01 14:48:31 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mapi32.dll
[2011/03/01 14:48:31 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wtsapi32.dll
[2011/03/01 14:48:30 | 001,911,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\OpcServices.dll
[2011/03/01 14:48:30 | 000,899,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Bubbles.scr
[2011/03/01 14:48:30 | 000,497,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\main.cpl
[2011/03/01 14:48:30 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qasf.dll
[2011/03/01 14:48:30 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qcap.dll
[2011/03/01 14:48:30 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFPlatform.dll
[2011/03/01 14:48:30 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll
[2011/03/01 14:48:30 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setupugc.exe
[2011/03/01 14:48:30 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\unimdmat.dll
[2011/03/01 14:48:30 | 000,051,200 | ---- | C] (Twain Working Group) -- C:\windows\twain_32.dll
[2011/03/01 14:48:30 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iscsium.dll
[2011/03/01 14:48:30 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2011/03/01 14:48:29 | 000,363,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\diskraid.exe
[2011/03/01 14:48:29 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ssText3d.scr
[2011/03/01 14:48:29 | 000,242,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Mystify.scr
[2011/03/01 14:48:29 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Ribbons.scr
[2011/03/01 14:48:29 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2011/03/01 14:48:29 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ifsutil.dll
[2011/03/01 14:48:29 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msvfw32.dll
[2011/03/01 14:48:29 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\uxlib.dll
[2011/03/01 14:48:29 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\slwga.dll
[2011/03/01 14:48:28 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\audiodev.dll
[2011/03/01 14:48:28 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nslookup.exe
[2011/03/01 14:48:28 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mciavi32.dll
[2011/03/01 14:48:28 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\imgutil.dll
[2011/03/01 14:48:28 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\muifontsetup.dll
[2011/03/01 14:48:27 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmdrmsdk.dll
[2011/03/01 14:48:27 | 000,573,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10level9.dll
[2011/03/01 14:48:27 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msscp.dll
[2011/03/01 14:48:27 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wimserv.exe
[2011/03/01 14:48:27 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsAnytimeUpgradeResults.exe
[2011/03/01 14:48:27 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\diskraid.exe
[2011/03/01 14:48:27 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\clusapi.dll
[2011/03/01 14:48:27 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpencom.dll
[2011/03/01 14:48:27 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\DevicePairingFolder.dll
[2011/03/01 14:48:27 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\perfmon.exe
[2011/03/01 14:48:27 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpshell.dll
[2011/03/01 14:48:27 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tlscsp.dll
[2011/03/01 14:48:27 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\umb.dll
[2011/03/01 14:48:27 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AzSqlExt.dll
[2011/03/01 14:48:27 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netutils.dll
[2011/03/01 14:48:26 | 001,087,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dbghelp.dll
[2011/03/01 14:48:26 | 000,623,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FXSAPI.dll
[2011/03/01 14:48:26 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\raschap.dll
[2011/03/01 14:48:26 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qasf.dll
[2011/03/01 14:48:26 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ActionQueue.dll
[2011/03/01 14:48:26 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdpencom.dll
[2011/03/01 14:48:26 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\perfmon.exe
[2011/03/01 14:48:26 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\remotepg.dll
[2011/03/01 14:48:26 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll
[2011/03/01 14:48:26 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\windows\bfsvc.exe
[2011/03/01 14:48:26 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\runonce.exe
[2011/03/01 14:48:26 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\NAPCRYPT.DLL
[2011/03/01 14:48:26 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\acppage.dll
[2011/03/01 14:48:25 | 001,232,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMADMOD.DLL
[2011/03/01 14:48:25 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\drmmgrtn.dll
[2011/03/01 14:48:25 | 000,337,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\raschap.dll
[2011/03/01 14:48:25 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpdwcn.dll
[2011/03/01 14:48:25 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\input.dll
[2011/03/01 14:48:25 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ocsetapi.dll
[2011/03/01 14:48:25 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MdSched.exe
[2011/03/01 14:48:25 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wiavideo.dll
[2011/03/01 14:48:25 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbccp32.dll
[2011/03/01 14:48:25 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\QUTIL.DLL
[2011/03/01 14:48:25 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UserAccountControlSettings.dll
[2011/03/01 14:48:25 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\NAPCRYPT.DLL
[2011/03/01 14:48:25 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\syssetup.dll
[2011/03/01 14:48:24 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\onexui.dll
[2011/03/01 14:48:24 | 000,666,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMVSDECD.DLL
[2011/03/01 14:48:24 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpdxm.dll
[2011/03/01 14:48:24 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iTVData.dll
[2011/03/01 14:48:24 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vdsbas.dll
[2011/03/01 14:48:24 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\vdsbas.dll
[2011/03/01 14:48:24 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Kswdmcap.ax
[2011/03/01 14:48:24 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PrintIsolationProxy.dll
[2011/03/01 14:48:24 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\vpnikeapi.dll
[2011/03/01 14:48:23 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nltest.exe
[2011/03/01 14:48:23 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstask.dll
[2011/03/01 14:48:23 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bitsadmin.exe
[2011/03/01 14:48:23 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dxdiagn.dll
[2011/03/01 14:48:23 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wpdwcn.dll
[2011/03/01 14:48:23 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\rmcast.sys
[2011/03/01 14:48:23 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll
[2011/03/01 14:48:23 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\logagent.exe
[2011/03/01 14:48:23 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2011/03/01 14:48:23 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\runonce.exe
[2011/03/01 14:48:22 | 000,527,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmdrmnet.dll
[2011/03/01 14:48:22 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmdrmdev.dll
[2011/03/01 14:48:22 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d10level9.dll
[2011/03/01 14:48:22 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\eapp3hst.dll
[2011/03/01 14:48:22 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MFPlay.dll
[2011/03/01 14:48:22 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shacct.dll
[2011/03/01 14:48:22 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\QSVRMGMT.DLL
[2011/03/01 14:48:22 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\shacct.dll
[2011/03/01 14:48:22 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tabcal.exe
[2011/03/01 14:48:22 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vss_ps.dll
[2011/03/01 14:48:22 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cscapi.dll
[2011/03/01 14:48:21 | 000,978,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMSPDMOD.DLL
[2011/03/01 14:48:21 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Bubbles.scr
[2011/03/01 14:48:21 | 000,431,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WPDSp.dll
[2011/03/01 14:48:21 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msnetobj.dll
[2011/03/01 14:48:21 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sqlcese30.dll
[2011/03/01 14:48:21 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssphtb.dll
[2011/03/01 14:48:21 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PortableDeviceSyncProvider.dll
[2011/03/01 14:48:21 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\bitsadmin.exe
[2011/03/01 14:48:21 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qcap.dll
[2011/03/01 14:48:21 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc_ssp_isv.dll
[2011/03/01 14:48:21 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc_ssp.dll
[2011/03/01 14:48:21 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpshell.dll
[2011/03/01 14:48:21 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\logman.exe
[2011/03/01 14:48:21 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wudriver.dll
[2011/03/01 14:48:21 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wudriver.dll
[2011/03/01 14:48:21 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\unimdmat.dll
[2011/03/01 14:48:21 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdpd3d.dll
[2011/03/01 14:48:21 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iscsium.dll
[2011/03/01 14:48:21 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\lsmproxy.dll
[2011/03/01 14:48:20 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\OpcServices.dll
[2011/03/01 14:48:20 | 000,435,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PortableDeviceStatus.dll
[2011/03/01 14:48:20 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WPDSp.dll
[2011/03/01 14:48:20 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qdv.dll
[2011/03/01 14:48:20 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pdh.dll
[2011/03/01 14:48:20 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PortableDeviceSyncProvider.dll
[2011/03/01 14:48:20 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mprapi.dll
[2011/03/01 14:48:20 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2011/03/01 14:48:20 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\kstvtune.ax
[2011/03/01 14:48:20 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\logman.exe
[2011/03/01 14:48:20 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spbcd.dll
[2011/03/01 14:48:20 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\olethk32.dll
[2011/03/01 14:48:20 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ncryptui.dll
[2011/03/01 14:48:19 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMADMOD.DLL
[2011/03/01 14:48:19 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PortableDeviceStatus.dll
[2011/03/01 14:48:19 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMPhoto.dll
[2011/03/01 14:48:19 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMPhoto.dll
[2011/03/01 14:48:19 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dot3ui.dll
[2011/03/01 14:48:19 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Mystify.scr
[2011/03/01 14:48:19 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Ribbons.scr
[2011/03/01 14:48:19 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbctrac.dll
[2011/03/01 14:48:19 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\powercfg.cpl
[2011/03/01 14:48:19 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\desk.cpl
[2011/03/01 14:48:19 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fphc.dll
[2011/03/01 14:48:19 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\QSVRMGMT.DLL
[2011/03/01 14:48:19 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\avifil32.dll
[2011/03/01 14:48:19 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\amstream.dll
[2011/03/01 14:48:19 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mapistub.dll
[2011/03/01 14:48:19 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mapi32.dll
[2011/03/01 14:48:19 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Mpeg2Data.ax
[2011/03/01 14:48:19 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2011/03/01 14:48:19 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\takeown.exe
[2011/03/01 14:48:19 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\setbcdlocale.dll
[2011/03/01 14:48:19 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PnPUnattend.exe
[2011/03/01 14:48:19 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tsgqec.dll
[2011/03/01 14:48:19 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\utildll.dll
[2011/03/01 14:48:18 | 001,148,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IMJP10.IME
[2011/03/01 14:48:18 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMVSDECD.DLL
[2011/03/01 14:48:18 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sqmapi.dll
[2011/03/01 14:48:18 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\VBICodec.ax
[2011/03/01 14:48:18 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\EhStorAPI.dll
[2011/03/01 14:48:18 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dot3msm.dll
[2011/03/01 14:48:18 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wiavideo.dll
[2011/03/01 14:48:18 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Kswdmcap.ax
[2011/03/01 14:48:18 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fphc.dll
[2011/03/01 14:48:18 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\takeown.exe
[2011/03/01 14:48:17 | 000,681,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFx.dll
[2011/03/01 14:48:17 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmdrmnet.dll
[2011/03/01 14:48:17 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qdv.dll
[2011/03/01 14:48:17 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msnetobj.dll
[2011/03/01 14:48:17 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFHost.exe
[2011/03/01 14:48:17 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\imagehlp.dll
[2011/03/01 14:48:17 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\EhStorAPI.dll
[2011/03/01 14:48:17 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sppinst.dll
[2011/03/01 14:48:17 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cmstp.exe
[2011/03/01 14:48:17 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\QCLIPROV.DLL
[2011/03/01 14:48:17 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\psisrndr.ax
[2011/03/01 14:48:17 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSDvbNP.ax
[2011/03/01 14:48:17 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netapi32.dll
[2011/03/01 14:48:17 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\CertPolEng.dll
[2011/03/01 14:48:17 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WavDest.dll
[2011/03/01 14:48:17 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\djoin.exe
[2011/03/01 14:48:17 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shimgvw.dll
[2011/03/01 14:48:17 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\HotStartUserAgent.dll
[2011/03/01 14:48:17 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nrpsrv.dll
[2011/03/01 14:48:16 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMSPDMOD.DLL
[2011/03/01 14:48:16 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cmstp.exe
[2011/03/01 14:48:16 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fdProxy.dll
[2011/03/01 14:48:16 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\QCLIPROV.DLL
[2011/03/01 14:48:16 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MuiUnattend.exe
[2011/03/01 14:48:16 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cca.dll
[2011/03/01 14:48:16 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\vfwwdm32.dll
[2011/03/01 14:48:16 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wsnmp32.dll
[2011/03/01 14:48:16 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MultiDigiMon.exe
[2011/03/01 14:48:16 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pdhui.dll
[2011/03/01 14:48:15 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msorcl32.dll
[2011/03/01 14:48:15 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\diskpart.exe
[2011/03/01 14:48:15 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iscsicli.exe
[2011/03/01 14:48:15 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mydocs.dll
[2011/03/01 14:48:15 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\desk.cpl
[2011/03/01 14:48:15 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setupcln.dll
[2011/03/01 14:48:15 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mobsync.exe
[2011/03/01 14:48:15 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\g711codc.ax
[2011/03/01 14:48:15 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuauclt.exe
[2011/03/01 14:48:15 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\relog.exe
[2011/03/01 14:48:15 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AzSqlExt.dll
[2011/03/01 14:48:15 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\BWUnpairElevated.dll
[2011/03/01 14:48:15 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sscore.dll
[2011/03/01 14:48:14 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\itircl.dll
[2011/03/01 14:48:14 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iscsicli.exe
[2011/03/01 14:48:14 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mydocs.dll
[2011/03/01 14:48:14 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dot3msm.dll
[2011/03/01 14:48:14 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\amstream.dll
[2011/03/01 14:48:14 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\spbcd.dll
[2011/03/01 14:48:14 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wkscli.dll
[2011/03/01 14:48:14 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbisurf.ax
[2011/03/01 14:48:14 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\relog.exe
[2011/03/01 14:48:14 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdmo.dll
[2011/03/01 14:48:14 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netiougc.exe
[2011/03/01 14:48:13 | 001,027,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\IMJP10.IME
[2011/03/01 14:48:13 | 000,434,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FXSTIFF.dll
[2011/03/01 14:48:13 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate_ssp.exe
[2011/03/01 14:48:13 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate_ssp_isv.exe
[2011/03/01 14:48:13 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\itircl.dll
[2011/03/01 14:48:13 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpps.dll
[2011/03/01 14:48:13 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\diskpart.exe
[2011/03/01 14:48:13 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\eappgnui.dll
[2011/03/01 14:48:13 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc_ssp_isv.dll
[2011/03/01 14:48:13 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc_ssp.dll
[2011/03/01 14:48:13 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\resutils.dll
[2011/03/01 14:48:13 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rastapi.dll
[2011/03/01 14:48:13 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\CertPolEng.dll
[2011/03/01 14:48:13 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\browcli.dll
[2011/03/01 14:48:13 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ksxbar.ax
[2011/03/01 14:48:13 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapp.exe
[2011/03/01 14:48:13 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\prevhost.exe
[2011/03/01 14:48:13 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netbtugc.exe
[2011/03/01 14:48:13 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\syssetup.dll
[2011/03/01 14:48:12 | 001,080,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\onexui.dll
[2011/03/01 14:48:12 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate_ssp.exe
[2011/03/01 14:48:12 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate_ssp_isv.exe
[2011/03/01 14:48:12 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppc.dll
[2011/03/01 14:48:12 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\eappgnui.dll
[2011/03/01 14:48:12 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imagehlp.dll
[2011/03/01 14:48:12 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\findstr.exe
[2011/03/01 14:48:12 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tlscsp.dll
[2011/03/01 14:48:12 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\findstr.exe
[2011/03/01 14:48:12 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\luainstall.dll
[2011/03/01 14:48:12 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mciqtz32.dll
[2011/03/01 14:48:12 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\choice.exe
[2011/03/01 14:48:12 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapp.exe
[2011/03/01 14:48:12 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WerFaultSecure.exe
[2011/03/01 14:48:12 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ReAgentc.exe
[2011/03/01 14:48:11 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mobsync.exe
[2011/03/01 14:48:11 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mciqtz32.dll
[2011/03/01 14:48:11 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dnscacheugc.exe
[2011/03/01 14:48:11 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\schedcli.dll
[2011/03/01 14:48:10 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RDPENCDD.dll
[2011/03/01 14:48:10 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sppc.dll
[2011/03/01 14:48:10 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\windows\SysWow64\iccvid.dll
[2011/03/01 14:48:10 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\manage-bde.exe
[2011/03/01 14:48:10 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cabinet.dll
[2011/03/01 14:48:10 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetmib1.dll
[2011/03/01 14:48:10 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSDvbNP.ax
[2011/03/01 14:48:10 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\repair-bde.exe
[2011/03/01 14:48:10 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\luainstall.dll
[2011/03/01 14:48:10 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wdiasqmmodule.dll
[2011/03/01 14:48:10 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\shimgvw.dll
[2011/03/01 14:48:10 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\prevhost.exe
[2011/03/01 14:48:10 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\spopk.dll
[2011/03/01 14:48:10 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spopk.dll
[2011/03/01 14:48:10 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\muifontsetup.dll
[2011/03/01 14:48:09 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbcconf.dll
[2011/03/01 14:48:09 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetmib1.dll
[2011/03/01 14:48:09 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\g711codc.ax
[2011/03/01 14:48:09 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFCoinstaller.dll
[2011/03/01 14:48:09 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FXSMON.dll
[2011/03/01 14:48:09 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\unlodctr.exe
[2011/03/01 14:48:09 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\vbisurf.ax
[2011/03/01 14:48:09 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\profprov.dll
[2011/03/01 14:48:09 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msdmo.dll
[2011/03/01 14:48:09 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdprefdrvapi.dll
[2011/03/01 14:48:09 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fixmapi.exe
[2011/03/01 14:48:08 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UIRibbonRes.dll
[2011/03/01 14:48:08 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UIRibbonRes.dll
[2011/03/01 14:48:08 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\browcli.dll
[2011/03/01 14:48:08 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbcconf.dll
[2011/03/01 14:48:08 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wups.dll
[2011/03/01 14:48:08 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\tdi.sys
[2011/03/01 14:48:08 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\elsTrans.dll
[2011/03/01 14:48:08 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TRAPI.dll
[2011/03/01 14:48:08 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\perfts.dll
[2011/03/01 14:48:08 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2011/03/01 14:48:07 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\napdsnap.dll
[2011/03/01 14:48:07 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dsauth.dll
[2011/03/01 14:48:07 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cscdll.dll
[2011/03/01 14:48:07 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\LogonUI.exe
[2011/03/01 14:48:07 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdprefdrvapi.dll
[2011/03/01 14:48:07 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\elsTrans.dll
[2011/03/01 14:48:07 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\TRAPI.dll
[2011/03/01 14:48:07 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FXSUNATD.exe
[2011/03/01 14:48:07 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2011/03/01 14:48:06 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imkr80.ime
[2011/03/01 14:48:06 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\napdsnap.dll
[2011/03/01 14:48:06 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups2.dll
[2011/03/01 14:48:06 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbrpm.sys
[2011/03/01 14:48:06 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dsauth.dll
[2011/03/01 14:48:06 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bitsperf.dll
[2011/03/01 14:48:06 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\bitsperf.dll
[2011/03/01 14:48:06 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\schedcli.dll
[2011/03/01 14:48:05 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2011/03/01 14:48:05 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\imkr80.ime
[2011/03/01 14:48:05 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups.dll
[2011/03/01 14:48:05 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shgina.dll
[2011/03/01 14:48:05 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wsdchngr.dll
[2011/03/01 14:48:05 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wsdchngr.dll
[2011/03/01 14:48:05 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\shgina.dll
[2011/03/01 14:48:05 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sscore.dll
[2011/03/01 14:48:05 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\riched32.dll
[2011/03/01 14:48:04 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64win.dll
[2011/03/01 14:48:04 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\USBCAMD2.sys
[2011/03/01 14:48:03 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wshirda.dll
[2011/03/01 14:48:03 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64cpu.dll
[2011/03/01 14:48:02 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2011/03/01 14:48:01 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wshirda.dll
[2011/03/01 14:48:01 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\riched32.dll
[2011/03/01 14:48:01 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcfgex.dll
[2011/03/01 14:47:59 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\C_ISCII.DLL
[2011/03/01 14:47:59 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spwmp.dll
[2011/03/01 14:47:59 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\spwmp.dll
[2011/03/01 14:47:58 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shunimpl.dll
[2011/03/01 14:47:58 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\C_ISCII.DLL
[2011/03/01 14:47:58 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\shunimpl.dll
[2011/03/01 14:47:58 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdxm.ocx
[2011/03/01 14:47:58 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxmasf.dll
[2011/03/01 14:47:58 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msdxm.ocx
[2011/03/01 14:47:58 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dxmasf.dll
[2011/03/01 14:47:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-ums-l1-1-0.dll
[2011/03/01 14:47:57 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDTUF.DLL
[2011/03/01 14:47:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDTUF.DLL
[2011/03/01 14:47:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDSG.DLL
[2011/03/01 14:47:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDSF.DLL
[2011/03/01 14:47:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDPO.DLL
[2011/03/01 14:47:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\kbdlk41a.dll
[2011/03/01 14:47:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDINTAM.DLL
[2011/03/01 14:47:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDINBEN.DLL
[2011/03/01 14:47:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDGR1.DLL
[2011/03/01 14:47:56 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmploc.DLL
[2011/03/01 14:47:56 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmploc.DLL
[2011/03/01 14:47:56 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDTUQ.DLL
[2011/03/01 14:47:56 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDSG.DLL
[2011/03/01 14:47:56 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kbdlk41a.dll
[2011/03/01 14:47:56 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDGKL.DLL
[2011/03/01 14:47:56 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDTUQ.DLL
[2011/03/01 14:47:56 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDNEPR.DLL
[2011/03/01 14:47:56 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDGR1.DLL
[2011/03/01 14:47:56 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDGKL.DLL
[2011/03/01 14:47:55 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nlsbres.dll
[2011/03/01 14:47:55 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nlsbres.dll
[2011/03/01 14:47:55 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pifmgr.dll
[2011/03/01 14:47:55 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pifmgr.dll
[2011/03/01 14:47:55 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDCZ1.DLL
[2011/03/01 14:47:55 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\spwizres.dll
[2011/03/01 14:47:55 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDCZ1.DLL
[2011/03/01 14:47:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDUS.DLL
[2011/03/01 14:47:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDUGHR1.DLL
[2011/03/01 14:47:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDTURME.DLL
[2011/03/01 14:47:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDTAJIK.DLL
[2011/03/01 14:47:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDSF.DLL
[2011/03/01 14:47:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDPO.DLL
[2011/03/01 14:47:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDNEPR.DLL
[2011/03/01 14:47:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDMON.DLL
[2011/03/01 14:47:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDMAORI.DLL
[2011/03/01 14:47:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDLT1.DLL
[2011/03/01 14:47:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDINTEL.DLL
[2011/03/01 14:47:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDINTAM.DLL
[2011/03/01 14:47:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDINORI.DLL
[2011/03/01 14:47:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDINORI.DLL
[2011/03/01 14:47:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDINMAR.DLL
[2011/03/01 14:47:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDINMAR.DLL
[2011/03/01 14:47:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDINKAN.DLL
[2011/03/01 14:47:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDINKAN.DLL
[2011/03/01 14:47:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDINHIN.DLL
[2011/03/01 14:47:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDINHIN.DLL
[2011/03/01 14:47:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDINBEN.DLL
[2011/03/01 14:47:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDBULG.DLL
[2011/03/01 14:47:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDBLR.DLL
[2011/03/01 14:47:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDBASH.DLL
[2011/03/01 14:47:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDUS.DLL
[2011/03/01 14:47:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDUGHR1.DLL
[2011/03/01 14:47:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDTURME.DLL
[2011/03/01 14:47:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDTAJIK.DLL
[2011/03/01 14:47:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDMON.DLL
[2011/03/01 14:47:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDMAORI.DLL
[2011/03/01 14:47:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDLT1.DLL
[2011/03/01 14:47:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDINTEL.DLL
[2011/03/01 14:47:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDGEO.DLL
[2011/03/01 14:47:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDGEO.DLL
[2011/03/01 14:47:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDBULG.DLL
[2011/03/01 14:47:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDBLR.DLL
[2011/03/01 14:47:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDBASH.DLL
[2011/03/01 14:47:55 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnaddr.dll
[2011/03/01 14:47:55 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnaddr.dll
[2011/03/01 14:47:54 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\BlbEvents.dll
[2011/03/01 14:47:54 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spwizres.dll
[2011/03/01 14:47:29 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PkgMgr.exe
[2011/03/01 14:47:29 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wdscore.dll
[2011/03/01 14:47:06 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\drvstore.dll
[2011/03/01 14:47:06 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpx.dll
[2011/03/01 14:41:00 | 000,529,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wbemcomn.dll
[2011/03/01 14:40:59 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmicmiplugin.dll
[2011/03/01 14:40:46 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SmiEngine.dll
[2011/03/01 14:40:29 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PkgMgr.exe
[2011/03/01 14:39:36 | 000,422,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drvstore.dll
[2011/03/01 14:39:35 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpx.dll
[2011/03/01 14:29:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Easy Assist
[2011/02/27 19:22:08 | 000,000,000 | ---D | C] -- C:\Users\Jacquie\AppData\Roaming\Windows Live Writer
[2011/02/27 19:22:08 | 000,000,000 | ---D | C] -- C:\Users\Jacquie\AppData\Local\Windows Live Writer
[2011/02/27 19:07:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LizardTech
[2011/02/27 19:07:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LizardTech
[2011/02/26 17:55:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JRE
[2011/02/26 17:42:29 | 000,000,000 | ---D | C] -- C:\Users\Jacquie\Desktop\OpenOffice.org 3.2 (en-US) Installation Files
[2011/02/25 16:45:19 | 000,000,000 | ---D | C] -- C:\Users\Jacquie\Documents\Financial
[2011/02/24 15:11:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011/02/24 15:10:51 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\javaws.exe
[2011/02/24 15:10:51 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\javaw.exe
[2011/02/24 15:10:51 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\java.exe
[2011/02/24 15:09:54 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsPrint.dll
[2011/02/24 15:09:54 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsPrint.dll
[2011/02/24 15:09:54 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsGdiConverter.dll
[2011/02/24 15:09:53 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsGdiConverter.dll
[2011/02/24 15:08:30 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2011/02/20 10:10:08 | 000,000,000 | ---D | C] -- C:\Users\Jacquie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OLYMPUS ib
[2011/02/20 09:38:15 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2011/02/20 09:37:49 | 000,000,000 | ---D | C] -- C:\Users\Jacquie\AppData\Local\OLYMPUS
[2011/02/20 09:35:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Olympus
[2011/02/20 09:32:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2011/02/20 09:31:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OLYMPUS Camera
[2011/02/20 09:31:50 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\OLYMPUS
[2011/02/20 09:29:10 | 000,000,000 | ---D | C] -- C:\ProgramData\OLYMPUS
[2011/02/20 09:27:43 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

#6 jacqgal

jacqgal
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:16 AM

Posted 15 March 2011 - 03:52 PM

Sorry about this. Hopefully this third post will allow me to post the completion of the scans.

========== Files - Modified Within 30 Days ==========

[2011/03/15 16:11:53 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Jacquie\Desktop\OTL.exe
[2011/03/15 16:09:15 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/03/15 15:43:00 | 000,000,898 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/03/15 15:19:31 | 000,015,792 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/03/15 15:19:31 | 000,015,792 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/03/15 15:16:17 | 000,729,688 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2011/03/15 15:16:17 | 000,626,278 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2011/03/15 15:16:17 | 000,107,522 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2011/03/15 15:11:56 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011/03/15 15:11:53 | 3018,608,640 | -HS- | M] () -- C:\hiberfil.sys
[2011/03/11 18:44:26 | 000,002,351 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/03/11 15:02:24 | 000,072,080 | ---- | M] () -- C:\Users\Jacquie\g2mdlhlpx.exe
[2011/03/11 12:15:54 | 000,002,198 | ---- | M] () -- C:\windows\epplauncher.mif
[2011/03/11 09:34:43 | 000,002,295 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011/03/10 22:36:22 | 000,743,534 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011/03/10 22:34:35 | 009,920,304 | ---- | M] (Microsoft Corporation) -- C:\Users\Jacquie\Desktop\MS Security Essentials.exe
[2011/03/08 17:58:05 | 002,309,668 | ---- | M] () -- C:\Users\Jacquie\Documents\User Guide for Lexmark printer.pdf
[2011/03/08 17:34:30 | 002,309,668 | ---- | M] () -- C:\Users\Jacquie\Desktop\User Guide for Lexmark printer.pdf
[2011/03/08 00:53:03 | 000,695,391 | ---- | M] (iLivid.com) -- C:\Users\Jacquie\Desktop\iLivid_Setup.exe
[2011/03/08 00:50:00 | 001,245,184 | ---- | M] () -- C:\Users\Jacquie\Desktop\LGMDP_US.exe
[2011/03/08 00:46:03 | 000,007,737 | ---- | M] () -- C:\Users\Jacquie\Desktop\theme_bg1.swf
[2011/03/08 00:45:38 | 006,013,884 | ---- | M] () -- C:\Users\Jacquie\Desktop\Ext.InterfacePkg(v0.5).zip
[2011/03/08 00:14:42 | 043,860,287 | ---- | M] () -- C:\Users\Jacquie\Desktop\LG_VU_PLUS_SYSTEM.zip
[2011/03/07 15:14:06 | 000,625,664 | ---- | M] () -- C:\Users\Jacquie\Desktop\dds.scr
[2011/03/03 18:47:27 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/03 18:41:04 | 101,689,897 | ---- | M] () -- C:\Users\Jacquie\Desktop\a2cmd.zip
[2011/03/03 18:16:28 | 000,721,424 | ---- | M] () -- C:\Users\Jacquie\Desktop\iExplore.exe
[2011/03/03 18:09:22 | 000,721,424 | ---- | M] () -- C:\Users\Jacquie\Desktop\RKILL.exe
[2011/03/02 22:39:31 | 000,001,063 | ---- | M] () -- C:\Users\Jacquie\Application Data\Microsoft\Internet Explorer\Quick Launch\a-squared Anti-Dialer.lnk
[2011/03/02 22:39:31 | 000,001,039 | ---- | M] () -- C:\Users\Public\Desktop\a-squared Anti-Dialer.lnk
[2011/03/02 22:10:34 | 003,987,320 | ---- | M] (Emsi Software GmbH ) -- C:\Users\Jacquie\Desktop\a2AntiDialerSetup.exe
[2011/03/02 18:33:46 | 000,206,228 | ---- | M] () -- C:\windows\SysNative\LexFiles.ulf
[2011/03/02 18:31:08 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\Launch Lexmark Printer Home.LNK
[2011/03/02 18:28:32 | 078,942,928 | ---- | M] () -- C:\Users\Jacquie\Desktop\LEXMARK_Pro700_wcr_64_en.exe
[2011/03/01 18:25:11 | 000,001,014 | ---- | M] () -- C:\Users\Jacquie\Application Data\Microsoft\Internet Explorer\Quick Launch\Mamutu.lnk
[2011/03/01 18:25:11 | 000,000,990 | ---- | M] () -- C:\Users\Public\Desktop\Mamutu.lnk
[2011/03/01 15:29:59 | 000,440,648 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2011/03/01 15:18:31 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msclmd.dll
[2011/03/01 15:18:30 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msclmd.dll
[2011/03/01 14:51:19 | 526,443,824 | ---- | M] (Microsoft Corporation) -- C:\Users\Jacquie\Desktop\MS OFFICE ENTERPRISE 2007.exe
[2011/03/01 14:29:55 | 000,002,416 | ---- | M] () -- C:\Users\Jacquie\Desktop\Reconnect with Easy Assist.lnk
[2011/02/28 20:50:58 | 000,041,594 | ---- | M] () -- C:\Users\Jacquie\Documents\The%20Silent%20Killer%20of%20Christian%20Marriages.pdf
[2011/02/27 13:10:35 | 000,246,945 | ---- | M] () -- C:\Users\Jacquie\Documents\Snapfish redemption code.mht
[2011/02/26 17:57:32 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk
[2011/02/24 19:39:25 | 000,020,610 | ---- | M] () -- C:\Users\Jacquie\Documents\Job ideas.odt
[2011/02/24 15:02:48 | 000,001,926 | ---- | M] () -- C:\Users\Jacquie\Desktop\ib.lnk
[2011/02/20 09:31:51 | 000,001,347 | ---- | M] () -- C:\Users\Public\Desktop\SP600UZ Instruction Manual.lnk
[2011/02/20 09:24:39 | 002,352,966 | ---- | M] () -- C:\Users\Jacquie\Documents\SP-600UZ_Instruction_Manual_EN.pdf
[2011/02/20 08:43:48 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/02/19 08:04:37 | 001,544,192 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll
[2011/02/19 08:04:17 | 000,902,656 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\d2d1.dll
[2011/02/19 02:30:51 | 001,076,736 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\DWrite.dll
[2011/02/19 02:30:50 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\d2d1.dll
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/03/11 15:02:23 | 000,072,080 | ---- | C] () -- C:\Users\Jacquie\g2mdlhlpx.exe
[2011/03/11 09:34:43 | 000,002,295 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011/03/10 22:36:39 | 000,002,198 | ---- | C] () -- C:\windows\epplauncher.mif
[2011/03/10 22:36:22 | 000,743,534 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011/03/10 22:36:12 | 000,001,908 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/03/08 17:58:05 | 002,309,668 | ---- | C] () -- C:\Users\Jacquie\Documents\User Guide for Lexmark printer.pdf
[2011/03/08 17:34:25 | 002,309,668 | ---- | C] () -- C:\Users\Jacquie\Desktop\User Guide for Lexmark printer.pdf
[2011/03/08 00:49:58 | 001,245,184 | ---- | C] () -- C:\Users\Jacquie\Desktop\LGMDP_US.exe
[2011/03/08 00:46:02 | 000,007,737 | ---- | C] () -- C:\Users\Jacquie\Desktop\theme_bg1.swf
[2011/03/08 00:45:30 | 006,013,884 | ---- | C] () -- C:\Users\Jacquie\Desktop\Ext.InterfacePkg(v0.5).zip
[2011/03/08 00:14:22 | 043,860,287 | ---- | C] () -- C:\Users\Jacquie\Desktop\LG_VU_PLUS_SYSTEM.zip
[2011/03/07 15:13:19 | 000,625,664 | ---- | C] () -- C:\Users\Jacquie\Desktop\dds.scr
[2011/03/03 18:47:27 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/03 18:40:52 | 101,689,897 | ---- | C] () -- C:\Users\Jacquie\Desktop\a2cmd.zip
[2011/03/03 18:16:20 | 000,721,424 | ---- | C] () -- C:\Users\Jacquie\Desktop\iExplore.exe
[2011/03/03 18:09:09 | 000,721,424 | ---- | C] () -- C:\Users\Jacquie\Desktop\RKILL.exe
[2011/03/02 22:11:20 | 000,001,063 | ---- | C] () -- C:\Users\Jacquie\Application Data\Microsoft\Internet Explorer\Quick Launch\a-squared Anti-Dialer.lnk
[2011/03/02 22:11:19 | 000,001,039 | ---- | C] () -- C:\Users\Public\Desktop\a-squared Anti-Dialer.lnk
[2011/03/02 18:32:15 | 000,109,056 | ---- | C] () -- C:\windows\SysNative\lxeevs.dll
[2011/03/02 18:32:10 | 000,399,360 | ---- | C] () -- C:\windows\SysNative\lxeecui.dll
[2011/03/02 18:32:10 | 000,148,480 | ---- | C] () -- C:\windows\SysNative\lxeecuir.dll
[2011/03/02 18:32:10 | 000,065,536 | ---- | C] () -- C:\windows\SysNative\lxeegcfg.dll
[2011/03/02 18:32:10 | 000,065,106 | ---- | C] () -- C:\windows\SysNative\lxeeprpr.chm
[2011/03/02 18:32:10 | 000,008,694 | ---- | C] () -- C:\windows\SysNative\lxeecommuilogo_rtl.bmp
[2011/03/02 18:32:10 | 000,008,694 | ---- | C] () -- C:\windows\SysNative\lxeecommuilogo.bmp
[2011/03/02 18:31:08 | 000,002,012 | ---- | C] () -- C:\Users\Public\Desktop\Launch Lexmark Printer Home.LNK
[2011/03/02 18:30:50 | 000,344,064 | ---- | C] () -- C:\windows\SysWow64\lxeecomx.dll
[2011/03/02 18:30:50 | 000,331,776 | ---- | C] () -- C:\windows\SysWow64\LXEEinst.dll
[2011/03/02 18:30:50 | 000,323,584 | ---- | C] () -- C:\windows\SysWow64\lxeeins.dll
[2011/03/02 18:30:50 | 000,262,144 | ---- | C] () -- C:\windows\SysWow64\lxeeinsb.dll
[2011/03/02 18:30:50 | 000,253,952 | ---- | C] () -- C:\windows\SysWow64\lxeecu.dll
[2011/03/02 18:30:50 | 000,106,496 | ---- | C] () -- C:\windows\SysWow64\lxeeinsr.dll
[2011/03/02 18:30:50 | 000,090,112 | ---- | C] () -- C:\windows\SysWow64\lxeecub.dll
[2011/03/02 18:30:50 | 000,057,344 | ---- | C] () -- C:\windows\SysWow64\lxeejswr.dll
[2011/03/02 18:30:50 | 000,036,864 | ---- | C] () -- C:\windows\SysWow64\lxeecur.dll
[2011/03/02 18:30:49 | 000,002,052 | ---- | C] () -- C:\windows\SysWow64\lxee.loc
[2011/03/02 18:30:36 | 000,495,616 | ---- | C] () -- C:\windows\SysNative\LXEEinst.dll
[2011/03/02 18:30:36 | 000,206,228 | ---- | C] () -- C:\windows\SysNative\LexFiles.ulf
[2011/03/02 18:30:35 | 000,450,048 | ---- | C] () -- C:\windows\SysNative\lxeeins.dll
[2011/03/02 18:30:35 | 000,378,368 | ---- | C] () -- C:\windows\SysNative\lxeecu.dll
[2011/03/02 18:30:35 | 000,298,496 | ---- | C] () -- C:\windows\SysNative\lxeegrd.dll
[2011/03/02 18:30:35 | 000,245,248 | ---- | C] () -- C:\windows\SysNative\lxeeinsb.dll
[2011/03/02 18:30:35 | 000,090,624 | ---- | C] () -- C:\windows\SysNative\lxeeinsr.dll
[2011/03/02 18:30:35 | 000,073,216 | ---- | C] () -- C:\windows\SysNative\lxeecub.dll
[2011/03/02 18:30:35 | 000,040,448 | ---- | C] () -- C:\windows\SysNative\lxeejswr.dll
[2011/03/02 18:30:35 | 000,022,016 | ---- | C] () -- C:\windows\SysNative\lxeecur.dll
[2011/03/02 18:30:35 | 000,002,052 | ---- | C] () -- C:\windows\SysNative\lxee.loc
[2011/03/02 18:30:21 | 000,381,440 | ---- | C] () -- C:\windows\SysNative\lxeesm.dll
[2011/03/02 18:30:21 | 000,299,008 | ---- | C] () -- C:\windows\SysWow64\LXEEsm.dll
[2011/03/02 18:30:21 | 000,023,552 | ---- | C] () -- C:\windows\SysWow64\LXEEsmr.dll
[2011/03/02 18:30:21 | 000,023,552 | ---- | C] () -- C:\windows\SysNative\lxeesmr.dll
[2011/03/02 18:28:26 | 078,942,928 | ---- | C] () -- C:\Users\Jacquie\Desktop\LEXMARK_Pro700_wcr_64_en.exe
[2011/03/01 18:25:11 | 000,001,014 | ---- | C] () -- C:\Users\Jacquie\Application Data\Microsoft\Internet Explorer\Quick Launch\Mamutu.lnk
[2011/03/01 18:25:11 | 000,000,990 | ---- | C] () -- C:\Users\Public\Desktop\Mamutu.lnk
[2011/03/01 14:50:37 | 000,347,904 | ---- | C] () -- C:\windows\SysNative\systemsf.ebd
[2011/03/01 14:48:11 | 000,010,429 | ---- | C] () -- C:\windows\SysNative\ScavengeSpace.xml
[2011/03/01 14:47:53 | 000,105,559 | ---- | C] () -- C:\windows\SysWow64\RacRules.xml
[2011/03/01 14:47:53 | 000,105,559 | ---- | C] () -- C:\windows\SysNative\RacRules.xml
[2011/03/01 14:47:28 | 000,001,041 | ---- | C] () -- C:\windows\SysWow64\tcpbidi.xml
[2011/03/01 14:29:55 | 000,002,416 | ---- | C] () -- C:\Users\Jacquie\Desktop\Reconnect with Easy Assist.lnk
[2011/02/28 20:50:58 | 000,041,594 | ---- | C] () -- C:\Users\Jacquie\Documents\The%20Silent%20Killer%20of%20Christian%20Marriages.pdf
[2011/02/27 13:10:34 | 000,246,945 | ---- | C] () -- C:\Users\Jacquie\Documents\Snapfish redemption code.mht
[2011/02/24 18:11:52 | 000,020,610 | ---- | C] () -- C:\Users\Jacquie\Documents\Job ideas.odt
[2011/02/20 09:37:44 | 000,001,926 | ---- | C] () -- C:\Users\Jacquie\Desktop\ib.lnk
[2011/02/20 09:31:51 | 000,001,347 | ---- | C] () -- C:\Users\Public\Desktop\SP600UZ Instruction Manual.lnk
[2011/02/20 09:24:38 | 002,352,966 | ---- | C] () -- C:\Users\Jacquie\Documents\SP-600UZ_Instruction_Manual_EN.pdf
[2011/02/20 08:43:48 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010/09/19 15:25:56 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/05/21 11:59:50 | 003,095,040 | ---- | C] () -- C:\Program Files\openofficeorg32.msi
[2010/05/21 11:58:20 | 000,460,088 | ---- | C] () -- C:\Program Files\setup.exe
[2010/05/21 11:56:06 | 135,115,913 | ---- | C] () -- C:\Program Files\openofficeorg1.cab
[2010/05/21 11:07:26 | 000,000,290 | ---- | C] () -- C:\Program Files\setup.ini
[2010/05/10 18:04:01 | 000,000,000 | ---- | C] () -- C:\windows\NDSTray.INI
[2009/11/11 21:48:16 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2007/11/07 08:44:20 | 000,855,040 | ---- | M] (Microsoft Corporation) -- C:\install.exe


< MD5 for: EXPLORER.EXE >
[2009/07/13 21:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/01/16 16:55:21 | 000,255,488 | ---- | M] () MD5=3C33B26F2F7FA61D882515F2D6078691 -- C:\Users\Jacquie\AppData\Local\Temp\RarSFX0\procs\explorer.exe
[2011/01/16 16:55:21 | 000,255,488 | ---- | M] () MD5=3C33B26F2F7FA61D882515F2D6078691 -- C:\Users\Jacquie\AppData\Local\Temp\RarSFX1\procs\explorer.exe
[2011/01/16 16:55:21 | 000,255,488 | ---- | M] () MD5=3C33B26F2F7FA61D882515F2D6078691 -- C:\Users\Jacquie\AppData\Local\Temp\RarSFX2\procs\explorer.exe
[2010/11/20 08:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SysWOW64\explorer.exe
[2010/11/20 08:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/03 02:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009/10/31 02:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 01:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2005/08/16 02:54:58 | 000,001,536 | ---- | M] () MD5=ABC6379205DE2618851C4FCBF72112EB -- C:\Users\Jacquie\AppData\Local\Temp\RarSFX0\h\explorer.exe
[2005/08/16 02:54:58 | 000,001,536 | ---- | M] () MD5=ABC6379205DE2618851C4FCBF72112EB -- C:\Users\Jacquie\AppData\Local\Temp\RarSFX1\h\explorer.exe
[2005/08/16 02:54:58 | 000,001,536 | ---- | M] () MD5=ABC6379205DE2618851C4FCBF72112EB -- C:\Users\Jacquie\AppData\Local\Temp\RarSFX2\h\explorer.exe
[2010/11/20 09:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\explorer.exe
[2010/11/20 09:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 02:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 01:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 21:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 02:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009/08/03 02:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: WININIT.EXE >
[2009/07/13 21:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009/07/13 21:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009/07/13 21:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009/07/13 21:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 21:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 03:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/05/26 19:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- C:\Users\Jacquie\AppData\Local\Temp\RarSFX0\winlogon.exe
[2009/05/26 19:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- C:\Users\Jacquie\AppData\Local\Temp\RarSFX1\winlogon.exe
[2009/05/26 19:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- C:\Users\Jacquie\AppData\Local\Temp\RarSFX2\winlogon.exe
[2009/10/28 02:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< >

< End of report >

[/b


OTL Extras logfile created on: 3/15/2011 4:13:24 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Jacquie\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 59.00% Memory free
7.00 Gb Paging File | 6.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 287.73 Gb Total Space | 241.99 Gb Free Space | 84.10% Space Free | Partition Type: NTFS

Computer Name: JACQUIESLAPTOP | User Name: Jacquie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{15BEAEBD-74D6-C40A-0089-5BFD0E689BFE}" = ATI Catalyst Install Manager
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5BCC94A1-DEF1-4AB4-8046-BC13048E929A}" = TOSHIBA ReelTime
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{94A90C69-71C1-470A-88F5-AA47ECC96B40}" = TOSHIBA HDD Protection
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}" = TOSHIBA Hardware Setup
"{CBD6B23D-41D5-4A46-8019-6208516C9712}" = TOSHIBA Supervisor Password
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E77543EE-6FB5-4FF6-AB70-635392C8C756}" = Microsoft Security Client
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F64684A0-754B-4637-B7F9-6E8DAA8CD5CD}" = TOSHIBA Bulletin Board
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"{FFCE2079-5605-ADAC-80C2-BEA1CCE5919D}" = ccc-utility64
"2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB" = Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0)
"CNXT_AUDIO" = Conexant HD Audio
"CNXT_AUDIO_HDA_HDMI" = Conexant Audio Driver For AMD HDMI Codec
"Lexmark Pro700 Series" = Lexmark Pro700 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{0AA15BEA-12D6-44FC-B3B2-C97B77AB6AF4}" = Toshiba DetectAC Utility
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F0F913F-DD47-5AA8-EDDF-8508275E663F}" = Catalyst Control Center Graphics Full Existing
"{0FB630AB-7BD8-40AE-B223-60397D57C3C9}" = Realtek WLAN Driver
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Toolbar
"{105CFC7C-6992-11D5-BD9D-000102C10FD8}" = Lizardtech DjVu Control
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = TOSHIBA Assist
"{1DE9E2D5-C7B2-096F-61DD-D5C1A6762AA2}" = Catalyst Control Center Graphics Previews Common
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 24
"{274A124E-4AF3-7B98-625F-52B411EB966B}" = CCC Help Swedish
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2F3E4E3E-089B-A942-32A2-BF7FAC2A99F3}" = Catalyst Control Center Core Implementation
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{3135D885-9D9A-4B4D-8D45-9DB05DA115CA}" = Amazon Links
"{320E03DF-54E6-A67D-9275-76788001247C}" = CCC Help Italian
"{326957C7-83FD-4550-A59A-849B7B4297DE}" = Microsoft Easy Assist v2
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3A53976E-FB7D-069D-A46B-6A12BB58C4C9}" = CCC Help Portuguese
"{3B843B38-04B1-4CE6-8888-586273E0F289}" = Quickbooks Financial Center
"{423D8FBE-EC52-40FD-B2A0-8C9C8F973FD7}" = Microsoft Research AutoCollage 2008 version 1.1
"{4436ADB0-16C5-BECE-8D02-0D8E319F9A45}" = CCC Help Dutch
"{459932FF-E643-9018-DF42-9942738CB928}" = CCC Help French
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{5A13987D-55F4-4271-A40E-76AC9B1B38FD}" = OpenOffice.org 3.2
"{5AF550B4-BB67-4E7E-82F1-2C4300279050}" = ToshibaRegistration
"{5AFBD418-B509-E630-0FD8-74A5E9F14376}" = CCC Help Chinese Traditional
"{5BBE1EA0-2FE0-A52D-6C69-1D784E43A305}" = CCC Help Japanese
"{5C6774E8-F301-5C00-B1C8-C4283A7A6533}" = Catalyst Control Center Graphics Light
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}" = Bing Bar Platform
"{6753346A-26B0-F7D7-FB7D-F416F9CC03C9}" = CCC Help Turkish
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6D7C102E-16EB-6679-BF8F-B3D697DC6F8B}" = CCC Help Chinese Standard
"{6FDA74CD-3AD5-877B-CB3E-E239B24F4542}" = CCC Help Korean
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77D63362-CF10-5701-FDE2-897084864B36}" = Catalyst Control Center Localization All
"{788B97E8-D825-419A-8558-1C0B344C5371}" = Costco Photo Organizer
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7AD61E69-E7E5-6783-CE8D-1E0DAEB492F3}" = ccc-core-static
"{7EC58220-587F-1C73-E4A9-77F83B57F97A}" = Catalyst Control Center Graphics Previews Vista
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{819AB29C-DC07-366D-1099-A40FB7C4747E}" = CCC Help Norwegian
"{82F1AB6D-F89F-05D7-9C12-4778793EED15}" = CCC Help Czech
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}" = OLYMPUS ib
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B92E804-DBA7-E902-C078-EBC3366F7667}" = CCC Help Polish
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISER_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISER_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = TOSHIBA Application Installer
"{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}" = TOSHIBA Media Controller
"{98F747AE-FC3B-0700-BFAC-8E12C249B7C6}" = CCC Help Hungarian
"{9AEAF9CC-390B-49C0-8F7F-14092BF163B6}" = NetZero Launcher
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A534F252-5186-EE85-3F9F-177479AB91FA}" = CCC Help Russian
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.4
"{ADBD70A6-6723-351C-F609-8F2CFC8EA993}" = CCC Help English
"{B019F7C7-86B6-CAE4-D876-BAF68C25A2CB}" = CCC Help Thai
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{C3B0D20B-BF56-5D5A-5E1A-4D593F92EE82}" = CCC Help Spanish
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Toshiba Online Backup
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C768790F-04FB-11E0-9B2C-001AA037B01E}" = Google Earth
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE11C6A9-1D9F-B5FB-21FD-ABD0044ECE35}" = Catalyst Control Center Graphics Full New
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DA84ECBF-4B79-47F2-B34C-95C38484C058}" = Skype Launcher
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E18FF197-2386-1382-45D9-7224A035BEC3}" = CCC Help Danish
"{E19C40DE-29E7-D7A7-B89B-B4C57416426D}" = CCC Help Greek
"{E3D63B95-4B21-414A-A2C7-D6D6A6AC6D79}" = Catalyst Control Center - Branding
"{E487EE7D-EAAA-4E2A-9116-E3B477D8A74F}" = TOSHIBA USB Sleep and Charge Utility
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E69992ED-A7F6-406C-9280-1C156417BC49}" = TOSHIBA Quality Application
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F2BF5938-7A8D-8A21-E3F4-91A3CA4AB545}" = Catalyst Control Center InstallProxy
"{F3529665-D75E-4D6D-98F0-745C78C68E9B}" = TOSHIBA ConfigFree
"{F8131A35-47FD-27AD-116D-0E79AF5DE5EE}" = Acrobat.com
"{F83634F0-47EE-F10B-0063-7215C3A44DF8}" = CCC Help German
"{FB1AC053-39FC-9F1A-98B4-3A0B0B9DC761}" = CCC Help Finnish
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"a-squared Anti-Dialer_is1" = a-squared Anti-Dialer 3.0
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Emsisoft Anti-Malware_is1" = Emsisoft Anti-Malware 5.0
"ENTERPRISER" = Microsoft Office Enterprise 2007
"Google Chrome" = Google Chrome
"HijackThis" = HijackThis 2.0.2
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{0AA15BEA-12D6-44FC-B3B2-C97B77AB6AF4}" = Toshiba DetectAC Utility
"InstallShield_{5BCC94A1-DEF1-4AB4-8046-BC13048E929A}" = TOSHIBA ReelTime
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}" = OLYMPUS ib
"InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}" = TOSHIBA Hardware Setup
"InstallShield_{CBD6B23D-41D5-4A46-8019-6208516C9712}" = TOSHIBA Supervisor Password
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{F64684A0-754B-4637-B7F9-6E8DAA8CD5CD}" = TOSHIBA Bulletin Board
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mamutu_is1" = Mamutu 3.0
"TOSHIBA Game Console" = WildTangent ORB Game Console
"Verizon Help and Support" = Verizon Help and Support Tool
"WildTangent toshiba Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live Essentials
"WinPatrol" = WinPatrol
"WT078087" = Blackhawk Striker 2
"WT078109" = FATE Undiscovered Realms
"WT078123" = Monopoly
"WT078129" = Polar Bowler
"WT078130" = Virtual Families
"WT078308" = Bejeweled 2 Deluxe
"WT078349" = Mystery P.I. - The Vegas Heist
"WT078385" = Virtual Villagers - The Secret City
"WT078475" = Scrabble Plus
"WT078491" = Faerie Solitaire

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3816284200-437857660-2917846397-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GoToMeeting" = GoToMeeting 4.5.0.457
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2/28/2011 5:36:39 PM | Computer Name = JacquiesLaptop | Source = SideBySide | ID = 16842811
Description = Activation context generation failed for "c:\program files (x86)\microsoft\search
enhancement pack\search box extension\SrchBxEx.dll".Error in manifest or policy
file "c:\program files (x86)\microsoft\search enhancement pack\search box extension\SrchBxEx.dll"
on line 2. Invalid Xml syntax.

Error - 3/1/2011 3:00:51 PM | Computer Name = JacquiesLaptop | Source = VSS | ID = 12305
Description =

Error - 3/1/2011 3:39:17 PM | Computer Name = JacquiesLaptop | Source = ESENT | ID = 215
Description = WinMail (2328) WindowsMail0: The backup has been stopped because it
was halted by the client or the connection with the client failed.

Error - 3/1/2011 3:39:21 PM | Computer Name = JacquiesLaptop | Source = ESENT | ID = 215
Description = WinMail (2972) WindowsMail0: The backup has been stopped because it
was halted by the client or the connection with the client failed.

Error - 3/3/2011 6:15:08 PM | Computer Name = JacquiesLaptop | Source = Application Error | ID = 1000
Description = Faulting application name: explorer.exe, version: 0.0.0.0, time stamp:
0x4d334d98 Faulting module name: explorer.exe, version: 0.0.0.0, time stamp: 0x4d334d98
Exception
code: 0x40000015 Fault offset: 0x0008cb40 Faulting process id: 0xdb4 Faulting application
start time: 0x01cbd9f068f1107b Faulting application path: C:\Users\Jacquie\AppData\Local\Temp\RarSFX1\procs\explorer.exe
Faulting
module path: C:\Users\Jacquie\AppData\Local\Temp\RarSFX1\procs\explorer.exe Report
Id: b2931e0e-45e3-11e0-98da-c80aa98cc80e

Error - 3/3/2011 6:26:44 PM | Computer Name = JacquiesLaptop | Source = Application Hang | ID = 1002
Description = The program Skype.exe version 5.1.0.112 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: d04 Start Time:
01cbd9e909b018b8 Termination Time: 229 Application Path: C:\Program Files (x86)\Skype\Phone\Skype.exe

Report
Id:

Error - 3/3/2011 9:01:39 PM | Computer Name = JacquiesLaptop | Source = Windows Search Service | ID = 3007
Description =

Error - 3/4/2011 9:36:06 AM | Computer Name = JacquiesLaptop | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 0.0.0.0, time stamp:
0x4d334d98 Faulting module name: iexplore.exe, version: 0.0.0.0, time stamp: 0x4d334d98
Exception
code: 0x40000015 Fault offset: 0x0008cb40 Faulting process id: 0x62c Faulting application
start time: 0x01cbda710e1a57f7 Faulting application path: C:\Users\Jacquie\AppData\Local\Temp\RarSFX3\procs\iexplore.exe
Faulting
module path: C:\Users\Jacquie\AppData\Local\Temp\RarSFX3\procs\iexplore.exe Report
Id: 5afaccb4-4664-11e0-8fb1-c80aa98cc80e

Error - 3/6/2011 6:58:15 PM | Computer Name = JacquiesLaptop | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.7601.17514 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1714 Start
Time: 01cbdc2684d37376 Termination Time: 0 Application Path: C:\Program Files (x86)\Internet
Explorer\iexplore.exe Report Id: 2a766c95-4845-11e0-a664-c80aa98cc80e

Error - 3/6/2011 7:05:59 PM | Computer Name = JacquiesLaptop | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.7601.17514 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 688 Start
Time: 01cbdc51fa21b85a Termination Time: 47 Application Path: C:\Program Files (x86)\Internet
Explorer\iexplore.exe Report Id: 3fe93883-4846-11e0-a664-c80aa98cc80e

[ System Events ]
Error - 3/10/2011 10:00:04 PM | Computer Name = JacquiesLaptop | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter

Error - 3/10/2011 10:00:04 PM | Computer Name = JacquiesLaptop | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 3/10/2011 10:00:24 PM | Computer Name = JacquiesLaptop | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the lxeeCATSCustConnectService
service to connect.

Error - 3/10/2011 10:00:24 PM | Computer Name = JacquiesLaptop | Source = Service Control Manager | ID = 7000
Description = The lxeeCATSCustConnectService service failed to start due to the
following error: %%1053

Error - 3/10/2011 10:00:25 PM | Computer Name = JacquiesLaptop | Source = Service Control Manager | ID = 7000
Description = The Norton Internet Security service failed to start due to the following
error: %%2

Error - 3/10/2011 10:11:16 PM | Computer Name = JacquiesLaptop | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter

Error - 3/10/2011 10:11:16 PM | Computer Name = JacquiesLaptop | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 3/10/2011 10:11:39 PM | Computer Name = JacquiesLaptop | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the lxeeCATSCustConnectService
service to connect.

Error - 3/10/2011 10:11:39 PM | Computer Name = JacquiesLaptop | Source = Service Control Manager | ID = 7000
Description = The lxeeCATSCustConnectService service failed to start due to the
following error: %%1053

Error - 3/10/2011 10:11:39 PM | Computer Name = JacquiesLaptop | Source = Service Control Manager | ID = 7000
Description = The Norton Internet Security service failed to start due to the following
error: %%2


< End of report >

#7 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,771 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:05:16 PM

Posted 17 March 2011 - 08:30 AM

Hi,

please run a scan with TDSSKiller next:
  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop and make sure TDSSKiller.exe (the contents of the zipped file) is on the Desktop itself, not within a folder on the desktop.
  • Go to Start > Run (Or you can hold down your Windows key and press R) and copy and paste the following into the text field. (make sure you include the quote marks) Then press OK.

    "%userprofile%\Desktop\TDSSKiller.exe" -l C:\TDSSKiller.txt

  • If it says "Hidden service detected" DO NOT type anything in. Just press Enter on your keyboard to not do anything to the file.
  • When it is done, a log file should be created on your C: drive called "TDSSKiller.txt" please copy and paste the contents of that file here.

What exactly have you blocked for synaptic? The execution or the connection to the Internet?

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#8 jacqgal

jacqgal
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:16 AM

Posted 21 March 2011 - 02:14 PM

[Hello, I just completed a full reply and when I clicked the button to add the reply, it did not update for some reason. In other words, it disappeared.]
Thank you for your reply, I apologize for my delay in responding, I've been sick. But today I downloaded the program by Kaspersky you recommended and when I went to run it I got an error message that the log couldn't be initialized. I did run it twice, it ran very very fast and reported nothing found. Plus I looked throughout my C drive and there was no log text anywhere either, as I suspected would be the case due to the error message.

Today when I when on-line for the first time in several days, my browser (internet explorer) was magnified to 200%, twice I tried it with the same results both times. Also, each time I'm on line, within a short period of time, internet explorer shuts itself down. It doesn't seem to be for any particular reason as it happens with only one window open checking my email even.

PLEASE respond at your earliest convenience because this step didn't seem to do anything for us, and I'm still having the same problems, with more being added.

Also, the program blocked is: PROGRAM FILES\SYNAPTICS\SYNTP\SynTPHelper.exe

THANK YOU SO MUCH FOR ANY AND ALL OF YOUR HELP!

#9 jacqgal

jacqgal
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:16 AM

Posted 21 March 2011 - 02:18 PM

Hello, I decided to go back and run the program as administrator and again it reported no infections found, however this time I have the log for you as follows:

2011/03/21 15:16:01.0811 1748 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/03/21 15:16:02.0357 1748 ================================================================================
2011/03/21 15:16:02.0357 1748 SystemInfo:
2011/03/21 15:16:02.0357 1748
2011/03/21 15:16:02.0357 1748 OS Version: 6.1.7601 ServicePack: 1.0
2011/03/21 15:16:02.0357 1748 Product type: Workstation
2011/03/21 15:16:02.0357 1748 ComputerName: JACQUIESLAPTOP
2011/03/21 15:16:02.0357 1748 UserName: Jacquie
2011/03/21 15:16:02.0357 1748 Windows directory: C:\windows
2011/03/21 15:16:02.0357 1748 System windows directory: C:\windows
2011/03/21 15:16:02.0357 1748 Running under WOW64
2011/03/21 15:16:02.0357 1748 Processor architecture: Intel x64
2011/03/21 15:16:02.0357 1748 Number of processors: 2
2011/03/21 15:16:02.0357 1748 Page size: 0x1000
2011/03/21 15:16:02.0357 1748 Boot type: Normal boot
2011/03/21 15:16:02.0357 1748 ================================================================================
2011/03/21 15:16:02.0716 1748 Initialize success
2011/03/21 15:16:05.0883 1520 ================================================================================
2011/03/21 15:16:05.0883 1520 Scan started
2011/03/21 15:16:05.0883 1520 Mode: Manual;
2011/03/21 15:16:05.0883 1520 ================================================================================
2011/03/21 15:16:06.0335 1520 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
2011/03/21 15:16:06.0445 1520 a2acc (0b8ed3de81ec30ad50873f033b34b39e) C:\PROGRAM FILES (X86)\MAMUTU\a2accx64.sys
2011/03/21 15:16:06.0601 1520 a2injectiondriver (f75ddc4047aa1ac85164445cba7601ef) C:\Program Files (x86)\Mamutu\a2dix64.sys
2011/03/21 15:16:06.0632 1520 a2util (e41d79682a209f72f4f578cfd4a53952) C:\Program Files (x86)\Mamutu\a2util64.sys
2011/03/21 15:16:06.0725 1520 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
2011/03/21 15:16:06.0772 1520 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
2011/03/21 15:16:06.0881 1520 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
2011/03/21 15:16:06.0991 1520 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
2011/03/21 15:16:07.0037 1520 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
2011/03/21 15:16:07.0162 1520 AFD (d31dc7a16dea4a9baf179f3d6fbdb38c) C:\windows\system32\drivers\afd.sys
2011/03/21 15:16:07.0256 1520 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
2011/03/21 15:16:07.0303 1520 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
2011/03/21 15:16:07.0349 1520 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
2011/03/21 15:16:07.0459 1520 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
2011/03/21 15:16:07.0490 1520 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
2011/03/21 15:16:07.0615 1520 amdsata (6ec6d772eae38dc17c14aed9b178d24b) C:\windows\system32\drivers\amdsata.sys
2011/03/21 15:16:07.0646 1520 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
2011/03/21 15:16:07.0771 1520 amdxata (1142a21db581a84ea5597b03a26ebaa0) C:\windows\system32\drivers\amdxata.sys
2011/03/21 15:16:07.0817 1520 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
2011/03/21 15:16:07.0927 1520 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
2011/03/21 15:16:07.0973 1520 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
2011/03/21 15:16:08.0005 1520 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
2011/03/21 15:16:08.0098 1520 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
2011/03/21 15:16:08.0270 1520 atikmdag (173f4c05f87085e9bda3f7037bc9f40e) C:\windows\system32\DRIVERS\atikmdag.sys
2011/03/21 15:16:08.0395 1520 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\windows\system32\DRIVERS\AtiPcie.sys
2011/03/21 15:16:08.0488 1520 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
2011/03/21 15:16:08.0597 1520 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
2011/03/21 15:16:08.0644 1520 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
2011/03/21 15:16:08.0769 1520 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
2011/03/21 15:16:08.0816 1520 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\windows\system32\DRIVERS\bowser.sys
2011/03/21 15:16:08.0847 1520 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
2011/03/21 15:16:08.0941 1520 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
2011/03/21 15:16:08.0987 1520 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
2011/03/21 15:16:09.0019 1520 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
2011/03/21 15:16:09.0112 1520 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
2011/03/21 15:16:09.0143 1520 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
2011/03/21 15:16:09.0175 1520 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
2011/03/21 15:16:09.0299 1520 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
2011/03/21 15:16:09.0362 1520 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\drivers\cdrom.sys
2011/03/21 15:16:09.0487 1520 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
2011/03/21 15:16:09.0533 1520 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
2011/03/21 15:16:09.0674 1520 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
2011/03/21 15:16:09.0736 1520 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
2011/03/21 15:16:09.0830 1520 CNG (d5fea92400f12412b3922087c09da6a5) C:\windows\system32\Drivers\cng.sys
2011/03/21 15:16:09.0939 1520 CnxtHdAudService (94af76ba5b74518610da47e7181a1d68) C:\windows\system32\drivers\CHDRT64.sys
2011/03/21 15:16:10.0064 1520 CnxtHdmiAudService (df88d2c170d79f29f6354f83c32b2816) C:\windows\system32\drivers\CHDMI64.sys
2011/03/21 15:16:10.0173 1520 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
2011/03/21 15:16:10.0220 1520 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
2011/03/21 15:16:10.0345 1520 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
2011/03/21 15:16:10.0485 1520 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
2011/03/21 15:16:10.0563 1520 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
2011/03/21 15:16:10.0781 1520 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
2011/03/21 15:16:10.0953 1520 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
2011/03/21 15:16:11.0031 1520 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
2011/03/21 15:16:11.0187 1520 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
2011/03/21 15:16:11.0359 1520 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
2011/03/21 15:16:11.0437 1520 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
2011/03/21 15:16:11.0515 1520 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
2011/03/21 15:16:11.0546 1520 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
2011/03/21 15:16:11.0655 1520 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
2011/03/21 15:16:11.0702 1520 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
2011/03/21 15:16:11.0733 1520 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
2011/03/21 15:16:11.0764 1520 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
2011/03/21 15:16:11.0858 1520 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
2011/03/21 15:16:11.0920 1520 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
2011/03/21 15:16:12.0045 1520 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\windows\system32\DRIVERS\fssfltr.sys
2011/03/21 15:16:12.0092 1520 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys
2011/03/21 15:16:12.0201 1520 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
2011/03/21 15:16:12.0248 1520 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
2011/03/21 15:16:12.0373 1520 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
2011/03/21 15:16:12.0466 1520 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
2011/03/21 15:16:12.0591 1520 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
2011/03/21 15:16:12.0638 1520 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
2011/03/21 15:16:12.0669 1520 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
2011/03/21 15:16:12.0747 1520 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
2011/03/21 15:16:12.0825 1520 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
2011/03/21 15:16:12.0965 1520 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
2011/03/21 15:16:13.0043 1520 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
2011/03/21 15:16:13.0137 1520 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
2011/03/21 15:16:13.0184 1520 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys
2011/03/21 15:16:13.0309 1520 iaStorV (3df4395a7cf8b7a72a5f4606366b8c2d) C:\windows\system32\drivers\iaStorV.sys
2011/03/21 15:16:13.0418 1520 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
2011/03/21 15:16:13.0480 1520 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
2011/03/21 15:16:13.0511 1520 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
2011/03/21 15:16:13.0574 1520 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
2011/03/21 15:16:13.0683 1520 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
2011/03/21 15:16:13.0745 1520 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
2011/03/21 15:16:13.0823 1520 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
2011/03/21 15:16:13.0886 1520 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
2011/03/21 15:16:13.0917 1520 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
2011/03/21 15:16:14.0026 1520 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\drivers\kbdclass.sys
2011/03/21 15:16:14.0089 1520 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
2011/03/21 15:16:14.0151 1520 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\windows\system32\Drivers\ksecdd.sys
2011/03/21 15:16:14.0245 1520 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\windows\system32\Drivers\ksecpkg.sys
2011/03/21 15:16:14.0291 1520 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
2011/03/21 15:16:14.0401 1520 L1C (2377ec4cc3e356655b996f39b43486b6) C:\windows\system32\DRIVERS\L1C62x64.sys
2011/03/21 15:16:14.0494 1520 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
2011/03/21 15:16:14.0619 1520 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
2011/03/21 15:16:14.0666 1520 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
2011/03/21 15:16:14.0681 1520 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
2011/03/21 15:16:14.0744 1520 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
2011/03/21 15:16:14.0806 1520 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
2011/03/21 15:16:14.0978 1520 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
2011/03/21 15:16:15.0009 1520 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
2011/03/21 15:16:15.0071 1520 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
2011/03/21 15:16:15.0165 1520 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
2011/03/21 15:16:15.0212 1520 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\drivers\mouclass.sys
2011/03/21 15:16:15.0305 1520 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
2011/03/21 15:16:15.0352 1520 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
2011/03/21 15:16:15.0461 1520 MpFilter (e6ba8e5a4a871899e23d64573ef58ee9) C:\windows\system32\DRIVERS\MpFilter.sys
2011/03/21 15:16:15.0524 1520 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
2011/03/21 15:16:15.0617 1520 MpNWMon (98b09a4f2c462441030b83a80a3f6fb3) C:\windows\system32\DRIVERS\MpNWMon.sys
2011/03/21 15:16:15.0680 1520 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
2011/03/21 15:16:15.0789 1520 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
2011/03/21 15:16:15.0929 1520 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
2011/03/21 15:16:16.0039 1520 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
2011/03/21 15:16:16.0085 1520 mrxsmb (faf015b07e3a2874a790a39b7d2c579f) C:\windows\system32\DRIVERS\mrxsmb.sys
2011/03/21 15:16:16.0117 1520 mrxsmb10 (08e2345df129082bcdffdc1440f9c00d) C:\windows\system32\DRIVERS\mrxsmb10.sys
2011/03/21 15:16:16.0210 1520 mrxsmb20 (108d87409c5812ef47d81e22843e8c9d) C:\windows\system32\DRIVERS\mrxsmb20.sys
2011/03/21 15:16:16.0257 1520 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
2011/03/21 15:16:16.0304 1520 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
2011/03/21 15:16:16.0413 1520 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
2011/03/21 15:16:16.0444 1520 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
2011/03/21 15:16:16.0491 1520 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
2011/03/21 15:16:16.0585 1520 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
2011/03/21 15:16:16.0631 1520 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
2011/03/21 15:16:16.0663 1520 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
2011/03/21 15:16:16.0772 1520 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
2011/03/21 15:16:16.0819 1520 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
2011/03/21 15:16:16.0865 1520 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
2011/03/21 15:16:16.0943 1520 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
2011/03/21 15:16:17.0006 1520 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
2011/03/21 15:16:17.0099 1520 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
2011/03/21 15:16:17.0240 1520 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
2011/03/21 15:16:17.0333 1520 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
2011/03/21 15:16:17.0380 1520 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
2011/03/21 15:16:17.0443 1520 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
2011/03/21 15:16:17.0521 1520 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
2011/03/21 15:16:17.0567 1520 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
2011/03/21 15:16:17.0645 1520 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
2011/03/21 15:16:17.0708 1520 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
2011/03/21 15:16:17.0848 1520 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
2011/03/21 15:16:17.0911 1520 NisDrv (3713e8452b88d3e0be095e06b6fbc776) C:\windows\system32\DRIVERS\NisDrvWFP.sys
2011/03/21 15:16:17.0957 1520 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
2011/03/21 15:16:18.0035 1520 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
2011/03/21 15:16:18.0129 1520 Ntfs (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\windows\system32\drivers\Ntfs.sys
2011/03/21 15:16:18.0207 1520 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
2011/03/21 15:16:18.0254 1520 nvraid (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\windows\system32\drivers\nvraid.sys
2011/03/21 15:16:18.0285 1520 nvstor (f7cd50fe7139f07e77da8ac8033d1832) C:\windows\system32\drivers\nvstor.sys
2011/03/21 15:16:18.0379 1520 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
2011/03/21 15:16:18.0457 1520 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
2011/03/21 15:16:18.0488 1520 OlyCamComm (fe8278bcf145404976d866d9a46e6bd8) C:\windows\system32\DRIVERS\OlyCamComm.sys
2011/03/21 15:16:18.0644 1520 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
2011/03/21 15:16:18.0691 1520 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\windows\system32\drivers\partmgr.sys
2011/03/21 15:16:18.0753 1520 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
2011/03/21 15:16:18.0847 1520 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
2011/03/21 15:16:18.0909 1520 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
2011/03/21 15:16:18.0940 1520 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
2011/03/21 15:16:19.0034 1520 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
2011/03/21 15:16:19.0174 1520 PGEffect (663962900e7fea522126ba287715bb4a) C:\windows\system32\DRIVERS\pgeffect.sys
2011/03/21 15:16:19.0283 1520 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
2011/03/21 15:16:19.0315 1520 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
2011/03/21 15:16:19.0439 1520 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
2011/03/21 15:16:19.0502 1520 QIOMem (c8fcb4899f8b70cc34e0d9876a80963c) C:\windows\system32\DRIVERS\QIOMem.sys
2011/03/21 15:16:19.0611 1520 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
2011/03/21 15:16:19.0705 1520 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
2011/03/21 15:16:19.0751 1520 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
2011/03/21 15:16:19.0767 1520 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
2011/03/21 15:16:19.0814 1520 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
2011/03/21 15:16:19.0923 1520 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
2011/03/21 15:16:19.0954 1520 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
2011/03/21 15:16:20.0001 1520 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
2011/03/21 15:16:20.0095 1520 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
2011/03/21 15:16:20.0141 1520 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
2011/03/21 15:16:20.0173 1520 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
2011/03/21 15:16:20.0282 1520 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
2011/03/21 15:16:20.0313 1520 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
2011/03/21 15:16:20.0375 1520 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\windows\system32\drivers\RDPWD.sys
2011/03/21 15:16:20.0485 1520 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
2011/03/21 15:16:20.0578 1520 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
2011/03/21 15:16:20.0703 1520 RSUSBSTOR (483df0b58ca532e5240e59dc41f30aa2) C:\windows\system32\Drivers\RtsUStor.sys
2011/03/21 15:16:20.0797 1520 rtl8192se (7475548b0ba58eba4d12414fc9e9dfe6) C:\windows\system32\DRIVERS\rtl8192se.sys
2011/03/21 15:16:20.0906 1520 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
2011/03/21 15:16:20.0984 1520 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
2011/03/21 15:16:21.0140 1520 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
2011/03/21 15:16:21.0187 1520 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
2011/03/21 15:16:21.0233 1520 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
2011/03/21 15:16:21.0311 1520 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
2011/03/21 15:16:21.0389 1520 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
2011/03/21 15:16:21.0421 1520 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
2011/03/21 15:16:21.0436 1520 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
2011/03/21 15:16:21.0499 1520 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
2011/03/21 15:16:21.0623 1520 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
2011/03/21 15:16:21.0655 1520 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
2011/03/21 15:16:21.0686 1520 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
2011/03/21 15:16:21.0811 1520 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
2011/03/21 15:16:21.0904 1520 srv (2098b8556d1cec2aca9a29cd479e3692) C:\windows\system32\DRIVERS\srv.sys
2011/03/21 15:16:21.0998 1520 srv2 (d0f73a42040f21f92fd314b42ac5c9e7) C:\windows\system32\DRIVERS\srv2.sys
2011/03/21 15:16:22.0045 1520 srvnet (2ba8f3250828ccdb4204ecf2c6f40b6a) C:\windows\system32\DRIVERS\srvnet.sys
2011/03/21 15:16:22.0154 1520 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
2011/03/21 15:16:22.0216 1520 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
2011/03/21 15:16:22.0341 1520 SynTP (d58927ae176da3cc400e2c1d2f441ec3) C:\windows\system32\DRIVERS\SynTP.sys
2011/03/21 15:16:22.0481 1520 Tcpip (509383e505c973ed7534a06b3d19688d) C:\windows\system32\drivers\tcpip.sys
2011/03/21 15:16:22.0622 1520 TCPIP6 (509383e505c973ed7534a06b3d19688d) C:\windows\system32\DRIVERS\tcpip.sys
2011/03/21 15:16:22.0731 1520 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
2011/03/21 15:16:22.0778 1520 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys
2011/03/21 15:16:22.0856 1520 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
2011/03/21 15:16:22.0887 1520 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\windows\system32\drivers\tdtcp.sys
2011/03/21 15:16:22.0949 1520 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
2011/03/21 15:16:23.0043 1520 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
2011/03/21 15:16:23.0121 1520 Thpdrv (c013f6acaa9761f571bd28dada7c157d) C:\windows\system32\DRIVERS\thpdrv.sys
2011/03/21 15:16:23.0215 1520 Thpevm (b4e609047434ed948af7bdef2fa66e38) C:\windows\system32\DRIVERS\Thpevm.SYS
2011/03/21 15:16:23.0402 1520 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
2011/03/21 15:16:23.0449 1520 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
2011/03/21 15:16:23.0573 1520 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
2011/03/21 15:16:23.0620 1520 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS
2011/03/21 15:16:23.0714 1520 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\windows\system32\DRIVERS\TVALZFL.sys
2011/03/21 15:16:23.0745 1520 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
2011/03/21 15:16:23.0807 1520 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
2011/03/21 15:16:23.0932 1520 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
2011/03/21 15:16:23.0995 1520 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\drivers\umbus.sys
2011/03/21 15:16:24.0073 1520 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
2011/03/21 15:16:24.0135 1520 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\windows\system32\DRIVERS\usbccgp.sys
2011/03/21 15:16:24.0166 1520 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
2011/03/21 15:16:24.0260 1520 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\windows\system32\DRIVERS\usbehci.sys
2011/03/21 15:16:24.0322 1520 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\windows\system32\drivers\usbhub.sys
2011/03/21 15:16:24.0416 1520 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\windows\system32\DRIVERS\usbohci.sys
2011/03/21 15:16:24.0447 1520 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
2011/03/21 15:16:24.0509 1520 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\windows\system32\DRIVERS\usbscan.sys
2011/03/21 15:16:24.0619 1520 USBSTOR (d76510cfa0fc09023077f22c2f979d86) C:\windows\system32\DRIVERS\USBSTOR.SYS
2011/03/21 15:16:24.0650 1520 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\windows\system32\DRIVERS\usbuhci.sys
2011/03/21 15:16:24.0775 1520 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\System32\Drivers\usbvideo.sys
2011/03/21 15:16:24.0837 1520 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
2011/03/21 15:16:24.0946 1520 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
2011/03/21 15:16:24.0993 1520 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
2011/03/21 15:16:25.0040 1520 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
2011/03/21 15:16:25.0071 1520 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
2011/03/21 15:16:25.0165 1520 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
2011/03/21 15:16:25.0227 1520 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
2011/03/21 15:16:25.0258 1520 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
2011/03/21 15:16:25.0367 1520 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
2011/03/21 15:16:25.0414 1520 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
2011/03/21 15:16:25.0445 1520 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
2011/03/21 15:16:25.0539 1520 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
2011/03/21 15:16:25.0586 1520 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
2011/03/21 15:16:25.0664 1520 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
2011/03/21 15:16:25.0679 1520 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
2011/03/21 15:16:25.0835 1520 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
2011/03/21 15:16:25.0882 1520 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
2011/03/21 15:16:26.0023 1520 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
2011/03/21 15:16:26.0054 1520 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
2011/03/21 15:16:26.0225 1520 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
2011/03/21 15:16:26.0366 1520 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
2011/03/21 15:16:26.0459 1520 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
2011/03/21 15:16:26.0537 1520 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
2011/03/21 15:16:26.0631 1520 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
2011/03/21 15:16:26.0725 1520 ================================================================================
2011/03/21 15:16:26.0725 1520 Scan finished
2011/03/21 15:16:26.0725 1520 ================================================================================


Thank you AGAIN AND AGAIN !!!

#10 jacqgal

jacqgal
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:16 AM

Posted 21 March 2011 - 02:31 PM

Hello, I forgot to add that internet explorer shuts down when I am attempting to open a new tab sometimes too, so I haven't even attempted to go to any sites. I get a message that it was shut down by Data execution prevention possibly due to a malicious add-on. This is happening several times a day. Thank you.

#11 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,771 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:05:16 PM

Posted 21 March 2011 - 02:38 PM

Hi,
I would like you to reset your internet explorer following this guide: http://support.microsoft.com/kb/923737

Let me know if this solves the irregular closing and the usability issues in internet explorer. Your hosts file is looking fine, are you still getting redirected?

Do you use a router to connect to the internet?

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#12 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,771 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:05:16 PM

Posted 03 April 2011 - 07:36 AM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users