Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

redirected, random audio ads, hidden programs. What do I do?


  • This topic is locked This topic is locked
40 replies to this topic

#1 L A Slim

L A Slim

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:06:39 AM

Posted 03 May 2011 - 10:57 PM

Windows recovery virus has hidden all my programs and files. Random audio ads popping up, computer slowing down and can not click on a url as I will be redirected to some random website. Oh yeah, Internet Explorer script errors as well. Need everything back to normal. All my programs, folders and files hidden. Help. What's the first step? Running Windows XP 32bit

Thanks.
.
DDS (Ver_11-03-05.01) - NTFSx86
Run by laptop at 21:21:45.01 on Tue 05/03/2011
Internet Explorer: 7.0.6001.18000
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.1014.126 [GMT -7:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\brsvc01a.exe
C:\Windows\system32\brss01a.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\IObit\Advanced Spyware Remover\ASRtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\IObit\Advanced Spyware Remover\ASRsrv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10n_ActiveX.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\IObit\Advanced Spyware Remover\ASR.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\laptop\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://yahoo.com/
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Advanced Spyware Remover] "c:\program files\iobit\advanced spyware remover\ASRtray.exe" /autostart
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\laptop\appdata\roaming\dvdvideosoftiehelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\laptop\appdata\roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm
IE: {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - c:\program files\lenovo\veriface\OpenWnd.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Notify: igfxcui - igfxdev.dll
.
============= SERVICES / DRIVERS ===============
.
R2 ASRservice;ASRservice;c:\program files\iobit\advanced spyware remover\ASRsrv.exe [2011-5-2 697104]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\drivers\AcpiVpc.sys [2009-5-19 21520]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2007-2-8 179712]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 CapFilt;CapFilt;c:\windows\system32\drivers\CapFilt.sys [2007-9-25 17536]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-05-02 19:32:10 -------- d-sh--w- C:\$RECYCLE.BIN
2011-05-02 19:29:00 -------- d-----w- c:\users\laptop\appdata\local\temp
2011-05-02 19:20:16 98816 ----a-w- c:\windows\sed.exe
2011-05-02 19:20:16 89088 ----a-w- c:\windows\MBR.exe
2011-05-02 19:20:16 256512 ----a-w- c:\windows\PEV.exe
2011-05-02 19:20:16 161792 ----a-w- c:\windows\SWREG.exe
2011-05-02 19:20:04 -------- d-----w- C:\ComboFix
2011-05-02 18:42:12 -------- d-----w- c:\users\laptop\appdata\roaming\Bc
2011-05-02 18:12:54 -------- d-----w- c:\program files\GridinSoft Trojan Killer
2011-05-02 18:11:01 -------- d-----w- c:\progra~2\IObit
2011-05-02 18:10:59 -------- d-----w- c:\program files\IObit
2011-04-30 10:05:43 231936 ----a-w- c:\windows\system32\msshsq.dll
2011-04-30 10:01:46 2048 ----a-w- c:\windows\system32\winrsmgr.dll
2011-04-30 10:01:15 40448 ----a-w- c:\windows\system32\winrs.exe
2011-04-30 10:01:15 20480 ----a-w- c:\windows\system32\winrshost.exe
2011-04-30 10:01:15 12800 ----a-w- c:\windows\system32\wsmprovhost.exe
2011-04-30 10:01:12 10240 ----a-w- c:\windows\system32\wsmplpxy.dll
2011-04-30 10:01:12 10240 ----a-w- c:\windows\system32\winrssrv.dll
2011-04-30 10:01:10 81408 ----a-w- c:\windows\system32\wevtfwd.dll
2011-04-30 10:01:10 79872 ----a-w- c:\windows\system32\wecutil.exe
2011-04-30 10:01:10 56320 ----a-w- c:\windows\system32\wecapi.dll
2011-04-30 10:01:10 54272 ----a-w- c:\windows\system32\WsmRes.dll
2011-04-30 10:01:10 41472 ----a-w- c:\windows\system32\pwrshplugin.dll
2011-04-30 10:01:10 146944 ----a-w- c:\windows\system32\wecsvc.dll
2011-04-30 10:00:59 201184 ----a-w- c:\windows\system32\winrm.vbs
2011-04-30 10:00:56 252416 ----a-w- c:\windows\system32\WSManMigrationPlugin.dll
2011-04-30 10:00:56 246272 ----a-w- c:\windows\system32\WSManHTTPConfig.exe
2011-04-30 10:00:56 241152 ----a-w- c:\windows\system32\winrscmd.dll
2011-04-30 10:00:56 214016 ----a-w- c:\windows\system32\WsmWmiPl.dll
2011-04-30 10:00:56 145408 ----a-w- c:\windows\system32\WsmAuto.dll
2011-04-30 10:00:55 1181696 ----a-w- c:\windows\system32\WsmSvc.dll
2011-04-29 19:49:02 7071056 ---ha-w- c:\progra~2\microsoft\windows defender\definition updates\{88d3aa67-9d87-4077-b1e9-cd4aa089e467}\mpengine.dll
2011-04-29 19:42:33 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-04-29 19:42:30 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-04-28 20:36:51 80896 ----a-w- c:\windows\system32\MSNP.ax
2011-04-28 20:36:41 293376 ----a-w- c:\windows\system32\psisdecd.dll
2011-04-28 20:36:39 217088 ----a-w- c:\windows\system32\psisrndr.ax
2011-04-28 20:30:05 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-04-28 20:30:05 49472 ----a-w- c:\windows\system32\netfxperf.dll
2011-04-28 20:30:05 297808 ----a-w- c:\windows\system32\mscoree.dll
2011-04-28 20:30:05 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2011-04-28 20:30:05 1130824 ----a-w- c:\windows\system32\dfshim.dll
2011-04-28 07:58:50 125952 ----a-w- c:\windows\system32\srvsvc.dll
2011-04-28 07:58:49 17920 ----a-w- c:\windows\system32\netevent.dll
2011-04-28 07:58:42 501760 ----a-w- c:\windows\system32\usp10.dll
2011-04-28 07:56:33 168960 ----a-w- c:\program files\windows media player\wmplayer.exe
2011-04-28 07:56:30 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2011-04-28 07:54:59 126464 ----a-w- c:\windows\system32\spoolsv.exe
2011-04-28 07:53:50 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2011-04-28 07:52:58 625152 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-04-28 07:51:56 531968 ----a-w- c:\windows\system32\comctl32.dll
2011-04-27 05:56:26 -------- d-----w- C:\PerfLogs
2011-04-27 04:30:05 -------- d-----w- c:\program files\common files\Windows Live
2011-04-27 04:26:49 -------- d--h--w- c:\windows\system32\x64
2011-04-19 21:14:58 -------- d--h--w- c:\users\laptop\appdata\roaming\Flickr
2011-04-19 21:14:58 -------- d--h--w- c:\users\laptop\appdata\local\Flickr
2011-04-18 07:14:12 2623488 ----a-w- c:\windows\system32\SLsvc.exe
2011-04-18 07:14:12 1541120 ----a-w- c:\windows\system32\onex.dll
2011-04-18 07:14:10 2730536 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\default\MpEngine.dll
2011-04-18 07:14:01 51768 ----a-w- c:\windows\system32\PSHED.DLL
2011-04-18 07:14:00 705536 ----a-w- c:\windows\system32\imagesp1.dll
2011-04-18 07:12:59 964608 ----a-w- c:\program files\windows journal\JNWDRV.dll
2011-04-18 07:11:59 98816 ----a-w- c:\windows\system32\sdshext.dll
2011-04-18 07:10:59 47616 ----a-w- c:\windows\system32\drivers\ipfltdrv.sys
2011-04-04 10:02:39 -------- d-----w- c:\windows\SQL9_KB970892_ENU
.
==================== Find3M ====================
.
2011-04-27 05:14:39 101888 ---ha-w- c:\windows\system32\ifxcardm.dll
2011-04-27 05:14:19 82432 ---ha-w- c:\windows\system32\axaltocm.dll
2011-03-21 16:08:52 378368 ----a-w- c:\windows\system32\winhttp.dll
2011-03-21 16:06:49 269312 ----a-w- c:\windows\system32\es.dll
2011-03-18 09:17:04 97800 ----a-w- c:\windows\system32\infocardapi.dll
2011-03-18 09:17:04 622080 ----a-w- c:\windows\system32\icardagt.exe
2011-03-18 09:17:04 37384 ----a-w- c:\windows\system32\infocardcpl.cpl
2011-03-18 09:17:04 11264 ----a-w- c:\windows\system32\icardres.dll
2011-03-18 09:16:54 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2011-03-18 09:16:51 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2011-03-18 01:52:21 23552 ----a-w- c:\windows\system32\lpk.dll
2011-03-18 01:52:21 10240 ----a-w- c:\windows\system32\dciman32.dll
2011-03-18 01:49:26 72704 ----a-w- c:\windows\system32\admparse.dll
2011-03-18 01:49:21 48128 ----a-w- c:\windows\system32\mshtmler.dll
2011-03-18 01:47:12 61440 ----a-w- c:\windows\system32\winipsec.dll
2011-03-18 01:47:12 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL
2011-03-18 01:47:12 28672 ----a-w- c:\windows\system32\FwRemoteSvr.dll
2011-03-18 01:47:12 272896 ----a-w- c:\windows\system32\polstore.dll
2011-03-18 01:43:48 94720 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2011-03-18 01:43:48 241152 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2011-03-18 01:43:48 160768 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2011-03-18 01:42:15 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2011-03-18 01:42:14 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2011-03-18 01:42:14 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2011-03-18 01:42:14 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2011-03-18 01:42:14 19968 ----a-w- c:\windows\system32\ARP.EXE
2011-03-18 01:42:14 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2011-03-18 01:42:14 104960 ----a-w- c:\windows\system32\netiohlp.dll
2011-03-18 01:42:14 10240 ----a-w- c:\windows\system32\finger.exe
2011-03-18 01:38:03 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2011-03-18 01:38:02 68096 ----a-w- c:\windows\system32\wlanhlp.dll
2011-03-18 01:38:02 64512 ----a-w- c:\windows\system32\wlanapi.dll
2011-03-18 01:38:01 513024 ----a-w- c:\windows\system32\wlansvc.dll
2011-03-18 01:38:01 302592 ----a-w- c:\windows\system32\wlansec.dll
2011-03-18 01:38:01 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2011-03-18 01:38:01 15181 ----a-w- c:\windows\system32\gatherWirelessInfo.vbs
2011-03-18 01:36:40 2048 ----a-w- c:\windows\system32\msxml3r.dll
2011-03-18 01:36:39 2048 ----a-w- c:\windows\system32\msxml6r.dll
2011-03-18 01:36:39 1399296 ----a-w- c:\windows\system32\msxml6.dll
2011-03-18 01:35:18 213504 ----a-w- c:\windows\system32\msv1_0.dll
2011-03-18 01:32:43 2868224 ----a-w- c:\windows\system32\mf.dll
2011-03-18 01:32:42 98816 ----a-w- c:\windows\system32\mfps.dll
2011-03-18 01:32:42 53248 ----a-w- c:\windows\system32\rrinstaller.exe
2011-03-18 01:32:42 24576 ----a-w- c:\windows\system32\mfpmp.exe
2011-03-18 01:32:42 2048 ----a-w- c:\windows\system32\mferror.dll
2011-03-18 01:26:30 71680 ----a-w- c:\windows\system32\atl.dll
2011-03-18 01:25:20 296960 ----a-w- c:\windows\system32\gdi32.dll
2011-03-18 01:20:28 562176 ----a-w- c:\windows\system32\msdtcprx.dll
2011-03-18 01:20:28 38912 ----a-w- c:\windows\system32\xolehlp.dll
2011-03-18 01:19:18 160256 ----a-w- c:\windows\system32\wkssvc.dll
2011-03-18 01:18:04 53248 ----a-w- c:\windows\system32\tsgqec.dll
2011-03-18 01:18:04 136192 ----a-w- c:\windows\system32\aaclient.dll
2011-03-18 01:16:50 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2011-03-18 01:14:28 714240 ----a-w- c:\windows\system32\timedate.cpl
2011-03-18 01:06:41 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax
2011-03-18 01:06:41 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2011-03-18 01:02:06 636928 ----a-w- c:\windows\system32\localspl.dll
2011-03-18 00:59:00 2927104 ----a-w- c:\windows\explorer.exe
2011-03-18 00:56:53 9728 ----a-w- c:\windows\system32\lsass.exe
2011-03-18 00:56:53 72704 ----a-w- c:\windows\system32\secur32.dll
2011-03-18 00:56:53 499712 ----a-w- c:\windows\system32\kerberos.dll
2011-03-18 00:56:53 175104 ----a-w- c:\windows\system32\wdigest.dll
2011-03-18 00:56:53 1256448 ----a-w- c:\windows\system32\lsasrv.dll
2011-03-18 00:49:43 6656 ----a-w- c:\windows\system32\kbd106n.dll
2011-03-18 00:49:39 988216 ----a-w- c:\windows\system32\winload.exe
2011-03-18 00:49:39 927288 ----a-w- c:\windows\system32\winresume.exe
2011-03-18 00:49:39 40960 ----a-w- c:\windows\system32\srclient.dll
2011-03-18 00:49:39 378368 ----a-w- c:\windows\system32\srcore.dll
2011-03-18 00:49:39 318464 ----a-w- c:\windows\system32\rstrui.exe
2011-03-18 00:49:39 19000 ----a-w- c:\windows\system32\kd1394.dll
2011-03-18 00:49:39 14848 ----a-w- c:\windows\system32\srdelayed.exe
2011-03-18 00:49:38 615992 ----a-w- c:\windows\system32\ci.dll
2011-03-18 00:49:38 46592 ----a-w- c:\windows\system32\setbcdlocale.dll
2011-03-18 00:47:55 551424 ----a-w- c:\windows\system32\rpcss.dll
2011-03-18 00:47:53 666624 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2011-03-18 00:47:53 615424 ----a-w- c:\windows\system32\wbem\fastprox.dll
2011-03-18 00:47:53 499200 ----a-w- c:\windows\system32\wbem\WmiPrvSD.dll
2011-03-18 00:47:53 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2011-03-18 00:47:53 247296 ----a-w- c:\windows\system32\wbem\WmiPrvSE.exe
2011-03-18 00:47:53 129024 ----a-w- c:\windows\system32\wbem\WmiDcPrv.dll
2011-03-18 00:47:52 54784 ----a-w- c:\windows\system32\iasads.dll
2011-03-18 00:47:52 44032 ----a-w- c:\windows\system32\iasdatastore.dll
2011-03-18 00:47:52 17408 ----a-w- c:\windows\system32\iashost.exe
2011-03-18 00:47:51 98304 ----a-w- c:\windows\system32\iasrecst.dll
2011-03-18 00:47:51 183296 ----a-w- c:\windows\system32\sdohlp.dll
2011-03-18 00:46:53 62464 ----a-w- c:\windows\system32\l3codeca.acm
2011-03-18 00:46:53 220672 ----a-w- c:\windows\system32\l3codecp.acm
2011-03-18 00:44:57 190464 ----a-w- c:\windows\system32\iphlpsvc.dll
2011-03-18 00:42:18 40960 ----a-w- c:\windows\apppatch\apihex86.dll
2011-03-18 00:42:18 24064 ----a-w- c:\windows\system32\amxread.dll
2011-03-18 00:42:18 13824 ----a-w- c:\windows\system32\apilogen.dll
2011-03-18 00:40:18 712704 ----a-w- c:\windows\system32\WindowsCodecs.dll
2011-03-18 00:40:18 425472 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2011-03-18 00:40:17 347136 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2011-03-18 00:37:36 443392 ----a-w- c:\windows\system32\win32spl.dll
2011-03-18 00:37:36 37888 ----a-w- c:\windows\system32\printcom.dll
2011-03-18 00:35:15 14848 ----a-w- c:\windows\system32\wshrm.dll
2011-03-18 00:33:58 43520 ----a-w- c:\windows\system32\msdxm.tlb
2011-03-18 00:33:58 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2011-03-18 00:33:58 18432 ----a-w- c:\windows\system32\amcompat.tlb
.
============= FINISH: 21:23:32.64 ===============

Please note I'm unable to run GMER in both normal and safe mode as it give me a blue screen with system error and reboots the computer.

==============================================
OS Name: Windows Vista
Version 6.0.6001 (Service Pack 1)
Number of processors #2
==============================================
>Drivers
==============================================
0x8C207000 C:\Windows\system32\DRIVERS\snp2uvc.sys 9601024 bytes (-, USB2.0 PC Camera driver)
0x89804000 C:\Windows\system32\DRIVERS\igdkmd32.sys 7057408 bytes (Intel Corporation, Intel Graphics Kernel Mode Driver)
0x81C1E000 C:\Windows\system32\ntkrnlpa.exe 3903488 bytes (Microsoft Corporation, NT Kernel & System)
0x81C1E000 PnpManager 3903488 bytes
0x81C1E000 RAW 3903488 bytes
0x81C1E000 WMIxWDM 3903488 bytes
0x8A203000 C:\Windows\system32\DRIVERS\NETw4v32.sys 2260992 bytes (Intel Corporation, Intel® Wireless WiFi Link Driver)
0x96A00000 Win32k 2109440 bytes
0x96A00000 C:\Windows\System32\win32k.sys 2109440 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0x8B808000 C:\Windows\system32\drivers\RTKVHDA.sys 1765376 bytes (Realtek Semiconductor Corp., Realtek® High Definition Audio Function Driver)
0x85E09000 C:\Windows\System32\Drivers\Ntfs.sys 1110016 bytes (Microsoft Corporation, NT File System Driver)
0x8B204000 C:\Windows\system32\DRIVERS\smserial.sys 1097728 bytes (Motorola Inc., Motorola SM56 Modem WDM Driver)
0x82276000 C:\Windows\system32\drivers\ndis.sys 1093632 bytes (Microsoft Corporation, NDIS 6.0 wrapper driver)
0x85C01000 C:\Windows\System32\drivers\tcpip.sys 954368 bytes (Microsoft Corporation, TCP/IP Driver)
0x804C2000 C:\Windows\system32\CI.dll 917504 bytes (Microsoft Corporation, Code Integrity Module)
0xACA09000 C:\Windows\system32\drivers\peauth.sys 909312 bytes (Microsoft Corporation, Protected Environment Authentication and Authorization Export Driver)
0x8BD1A000 C:\Windows\system32\drivers\spsys.sys 716800 bytes (Microsoft Corporation, security processor)
0x89EBF000 C:\Windows\System32\drivers\dxgkrnl.sys 651264 bytes (Microsoft Corporation, DirectX Graphics Kernel)
0x80607000 C:\Windows\system32\drivers\Wdf01000.sys 507904 bytes (Microsoft Corporation, WDF Dynamic)
0x82205000 C:\Windows\System32\Drivers\ksecdd.sys 462848 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0xAAA0B000 C:\Windows\system32\drivers\HTTP.sys 446464 bytes (Microsoft Corporation, HTTP Protocol Stack)
0x80408000 C:\Windows\system32\mcupdate_GenuineIntel.dll 393216 bytes (Microsoft Corporation, Intel Microcode Update Library)
0x8A4B5000 C:\Windows\system32\DRIVERS\rixdptsk.sys 331776 bytes (REDC, RICOH XD SM Driver)
0xAAB7B000 C:\Windows\System32\DRIVERS\srv.sys 323584 bytes (Microsoft Corporation, Server driver)
0x80739000 C:\Windows\System32\drivers\volmgrx.sys 303104 bytes (Microsoft Corporation, Volume Manager Extension Driver)
0x8BC0C000 C:\Windows\system32\drivers\afd.sys 294912 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0x80690000 C:\Windows\system32\drivers\acpi.sys 286720 bytes (Microsoft Corporation, ACPI Driver for NT)
0x80481000 C:\Windows\system32\CLFS.SYS 266240 bytes (Microsoft Corporation, Common Log File System Driver)
0x8A5B4000 C:\Windows\system32\DRIVERS\storport.sys 266240 bytes (Microsoft Corporation, Microsoft Storage Port Driver)
0x89F76000 C:\Windows\system32\DRIVERS\USBPORT.SYS 253952 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0x8BCBD000 C:\Windows\system32\DRIVERS\rdbss.sys 245760 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0x823AC000 C:\Windows\system32\drivers\NETIO.SYS 237568 bytes (Microsoft Corporation, Network I/O Subsystem)
0xAAB02000 C:\Windows\system32\DRIVERS\mrxsmb10.sys 233472 bytes (Microsoft Corporation, Longhorn SMB Downlevel SubRdr)
0x85F18000 C:\Windows\system32\drivers\volsnap.sys 233472 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0x85DC0000 C:\Windows\system32\DRIVERS\usbhub.sys 212992 bytes (Microsoft Corporation, Default Hub Driver for USB)
0x81FD7000 ACPI_HAL 208896 bytes
0x81FD7000 C:\Windows\system32\hal.dll 208896 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0x807CE000 C:\Windows\system32\drivers\fltmgr.sys 204800 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0x8BC54000 C:\Windows\System32\DRIVERS\netbt.sys 204800 bytes (Microsoft Corporation, MBT Transport driver)
0x8A42B000 C:\Windows\system32\DRIVERS\b57nd60x.sys 192512 bytes (Broadcom Corporation, Broadcom NetXtreme Gigabit Ethernet NDIS6.0 Driver.)
0x8A586000 C:\Windows\system32\DRIVERS\msiscsi.sys 188416 bytes (Microsoft Corporation, Microsoft iSCSI Initiator Driver)
0x8B9B7000 C:\Windows\system32\drivers\portcls.sys 184320 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0x8A537000 C:\Windows\system32\DRIVERS\Apfiltr.sys 180224 bytes (Alps Electric Co., Ltd., Alps Touch Pad Driver)
0x82381000 C:\Windows\system32\drivers\msrpc.sys 176128 bytes (Microsoft Corporation, Kernel Remote Procedure Call Provider)
0x85D7F000 C:\Windows\system32\DRIVERS\ks.sys 172032 bytes (Microsoft Corporation, Kernel CSA Library)
0x8CBB1000 C:\Windows\system32\DRIVERS\nwifi.sys 172032 bytes (Microsoft Corporation, NativeWiFi Miniport Driver)
0xAAB53000 C:\Windows\System32\DRIVERS\srv2.sys 163840 bytes (Microsoft Corporation, Smb 2.0 Server driver)
0x85F68000 C:\Windows\System32\drivers\ecache.sys 159744 bytes (Microsoft Corporation, Special Memory Device Cache)
0x806E7000 C:\Windows\system32\drivers\pci.sys 159744 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0x805B2000 C:\Windows\system32\drivers\drmk.sys 151552 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0x85D14000 C:\Windows\system32\DRIVERS\ndiswan.sys 143360 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0x85FA0000 C:\Windows\system32\drivers\CLASSPNP.SYS 135168 bytes (Microsoft Corporation, SCSI Class System Dll)
0x8B34A000 C:\Windows\System32\drivers\VIDEOPRT.SYS 135168 bytes (Microsoft Corporation, Video Port Driver)
0xAAAC3000 C:\Windows\system32\drivers\mrxdav.sys 131072 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0xAAAE3000 C:\Windows\system32\DRIVERS\mrxsmb.sys 126976 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0x807B0000 C:\Windows\system32\drivers\ataport.SYS 122880 bytes (Microsoft Corporation, ATAPI Driver Extension)
0xAAA78000 C:\Windows\System32\DRIVERS\srvnet.sys 118784 bytes (Microsoft Corporation, Server Network driver)
0x85CEA000 C:\Windows\System32\drivers\fwpkclnt.sys 110592 bytes (Microsoft Corporation, FWP/IPsec Kernel-Mode API)
0x8CB7E000 C:\Windows\system32\drivers\luafv.sys 110592 bytes (Microsoft Corporation, LUA File Virtualization Filter Driver)
0x8A478000 C:\Windows\system32\DRIVERS\sdbus.sys 106496 bytes (Microsoft Corporation, SecureDigital Bus Driver)
0xAAA95000 C:\Windows\system32\DRIVERS\bowser.sys 102400 bytes (Microsoft Corporation, NT Lan Manager Datagram Receiver Driver)
0x8A56E000 C:\Windows\system32\DRIVERS\cdrom.sys 98304 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0xAAB3B000 C:\Windows\system32\DRIVERS\mrxsmb20.sys 98304 bytes (Microsoft Corporation, Longhorn SMB 2.0 Redirector)
0x8BD03000 C:\Windows\System32\Drivers\dfsc.sys 94208 bytes (Microsoft Corporation, DFS Namespace Client Driver)
0x89FD5000 C:\Windows\system32\DRIVERS\rasl2tp.sys 94208 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0xACAFD000 C:\Windows\system32\DRIVERS\cdfs.sys 90112 bytes (Microsoft Corporation, CD-ROM File System Driver)
0x8BC86000 C:\Windows\system32\DRIVERS\pacer.sys 90112 bytes (Microsoft Corporation, QoS Packet Scheduler)
0x8B39D000 C:\Windows\system32\DRIVERS\tdx.sys 90112 bytes (Microsoft Corporation, TDI Translation Driver)
0xAAAAE000 C:\Windows\System32\drivers\mpsdrv.sys 86016 bytes (Microsoft Corporation, Microsoft Protection Service Driver)
0x85D5A000 C:\Windows\system32\DRIVERS\rassstp.sys 86016 bytes (Microsoft Corporation, RAS SSTP Miniport Call Manager)
0x85D46000 C:\Windows\system32\DRIVERS\raspptp.sys 81920 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0x8A4A1000 C:\Windows\system32\DRIVERS\rimsptsk.sys 81920 bytes (REDC, RICOH MS Driver)
0x8B3B3000 C:\Windows\system32\DRIVERS\smb.sys 81920 bytes (Microsoft Corporation, SMB Transport driver)
0x8A519000 C:\Windows\system32\DRIVERS\i8042prt.sys 77824 bytes (Microsoft Corporation, i8042 Port Driver)
0x8CBE5000 C:\Windows\system32\DRIVERS\rspndr.sys 77824 bytes (Microsoft Corporation, Link-Layer Topology Responder Driver for NDIS 6)
0x8BCAA000 C:\Windows\system32\DRIVERS\wanarp.sys 77824 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0x89FC3000 C:\Windows\system32\DRIVERS\HDAudBus.sys 73728 bytes (Microsoft Corporation, High Definition Audio Bus Driver)
0x85F8F000 C:\Windows\system32\drivers\disk.sys 69632 bytes (Microsoft Corporation, PnP Disk Driver)
0x823E6000 C:\Windows\System32\Drivers\NDProxy.SYS 69632 bytes (Microsoft Corporation, NDIS Proxy)
0x80468000 C:\Windows\system32\PSHED.dll 69632 bytes (Microsoft Corporation, Platform Specific Hardware Error Driver)
0x805A2000 C:\Windows\system32\drivers\fileinfo.sys 65536 bytes (Microsoft Corporation, FileInfo Filter Driver)
0x8CBA1000 C:\Windows\system32\DRIVERS\lltdio.sys 65536 bytes (Microsoft Corporation, Link-Layer Topology Mapper I/O Driver)
0x80798000 C:\Windows\System32\drivers\mountmgr.sys 65536 bytes (Microsoft Corporation, Mount Point Manager)
0x8A45A000 C:\Windows\system32\DRIVERS\ohci1394.sys 65536 bytes (Microsoft Corporation, 1394 OpenHCI Port Driver)
0x85D6F000 C:\Windows\system32\DRIVERS\termdd.sys 65536 bytes (Microsoft Corporation, Terminal Server Driver)
0x8A50A000 C:\Windows\system32\DRIVERS\AcpiVpc.sys 61440 bytes (Lenovo Corporation, ACPI Virtual Power Controller Driver)
0x85D05000 C:\Windows\system32\DRIVERS\intelppm.sys 61440 bytes (Microsoft Corporation, Processor Device Driver)
0x8CB6F000 C:\Windows\system32\DRIVERS\monitor.sys 61440 bytes (Microsoft Corporation, Monitor Driver)
0x85F59000 C:\Windows\System32\Drivers\mup.sys 61440 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0x8070E000 C:\Windows\System32\drivers\partmgr.sys 61440 bytes (Microsoft Corporation, Partition Management Driver)
0x85D37000 C:\Windows\system32\DRIVERS\raspppoe.sys 61440 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0x8A492000 C:\Windows\system32\DRIVERS\rimmptsk.sys 61440 bytes (REDC, RICOH SD Driver)
0x89FB4000 C:\Windows\system32\DRIVERS\usbehci.sys 61440 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0x8072A000 C:\Windows\system32\drivers\volmgr.sys 61440 bytes (Microsoft Corporation, Volume Manager Driver)
0x8A46A000 C:\Windows\system32\DRIVERS\1394BUS.SYS 57344 bytes (Microsoft Corporation, 1394 Bus Device Driver)
0x96C40000 C:\Windows\System32\cdd.dll 57344 bytes (Microsoft Corporation, Canonical Display Driver)
0x8BC9C000 C:\Windows\system32\DRIVERS\netbios.sys 57344 bytes (Microsoft Corporation, NetBIOS interface driver)
0x8B386000 C:\Windows\System32\Drivers\Npfs.SYS 57344 bytes (Microsoft Corporation, NPFS Driver)
0x8078A000 C:\Windows\system32\drivers\PCIIDEX.SYS 57344 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0x8CB45000 C:\Windows\System32\Drivers\crashdmp.sys 53248 bytes (Microsoft Corporation, Crash Dump Driver)
0x8B310000 C:\Windows\system32\drivers\modem.sys 53248 bytes (Microsoft Corporation, Modem Device Driver)
0x8CB2F000 C:\Windows\system32\DRIVERS\STREAM.SYS 53248 bytes (Microsoft Corporation, WDM CODEC Class Device Driver 2.0)
0x85DB3000 C:\Windows\system32\DRIVERS\umbus.sys 53248 bytes (Microsoft Corporation, User-Mode Bus Enumerator)
0x89F5E000 C:\Windows\System32\drivers\watchdog.sys 53248 bytes (Microsoft Corporation, Watchdog Driver)
0x80683000 C:\Windows\system32\drivers\WDFLDR.SYS 53248 bytes (Microsoft Corporation, WDFLDR)
0xACAF1000 C:\Windows\System32\drivers\tcpipreg.sys 49152 bytes (Microsoft Corporation, TCP/IP Registry Compatibility Driver)
0x8B33E000 C:\Windows\System32\drivers\vga.sys 49152 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0x8CB52000 C:\Windows\System32\Drivers\dump_dumpata.sys 45056 bytes
0x8A52C000 C:\Windows\system32\DRIVERS\kbdclass.sys 45056 bytes (Microsoft Corporation, Keyboard Class Driver)
0x8A563000 C:\Windows\system32\DRIVERS\mouclass.sys 45056 bytes (Microsoft Corporation, Mouse Class Driver)
0x8B37B000 C:\Windows\System32\Drivers\Msfs.SYS 45056 bytes (Microsoft Corporation, Mailslot driver)
0x89FEC000 C:\Windows\system32\DRIVERS\ndistapi.sys 45056 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0x8A5F5000 C:\Windows\system32\DRIVERS\TDI.SYS 45056 bytes (Microsoft Corporation, TDI Wrapper)
0x85FEA000 C:\Windows\system32\DRIVERS\tunnel.sys 45056 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0x89F6B000 C:\Windows\system32\DRIVERS\usbuhci.sys 45056 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
0x80720000 C:\Windows\system32\DRIVERS\BATTC.SYS 40960 bytes (Microsoft Corporation, Battery Class Driver)
0x8CB65000 C:\Windows\System32\drivers\Dxapi.sys 40960 bytes (Microsoft Corporation, DirectX API Driver)
0x8B31D000 C:\Windows\system32\drivers\MODEMCSA.sys 40960 bytes (Microsoft Corporation, Unimodem CSA Filter)
0x85DA9000 C:\Windows\system32\DRIVERS\mssmbios.sys 40960 bytes (Microsoft Corporation, System Management BIOS Driver)
0x8CBDB000 C:\Windows\system32\DRIVERS\ndisuio.sys 40960 bytes (Microsoft Corporation, NDIS User mode I/O driver)
0x8BCF9000 C:\Windows\system32\drivers\nsiproxy.sys 40960 bytes (Microsoft Corporation, NSI Proxy)
0xACAE7000 C:\Windows\System32\Drivers\secdrv.SYS 40960 bytes (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., Macrovision SECURITY Driver)
0x85FC1000 C:\Windows\system32\drivers\crcdisk.sys 36864 bytes (Microsoft Corporation, Disk Block Verification Filter Driver)
0x8B327000 C:\Windows\System32\Drivers\Fs_Rec.SYS 36864 bytes (Microsoft Corporation, File System Recognizer Driver)
0xACB13000 C:\Windows\System32\Drivers\Normandy.SYS 36864 bytes (RKU Driver)
0x8B394000 C:\Windows\System32\DRIVERS\rasacd.sys 36864 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0x96C20000 C:\Windows\System32\TSDDD.dll 36864 bytes (Microsoft Corporation, Framebuffer Display Driver)
0x85FF5000 C:\Windows\system32\DRIVERS\tunmp.sys 36864 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0x85E00000 C:\Windows\system32\DRIVERS\wmiacpi.sys 36864 bytes (Microsoft Corporation, Windows Management Interface for ACPI)
0x806D6000 C:\Windows\system32\drivers\WMILIB.SYS 36864 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0x807A8000 C:\Windows\system32\drivers\atapi.sys 32768 bytes (Microsoft Corporation, ATAPI IDE Miniport Driver)
0x80479000 C:\Windows\system32\BOOTVID.dll 32768 bytes (Microsoft Corporation, VGA Boot Driver)
0x8CB5D000 C:\Windows\System32\Drivers\dump_atapi.sys 32768 bytes
0x80400000 C:\Windows\system32\kdcom.dll 32768 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0x806DF000 C:\Windows\system32\drivers\msisadrv.sys 32768 bytes (Microsoft Corporation, ISA Driver)
0x8B36B000 C:\Windows\System32\DRIVERS\RDPCDD.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x8B373000 C:\Windows\system32\drivers\rdpencdd.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x85F51000 C:\Windows\System32\Drivers\spldr.sys 32768 bytes (Microsoft Corporation, loader for security processor)
0x8B337000 C:\Windows\System32\Drivers\Beep.SYS 28672 bytes (Microsoft Corporation, BEEP Driver)
0x80783000 C:\Windows\system32\drivers\intelide.sys 28672 bytes (Microsoft Corporation, Intel PCI IDE Driver)
0x8B330000 C:\Windows\System32\Drivers\Null.SYS 28672 bytes (Microsoft Corporation, NULL Driver)
0x8CB3C000 C:\Windows\system32\DRIVERS\sncduvc.SYS 28672 bytes (Microsoft Corporation, Universal Serial Bus Camera Driver)
0x8A506000 C:\Windows\system32\DRIVERS\CmBatt.sys 16384 bytes (Microsoft Corporation, Control Method Battery Driver)
0x8071D000 C:\Windows\system32\DRIVERS\compbatt.sys 12288 bytes (Microsoft Corporation, Composite Battery Driver)
0x8A200000 C:\Windows\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0x8CB43000 C:\Windows\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
==============================================
>Stealth
==============================================
0x84D76A91 Unknown page with executable code, 1391 bytes
0x85F18000 WARNING: Virus alike driver modification [volsnap.sys], 233472 bytes
0x84D75288 Unknown page with executable code, 3448 bytes
0x84D77191 Unknown page with executable code, 3695 bytes
0x84D79E7A Unknown thread object [ ETHREAD 0x84DEE5A0 ] TID: 252, 600 bytes
0x84D7C008 Unknown thread object [ ETHREAD 0x8499E968 ] TID: 256, 600 bytes
0x84D7B0DE Unknown thread object [ ETHREAD 0x840E67F8 ] , 600 bytes
0x84D79B45 Unknown thread object [ ETHREAD 0x84D54020 ] , 600 bytes
0x84D7BCDC Unknown page with executable code, 804 bytes


!!POSSIBLE ROOTKIT ACTIVITY DETECTED!! =)

Merged 3 posts. ~ OB

Attached Files


Edited by Orange Blossom, 05 May 2011 - 10:45 PM.


BC AdBot (Login to Remove)

 


#2 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:06:39 AM

Posted 10 May 2011 - 05:55 PM

Hello and welcome to the forums!

My secret agent name on the forums is SweetTech (you can call me ST for short), it's a pleasure to meet you. :)

I am very sorry for the delay in responding, but as you can see we are at the moment being flooded with logs which, when paired with the never-ending shortage of helpers, resulted in the delayed responding to your thread.

I would be glad to take a look at your log and help you with solving any malware problems.

If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed.

If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:

  • Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.
  • Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
  • If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
  • In Windows Vista and Windows 7, all tools need to be started by right clicking and selecting Run as Administrator!
  • If I instruct you to download a specific tool in which you already have, please delete the copy that you have and re-download the tool. The reason I ask you to do this is because these tools are updated fairly regularly.
  • Do not do things I do not ask for, such as running a spyware scan on your computer. The one thing that you should always do, is to make sure sure that your anti-virus definitions are up-to-date!
  • Please do not use the Attachment feature for any log file. Do a Copy/Paste of the entire contents of the log file and submit it inside your post.
  • I am going to stick with you until ALL malware is gone from your system. I would appreciate it if you would do the same. From this point, we're in this together ;)
    Because of this, you must reply within three days
    failure to reply will result in the topic being closed!
  • Please do not PM me directly for help. If you have any questions, post them in this topic.
  • Lastly, I am no magician. I will try very hard to fix your issues, but no promises can be made. Also be aware that some infections are so severe that you might need to resort to reformatting and reinstalling your operating system.
    Don't worry, this only happens in severe cases, but it sadly does happen. Be prepared to back up your data. Have means of backing up your data available.

____________________________________________________


Posted Image One or more of the identified infections is a backdoor trojan and password stealer.

This type of infection allows hackers to access and remotely control your computer, log keystrokes, steal critical system information, and download and execute files without your knowledge.
If you do any banking or other financial transactions on the PC or if it contains any other sensitive information, then from a clean computer, change all passwords where applicable.
It would also be wise to contact those same financial institutions to appraise them of your situation.


I highly suggest you take a look at the two links provided below:
1. How Do I Handle Possible Identify Theft, Internet Fraud, and CC Fraud?
2. When should I re-format? How should I reinstall?


We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do. If you decide to go through with the cleanup, please proceed with the following steps.



NEXT:



Please download UnHide.exe by Grinler.

It will unhide folders/files that were set to be hidden by the infection you had.



NEXT:



Running TDSSKiller

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.


    Posted Image

  • If an infected file is detected, the default action will be Cure, click on Continue.


    Posted Image

  • If a suspicious file is detected, the default action will be Skip, click on Continue.


    Posted Image

  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.


    Posted Image

  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.


NEXT:



Running OTL

We need to create an OTL Report
  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized


NEXT:


Please provide an update on how things are running in your next reply.

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#3 L A Slim

L A Slim
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:06:39 AM

Posted 10 May 2011 - 06:38 PM

Thanks for replying. I'd like to try to remedy the problem as I've already tried reinstalling Windows with original recover disk without any luck. Unfortunatly I'm unable to run TDSSKiller as when I double click on it looks like it wants to start however goes nowhere.

#4 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:06:39 AM

Posted 10 May 2011 - 06:56 PM

Did you try and download a new copy? It's been updated recently.

If it still won't work for you, than please proceed with the next step.

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#5 L A Slim

L A Slim
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:06:39 AM

Posted 10 May 2011 - 07:22 PM

No go on the TDSSKiller. Deleted and downloaded again to no avail. Tried running in safe mode as well. Here are the OTL reports

OTL logfile created on: 5/10/2011 5:00:01 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\laptop\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,014.00 Mb Total Physical Memory | 130.00 Mb Available Physical Memory | 13.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 54.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 29.30 Gb Total Space | 5.76 Gb Free Space | 19.68% Space Free | Partition Type: NTFS
Drive D: | 105.94 Gb Total Space | 89.32 Gb Free Space | 84.32% Space Free | Partition Type: NTFS
Drive E: | 2.51 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: LAPTOP-PC | User Name: laptop | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/10 16:59:27 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\laptop\Desktop\OTL.exe
PRC - [2011/03/17 17:59:00 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/05/10 16:59:27 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\laptop\Desktop\OTL.exe
MOD - [2010/08/31 08:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2009/12/10 12:34:26 | 000,697,104 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files\IObit\Advanced Spyware Remover\ASRsrv.exe -- (ASRservice)
SRV - [2008/01/19 00:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2009/10/26 15:09:06 | 001,095,936 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2009/05/19 05:43:08 | 000,021,520 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV - [2007/09/25 08:14:14 | 000,017,536 | ---- | M] (ensurebit) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CapFilt.sys -- (CapFilt)
DRV - [2007/08/02 01:46:24 | 000,156,672 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/06/20 13:51:30 | 002,222,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel®
DRV - [2007/03/21 19:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/02/24 11:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/01/23 13:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/12/28 13:20:40 | 009,599,744 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2006/11/02 00:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel®


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========



[2011/04/19 14:15:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\laptop\AppData\Roaming\Mozilla\Extensions
[2011/04/19 14:15:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\laptop\AppData\Roaming\Mozilla\Extensions\uploadr@flickr.com

O1 HOSTS File: ([2011/05/02 12:29:20 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 157
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Free YouTube Download - C:\Users\laptop\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\laptop\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: Password Administration Box - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - File not found
O9 - Extra 'Tools' menuitem : Password Administration Box - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/11/02 13:00:00 | 000,000,043 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/10 16:59:25 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\laptop\Desktop\OTL.exe
[2011/05/10 16:47:37 | 000,000,000 | ---D | C] -- C:\Users\laptop\Desktop\tdsskiller
[2011/05/10 14:14:54 | 000,000,000 | ---D | C] -- C:\Boot
[2011/05/04 14:05:02 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2011/05/03 23:24:10 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2011/05/03 23:23:49 | 000,000,000 | ---D | C] -- C:\Users\laptop\AppData\Local\Google
[2011/05/03 21:45:08 | 000,100,480 | ---- | C] (GMER) -- C:\uxdirpow.sys
[2011/05/03 21:29:32 | 000,000,000 | ---D | C] -- C:\Users\laptop\Desktop\gmer
[2011/05/03 01:25:36 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\laptop\Desktop\TFC.exe
[2011/05/02 12:32:10 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/05/02 12:29:00 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/05/02 12:29:00 | 000,000,000 | ---D | C] -- C:\Users\laptop\AppData\Local\temp
[2011/05/02 12:20:16 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/05/02 12:20:16 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/05/02 12:20:16 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/05/02 12:20:05 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/05/02 12:20:04 | 000,000,000 | ---D | C] -- C:\ComboFix
[2011/05/02 12:19:55 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/05/02 12:19:40 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2011/05/02 11:42:12 | 000,000,000 | ---D | C] -- C:\Users\laptop\AppData\Roaming\Bc
[2011/05/02 11:12:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft
[2011/05/02 11:11:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Spyware Remover
[2011/05/02 11:11:01 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2011/05/02 11:10:59 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2011/04/30 03:05:43 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2011/04/30 03:04:52 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2011/04/30 03:01:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2011/04/30 03:01:15 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2011/04/30 03:01:15 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2011/04/30 03:01:15 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2011/04/30 03:01:12 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
[2011/04/30 03:01:12 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
[2011/04/30 03:01:10 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2011/04/30 03:01:10 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2011/04/30 03:01:10 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2011/04/30 03:01:10 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2011/04/30 03:01:10 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
[2011/04/30 03:00:56 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2011/04/30 03:00:56 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2011/04/30 03:00:56 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2011/04/30 03:00:56 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2011/04/30 03:00:56 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2011/04/29 12:42:33 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2011/04/29 12:42:30 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2011/04/28 13:43:23 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
[2011/04/28 13:43:23 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[2011/04/28 13:43:21 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll
[2011/04/28 13:43:21 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
[2011/04/28 13:43:21 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
[2011/04/28 13:43:21 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[2011/04/28 13:43:20 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
[2011/04/28 13:43:20 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2011/04/28 13:43:20 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
[2011/04/28 13:43:19 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
[2011/04/28 13:43:19 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
[2011/04/28 13:43:19 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
[2011/04/28 13:43:19 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
[2011/04/28 13:43:19 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2011/04/28 13:43:19 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
[2011/04/28 13:43:19 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2011/04/28 13:43:19 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
[2011/04/28 13:43:19 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
[2011/04/28 13:43:18 | 001,582,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2011/04/28 13:43:18 | 001,418,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2011/04/28 13:43:18 | 000,670,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2011/04/28 13:43:18 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2011/04/28 13:43:18 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2011/04/28 13:36:51 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2011/04/28 13:36:41 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011/04/28 13:36:39 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011/04/28 13:30:05 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2011/04/28 13:30:05 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2011/04/28 13:30:05 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2011/04/28 13:28:21 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2011/04/28 00:58:49 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2011/04/28 00:56:30 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2011/04/28 00:55:51 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011/04/28 00:55:51 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2011/04/28 00:55:51 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011/04/28 00:55:46 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2011/04/28 00:55:32 | 003,600,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011/04/28 00:55:32 | 003,548,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011/04/28 00:55:28 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011/04/28 00:55:27 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011/04/28 00:55:20 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2011/04/28 00:55:17 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pacerprf.dll
[2011/04/28 00:55:08 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011/04/28 00:55:05 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2011/04/28 00:54:55 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2011/04/28 00:54:52 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/04/28 00:54:22 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/04/28 00:54:22 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/04/28 00:54:21 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/04/28 00:54:21 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011/04/28 00:54:21 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/04/28 00:54:20 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/04/28 00:54:20 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/04/28 00:54:20 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011/04/28 00:54:20 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2011/04/28 00:54:20 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/04/28 00:54:20 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/04/28 00:54:11 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2011/04/28 00:53:50 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2011/04/28 00:53:48 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011/04/28 00:53:48 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011/04/28 00:53:43 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2011/04/28 00:53:43 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2011/04/28 00:53:40 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2011/04/28 00:53:34 | 000,866,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2011/04/28 00:53:32 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011/04/28 00:53:32 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011/04/28 00:53:32 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011/04/28 00:53:32 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2011/04/28 00:53:27 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2011/04/28 00:53:11 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2011/04/28 00:53:11 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2011/04/28 00:53:11 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2011/04/28 00:53:08 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2011/04/28 00:53:01 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2011/04/28 00:52:58 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[2011/04/28 00:52:58 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011/04/28 00:52:53 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll
[2011/04/28 00:52:53 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshom.ocx
[2011/04/28 00:52:53 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2011/04/28 00:52:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011/04/26 22:56:26 | 000,000,000 | ---D | C] -- C:\PerfLogs
[2011/04/26 21:30:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2011/04/26 21:26:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\x64
[2011/04/23 09:22:10 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/04/19 14:14:59 | 000,000,000 | ---D | C] -- C:\Users\laptop\AppData\Roaming\Mozilla
[2011/04/19 14:14:58 | 000,000,000 | ---D | C] -- C:\Users\laptop\AppData\Roaming\Flickr
[2011/04/19 14:14:58 | 000,000,000 | ---D | C] -- C:\Users\laptop\AppData\Local\Flickr
[2011/04/18 00:14:12 | 001,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onex.dll
[2011/04/18 00:14:01 | 000,051,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PSHED.DLL
[2011/04/18 00:14:00 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imagesp1.dll
[2011/04/18 00:13:59 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys
[2011/04/18 00:13:57 | 001,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pidgenx.dll
[2011/04/18 00:13:51 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/04/18 00:13:46 | 000,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmv2clt.dll
[2011/04/18 00:13:45 | 001,675,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpssvcs.dll
[2011/04/18 00:13:45 | 000,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2011/04/18 00:13:44 | 000,889,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2011/04/18 00:13:43 | 000,588,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2VDEC.DLL
[2011/04/18 00:13:42 | 008,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizimg.dll
[2011/04/18 00:13:42 | 000,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2011/04/18 00:13:42 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe
[2011/04/18 00:13:42 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpremove.exe
[2011/04/18 00:13:41 | 001,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjet40.dll
[2011/04/18 00:13:37 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recdisc.exe
[2011/04/18 00:13:37 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsWpfWrp.exe
[2011/04/18 00:13:35 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CompMgmtLauncher.exe
[2011/04/18 00:13:32 | 001,532,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz.dll
[2011/04/18 00:13:32 | 001,386,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvbvm60.dll
[2011/04/18 00:13:32 | 000,083,456 | ---- | C] (Microsoft) -- C:\Windows\System32\SMBHelperClass.dll
[2011/04/18 00:13:30 | 001,052,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2011/04/18 00:13:29 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10K.DLL
[2011/04/18 00:13:28 | 002,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2011/04/18 00:13:28 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2011/04/18 00:13:28 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ADEC.DLL
[2011/04/18 00:13:27 | 001,381,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Query.dll
[2011/04/18 00:13:25 | 001,524,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll
[2011/04/18 00:13:25 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netlogon.dll
[2011/04/18 00:13:25 | 000,376,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2011/04/18 00:13:25 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SSShim.dll
[2011/04/18 00:13:24 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlmgp.dll
[2011/04/18 00:13:23 | 002,011,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll
[2011/04/18 00:13:23 | 000,445,952 | ---- | C] (Microsoft) -- C:\Windows\System32\IasMigPlugin.dll
[2011/04/18 00:13:22 | 001,788,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2011/04/18 00:13:22 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2011/04/18 00:13:22 | 000,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsdyn.dll
[2011/04/18 00:13:22 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clusapi.dll
[2011/04/18 00:13:21 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe
[2011/04/18 00:13:21 | 001,078,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2011/04/18 00:13:20 | 000,307,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxclu.dll
[2011/04/18 00:13:20 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsbas.dll
[2011/04/18 00:13:17 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2011/04/18 00:13:17 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\samsrv.dll
[2011/04/18 00:13:16 | 001,452,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esent.dll
[2011/04/18 00:13:16 | 000,882,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2011/04/18 00:13:16 | 000,730,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdengin2.dll
[2011/04/18 00:13:15 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmipnpinstall.dll
[2011/04/18 00:13:15 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmicryptinstall.dll
[2011/04/18 00:13:15 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gacinstall.dll
[2011/04/18 00:13:14 | 001,208,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comsvcs.dll
[2011/04/18 00:13:14 | 000,798,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2011/04/18 00:13:13 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2011/04/18 00:13:13 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallAPI.dll
[2011/04/18 00:13:12 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlceqp30.dll
[2011/04/18 00:13:12 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
[2011/04/18 00:13:12 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayDriverLib.dll
[2011/04/18 00:13:11 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2011/04/18 00:13:10 | 000,852,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2011/04/18 00:13:10 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2011/04/18 00:13:10 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2011/04/18 00:13:10 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched20.dll
[2011/04/18 00:13:09 | 003,216,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2011/04/18 00:13:09 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2011/04/18 00:13:09 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authfwcfg.dll
[2011/04/18 00:13:09 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2011/04/18 00:13:09 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2011/04/18 00:13:08 | 001,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2011/04/18 00:13:08 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comuid.dll
[2011/04/18 00:13:08 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
[2011/04/18 00:13:08 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2011/04/18 00:13:08 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmvdsitf.dll
[2011/04/18 00:13:07 | 000,223,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2011/04/18 00:13:07 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2011/04/18 00:13:07 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDMon.dll
[2011/04/18 00:13:06 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcaui.dll
[2011/04/18 00:13:06 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2011/04/18 00:13:06 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlcese30.dll
[2011/04/18 00:13:06 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassam.dll
[2011/04/18 00:13:06 | 000,163,840 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\DfrgNtfs.exe
[2011/04/18 00:13:06 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappcfg.dll
[2011/04/18 00:13:06 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uexfat.dll
[2011/04/18 00:13:05 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\whealogr.dll
[2011/04/18 00:13:01 | 001,827,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/04/18 00:13:01 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssha.dll
[2011/04/18 00:13:01 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2011/04/18 00:13:00 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgui.exe
[2011/04/18 00:13:00 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2011/04/18 00:12:59 | 000,647,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrepl40.dll
[2011/04/18 00:12:59 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmdev.dll
[2011/04/18 00:12:59 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasppp.dll
[2011/04/18 00:12:59 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2011/04/18 00:12:58 | 001,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2011/04/18 00:12:58 | 000,531,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\objsel.dll
[2011/04/18 00:12:58 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ddraw.dll
[2011/04/18 00:12:58 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2011/04/18 00:12:57 | 000,798,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbghelp.dll
[2011/04/18 00:12:57 | 000,520,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2011/04/18 00:12:57 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL
[2011/04/18 00:12:57 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasnap.dll
[2011/04/18 00:12:56 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2011/04/18 00:12:56 | 000,756,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2011/04/18 00:12:56 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2011/04/18 00:12:56 | 000,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmnet.dll
[2011/04/18 00:12:56 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icm32.dll
[2011/04/18 00:12:55 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtrmgr.dll
[2011/04/18 00:12:55 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spoolss.dll
[2011/04/18 00:12:55 | 000,131,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2011/04/18 00:12:54 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2011/04/18 00:12:54 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll
[2011/04/18 00:12:54 | 000,375,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011/04/18 00:12:54 | 000,334,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdedit.exe
[2011/04/18 00:12:54 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scksp.dll
[2011/04/18 00:12:54 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstlsapi.dll
[2011/04/18 00:12:53 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2011/04/18 00:12:53 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsta.dll
[2011/04/18 00:12:50 | 001,855,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2011/04/18 00:12:50 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hcrstco.dll
[2011/04/18 00:12:49 | 000,386,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfgx.dll
[2011/04/18 00:12:49 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tintlgnt.ime
[2011/04/18 00:12:49 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quick.ime
[2011/04/18 00:12:49 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qintlgnt.ime
[2011/04/18 00:12:49 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\phon.ime
[2011/04/18 00:12:49 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cintlgnt.ime
[2011/04/18 00:12:49 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chajei.ime
[2011/04/18 00:12:49 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pintlgnt.ime
[2011/04/18 00:12:48 | 001,143,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe
[2011/04/18 00:12:48 | 000,805,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll
[2011/04/18 00:12:48 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe
[2011/04/18 00:12:47 | 001,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apds.dll
[2011/04/18 00:12:47 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcuiu.dll
[2011/04/18 00:12:46 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certcli.dll
[2011/04/18 00:12:46 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2011/04/18 00:12:46 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprddm.dll
[2011/04/18 00:12:45 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AUDIOKSE.dll
[2011/04/18 00:12:44 | 001,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2011/04/18 00:12:44 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll
[2011/04/18 00:12:44 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdsrv.dll
[2011/04/18 00:12:43 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msidcrl30.dll
[2011/04/18 00:12:43 | 000,101,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2011/04/18 00:12:42 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2011/04/18 00:12:41 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3gpui.dll
[2011/04/18 00:12:41 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2011/04/18 00:12:40 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comsnap.dll
[2011/04/18 00:12:40 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2011/04/18 00:12:40 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2011/04/18 00:12:39 | 001,823,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2011/04/18 00:12:39 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2011/04/18 00:12:39 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2011/04/18 00:12:39 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmifw.dll
[2011/04/18 00:12:38 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscisvif.dll
[2011/04/18 00:12:37 | 001,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2011/04/18 00:12:37 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2011/04/18 00:12:37 | 000,299,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjtes40.dll
[2011/04/18 00:12:37 | 000,251,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassdo.dll
[2011/04/18 00:12:37 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msconfig.exe
[2011/04/18 00:12:37 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cipher.exe
[2011/04/18 00:12:36 | 004,595,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWSnapin.dll
[2011/04/18 00:12:36 | 000,431,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll
[2011/04/18 00:12:36 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
[2011/04/18 00:12:36 | 000,286,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll
[2011/04/18 00:12:36 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdskmgr.dll
[2011/04/18 00:12:36 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3api.dll
[2011/04/18 00:12:36 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cbsra.exe
[2011/04/18 00:12:35 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2011/04/18 00:12:35 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2011/04/18 00:12:35 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtutil.exe
[2011/04/18 00:12:34 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localsec.dll
[2011/04/18 00:12:34 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2011/04/18 00:12:34 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2011/04/18 00:12:34 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2011/04/18 00:12:34 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\loadperf.dll
[2011/04/18 00:12:34 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlancfg.dll
[2011/04/18 00:12:34 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcVSp1res.dll
[2011/04/18 00:12:33 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl
[2011/04/18 00:12:33 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOD.DLL
[2011/04/18 00:12:33 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
[2011/04/18 00:12:33 | 000,383,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSATAPI.dll
[2011/04/18 00:12:33 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hnetcfg.dll
[2011/04/18 00:12:33 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe
[2011/04/18 00:12:32 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2011/04/18 00:12:32 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\filemgmt.dll
[2011/04/18 00:12:32 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPMONTR.DLL
[2011/04/18 00:12:32 | 000,123,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys
[2011/04/18 00:12:32 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPENCDD.dll
[2011/04/18 00:12:32 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\profprov.dll
[2011/04/18 00:12:31 | 001,295,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsecedit.dll
[2011/04/18 00:12:31 | 001,186,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll
[2011/04/18 00:12:31 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll
[2011/04/18 00:12:31 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tracerpt.exe
[2011/04/18 00:12:31 | 000,336,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2PGraph.dll
[2011/04/18 00:12:31 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2011/04/18 00:12:31 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
[2011/04/18 00:12:31 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MuiUnattend.exe
[2011/04/18 00:12:31 | 000,016,896 | ---- | C] (Microsoft) -- C:\Windows\System32\grb.rs
[2011/04/18 00:12:30 | 000,825,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdlg.dll
[2011/04/18 00:12:30 | 000,317,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroleui.dll
[2011/04/18 00:12:30 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSHVHOST.DLL
[2011/04/18 00:12:30 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpresult.exe
[2011/04/18 00:12:30 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassvcs.dll
[2011/04/18 00:12:29 | 000,498,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\HelpPane.exe
[2011/04/18 00:12:29 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe
[2011/04/18 00:12:28 | 000,413,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2011/04/18 00:12:28 | 000,354,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe
[2011/04/18 00:12:28 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizeng.dll
[2011/04/18 00:12:28 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srrstr.dll
[2011/04/18 00:12:28 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmontr.dll
[2011/04/18 00:12:27 | 000,736,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unbcl.dll
[2011/04/18 00:12:27 | 000,464,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msra.exe
[2011/04/18 00:12:27 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpmon.dll
[2011/04/18 00:12:27 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shrink.dll
[2011/04/18 00:12:26 | 001,642,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPEncEn.dll
[2011/04/18 00:12:26 | 001,342,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcpl.dll
[2011/04/18 00:12:26 | 000,936,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpedit.dll
[2011/04/18 00:12:26 | 000,415,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2011/04/18 00:12:26 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL
[2011/04/18 00:12:26 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashlpr.dll
[2011/04/18 00:12:25 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll
[2011/04/18 00:12:24 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2011/04/18 00:12:24 | 000,520,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntvdm.exe
[2011/04/18 00:12:24 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2011/04/18 00:12:24 | 000,127,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys
[2011/04/18 00:12:24 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWSD.dll
[2011/04/18 00:12:23 | 001,086,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NetProjW.dll
[2011/04/18 00:12:23 | 001,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2011/04/18 00:12:23 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedyn.dll
[2011/04/18 00:12:23 | 000,155,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dssenh.dll
[2011/04/18 00:12:23 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntlanman.dll
[2011/04/18 00:12:23 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Storprop.dll
[2011/04/18 00:12:23 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2nacp.dll
[2011/04/18 00:12:23 | 000,035,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2011/04/18 00:12:22 | 000,913,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WlanMM.dll
[2011/04/18 00:12:22 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxs.dll
[2011/04/18 00:12:22 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsnt.dll
[2011/04/18 00:12:22 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certreq.exe
[2011/04/18 00:12:22 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2011/04/18 00:12:21 | 000,628,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WLanConn.dll
[2011/04/18 00:12:21 | 000,142,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\scsiport.sys
[2011/04/18 00:12:21 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2011/04/18 00:12:21 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2011/04/18 00:12:21 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\umb.dll
[2011/04/18 00:12:20 | 000,487,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\catsrvut.dll
[2011/04/18 00:12:20 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiobj.dll
[2011/04/18 00:12:20 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VAN.dll
[2011/04/18 00:12:20 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe
[2011/04/18 00:12:20 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll
[2011/04/18 00:12:20 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/04/18 00:12:19 | 002,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2011/04/18 00:12:19 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll
[2011/04/18 00:12:19 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MdSched.exe
[2011/04/18 00:12:19 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netid.dll
[2011/04/18 00:12:18 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsecsnp.dll
[2011/04/18 00:12:18 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2011/04/18 00:12:18 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll
[2011/04/18 00:12:18 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSCard.dll
[2011/04/18 00:12:18 | 000,110,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2011/04/18 00:12:18 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spbcd.dll
[2011/04/18 00:12:17 | 000,939,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2011/04/18 00:12:17 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnntfy.dll
[2011/04/18 00:12:17 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPSTAT.EXE
[2011/04/18 00:12:16 | 000,388,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdlgs.dll
[2011/04/18 00:12:16 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelMon.dll
[2011/04/18 00:12:16 | 000,242,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdh.dll
[2011/04/18 00:12:16 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\activeds.dll
[2011/04/18 00:12:16 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2011/04/18 00:12:16 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpsapi.dll
[2011/04/18 00:12:16 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2011/04/18 00:12:15 | 008,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssBranded.scr
[2011/04/18 00:12:15 | 002,585,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallControlPanel.exe
[2011/04/18 00:12:15 | 000,451,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\catsrv.dll
[2011/04/18 00:12:15 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netdiagfx.dll
[2011/04/18 00:12:15 | 000,096,768 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\dfrgfat.exe
[2011/04/18 00:12:14 | 000,506,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ENC.DLL
[2011/04/18 00:12:14 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wvc.dll
[2011/04/18 00:12:14 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2011/04/18 00:12:14 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcorehc.dll
[2011/04/18 00:12:14 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPHLPR.DLL
[2011/04/18 00:12:14 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2011/04/18 00:12:14 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msacm32.dll
[2011/04/18 00:12:14 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll
[2011/04/18 00:12:14 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2011/04/18 00:12:14 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifmon.dll
[2011/04/18 00:12:13 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wow32.dll
[2011/04/18 00:12:13 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldp.dll
[2011/04/18 00:12:13 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2011/04/18 00:12:13 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastapi.dll
[2011/04/18 00:12:13 | 000,028,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\battc.sys
[2011/04/18 00:12:12 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll
[2011/04/18 00:12:12 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdt.dll
[2011/04/18 00:12:12 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\els.dll
[2011/04/18 00:12:12 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QUTIL.DLL
[2011/04/18 00:12:11 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hhctrl.ocx
[2011/04/18 00:12:11 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2011/04/18 00:12:11 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net1.exe
[2011/04/18 00:12:11 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsprop.dll
[2011/04/18 00:12:11 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdSSDP.dll
[2011/04/18 00:12:11 | 000,045,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys
[2011/04/18 00:12:10 | 000,842,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2011/04/18 00:12:10 | 000,226,816 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\Defrag.exe
[2011/04/18 00:12:10 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldpc.dll
[2011/04/18 00:12:10 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprmsg.dll
[2011/04/18 00:12:10 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlgpclnt.dll
[2011/04/18 00:12:10 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nci.dll
[2011/04/18 00:12:09 | 001,405,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActiveContentWizard.dll
[2011/04/18 00:12:09 | 000,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2011/04/18 00:12:09 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CompatUI.dll
[2011/04/18 00:12:09 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2P.dll
[2011/04/18 00:12:09 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationSettings.exe
[2011/04/18 00:12:09 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSAC3ENC.DLL
[2011/04/18 00:12:09 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fde.dll
[2011/04/18 00:12:09 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleprn.dll
[2011/04/18 00:12:09 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rascfg.dll
[2011/04/18 00:12:09 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasman.dll
[2011/04/18 00:12:09 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\loghours.dll
[2011/04/18 00:12:08 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2011/04/18 00:12:07 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll
[2011/04/18 00:12:07 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll
[2011/04/18 00:12:07 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll
[2011/04/18 00:12:07 | 000,094,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MigAutoPlay.exe
[2011/04/18 00:12:07 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll
[2011/04/18 00:12:07 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DFDWiz.exe
[2011/04/18 00:12:07 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcl.exe
[2011/04/18 00:12:06 | 000,377,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devmgr.dll
[2011/04/18 00:12:06 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2011/04/18 00:12:06 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtm.dll
[2011/04/18 00:12:06 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\videoprt.sys
[2011/04/18 00:12:06 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPCRYPT.DLL
[2011/04/18 00:12:06 | 000,036,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys
[2011/04/18 00:12:05 | 000,632,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollUI.dll
[2011/04/18 00:12:05 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2011/04/18 00:12:05 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifsutil.dll
[2011/04/18 00:12:05 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsroam.dll
[2011/04/18 00:12:05 | 000,029,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys
[2011/04/18 00:12:05 | 000,021,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdusb.dll
[2011/04/18 00:12:04 | 002,204,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2011/04/18 00:12:04 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswmdm.dll
[2011/04/18 00:12:04 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[2011/04/18 00:12:04 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011/04/18 00:12:04 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vssadmin.exe
[2011/04/18 00:12:04 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2011/04/18 00:12:04 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usbmon.dll
[2011/04/18 00:12:04 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2011/04/18 00:12:04 | 000,024,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BOOTVID.DLL
[2011/04/18 00:12:03 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlandlg.dll
[2011/04/18 00:12:03 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mycomput.dll
[2011/04/18 00:12:03 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll
[2011/04/18 00:12:03 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scecli.dll
[2011/04/18 00:12:03 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSTPager.ax
[2011/04/18 00:12:03 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uudf.dll
[2011/04/18 00:12:03 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\activeds.tlb
[2011/04/18 00:12:03 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regapi.dll
[2011/04/18 00:12:02 | 001,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2011/04/18 00:12:02 | 000,485,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspaint.exe
[2011/04/18 00:12:02 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2011/04/18 00:12:02 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll
[2011/04/18 00:12:02 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiapi.dll
[2011/04/18 00:12:02 | 000,019,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdcom.dll
[2011/04/18 00:12:01 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2011/04/18 00:12:01 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\termmgr.dll
[2011/04/18 00:12:01 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2011/04/18 00:12:01 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\duser.dll
[2011/04/18 00:12:01 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cic.dll
[2011/04/18 00:12:01 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetpp.dll
[2011/04/18 00:12:01 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxoci.dll
[2011/04/18 00:12:00 | 000,087,552 | ---- | C] (Microsoft) -- C:\Windows\System32\Robocopy.exe
[2011/04/18 00:12:00 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AzSqlExt.dll
[2011/04/18 00:11:59 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2011/04/18 00:11:59 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdt.exe
[2011/04/18 00:11:59 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2011/04/18 00:11:59 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\verifier.exe
[2011/04/18 00:11:59 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdshext.dll
[2011/04/18 00:11:59 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtclog.dll
[2011/04/18 00:11:59 | 000,017,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\wmilib.sys
[2011/04/18 00:11:58 | 001,039,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d8.dll
[2011/04/18 00:11:58 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdial32.dll
[2011/04/18 00:11:58 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011/04/18 00:11:58 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oledlg.dll
[2011/04/18 00:11:58 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmview.ocx
[2011/04/18 00:11:58 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clfsw32.dll
[2011/04/18 00:11:58 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll
[2011/04/18 00:11:57 | 001,580,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2011/04/18 00:11:57 | 000,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasgcw.dll
[2011/04/18 00:11:57 | 000,301,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcbase.dll
[2011/04/18 00:11:57 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2011/04/18 00:11:57 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SnippingTool.exe
[2011/04/18 00:11:57 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2011/04/18 00:11:57 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mlang.dll
[2011/04/18 00:11:57 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpsetup.dll
[2011/04/18 00:11:57 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icfupgd.dll
[2011/04/18 00:11:57 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsldr.exe
[2011/04/18 00:11:56 | 002,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2011/04/18 00:11:56 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2011/04/18 00:11:56 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd3x40.dll
[2011/04/18 00:11:56 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2011/04/18 00:11:56 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaatext.dll
[2011/04/18 00:11:56 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2011/04/18 00:11:56 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasqec.dll
[2011/04/18 00:11:56 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncobjapi.dll
[2011/04/18 00:11:55 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2011/04/18 00:11:55 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpui.dll
[2011/04/18 00:11:55 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2011/04/18 00:11:55 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2011/04/18 00:11:55 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ulib.dll
[2011/04/18 00:11:55 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cabinet.dll
[2011/04/18 00:11:55 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syssetup.dll
[2011/04/18 00:11:55 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lodctr.exe
[2011/04/18 00:11:55 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe
[2011/04/18 00:11:55 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iaspolcy.dll
[2011/04/18 00:11:55 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll
[2011/04/18 00:11:54 | 002,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oobefldr.dll
[2011/04/18 00:11:54 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Utilman.exe
[2011/04/18 00:11:54 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scesrv.dll
[2011/04/18 00:11:54 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattend.dll
[2011/04/18 00:11:54 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lnkstub.exe
[2011/04/18 00:11:53 | 001,107,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ogldrv.dll
[2011/04/18 00:11:53 | 000,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcao.dll
[2011/04/18 00:11:53 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wermgr.exe
[2011/04/18 00:11:53 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthci.dll
[2011/04/18 00:11:53 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfdts.dll
[2011/04/18 00:11:52 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2pcollab.dll
[2011/04/18 00:11:52 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2011/04/18 00:11:52 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2011/04/18 00:11:52 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basesrv.dll
[2011/04/18 00:11:52 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdspres.dll
[2011/04/18 00:11:51 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispdiag.exe
[2011/04/18 00:11:51 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2011/04/18 00:11:51 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DHCPQEC.DLL
[2011/04/18 00:11:49 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\verifier.dll
[2011/04/18 00:11:48 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RstrtMgr.dll
[2011/04/18 00:11:47 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\efsadu.dll
[2011/04/18 00:11:46 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprapi.dll
[2011/04/18 00:11:45 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2011/04/18 00:11:44 | 001,575,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL
[2011/04/18 00:11:44 | 000,349,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2011/04/18 00:11:43 | 002,249,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Firewall.cpl
[2011/04/18 00:11:43 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoeacct.dll
[2011/04/18 00:11:43 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2011/04/18 00:11:43 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupugc.exe
[2011/04/18 00:11:43 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icacls.exe
[2011/04/18 00:11:42 | 003,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2011/04/18 00:11:42 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiascanprofiles.dll
[2011/04/18 00:11:42 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSVRMGMT.DLL
[2011/04/18 00:11:41 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2011/04/18 00:11:41 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaaut.dll
[2011/04/18 00:11:41 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrdc.dll
[2011/04/18 00:11:41 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2pnetsh.dll
[2011/04/18 00:11:41 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactsrv.dll
[2011/04/18 00:11:41 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
[2011/04/18 00:11:41 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011/04/18 00:11:41 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll
[2011/04/18 00:11:40 | 000,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2011/04/18 00:11:40 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapimig.exe
[2011/04/18 00:11:40 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2011/04/18 00:11:40 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systeminfo.exe
[2011/04/18 00:11:40 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssoc.dll
[2011/04/18 00:11:40 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2011/04/18 00:11:40 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssocPrx.dll
[2011/04/18 00:11:40 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappprxy.dll
[2011/04/18 00:11:40 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcadm.dll
[2011/04/18 00:11:39 | 000,691,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabletPC.cpl
[2011/04/18 00:11:39 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xwizards.dll
[2011/04/18 00:11:39 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2011/04/18 00:11:39 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011/04/18 00:11:39 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VBICodec.ax
[2011/04/18 00:11:39 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWWIN.EXE
[2011/04/18 00:11:39 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdl32.exe
[2011/04/18 00:11:39 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\resutils.dll
[2011/04/18 00:11:39 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe
[2011/04/18 00:11:38 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2011/04/18 00:11:38 | 000,669,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netprof.dll
[2011/04/18 00:11:38 | 000,614,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFWMAAEC.DLL
[2011/04/18 00:11:38 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\intl.cpl
[2011/04/18 00:11:38 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3ui.dll
[2011/04/18 00:11:38 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbnetlib.dll
[2011/04/18 00:11:38 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgifc.exe
[2011/04/18 00:11:37 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssText3d.scr
[2011/04/18 00:11:37 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apircl.dll
[2011/04/18 00:11:37 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011/04/18 00:11:37 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\btpanui.dll
[2011/04/18 00:11:37 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\txflog.dll
[2011/04/18 00:11:37 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskkill.exe
[2011/04/18 00:11:37 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll
[2011/04/18 00:11:36 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2011/04/18 00:11:36 | 000,975,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RASMM.dll
[2011/04/18 00:11:36 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2011/04/18 00:11:36 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2011/04/18 00:11:36 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\provthrd.dll
[2011/04/18 00:11:36 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionQueue.dll
[2011/04/18 00:11:36 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxva2.dll
[2011/04/18 00:11:36 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdprov.dll
[2011/04/18 00:11:35 | 000,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcc.dll
[2011/04/18 00:11:35 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMASF.DLL
[2011/04/18 00:11:35 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raserver.exe
[2011/04/18 00:11:35 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCExt.dll
[2011/04/18 00:11:35 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aclui.dll
[2011/04/18 00:11:35 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EAPQEC.DLL
[2011/04/18 00:11:35 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmocx.dll
[2011/04/18 00:11:35 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll
[2011/04/18 00:11:34 | 002,588,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIHub.dll
[2011/04/18 00:11:34 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2011/04/18 00:11:34 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2011/04/18 00:11:34 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcplsdw.dll
[2011/04/18 00:11:34 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xcopy.exe
[2011/04/18 00:11:34 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ias.dll
[2011/04/18 00:11:33 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\upnp.dll
[2011/04/18 00:11:33 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icsfiltr.dll
[2011/04/18 00:11:33 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoert2.dll
[2011/04/18 00:11:33 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstp.exe
[2011/04/18 00:11:33 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QCLIPROV.DLL
[2011/04/18 00:11:33 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reg.exe
[2011/04/18 00:11:33 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mountvol.exe
[2011/04/18 00:11:32 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayApi.dll
[2011/04/18 00:11:32 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetmib1.dll
[2011/04/18 00:11:32 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfts.dll
[2011/04/18 00:11:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PING.EXE
[2011/04/18 00:11:31 | 000,990,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2011/04/18 00:11:31 | 000,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL
[2011/04/18 00:11:31 | 000,338,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SysFxUI.dll
[2011/04/18 00:11:31 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cewmdm.dll
[2011/04/18 00:11:31 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qasf.dll
[2011/04/18 00:11:31 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcap.dll
[2011/04/18 00:11:31 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsadmin.exe
[2011/04/18 00:11:31 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011/04/18 00:11:31 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SoundRecorder.exe
[2011/04/18 00:11:31 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmusic.dll
[2011/04/18 00:11:31 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2011/04/18 00:11:31 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdMtpUS.dll
[2011/04/18 00:11:31 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rekeywiz.exe
[2011/04/18 00:11:30 | 001,312,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMALFXGFXDSP.dll
[2011/04/18 00:11:30 | 000,767,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSENCD.DLL
[2011/04/18 00:11:30 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscandui.dll
[2011/04/18 00:11:30 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpsrcwp.dll
[2011/04/18 00:11:30 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtstocom.exe
[2011/04/18 00:11:30 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\makecab.exe
[2011/04/18 00:11:30 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsmsext.dll
[2011/04/18 00:11:30 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2011/04/18 00:11:30 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SecEdit.exe
[2011/04/18 00:11:30 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsmproxy.dll
[2011/04/18 00:11:30 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\batt.dll
[2011/04/18 00:11:29 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdadiag.dll
[2011/04/18 00:11:29 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ndfapi.dll
[2011/04/18 00:11:29 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xwtpw32.dll
[2011/04/18 00:11:29 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppnp.dll
[2011/04/18 00:11:29 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3gpclnt.dll
[2011/04/18 00:11:28 | 000,415,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadefui.dll
[2011/04/18 00:11:28 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011/04/18 00:11:28 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apss.dll
[2011/04/18 00:11:28 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msorcl32.dll
[2011/04/18 00:11:28 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll
[2011/04/18 00:11:28 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wzcdlg.dll
[2011/04/18 00:11:28 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscmisetup.dll
[2011/04/18 00:11:27 | 001,329,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOE.DLL
[2011/04/18 00:11:27 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpdwcn.dll
[2011/04/18 00:11:27 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2phost.exe
[2011/04/18 00:11:27 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\keymgr.dll
[2011/04/18 00:11:27 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfmon.exe
[2011/04/18 00:11:27 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HelpPaneProxy.dll
[2011/04/18 00:11:27 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\System32\esrb.rs
[2011/04/18 00:11:27 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napipsec.dll
[2011/04/18 00:11:27 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxstrace.exe
[2011/04/18 00:11:27 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ktmutil.exe
[2011/04/18 00:11:26 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prntvpt.dll
[2011/04/18 00:11:26 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TapiMigPlugin.dll
[2011/04/18 00:11:26 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tasklist.exe
[2011/04/18 00:11:26 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2011/04/18 00:11:26 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2011/04/18 00:11:25 | 000,816,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dim700.dll
[2011/04/18 00:11:25 | 000,686,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\colorui.dll
[2011/04/18 00:11:25 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2011/04/18 00:11:25 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksproxy.ax
[2011/04/18 00:11:25 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fmifs.dll
[2011/04/18 00:11:25 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2011/04/18 00:11:24 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshipsec.dll
[2011/04/18 00:11:24 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011/04/18 00:11:24 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\driverquery.exe
[2011/04/18 00:11:24 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winethc.dll
[2011/04/18 00:11:24 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cryptdll.dll
[2011/04/18 00:11:24 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\takeown.exe
[2011/04/18 00:11:24 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPutil.exe
[2011/04/18 00:11:24 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll
[2011/04/18 00:11:24 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\txfw32.dll
[2011/04/18 00:11:24 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscproxystub.dll
[2011/04/18 00:11:23 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasplap.dll
[2011/04/18 00:11:23 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdm.tsp
[2011/04/18 00:11:23 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll
[2011/04/18 00:11:23 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findnetprinters.dll
[2011/04/18 00:11:23 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmiprop.dll
[2011/04/18 00:11:23 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\capisp.dll
[2011/04/18 00:11:23 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pots.dll
[2011/04/18 00:11:22 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\joy.cpl
[2011/04/18 00:11:22 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shrpubw.exe
[2011/04/18 00:11:22 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RESAMPLEDMO.DLL
[2011/04/18 00:11:22 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WLanHC.dll
[2011/04/18 00:11:22 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi.dll
[2011/04/18 00:11:22 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\luainstall.dll
[2011/04/18 00:11:22 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olecli32.dll
[2011/04/18 00:11:22 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shgina.dll
[2011/04/18 00:11:22 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011/04/18 00:11:22 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe
[2011/04/18 00:11:22 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmmon32.exe
[2011/04/18 00:11:22 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnshc.dll
[2011/04/18 00:11:22 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RpcPing.exe
[2011/04/18 00:11:22 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfnet.dll
[2011/04/18 00:11:21 | 001,298,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TMM.dll
[2011/04/18 00:11:21 | 000,384,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dim.dll
[2011/04/18 00:11:21 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compstui.dll
[2011/04/18 00:11:21 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\runonce.exe
[2011/04/18 00:11:21 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ktmw32.dll
[2011/04/18 00:11:20 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOE.DLL
[2011/04/18 00:11:20 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mdminst.dll
[2011/04/18 00:11:20 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaacmgr.exe
[2011/04/18 00:11:20 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\getmac.exe
[2011/04/18 00:11:20 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net.exe
[2011/04/18 00:11:20 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsjob.dll
[2011/04/18 00:11:20 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys
[2011/04/18 00:11:20 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmlua.dll
[2011/04/18 00:11:20 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsauth.dll
[2011/04/18 00:11:19 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MPG4DECD.DLL
[2011/04/18 00:11:19 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP43DECD.DLL
[2011/04/18 00:11:19 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w32tm.exe
[2011/04/18 00:11:19 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscupgrd.exe
[2011/04/18 00:11:19 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011/04/18 00:11:18 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\credui.dll
[2011/04/18 00:11:18 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWiaCompat.dll
[2011/04/18 00:11:18 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\migisol.dll
[2011/04/18 00:11:18 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diantz.exe
[2011/04/18 00:11:18 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comrepl.dll
[2011/04/18 00:11:18 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdchange.exe
[2011/04/18 00:11:18 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ACW.exe
[2011/04/18 00:11:18 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2011/04/18 00:11:18 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmutil.dll
[2011/04/18 00:11:18 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispci.dll
[2011/04/18 00:11:18 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipconfig.exe
[2011/04/18 00:11:18 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpts.dll
[2011/04/18 00:11:17 | 001,370,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Aurora.scr
[2011/04/18 00:11:17 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dinput8.dll
[2011/04/18 00:11:17 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSTheme.exe
[2011/04/18 00:11:17 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
[2011/04/18 00:11:17 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2011/04/18 00:11:17 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sfc.exe
[2011/04/18 00:11:16 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\desk.cpl
[2011/04/18 00:11:16 | 000,287,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\modemui.dll
[2011/04/18 00:11:16 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDump.dll
[2011/04/18 00:11:16 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmidx.dll
[2011/04/18 00:11:16 | 000,129,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\McxDriv.dll
[2011/04/18 00:11:16 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\softkbd.dll
[2011/04/18 00:11:16 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TpmInit.exe
[2011/04/18 00:11:16 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hlink.dll
[2011/04/18 00:11:16 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\colbact.dll
[2011/04/18 00:11:16 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fwcfg.dll
[2011/04/18 00:11:16 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\expand.exe
[2011/04/18 00:11:16 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cfgbkend.dll
[2011/04/18 00:11:16 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdhui.dll
[2011/04/18 00:11:16 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/04/18 00:11:16 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmredir.dll
[2011/04/18 00:11:16 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe
[2011/04/18 00:11:16 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\utildll.dll
[2011/04/18 00:11:16 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bridgeunattend.exe
[2011/04/18 00:11:15 | 000,879,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Bubbles.scr
[2011/04/18 00:11:15 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sti_ci.dll
[2011/04/18 00:11:15 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmvdspa.dll
[2011/04/18 00:11:15 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esentutl.exe
[2011/04/18 00:11:15 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootcfg.exe
[2011/04/18 00:11:15 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amstream.dll
[2011/04/18 00:11:15 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tabcal.exe
[2011/04/18 00:11:15 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2011/04/18 00:11:15 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/04/18 00:11:15 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2011/04/18 00:11:15 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vds_ps.dll
[2011/04/18 00:11:15 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\waitfor.exe
[2011/04/18 00:11:15 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmcfg32.dll
[2011/04/18 00:11:15 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrleakdiag.exe
[2011/04/18 00:11:15 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsium.dll
[2011/04/18 00:11:14 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2011/04/18 00:11:14 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdv.dll
[2011/04/18 00:11:14 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Ribbons.scr
[2011/04/18 00:11:14 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2011/04/18 00:11:14 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osblprov.dll
[2011/04/18 00:11:13 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mystify.scr
[2011/04/18 00:11:13 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shutdown.exe
[2011/04/18 00:11:13 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cacls.exe
[2011/04/18 00:11:13 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wfapigp.dll
[2011/04/18 00:11:11 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\COLORCNV.DLL
[2011/04/18 00:11:11 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DpiScaling.exe
[2011/04/18 00:11:11 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmsynth.dll
[2011/04/18 00:11:11 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olethk32.dll
[2011/04/18 00:11:11 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsiwmi.dll
[2011/04/18 00:11:11 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfvdsp.dll
[2011/04/18 00:11:11 | 000,053,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\1394bus.sys
[2011/04/18 00:11:11 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpnpinst.exe
[2011/04/18 00:11:11 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olesvr32.dll
[2011/04/18 00:11:11 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpcm.dll
[2011/04/18 00:11:10 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstext40.dll
[2011/04/18 00:11:10 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wavemsp.dll
[2011/04/18 00:11:10 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe
[2011/04/18 00:11:10 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercfg.cpl
[2011/04/18 00:11:10 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll
[2011/04/18 00:11:10 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ufat.dll
[2011/04/18 00:11:10 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfui.dll
[2011/04/18 00:11:10 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll
[2011/04/18 00:11:10 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\werdiagcontroller.dll
[2011/04/18 00:11:10 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxproxy.dll
[2011/04/18 00:11:10 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\at.exe
[2011/04/18 00:11:10 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2011/04/18 00:11:09 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rgb9rast.dll
[2011/04/18 00:11:09 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrstub.exe
[2011/04/18 00:11:09 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ucsvc.exe
[2011/04/18 00:11:09 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TimeDateMUICallback.dll
[2011/04/18 00:11:09 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/04/18 00:11:09 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegCtrl.dll
[2011/04/18 00:11:09 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdConns.dll
[2011/04/18 00:11:09 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsigd.dll
[2011/04/18 00:11:09 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\convert.exe
[2011/04/18 00:11:09 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlprovi.dll
[2011/04/18 00:11:08 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWGP.dll
[2011/04/18 00:11:08 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dskquota.dll
[2011/04/18 00:11:08 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll
[2011/04/18 00:11:08 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AtBroker.exe
[2011/04/18 00:11:08 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
[2011/04/18 00:11:08 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netbtugc.exe
[2011/04/18 00:11:08 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tbs.dll
[2011/04/18 00:11:08 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsied.dll
[2011/04/18 00:11:07 | 005,714,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logon.scr
[2011/04/18 00:11:07 | 000,178,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmime.dll
[2011/04/18 00:11:07 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcln.dll
[2011/04/18 00:11:07 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kstvtune.ax
[2011/04/18 00:11:07 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\GuidedHelp.dll
[2011/04/18 00:11:07 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2gpstore.dll
[2011/04/18 00:11:07 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fphc.dll
[2011/04/18 00:11:07 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2011/04/18 00:11:07 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattendedjoin.exe
[2011/04/18 00:11:07 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmpbk32.dll
[2011/04/18 00:11:07 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll
[2011/04/18 00:11:06 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VIDRESZR.DLL
[2011/04/18 00:11:06 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsdmo.dll
[2011/04/18 00:11:06 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdart.dll
[2011/04/18 00:11:06 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usbui.dll
[2011/04/18 00:11:06 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll
[2011/04/18 00:11:06 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll
[2011/04/18 00:11:06 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napdsnap.dll
[2011/04/18 00:11:06 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devenum.dll
[2011/04/18 00:11:06 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msident.dll
[2011/04/18 00:11:06 | 000,052,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys
[2011/04/18 00:11:06 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3dlg.dll
[2011/04/18 00:11:06 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regini.exe
[2011/04/18 00:11:06 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tape.sys
[2011/04/18 00:11:06 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacAgent.exe
[2011/04/18 00:11:06 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
[2011/04/18 00:11:06 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstplua.dll
[2011/04/18 00:11:05 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpclsp.dll
[2011/04/18 00:11:05 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\graftabl.com
[2011/04/18 00:11:05 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxlegih.dll
[2011/04/18 00:11:05 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfcsubs.dll
[2011/04/18 00:11:05 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vss_ps.dll
[2011/04/18 00:11:05 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srwmi.dll
[2011/04/18 00:11:05 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\upnpcont.exe
[2011/04/18 00:11:05 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxdm.dll
[2011/04/18 00:11:05 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WINSRPC.DLL
[2011/04/18 00:11:05 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpupdate.exe
[2011/04/18 00:11:05 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nbtstat.exe
[2011/04/18 00:11:05 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll
[2011/04/18 00:11:04 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexcl40.dll
[2011/04/18 00:11:04 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vfwwdm32.dll
[2011/04/18 00:11:04 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\extrac32.exe
[2011/04/18 00:11:04 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WavDest.dll
[2011/04/18 00:11:04 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksxbar.ax
[2011/04/18 00:11:04 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasphone.exe
[2011/04/18 00:11:04 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiarpc.dll
[2011/04/18 00:11:04 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ndfetw.dll
[2011/04/18 00:11:04 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcbcp.dll
[2011/04/18 00:11:04 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syskey.exe
[2011/04/18 00:11:04 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsock32.dll
[2011/04/18 00:11:03 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgrade.exe
[2011/04/18 00:11:03 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadss.dll
[2011/04/18 00:11:03 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP3DMOD.DLL
[2011/04/18 00:11:03 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dxof.dll
[2011/04/18 00:11:03 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabbtnEx.dll
[2011/04/18 00:11:03 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eventcls.dll
[2011/04/18 00:11:03 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\procinst.dll
[2011/04/18 00:11:02 | 000,450,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxbde40.dll
[2011/04/18 00:11:02 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Tabbtn.dll
[2011/04/18 00:11:02 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmscript.dll
[2011/04/18 00:11:02 | 000,041,472 | ---- | C] (Microsoft) -- C:\Windows\System32\WlanMmHC.dll
[2011/04/18 00:11:02 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psbase.dll
[2011/04/18 00:11:02 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmloader.dll
[2011/04/18 00:11:02 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2011/04/18 00:11:02 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetppui.dll
[2011/04/18 00:11:02 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\fveupdate.exe
[2011/04/18 00:11:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollCtrl.exe
[2011/04/18 00:11:01 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbde40.dll
[2011/04/18 00:11:01 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msltus40.dll
[2011/04/18 00:11:01 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshcon.dll
[2011/04/18 00:11:01 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Netplwiz.exe
[2011/04/18 00:11:01 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdi.sys
[2011/04/18 00:11:01 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icsunattend.exe
[2011/04/18 00:11:00 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ComputerDefaults.exe
[2011/04/18 00:11:00 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lltdapi.dll
[2011/04/18 00:11:00 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxsstore.dll
[2011/04/18 00:11:00 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll
[2011/04/18 00:11:00 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PlaySndSrv.dll
[2011/04/18 00:11:00 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSHTCPIP.DLL
[2011/04/18 00:11:00 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll
[2011/04/18 00:10:59 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LangCleanupSysprepAction.dll
[2011/04/18 00:10:59 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icaapi.dll
[2011/04/18 00:10:59 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localui.dll
[2011/04/18 00:10:59 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupSNK.exe
[2011/04/18 00:10:58 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OptionalFeatures.exe
[2011/04/18 00:10:58 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\g711codc.ax
[2011/04/18 00:10:58 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmutil.dll
[2011/04/18 00:10:58 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2011/04/18 00:10:58 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbunattend.exe
[2011/04/18 00:10:57 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbisurf.ax
[2011/04/18 00:10:57 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NcdProp.dll
[2011/04/18 00:10:57 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spopk.dll
[2011/04/18 00:10:57 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\serialui.dll
[2011/04/18 00:10:57 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usbperf.dll
[2011/04/18 00:10:56 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2011/04/18 00:10:56 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cofiredm.dll
[2011/04/18 00:10:56 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/04/18 00:10:55 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2011/04/18 00:10:55 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2011/04/18 00:10:55 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[2011/04/18 00:10:55 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasctrs.dll
[2011/04/18 00:10:54 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esentprf.dll
[2011/04/18 00:10:54 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll
[2011/04/18 00:10:54 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hnetmon.dll
[2011/04/18 00:10:54 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InfDefaultInstall.exe
[2011/04/18 00:10:53 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\drmk.sys
[2011/04/18 00:10:53 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/04/18 00:10:53 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlsbres.dll
[2011/04/18 00:10:53 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtprio.dll
[2011/04/18 00:10:52 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osbaseln.dll
[2011/04/18 00:10:51 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys
[2011/04/18 00:10:51 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msisip.dll
[2011/04/18 00:10:50 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmmsp.dll
[2011/04/18 00:10:49 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispex.dll
[2011/04/18 00:10:49 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winusb.dll
[2011/04/18 00:10:49 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcfgex.dll
[2011/04/18 00:10:47 | 000,025,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2011/04/18 00:10:47 | 000,025,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2011/04/18 00:10:47 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Nlsdl.dll
[2011/04/18 00:10:47 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mcd.sys
[2011/04/18 00:10:47 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll
[2011/04/18 00:10:46 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\idndl.dll
[2011/04/18 00:10:46 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msidle.dll
[2011/04/18 00:10:45 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\smclib.sys
[2011/04/18 00:10:45 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\bdasup.sys
[2011/04/18 00:10:44 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxapi.sys
[2011/04/18 00:10:44 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDJPN.DLL
[2011/04/18 00:10:44 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDKOR.DLL
[2011/04/18 00:10:43 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsilog.dll
[2011/04/18 00:10:42 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga256.dll
[2011/04/18 00:10:42 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga64k.dll
[2011/04/18 00:10:42 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsddd.dll
[2011/04/18 00:10:42 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framebuf.dll
[2011/04/18 00:10:42 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2011/04/18 00:10:41 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga.dll
[2011/04/18 00:10:41 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootstr.dll
[2011/04/18 00:10:40 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdskres2.dll
[2011/04/18 00:10:39 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizres.dll
[2011/04/18 00:10:39 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
[2011/04/18 00:10:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wertargets.wtl
[2011/04/18 00:10:29 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vsp1cln.exe
[2011/04/18 00:09:52 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll
[2011/04/18 00:09:47 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiInstaller.dll
[2011/04/18 00:09:47 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqmapi.dll
[2011/04/18 00:09:46 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2011/04/18 00:09:43 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2011/04/18 00:09:43 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2011/04/18 00:09:34 | 000,246,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2011/04/18 00:09:33 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdelta.dll
[2011/04/18 00:09:33 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll
[2011/04/18 00:09:33 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspatcha.dll
[2007/09/25 08:10:06 | 000,098,304 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll
[2007/09/25 08:10:05 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/10 16:59:27 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\laptop\Desktop\OTL.exe
[2011/05/10 16:50:11 | 000,003,168 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/10 16:50:11 | 000,003,168 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/10 16:50:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/10 16:47:12 | 001,280,815 | ---- | M] () -- C:\Users\laptop\Desktop\tdsskiller.zip
[2011/05/10 13:44:35 | 000,001,905 | ---- | M] () -- C:\Windows\diagwrn.xml
[2011/05/10 13:44:35 | 000,001,905 | ---- | M] () -- C:\Windows\diagerr.xml
[2011/05/10 13:00:15 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2011/05/10 12:18:52 | 000,000,104 | ---- | M] () -- C:\Users\laptop\Desktop\Control Panel - Shortcut.lnk
[2011/05/09 11:42:16 | 000,035,328 | ---- | M] () -- C:\Users\laptop\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/03 21:56:31 | 000,133,632 | ---- | M] () -- C:\Users\laptop\Desktop\RKUnhookerLE.EXE
[2011/05/03 21:55:43 | 000,050,477 | ---- | M] () -- C:\Users\laptop\Desktop\Defogger.exe
[2011/05/03 21:45:08 | 000,100,480 | ---- | M] (GMER) -- C:\uxdirpow.sys
[2011/05/03 21:38:03 | 000,002,477 | ---- | M] () -- C:\Users\laptop\Desktop\Attach.rar
[2011/05/03 21:29:07 | 000,293,176 | ---- | M] () -- C:\Users\laptop\Desktop\gmer.zip
[2011/05/03 21:21:25 | 000,625,664 | ---- | M] () -- C:\Users\laptop\Desktop\dds.scr
[2011/05/03 13:41:02 | 007,414,116 | ---- | M] () -- C:\Users\laptop\Desktop\todays hike!.zip
[2011/05/03 01:25:36 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\laptop\Desktop\TFC.exe
[2011/05/03 00:50:36 | 000,000,000 | ---- | M] () -- C:\Users\laptop\defogger_reenable
[2011/05/02 12:29:20 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/05/02 12:19:34 | 004,335,405 | R--- | M] () -- C:\Users\laptop\Desktop\ComboFix.exe
[2011/05/02 11:50:54 | 000,000,936 | ---- | M] () -- C:\Users\Public\Desktop\Trojan Killer.lnk
[2011/05/02 11:11:03 | 000,000,891 | ---- | M] () -- C:\Users\Public\Desktop\Advanced Spyware Remover.lnk
[2011/05/02 00:49:50 | 000,000,680 | ---- | M] () -- C:\Users\laptop\AppData\Local\d3d9caps.dat
[2011/05/02 00:45:50 | 000,379,512 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/05/01 23:43:09 | 000,000,160 | ---- | M] () -- C:\ProgramData\~40427272r
[2011/05/01 23:43:09 | 000,000,136 | ---- | M] () -- C:\ProgramData\~40427272
[2011/05/01 23:39:45 | 000,000,344 | ---- | M] () -- C:\ProgramData\40427272
[2011/04/30 14:13:59 | 000,654,114 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/04/30 14:13:59 | 000,122,536 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/04/27 13:56:28 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2011/04/26 22:14:39 | 000,101,888 | ---- | M] (Infineon Technologies AG) -- C:\Windows\System32\ifxcardm.dll
[2011/04/26 22:14:19 | 000,082,432 | ---- | M] (Gemalto, Inc.) -- C:\Windows\System32\axaltocm.dll
[2011/04/17 15:00:19 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2011/04/15 10:17:45 | 000,000,475 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2011/04/15 10:17:45 | 000,000,027 | ---- | M] () -- C:\Windows\BRPP2KA.INI
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/10 16:47:07 | 001,280,815 | ---- | C] () -- C:\Users\laptop\Desktop\tdsskiller.zip
[2011/05/10 12:18:52 | 000,000,104 | ---- | C] () -- C:\Users\laptop\Desktop\Control Panel - Shortcut.lnk
[2011/05/10 11:19:26 | 000,001,905 | ---- | C] () -- C:\Windows\diagwrn.xml
[2011/05/10 11:19:26 | 000,001,905 | ---- | C] () -- C:\Windows\diagerr.xml
[2011/05/03 21:56:31 | 000,133,632 | ---- | C] () -- C:\Users\laptop\Desktop\RKUnhookerLE.EXE
[2011/05/03 21:55:42 | 000,050,477 | ---- | C] () -- C:\Users\laptop\Desktop\Defogger.exe
[2011/05/03 21:38:03 | 000,002,477 | ---- | C] () -- C:\Users\laptop\Desktop\Attach.rar
[2011/05/03 21:29:04 | 000,293,176 | ---- | C] () -- C:\Users\laptop\Desktop\gmer.zip
[2011/05/03 13:41:09 | 007,414,116 | ---- | C] () -- C:\Users\laptop\Desktop\todays hike!.zip
[2011/05/03 00:51:20 | 000,625,664 | ---- | C] () -- C:\Users\laptop\Desktop\dds.scr
[2011/05/03 00:50:36 | 000,000,000 | ---- | C] () -- C:\Users\laptop\defogger_reenable
[2011/05/02 12:20:16 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/05/02 12:20:16 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/05/02 12:20:16 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011/05/02 12:20:16 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/05/02 12:20:16 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/05/02 12:19:31 | 004,335,405 | R--- | C] () -- C:\Users\laptop\Desktop\ComboFix.exe
[2011/05/02 11:12:58 | 000,000,936 | ---- | C] () -- C:\Users\Public\Desktop\Trojan Killer.lnk
[2011/05/02 11:11:03 | 000,000,891 | ---- | C] () -- C:\Users\Public\Desktop\Advanced Spyware Remover.lnk
[2011/05/02 00:29:01 | 000,000,680 | ---- | C] () -- C:\Users\laptop\AppData\Local\d3d9caps.dat
[2011/05/01 23:39:54 | 000,000,160 | ---- | C] () -- C:\ProgramData\~40427272r
[2011/05/01 23:39:54 | 000,000,136 | ---- | C] () -- C:\ProgramData\~40427272
[2011/05/01 23:39:45 | 000,000,344 | ---- | C] () -- C:\ProgramData\40427272
[2011/04/30 03:00:59 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2011/04/30 03:00:59 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2011/04/30 03:00:59 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2011/04/28 13:43:23 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/04/28 13:43:23 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011/04/28 13:43:19 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2011/04/27 13:56:28 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2011/04/26 23:08:08 | 000,000,949 | ---- | C] () -- C:\Users\laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/04/18 00:13:44 | 000,206,830 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2011/04/18 00:13:15 | 000,132,148 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2011/04/18 00:12:31 | 000,175,508 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2011/04/18 00:12:16 | 000,289,467 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2011/04/18 00:12:11 | 000,261,163 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2011/04/18 00:11:56 | 000,080,047 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2011/04/18 00:10:59 | 000,009,987 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2011/04/18 00:10:36 | 000,012,198 | ---- | C] () -- C:\Windows\System32\gatherWiredInfo.vbs
[2011/04/18 00:10:35 | 000,144,909 | ---- | C] () -- C:\Windows\System32\fsmgmt.msc
[2011/04/18 00:10:33 | 000,000,150 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2011/04/18 00:10:29 | 000,145,455 | ---- | C] () -- C:\Windows\System32\perfmon.msc
[2011/04/18 00:10:29 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01007_Inbox_Critical.Wdf
[2011/03/21 13:00:41 | 000,035,328 | ---- | C] () -- C:\Users\laptop\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/17 16:30:44 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/03/17 12:51:18 | 000,000,475 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011/03/17 12:51:18 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2011/03/17 12:51:16 | 000,000,030 | ---- | C] () -- C:\Windows\System32\brss01a.ini
[2011/03/17 12:50:26 | 000,106,496 | ---- | C] () -- C:\Windows\System32\BrMuSNMP.dll
[2011/03/17 12:43:29 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf05a.dat
[2011/03/17 12:20:20 | 000,000,000 | ---- | C] () -- C:\Program Files\error.dat
[2008/02/11 19:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2008/02/11 19:34:48 | 002,215,364 | ---- | C] () -- C:\Windows\System32\igklg400.bin
[2008/02/11 19:34:48 | 001,971,732 | ---- | C] () -- C:\Windows\System32\igklg450.bin
[2008/02/11 19:34:48 | 000,029,932 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.bin
[2007/09/25 08:45:45 | 001,560,576 | ---- | C] () -- C:\Windows\System32\MainOp.dll
[2007/09/25 08:45:45 | 001,327,104 | ---- | C] () -- C:\Windows\System32\ImageReog.dll
[2007/09/25 08:45:45 | 000,622,592 | ---- | C] () -- C:\Windows\System32\PicNotify.dll
[2007/09/25 08:45:45 | 000,491,520 | ---- | C] () -- C:\Windows\System32\picn.dll
[2007/09/25 08:45:45 | 000,208,896 | ---- | C] () -- C:\Windows\System32\Image.dll
[2007/09/25 08:45:45 | 000,126,976 | ---- | C] () -- C:\Windows\System32\VideoOp.dll
[2007/09/25 08:45:45 | 000,094,208 | ---- | C] () -- C:\Windows\System32\Momo.dll
[2007/09/25 08:45:45 | 000,094,208 | ---- | C] () -- C:\Windows\System32\ApBlend.dll
[2007/09/25 08:45:45 | 000,049,152 | ---- | C] () -- C:\Windows\System32\DevFilt.dll
[2007/09/25 08:17:50 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2007/09/25 08:10:06 | 009,599,744 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2007/09/25 08:10:06 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2007/09/25 08:06:06 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat
[2007/09/25 08:06:06 | 000,000,143 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2007/07/17 23:33:25 | 000,910,464 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007/07/17 23:33:25 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1268.dll
[2006/11/02 05:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 05:47:37 | 000,379,512 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 05:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 03:33:01 | 000,654,114 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 03:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 03:33:01 | 000,122,536 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 03:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 03:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 01:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 01:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 00:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 00:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

< End of report >


OTL Extras logfile created on: 5/10/2011 5:00:01 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\laptop\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,014.00 Mb Total Physical Memory | 130.00 Mb Available Physical Memory | 13.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 54.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 29.30 Gb Total Space | 5.76 Gb Free Space | 19.68% Space Free | Partition Type: NTFS
Drive D: | 105.94 Gb Total Space | 89.32 Gb Free Space | 84.32% Space Free | Partition Type: NTFS
Drive E: | 2.51 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: LAPTOP-PC | User Name: laptop | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [FinePix] -- "C:\Program Files\FinePixViewer\FinePixViewer.exe" "%1" (FUJIFILM Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{A5498ECF-B694-4F84-B925-38B57FF00155}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4680DB7C-70F6-47DD-B26E-ADD3BD1ABA06}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{75409615-B920-4EB9-9A47-6A6377A52C82}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)
"{24ED4D80-8294-11D5-96CD-0040266301AD}" = FinePixViewer Ver.5.3
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java™ 6 Update 24
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = USB Video Device
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 5.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{581125F9-D1C6-4797-93BB-47A992D69AA8}" = Screen Grab Pro
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{6023B028-9E86-4784-84BC-D1788C67F3D0}" = Brother DCP-120C
"{6E127727-CE4B-40E4-9A7D-9D65CDE0A15C}" = EnergyCut
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}" = Microsoft Works 7.0
"{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7EE9DE0D-9228-4C33-B80E-FDD1773600DF}" = Microsoft Works Suite Add-in for Microsoft Word
"{8686D4FE-62EF-46FB-B9FD-00679EB381FF}_is1" = Trojan Killer 2.0
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{911B0409-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AC76BA86-7AD7-1033-7B44-A80000000002}" = Adobe Reader 8
"{B44529FF-501E-47CD-A06D-223C161BE058}" = FinePixViewer Resource
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{D64DCF1C-7A95-49A4-BAFA-C42B5CF6B8B6}" = Works Suite OS Pack
"{DA9E9010-058B-4159-8CC5-28298D90AE7B}" = calibre
"{E3B3AB03-8ABC-46CF-8CA9-DB5581E1F368}" = FinePix Studio
"{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Advanced Spyware Remover_is1" = Advanced Spyware Remover
"CDisplayEx_is1" = CDisplayEx 1.8
"Flickr Uploadr" = Flickr Uploadr 3.2.1
"Free Studio_is1" = Free Studio version 5.0.6
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
"GrabIt_is1" = GrabIt 1.7.2 Beta 4 (build 997)
"HDMI" = Intel® Graphics Media Accelerator Driver
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"PROHYBRIDR" = 2007 Microsoft Office system
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.7
"WinRAR archiver" = WinRAR 4.00 (32-bit)
"Works2003Setup" = Microsoft Works 2003 Setup Launcher

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/2/2011 2:58:15 AM | Computer Name = laptop-PC | Source = LoadPerf | ID = 3013
Description =

Error - 5/2/2011 2:58:15 AM | Computer Name = laptop-PC | Source = LoadPerf | ID = 3009
Description =

Error - 5/2/2011 3:26:06 AM | Computer Name = laptop-PC | Source = EventSystem | ID = 4609
Description =

Error - 5/2/2011 3:45:52 AM | Computer Name = laptop-PC | Source = EventSystem | ID = 4609
Description =

Error - 5/2/2011 4:03:53 AM | Computer Name = laptop-PC | Source = LoadPerf | ID = 3013
Description =

Error - 5/2/2011 4:03:53 AM | Computer Name = laptop-PC | Source = LoadPerf | ID = 3009
Description =

Error - 5/2/2011 2:03:08 PM | Computer Name = laptop-PC | Source = EventSystem | ID = 4609
Description =

Error - 5/2/2011 3:11:15 PM | Computer Name = laptop-PC | Source = EventSystem | ID = 4609
Description =

Error - 5/2/2011 3:28:37 PM | Computer Name = laptop-PC | Source = EventSystem | ID = 4609
Description =

Error - 5/2/2011 3:32:15 PM | Computer Name = laptop-PC | Source = EventSystem | ID = 4609
Description =

[ System Events ]
Error - 4/15/2011 11:04:37 AM | Computer Name = laptop-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 11:42:47 PM on 4/14/2011 was unexpected.

Error - 4/15/2011 11:04:47 AM | Computer Name = laptop-PC | Source = Microsoft-Windows-ResourcePublication | ID = 1002
Description =

Error - 4/15/2011 3:12:07 PM | Computer Name = laptop-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 12:02:42 PM on 4/15/2011 was unexpected.

Error - 4/15/2011 3:15:20 PM | Computer Name = laptop-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 4/16/2011 2:05:44 PM | Computer Name = laptop-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 1:40:12 AM on 4/16/2011 was unexpected.

Error - 4/16/2011 2:07:13 PM | Computer Name = laptop-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 4/17/2011 4:04:49 PM | Computer Name = laptop-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 1:40:17 AM on 4/17/2011 was unexpected.

Error - 4/17/2011 4:06:22 PM | Computer Name = laptop-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 4/17/2011 5:56:30 PM | Computer Name = laptop-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 4/18/2011 2:34:54 AM | Computer Name = laptop-PC | Source = Service Control Manager | ID = 7000
Description =


< End of report >

#6 L A Slim

L A Slim
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:06:39 AM

Posted 10 May 2011 - 09:37 PM

Was able to get the TDSSKiller working. No reboot needed. Here's the report...

2011/05/10 19:11:22.0682 1316 TDSS rootkit removing tool 2.5.0.0 May 1 2011 14:20:16
2011/05/10 19:11:23.0228 1316 ================================================================================
2011/05/10 19:11:23.0228 1316 SystemInfo:
2011/05/10 19:11:23.0228 1316
2011/05/10 19:11:23.0228 1316 OS Version: 6.0.6001 ServicePack: 1.0
2011/05/10 19:11:23.0228 1316 Product type: Workstation
2011/05/10 19:11:23.0228 1316 ComputerName: LAPTOP-PC
2011/05/10 19:11:23.0228 1316 UserName: laptop
2011/05/10 19:11:23.0228 1316 Windows directory: C:\Windows
2011/05/10 19:11:23.0228 1316 System windows directory: C:\Windows
2011/05/10 19:11:23.0228 1316 Processor architecture: Intel x86
2011/05/10 19:11:23.0228 1316 Number of processors: 2
2011/05/10 19:11:23.0228 1316 Page size: 0x1000
2011/05/10 19:11:23.0228 1316 Boot type: Normal boot
2011/05/10 19:11:23.0228 1316 ================================================================================
2011/05/10 19:11:23.0898 1316 Initialize success
2011/05/10 19:11:28.0578 2180 ================================================================================
2011/05/10 19:11:28.0578 2180 Scan started
2011/05/10 19:11:28.0578 2180 Mode: Manual;
2011/05/10 19:11:28.0578 2180 ================================================================================
2011/05/10 19:11:30.0544 2180 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
2011/05/10 19:11:30.0747 2180 ACPIVPC (87114efedeb94af49323ca61f344716d) C:\Windows\system32\DRIVERS\AcpiVpc.sys
2011/05/10 19:11:30.0887 2180 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2011/05/10 19:11:31.0090 2180 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2011/05/10 19:11:31.0230 2180 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2011/05/10 19:11:31.0262 2180 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2011/05/10 19:11:31.0340 2180 AFD (763e172a55177e478cb419f88fd0ba03) C:\Windows\system32\drivers\afd.sys
2011/05/10 19:11:31.0464 2180 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
2011/05/10 19:11:31.0511 2180 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/05/10 19:11:31.0542 2180 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
2011/05/10 19:11:31.0574 2180 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
2011/05/10 19:11:31.0589 2180 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
2011/05/10 19:11:31.0636 2180 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2011/05/10 19:11:31.0745 2180 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
2011/05/10 19:11:31.0808 2180 ApfiltrService (a24bf3622223933d478af613df323a57) C:\Windows\system32\DRIVERS\Apfiltr.sys
2011/05/10 19:11:31.0870 2180 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2011/05/10 19:11:31.0995 2180 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2011/05/10 19:11:32.0088 2180 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/05/10 19:11:32.0135 2180 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
2011/05/10 19:11:32.0291 2180 b57nd60x (0b92ccf7bfcbe2b33838434f2f50cb61) C:\Windows\system32\DRIVERS\b57nd60x.sys
2011/05/10 19:11:32.0369 2180 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/05/10 19:11:32.0588 2180 bowser (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys
2011/05/10 19:11:32.0634 2180 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/05/10 19:11:32.0681 2180 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/05/10 19:11:32.0868 2180 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/05/10 19:11:32.0884 2180 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/05/10 19:11:32.0915 2180 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/05/10 19:11:32.0931 2180 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/05/10 19:11:32.0978 2180 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/05/10 19:11:33.0024 2180 CapFilt (cbdb0f4e8951b1d77d8807737f7b04a1) C:\Windows\system32\drivers\CapFilt.sys
2011/05/10 19:11:33.0227 2180 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/05/10 19:11:33.0290 2180 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
2011/05/10 19:11:33.0368 2180 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2011/05/10 19:11:33.0477 2180 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
2011/05/10 19:11:33.0602 2180 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/05/10 19:11:33.0742 2180 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
2011/05/10 19:11:33.0789 2180 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2011/05/10 19:11:33.0836 2180 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2011/05/10 19:11:33.0882 2180 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2011/05/10 19:11:34.0054 2180 DfsC (9e635ae5e8ad93e2b5989e2e23679f97) C:\Windows\system32\Drivers\dfsc.sys
2011/05/10 19:11:34.0116 2180 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
2011/05/10 19:11:34.0319 2180 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/05/10 19:11:34.0382 2180 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
2011/05/10 19:11:34.0538 2180 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/05/10 19:11:34.0616 2180 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
2011/05/10 19:11:34.0787 2180 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2011/05/10 19:11:34.0990 2180 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
2011/05/10 19:11:35.0052 2180 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
2011/05/10 19:11:35.0099 2180 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
2011/05/10 19:11:35.0255 2180 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/05/10 19:11:35.0286 2180 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/05/10 19:11:35.0333 2180 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/05/10 19:11:35.0474 2180 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
2011/05/10 19:11:35.0536 2180 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/05/10 19:11:35.0676 2180 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2011/05/10 19:11:35.0739 2180 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/05/10 19:11:35.0864 2180 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/05/10 19:11:35.0910 2180 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/05/10 19:11:35.0957 2180 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/05/10 19:11:36.0098 2180 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\drivers\hidusb.sys
2011/05/10 19:11:36.0176 2180 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2011/05/10 19:11:36.0254 2180 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys
2011/05/10 19:11:36.0394 2180 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2011/05/10 19:11:36.0441 2180 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/05/10 19:11:36.0503 2180 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2011/05/10 19:11:36.0737 2180 igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys
2011/05/10 19:11:36.0956 2180 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/05/10 19:11:37.0096 2180 IntcAzAudAddService (389f5d4859f4300d52ead838f1a17131) C:\Windows\system32\drivers\RTKVHDA.sys
2011/05/10 19:11:37.0268 2180 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2011/05/10 19:11:37.0314 2180 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/05/10 19:11:37.0439 2180 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2011/05/10 19:11:37.0595 2180 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/05/10 19:11:37.0642 2180 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/05/10 19:11:37.0689 2180 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
2011/05/10 19:11:37.0829 2180 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/05/10 19:11:37.0876 2180 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/05/10 19:11:37.0907 2180 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/05/10 19:11:37.0954 2180 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/05/10 19:11:38.0094 2180 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys
2011/05/10 19:11:38.0157 2180 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
2011/05/10 19:11:38.0360 2180 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/05/10 19:11:38.0438 2180 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2011/05/10 19:11:38.0469 2180 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2011/05/10 19:11:38.0609 2180 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2011/05/10 19:11:38.0656 2180 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/05/10 19:11:38.0703 2180 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2011/05/10 19:11:38.0750 2180 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/05/10 19:11:38.0890 2180 MODEMCSA (cbb59c41f19efea1a000793e08070a62) C:\Windows\system32\drivers\MODEMCSA.sys
2011/05/10 19:11:38.0921 2180 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/05/10 19:11:38.0984 2180 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/05/10 19:11:39.0124 2180 mouhid (a3a6dff7e9e757db3df51a833bc28885) C:\Windows\system32\drivers\mouhid.sys
2011/05/10 19:11:39.0186 2180 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/05/10 19:11:39.0218 2180 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2011/05/10 19:11:39.0342 2180 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/05/10 19:11:39.0420 2180 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/05/10 19:11:39.0483 2180 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
2011/05/10 19:11:39.0623 2180 mrxsmb (cc752d233ef39875ca6885d9415ba869) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/05/10 19:11:39.0686 2180 mrxsmb10 (9049dddd4bd27d43d82f5968f1da76e4) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/05/10 19:11:39.0732 2180 mrxsmb20 (91dc069b6831ef564e7d8c97eaf0343e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/05/10 19:11:39.0888 2180 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
2011/05/10 19:11:39.0920 2180 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2011/05/10 19:11:40.0091 2180 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/05/10 19:11:40.0122 2180 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/05/10 19:11:40.0294 2180 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/05/10 19:11:40.0325 2180 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/05/10 19:11:40.0372 2180 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/05/10 19:11:40.0419 2180 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
2011/05/10 19:11:40.0559 2180 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/05/10 19:11:40.0622 2180 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/05/10 19:11:40.0668 2180 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
2011/05/10 19:11:40.0824 2180 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
2011/05/10 19:11:40.0887 2180 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
2011/05/10 19:11:41.0027 2180 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/05/10 19:11:41.0074 2180 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/05/10 19:11:41.0136 2180 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/05/10 19:11:41.0292 2180 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/05/10 19:11:41.0339 2180 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/05/10 19:11:41.0402 2180 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
2011/05/10 19:11:41.0620 2180 NETw3v32 (a15f219208843a5a210c8cb391384453) C:\Windows\system32\DRIVERS\NETw3v32.sys
2011/05/10 19:11:41.0854 2180 NETw4v32 (25acccfc33dd448b9d3037c5e439e830) C:\Windows\system32\DRIVERS\NETw4v32.sys
2011/05/10 19:11:42.0041 2180 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/05/10 19:11:42.0119 2180 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
2011/05/10 19:11:42.0291 2180 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/05/10 19:11:42.0369 2180 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
2011/05/10 19:11:42.0525 2180 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/05/10 19:11:42.0572 2180 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/05/10 19:11:42.0618 2180 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
2011/05/10 19:11:42.0759 2180 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
2011/05/10 19:11:42.0790 2180 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
2011/05/10 19:11:42.0930 2180 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/05/10 19:11:43.0102 2180 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/05/10 19:11:43.0133 2180 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
2011/05/10 19:11:43.0180 2180 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/05/10 19:11:43.0352 2180 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
2011/05/10 19:11:43.0414 2180 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
2011/05/10 19:11:43.0586 2180 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/05/10 19:11:43.0664 2180 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/05/10 19:11:43.0898 2180 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/05/10 19:11:43.0976 2180 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2011/05/10 19:11:44.0116 2180 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
2011/05/10 19:11:44.0194 2180 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2011/05/10 19:11:44.0366 2180 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/05/10 19:11:44.0412 2180 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/05/10 19:11:44.0459 2180 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/05/10 19:11:44.0600 2180 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/05/10 19:11:44.0662 2180 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/05/10 19:11:44.0709 2180 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
2011/05/10 19:11:44.0849 2180 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
2011/05/10 19:11:44.0927 2180 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/05/10 19:11:45.0099 2180 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
2011/05/10 19:11:45.0146 2180 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/05/10 19:11:45.0302 2180 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
2011/05/10 19:11:45.0380 2180 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
2011/05/10 19:11:45.0520 2180 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
2011/05/10 19:11:45.0582 2180 RimUsb (f17713d108aca124a139fde877eef68a) C:\Windows\system32\Drivers\RimUsb.sys
2011/05/10 19:11:45.0614 2180 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
2011/05/10 19:11:45.0770 2180 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/05/10 19:11:45.0848 2180 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/05/10 19:11:45.0988 2180 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
2011/05/10 19:11:46.0050 2180 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/05/10 19:11:46.0113 2180 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/05/10 19:11:46.0238 2180 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/05/10 19:11:46.0284 2180 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/05/10 19:11:46.0487 2180 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/05/10 19:11:46.0534 2180 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
2011/05/10 19:11:46.0581 2180 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/05/10 19:11:46.0721 2180 sfloppy (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/05/10 19:11:46.0940 2180 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
2011/05/10 19:11:47.0018 2180 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2011/05/10 19:11:47.0174 2180 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2011/05/10 19:11:47.0252 2180 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
2011/05/10 19:11:47.0454 2180 smserial (859e3adc59d1c89a66aa6492c14d379e) C:\Windows\system32\DRIVERS\smserial.sys
2011/05/10 19:11:48.0032 2180 SNP2UVC (1ff04e57319101c6b2950ae0d348daeb) C:\Windows\system32\DRIVERS\snp2uvc.sys
2011/05/10 19:11:48.0437 2180 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/05/10 19:11:48.0500 2180 srv (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys
2011/05/10 19:11:48.0624 2180 srv2 (96512f4a30b741e7d33a7936b9abbc20) C:\Windows\system32\DRIVERS\srv2.sys
2011/05/10 19:11:48.0671 2180 srvnet (1c69e33e0e23626da5a34ca5ba0dd990) C:\Windows\system32\DRIVERS\srvnet.sys
2011/05/10 19:11:48.0749 2180 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/05/10 19:11:48.0921 2180 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/05/10 19:11:48.0968 2180 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/05/10 19:11:49.0014 2180 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/05/10 19:11:49.0202 2180 Tcpip (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys
2011/05/10 19:11:49.0404 2180 Tcpip6 (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys
2011/05/10 19:11:49.0545 2180 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
2011/05/10 19:11:49.0623 2180 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/05/10 19:11:49.0654 2180 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/05/10 19:11:49.0794 2180 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
2011/05/10 19:11:49.0857 2180 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
2011/05/10 19:11:50.0075 2180 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/05/10 19:11:50.0122 2180 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/05/10 19:11:50.0138 2180 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys
2011/05/10 19:11:50.0184 2180 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2011/05/10 19:11:50.0325 2180 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
2011/05/10 19:11:50.0418 2180 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
2011/05/10 19:11:50.0559 2180 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2011/05/10 19:11:50.0621 2180 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/05/10 19:11:50.0762 2180 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/05/10 19:11:50.0808 2180 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/05/10 19:11:50.0886 2180 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/05/10 19:11:51.0027 2180 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/05/10 19:11:51.0089 2180 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
2011/05/10 19:11:51.0136 2180 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
2011/05/10 19:11:51.0292 2180 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/05/10 19:11:51.0323 2180 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
2011/05/10 19:11:51.0386 2180 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/05/10 19:11:51.0526 2180 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/05/10 19:11:51.0588 2180 usbvideo (0a6b81f01bc86399482e27e6fda7b33b) C:\Windows\system32\Drivers\usbvideo.sys
2011/05/10 19:11:51.0791 2180 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/05/10 19:11:51.0838 2180 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/05/10 19:11:51.0885 2180 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
2011/05/10 19:11:51.0932 2180 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2011/05/10 19:11:52.0088 2180 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
2011/05/10 19:11:52.0150 2180 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/05/10 19:11:52.0212 2180 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
2011/05/10 19:11:52.0415 2180 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
2011/05/10 19:11:52.0587 2180 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2011/05/10 19:11:52.0696 2180 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/05/10 19:11:52.0758 2180 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/10 19:11:52.0790 2180 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/10 19:11:52.0946 2180 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2011/05/10 19:11:53.0008 2180 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/05/10 19:11:53.0289 2180 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/05/10 19:11:53.0367 2180 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/05/10 19:11:53.0429 2180 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/05/10 19:11:53.0632 2180 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/05/10 19:11:53.0694 2180 ================================================================================
2011/05/10 19:11:53.0694 2180 Scan finished
2011/05/10 19:11:53.0694 2180 ================================================================================
2011/05/10 19:14:19.0757 1680 ================================================================================
2011/05/10 19:14:19.0757 1680 Scan started
2011/05/10 19:14:19.0757 1680 Mode: Manual;
2011/05/10 19:14:19.0757 1680 ================================================================================
2011/05/10 19:14:20.0022 1680 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
2011/05/10 19:14:20.0054 1680 ACPIVPC (87114efedeb94af49323ca61f344716d) C:\Windows\system32\DRIVERS\AcpiVpc.sys
2011/05/10 19:14:20.0100 1680 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2011/05/10 19:14:20.0241 1680 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2011/05/10 19:14:20.0272 1680 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2011/05/10 19:14:20.0319 1680 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2011/05/10 19:14:20.0381 1680 AFD (763e172a55177e478cb419f88fd0ba03) C:\Windows\system32\drivers\afd.sys
2011/05/10 19:14:20.0506 1680 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
2011/05/10 19:14:20.0568 1680 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/05/10 19:14:20.0600 1680 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
2011/05/10 19:14:20.0615 1680 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
2011/05/10 19:14:20.0646 1680 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
2011/05/10 19:14:20.0678 1680 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2011/05/10 19:14:20.0802 1680 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
2011/05/10 19:14:20.0849 1680 ApfiltrService (a24bf3622223933d478af613df323a57) C:\Windows\system32\DRIVERS\Apfiltr.sys
2011/05/10 19:14:20.0912 1680 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2011/05/10 19:14:20.0927 1680 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2011/05/10 19:14:21.0083 1680 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/05/10 19:14:21.0130 1680 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
2011/05/10 19:14:21.0192 1680 b57nd60x (0b92ccf7bfcbe2b33838434f2f50cb61) C:\Windows\system32\DRIVERS\b57nd60x.sys
2011/05/10 19:14:21.0333 1680 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/05/10 19:14:21.0426 1680 bowser (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys
2011/05/10 19:14:21.0473 1680 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/05/10 19:14:21.0504 1680 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/05/10 19:14:21.0551 1680 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/05/10 19:14:21.0582 1680 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/05/10 19:14:21.0723 1680 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/05/10 19:14:21.0754 1680 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/05/10 19:14:21.0785 1680 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/05/10 19:14:21.0816 1680 CapFilt (cbdb0f4e8951b1d77d8807737f7b04a1) C:\Windows\system32\drivers\CapFilt.sys
2011/05/10 19:14:21.0988 1680 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/05/10 19:14:22.0035 1680 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
2011/05/10 19:14:22.0097 1680 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2011/05/10 19:14:22.0206 1680 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
2011/05/10 19:14:22.0284 1680 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/05/10 19:14:22.0331 1680 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
2011/05/10 19:14:22.0378 1680 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2011/05/10 19:14:22.0503 1680 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2011/05/10 19:14:22.0534 1680 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2011/05/10 19:14:22.0612 1680 DfsC (9e635ae5e8ad93e2b5989e2e23679f97) C:\Windows\system32\Drivers\dfsc.sys
2011/05/10 19:14:22.0659 1680 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
2011/05/10 19:14:22.0846 1680 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/05/10 19:14:22.0908 1680 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
2011/05/10 19:14:23.0049 1680 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/05/10 19:14:23.0111 1680 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
2011/05/10 19:14:23.0205 1680 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2011/05/10 19:14:23.0376 1680 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
2011/05/10 19:14:23.0439 1680 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
2011/05/10 19:14:23.0486 1680 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
2011/05/10 19:14:23.0610 1680 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/05/10 19:14:23.0657 1680 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/05/10 19:14:23.0704 1680 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/05/10 19:14:23.0751 1680 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
2011/05/10 19:14:23.0876 1680 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/05/10 19:14:23.0938 1680 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2011/05/10 19:14:23.0985 1680 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/05/10 19:14:24.0110 1680 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/05/10 19:14:24.0156 1680 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/05/10 19:14:24.0188 1680 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/05/10 19:14:24.0328 1680 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\drivers\hidusb.sys
2011/05/10 19:14:24.0375 1680 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2011/05/10 19:14:24.0437 1680 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys
2011/05/10 19:14:24.0578 1680 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2011/05/10 19:14:24.0640 1680 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/05/10 19:14:24.0780 1680 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2011/05/10 19:14:24.0952 1680 igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys
2011/05/10 19:14:25.0155 1680 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/05/10 19:14:25.0264 1680 IntcAzAudAddService (389f5d4859f4300d52ead838f1a17131) C:\Windows\system32\drivers\RTKVHDA.sys
2011/05/10 19:14:25.0420 1680 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2011/05/10 19:14:25.0467 1680 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/05/10 19:14:25.0545 1680 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2011/05/10 19:14:25.0670 1680 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/05/10 19:14:25.0732 1680 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/05/10 19:14:25.0779 1680 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
2011/05/10 19:14:25.0919 1680 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/05/10 19:14:25.0966 1680 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/05/10 19:14:25.0997 1680 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/05/10 19:14:26.0138 1680 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/05/10 19:14:26.0184 1680 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys
2011/05/10 19:14:26.0262 1680 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
2011/05/10 19:14:26.0450 1680 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/05/10 19:14:26.0512 1680 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2011/05/10 19:14:26.0528 1680 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2011/05/10 19:14:26.0559 1680 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2011/05/10 19:14:26.0684 1680 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/05/10 19:14:26.0730 1680 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2011/05/10 19:14:26.0777 1680 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/05/10 19:14:26.0824 1680 MODEMCSA (cbb59c41f19efea1a000793e08070a62) C:\Windows\system32\drivers\MODEMCSA.sys
2011/05/10 19:14:26.0949 1680 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/05/10 19:14:27.0011 1680 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/05/10 19:14:27.0042 1680 mouhid (a3a6dff7e9e757db3df51a833bc28885) C:\Windows\system32\drivers\mouhid.sys
2011/05/10 19:14:27.0183 1680 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/05/10 19:14:27.0230 1680 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2011/05/10 19:14:27.0292 1680 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/05/10 19:14:27.0432 1680 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/05/10 19:14:27.0479 1680 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
2011/05/10 19:14:27.0526 1680 mrxsmb (cc752d233ef39875ca6885d9415ba869) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/05/10 19:14:27.0573 1680 mrxsmb10 (9049dddd4bd27d43d82f5968f1da76e4) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/05/10 19:14:27.0713 1680 mrxsmb20 (91dc069b6831ef564e7d8c97eaf0343e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/05/10 19:14:27.0760 1680 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
2011/05/10 19:14:27.0791 1680 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2011/05/10 19:14:27.0947 1680 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/05/10 19:14:27.0978 1680 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/05/10 19:14:28.0041 1680 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/05/10 19:14:28.0088 1680 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/05/10 19:14:28.0228 1680 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/05/10 19:14:28.0275 1680 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
2011/05/10 19:14:28.0322 1680 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/05/10 19:14:28.0478 1680 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/05/10 19:14:28.0524 1680 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
2011/05/10 19:14:28.0571 1680 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
2011/05/10 19:14:28.0727 1680 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
2011/05/10 19:14:28.0868 1680 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/05/10 19:14:28.0914 1680 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/05/10 19:14:28.0961 1680 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/05/10 19:14:29.0102 1680 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/05/10 19:14:29.0148 1680 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/05/10 19:14:29.0180 1680 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
2011/05/10 19:14:29.0398 1680 NETw3v32 (a15f219208843a5a210c8cb391384453) C:\Windows\system32\DRIVERS\NETw3v32.sys
2011/05/10 19:14:29.0616 1680 NETw4v32 (25acccfc33dd448b9d3037c5e439e830) C:\Windows\system32\DRIVERS\NETw4v32.sys
2011/05/10 19:14:29.0772 1680 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/05/10 19:14:29.0835 1680 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
2011/05/10 19:14:29.0897 1680 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/05/10 19:14:30.0069 1680 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
2011/05/10 19:14:30.0225 1680 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/05/10 19:14:30.0272 1680 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/05/10 19:14:30.0318 1680 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
2011/05/10 19:14:30.0474 1680 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
2011/05/10 19:14:30.0506 1680 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
2011/05/10 19:14:30.0599 1680 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/05/10 19:14:30.0771 1680 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/05/10 19:14:30.0818 1680 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
2011/05/10 19:14:30.0849 1680 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/05/10 19:14:30.0989 1680 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
2011/05/10 19:14:31.0052 1680 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
2011/05/10 19:14:31.0083 1680 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/05/10 19:14:31.0239 1680 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/05/10 19:14:31.0442 1680 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/05/10 19:14:31.0504 1680 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2011/05/10 19:14:31.0551 1680 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
2011/05/10 19:14:31.0722 1680 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2011/05/10 19:14:31.0863 1680 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/05/10 19:14:31.0925 1680 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/05/10 19:14:31.0972 1680 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/05/10 19:14:32.0097 1680 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/05/10 19:14:32.0144 1680 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/05/10 19:14:32.0190 1680 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
2011/05/10 19:14:32.0222 1680 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
2011/05/10 19:14:32.0378 1680 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/05/10 19:14:32.0440 1680 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
2011/05/10 19:14:32.0456 1680 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/05/10 19:14:32.0518 1680 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
2011/05/10 19:14:32.0658 1680 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
2011/05/10 19:14:32.0690 1680 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
2011/05/10 19:14:32.0736 1680 RimUsb (f17713d108aca124a139fde877eef68a) C:\Windows\system32\Drivers\RimUsb.sys
2011/05/10 19:14:32.0768 1680 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
2011/05/10 19:14:32.0924 1680 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/05/10 19:14:32.0986 1680 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/05/10 19:14:33.0048 1680 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
2011/05/10 19:14:33.0189 1680 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/05/10 19:14:33.0236 1680 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/05/10 19:14:33.0267 1680 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/05/10 19:14:33.0314 1680 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/05/10 19:14:33.0501 1680 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/05/10 19:14:33.0548 1680 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
2011/05/10 19:14:33.0594 1680 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/05/10 19:14:33.0719 1680 sfloppy (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/05/10 19:14:33.0782 1680 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
2011/05/10 19:14:33.0813 1680 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2011/05/10 19:14:33.0860 1680 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2011/05/10 19:14:34.0000 1680 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
2011/05/10 19:14:34.0078 1680 smserial (859e3adc59d1c89a66aa6492c14d379e) C:\Windows\system32\DRIVERS\smserial.sys
2011/05/10 19:14:34.0562 1680 SNP2UVC (1ff04e57319101c6b2950ae0d348daeb) C:\Windows\system32\DRIVERS\snp2uvc.sys
2011/05/10 19:14:34.0827 1680 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/05/10 19:14:34.0905 1680 srv (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys
2011/05/10 19:14:35.0030 1680 srv2 (96512f4a30b741e7d33a7936b9abbc20) C:\Windows\system32\DRIVERS\srv2.sys
2011/05/10 19:14:35.0076 1680 srvnet (1c69e33e0e23626da5a34ca5ba0dd990) C:\Windows\system32\DRIVERS\srvnet.sys
2011/05/10 19:14:35.0154 1680 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/05/10 19:14:35.0279 1680 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/05/10 19:14:35.0342 1680 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/05/10 19:14:35.0357 1680 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/05/10 19:14:35.0466 1680 Tcpip (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys
2011/05/10 19:14:35.0654 1680 Tcpip6 (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys
2011/05/10 19:14:35.0794 1680 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
2011/05/10 19:14:35.0841 1680 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/05/10 19:14:35.0872 1680 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/05/10 19:14:35.0919 1680 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
2011/05/10 19:14:36.0059 1680 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
2011/05/10 19:14:36.0153 1680 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/05/10 19:14:36.0200 1680 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/05/10 19:14:36.0324 1680 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys
2011/05/10 19:14:36.0371 1680 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2011/05/10 19:14:36.0418 1680 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
2011/05/10 19:14:36.0590 1680 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
2011/05/10 19:14:36.0621 1680 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2011/05/10 19:14:36.0652 1680 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/05/10 19:14:36.0792 1680 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/05/10 19:14:36.0839 1680 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/05/10 19:14:36.0902 1680 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/05/10 19:14:37.0042 1680 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/05/10 19:14:37.0104 1680 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
2011/05/10 19:14:37.0136 1680 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
2011/05/10 19:14:37.0276 1680 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/05/10 19:14:37.0307 1680 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
2011/05/10 19:14:37.0354 1680 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/05/10 19:14:37.0479 1680 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/05/10 19:14:37.0526 1680 usbvideo (0a6b81f01bc86399482e27e6fda7b33b) C:\Windows\system32\Drivers\usbvideo.sys
2011/05/10 19:14:37.0572 1680 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/05/10 19:14:37.0619 1680 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/05/10 19:14:37.0760 1680 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
2011/05/10 19:14:37.0791 1680 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2011/05/10 19:14:37.0822 1680 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
2011/05/10 19:14:37.0869 1680 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/05/10 19:14:38.0009 1680 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
2011/05/10 19:14:38.0150 1680 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
2011/05/10 19:14:38.0259 1680 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2011/05/10 19:14:38.0368 1680 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/05/10 19:14:38.0415 1680 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/10 19:14:38.0430 1680 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/10 19:14:38.0540 1680 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2011/05/10 19:14:38.0649 1680 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/05/10 19:14:38.0867 1680 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/05/10 19:14:38.0961 1680 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/05/10 19:14:39.0039 1680 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/05/10 19:14:39.0148 1680 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/05/10 19:14:39.0226 1680 ================================================================================
2011/05/10 19:14:39.0226 1680 Scan finished
2011/05/10 19:14:39.0226 1680 ================================================================================

OTL logfile created on: 5/10/2011 7:22:46 PM - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\laptop\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,014.00 Mb Total Physical Memory | 127.00 Mb Available Physical Memory | 12.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 51.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 29.30 Gb Total Space | 6.81 Gb Free Space | 23.24% Space Free | Partition Type: NTFS
Drive D: | 105.94 Gb Total Space | 89.32 Gb Free Space | 84.32% Space Free | Partition Type: NTFS
Drive E: | 2.51 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: LAPTOP-PC | User Name: laptop | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/10 16:59:27 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\laptop\Desktop\OTL.exe
PRC - [2011/03/17 17:59:00 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/12/10 12:34:26 | 000,697,104 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced Spyware Remover\ASRsrv.exe
PRC - [2007/04/23 00:51:44 | 004,435,968 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe


========== Modules (SafeList) ==========

MOD - [2011/05/10 16:59:27 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\laptop\Desktop\OTL.exe
MOD - [2010/08/31 08:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2009/12/10 12:34:26 | 000,697,104 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced Spyware Remover\ASRsrv.exe -- (ASRservice)
SRV - [2008/01/19 00:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2009/10/26 15:09:06 | 001,095,936 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2009/05/19 05:43:08 | 000,021,520 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV - [2007/09/25 08:14:14 | 000,017,536 | ---- | M] (ensurebit) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CapFilt.sys -- (CapFilt)
DRV - [2007/08/02 01:46:24 | 000,156,672 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/06/20 13:51:30 | 002,222,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel®
DRV - [2007/03/21 19:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/02/24 11:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/01/23 13:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/12/28 13:20:40 | 009,599,744 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2006/11/02 00:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel®


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========



[2011/04/19 14:15:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\laptop\AppData\Roaming\Mozilla\Extensions
[2011/04/19 14:15:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\laptop\AppData\Roaming\Mozilla\Extensions\uploadr@flickr.com

O1 HOSTS File: ([2011/05/10 18:51:43 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 157
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Free YouTube Download - C:\Users\laptop\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\laptop\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: Password Administration Box - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - File not found
O9 - Extra 'Tools' menuitem : Password Administration Box - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/11/02 13:00:00 | 000,000,043 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/10 19:11:12 | 000,000,000 | ---D | C] -- C:\Users\laptop\Desktop\tdsskiller
[2011/05/10 18:56:16 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/05/10 18:56:12 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/05/10 18:56:12 | 000,000,000 | ---D | C] -- C:\Users\laptop\AppData\Local\temp
[2011/05/10 18:39:11 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2011/05/10 17:27:06 | 000,000,000 | -H-D | C] -- C:\Windows\PIF
[2011/05/10 16:59:25 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\laptop\Desktop\OTL.exe
[2011/05/10 14:14:54 | 000,000,000 | ---D | C] -- C:\Boot
[2011/05/03 23:24:10 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2011/05/03 23:23:49 | 000,000,000 | ---D | C] -- C:\Users\laptop\AppData\Local\Google
[2011/05/03 21:45:08 | 000,100,480 | ---- | C] (GMER) -- C:\uxdirpow.sys
[2011/05/02 12:20:16 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/05/02 12:20:16 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/05/02 12:20:16 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/05/02 12:20:05 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/05/02 12:19:55 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/05/02 11:42:12 | 000,000,000 | ---D | C] -- C:\Users\laptop\AppData\Roaming\Bc
[2011/05/02 11:12:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft
[2011/05/02 11:11:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Spyware Remover
[2011/05/02 11:11:01 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2011/05/02 11:10:59 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2011/04/30 03:05:43 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2011/04/30 03:04:52 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2011/04/30 03:01:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2011/04/30 03:01:15 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2011/04/30 03:01:15 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2011/04/30 03:01:15 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2011/04/30 03:01:12 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
[2011/04/30 03:01:12 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
[2011/04/30 03:01:10 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2011/04/30 03:01:10 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2011/04/30 03:01:10 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2011/04/30 03:01:10 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2011/04/30 03:01:10 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
[2011/04/30 03:00:56 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2011/04/30 03:00:56 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2011/04/30 03:00:56 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2011/04/30 03:00:56 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2011/04/30 03:00:56 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2011/04/29 12:42:33 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2011/04/29 12:42:30 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2011/04/28 13:43:23 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
[2011/04/28 13:43:23 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[2011/04/28 13:43:21 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll
[2011/04/28 13:43:21 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
[2011/04/28 13:43:21 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
[2011/04/28 13:43:21 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[2011/04/28 13:43:20 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
[2011/04/28 13:43:20 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2011/04/28 13:43:20 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
[2011/04/28 13:43:19 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
[2011/04/28 13:43:19 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
[2011/04/28 13:43:19 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
[2011/04/28 13:43:19 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
[2011/04/28 13:43:19 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2011/04/28 13:43:19 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
[2011/04/28 13:43:19 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2011/04/28 13:43:19 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
[2011/04/28 13:43:19 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
[2011/04/28 13:43:18 | 001,582,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2011/04/28 13:43:18 | 001,418,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2011/04/28 13:43:18 | 000,670,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2011/04/28 13:43:18 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2011/04/28 13:43:18 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2011/04/28 13:36:51 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2011/04/28 13:36:41 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011/04/28 13:36:39 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011/04/28 13:30:05 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2011/04/28 13:30:05 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2011/04/28 13:30:05 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2011/04/28 13:28:21 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2011/04/28 00:58:49 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2011/04/28 00:56:30 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2011/04/28 00:55:51 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011/04/28 00:55:51 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2011/04/28 00:55:51 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011/04/28 00:55:46 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2011/04/28 00:55:32 | 003,600,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011/04/28 00:55:32 | 003,548,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011/04/28 00:55:28 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011/04/28 00:55:27 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011/04/28 00:55:20 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2011/04/28 00:55:17 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pacerprf.dll
[2011/04/28 00:55:08 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011/04/28 00:55:05 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2011/04/28 00:54:55 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2011/04/28 00:54:52 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/04/28 00:54:22 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/04/28 00:54:22 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/04/28 00:54:21 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/04/28 00:54:21 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011/04/28 00:54:21 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/04/28 00:54:20 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/04/28 00:54:20 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/04/28 00:54:20 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011/04/28 00:54:20 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2011/04/28 00:54:20 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/04/28 00:54:20 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/04/28 00:54:11 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2011/04/28 00:53:50 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2011/04/28 00:53:48 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011/04/28 00:53:48 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011/04/28 00:53:43 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2011/04/28 00:53:43 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2011/04/28 00:53:40 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2011/04/28 00:53:34 | 000,866,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2011/04/28 00:53:32 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011/04/28 00:53:32 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011/04/28 00:53:32 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011/04/28 00:53:32 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2011/04/28 00:53:27 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2011/04/28 00:53:11 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2011/04/28 00:53:11 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2011/04/28 00:53:11 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2011/04/28 00:53:08 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2011/04/28 00:53:01 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2011/04/28 00:52:58 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[2011/04/28 00:52:58 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011/04/28 00:52:53 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll
[2011/04/28 00:52:53 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshom.ocx
[2011/04/28 00:52:53 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2011/04/28 00:52:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011/04/26 22:56:26 | 000,000,000 | ---D | C] -- C:\PerfLogs
[2011/04/26 21:30:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2011/04/26 21:26:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\x64
[2011/04/23 09:22:10 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/04/19 14:14:59 | 000,000,000 | ---D | C] -- C:\Users\laptop\AppData\Roaming\Mozilla
[2011/04/19 14:14:58 | 000,000,000 | ---D | C] -- C:\Users\laptop\AppData\Roaming\Flickr
[2011/04/19 14:14:58 | 000,000,000 | ---D | C] -- C:\Users\laptop\AppData\Local\Flickr
[2011/04/18 00:14:12 | 001,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onex.dll
[2011/04/18 00:14:01 | 000,051,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PSHED.DLL
[2011/04/18 00:14:00 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imagesp1.dll
[2011/04/18 00:13:59 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys
[2011/04/18 00:13:57 | 001,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pidgenx.dll
[2011/04/18 00:13:51 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/04/18 00:13:46 | 000,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmv2clt.dll
[2011/04/18 00:13:45 | 001,675,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpssvcs.dll
[2011/04/18 00:13:45 | 000,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2011/04/18 00:13:44 | 000,889,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2011/04/18 00:13:43 | 000,588,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2VDEC.DLL
[2011/04/18 00:13:42 | 008,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizimg.dll
[2011/04/18 00:13:42 | 000,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2011/04/18 00:13:42 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe
[2011/04/18 00:13:42 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpremove.exe
[2011/04/18 00:13:41 | 001,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjet40.dll
[2011/04/18 00:13:37 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recdisc.exe
[2011/04/18 00:13:37 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsWpfWrp.exe
[2011/04/18 00:13:35 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CompMgmtLauncher.exe
[2011/04/18 00:13:32 | 001,532,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz.dll
[2011/04/18 00:13:32 | 001,386,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvbvm60.dll
[2011/04/18 00:13:32 | 000,083,456 | ---- | C] (Microsoft) -- C:\Windows\System32\SMBHelperClass.dll
[2011/04/18 00:13:30 | 001,052,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2011/04/18 00:13:29 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10K.DLL
[2011/04/18 00:13:28 | 002,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2011/04/18 00:13:28 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2011/04/18 00:13:28 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ADEC.DLL
[2011/04/18 00:13:27 | 001,381,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Query.dll
[2011/04/18 00:13:25 | 001,524,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll
[2011/04/18 00:13:25 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netlogon.dll
[2011/04/18 00:13:25 | 000,376,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2011/04/18 00:13:25 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SSShim.dll
[2011/04/18 00:13:24 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlmgp.dll
[2011/04/18 00:13:23 | 002,011,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll
[2011/04/18 00:13:23 | 000,445,952 | ---- | C] (Microsoft) -- C:\Windows\System32\IasMigPlugin.dll
[2011/04/18 00:13:22 | 001,788,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2011/04/18 00:13:22 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2011/04/18 00:13:22 | 000,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsdyn.dll
[2011/04/18 00:13:22 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clusapi.dll
[2011/04/18 00:13:21 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe
[2011/04/18 00:13:21 | 001,078,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2011/04/18 00:13:20 | 000,307,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxclu.dll
[2011/04/18 00:13:20 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsbas.dll
[2011/04/18 00:13:17 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2011/04/18 00:13:17 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\samsrv.dll
[2011/04/18 00:13:16 | 001,452,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esent.dll
[2011/04/18 00:13:16 | 000,882,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2011/04/18 00:13:16 | 000,730,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdengin2.dll
[2011/04/18 00:13:15 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmipnpinstall.dll
[2011/04/18 00:13:15 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmicryptinstall.dll
[2011/04/18 00:13:15 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gacinstall.dll
[2011/04/18 00:13:14 | 001,208,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comsvcs.dll
[2011/04/18 00:13:14 | 000,798,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2011/04/18 00:13:13 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2011/04/18 00:13:13 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallAPI.dll
[2011/04/18 00:13:12 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlceqp30.dll
[2011/04/18 00:13:12 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
[2011/04/18 00:13:12 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayDriverLib.dll
[2011/04/18 00:13:11 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2011/04/18 00:13:10 | 000,852,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2011/04/18 00:13:10 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2011/04/18 00:13:10 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2011/04/18 00:13:10 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched20.dll
[2011/04/18 00:13:09 | 003,216,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2011/04/18 00:13:09 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2011/04/18 00:13:09 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authfwcfg.dll
[2011/04/18 00:13:09 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2011/04/18 00:13:09 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2011/04/18 00:13:08 | 001,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2011/04/18 00:13:08 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comuid.dll
[2011/04/18 00:13:08 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
[2011/04/18 00:13:08 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2011/04/18 00:13:08 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmvdsitf.dll
[2011/04/18 00:13:07 | 000,223,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2011/04/18 00:13:07 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2011/04/18 00:13:07 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDMon.dll
[2011/04/18 00:13:06 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcaui.dll
[2011/04/18 00:13:06 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2011/04/18 00:13:06 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlcese30.dll
[2011/04/18 00:13:06 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassam.dll
[2011/04/18 00:13:06 | 000,163,840 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\DfrgNtfs.exe
[2011/04/18 00:13:06 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappcfg.dll
[2011/04/18 00:13:06 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uexfat.dll
[2011/04/18 00:13:05 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\whealogr.dll
[2011/04/18 00:13:01 | 001,827,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/04/18 00:13:01 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssha.dll
[2011/04/18 00:13:01 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2011/04/18 00:13:00 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgui.exe
[2011/04/18 00:13:00 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2011/04/18 00:12:59 | 000,647,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrepl40.dll
[2011/04/18 00:12:59 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmdev.dll
[2011/04/18 00:12:59 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasppp.dll
[2011/04/18 00:12:59 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2011/04/18 00:12:58 | 001,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2011/04/18 00:12:58 | 000,531,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\objsel.dll
[2011/04/18 00:12:58 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ddraw.dll
[2011/04/18 00:12:58 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2011/04/18 00:12:57 | 000,798,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbghelp.dll
[2011/04/18 00:12:57 | 000,520,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2011/04/18 00:12:57 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL
[2011/04/18 00:12:57 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasnap.dll
[2011/04/18 00:12:56 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2011/04/18 00:12:56 | 000,756,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2011/04/18 00:12:56 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2011/04/18 00:12:56 | 000,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmnet.dll
[2011/04/18 00:12:56 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icm32.dll
[2011/04/18 00:12:55 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtrmgr.dll
[2011/04/18 00:12:55 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spoolss.dll
[2011/04/18 00:12:55 | 000,131,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2011/04/18 00:12:54 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2011/04/18 00:12:54 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll
[2011/04/18 00:12:54 | 000,375,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011/04/18 00:12:54 | 000,334,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdedit.exe
[2011/04/18 00:12:54 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scksp.dll
[2011/04/18 00:12:54 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstlsapi.dll
[2011/04/18 00:12:53 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2011/04/18 00:12:53 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsta.dll
[2011/04/18 00:12:50 | 001,855,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2011/04/18 00:12:50 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hcrstco.dll
[2011/04/18 00:12:49 | 000,386,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfgx.dll
[2011/04/18 00:12:49 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tintlgnt.ime
[2011/04/18 00:12:49 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quick.ime
[2011/04/18 00:12:49 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qintlgnt.ime
[2011/04/18 00:12:49 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\phon.ime
[2011/04/18 00:12:49 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cintlgnt.ime
[2011/04/18 00:12:49 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chajei.ime
[2011/04/18 00:12:49 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pintlgnt.ime
[2011/04/18 00:12:48 | 001,143,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe
[2011/04/18 00:12:48 | 000,805,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll
[2011/04/18 00:12:48 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe
[2011/04/18 00:12:47 | 001,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apds.dll
[2011/04/18 00:12:47 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcuiu.dll
[2011/04/18 00:12:46 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certcli.dll
[2011/04/18 00:12:46 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2011/04/18 00:12:46 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprddm.dll
[2011/04/18 00:12:45 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AUDIOKSE.dll
[2011/04/18 00:12:44 | 001,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2011/04/18 00:12:44 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll
[2011/04/18 00:12:44 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdsrv.dll
[2011/04/18 00:12:43 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msidcrl30.dll
[2011/04/18 00:12:43 | 000,101,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2011/04/18 00:12:42 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2011/04/18 00:12:41 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3gpui.dll
[2011/04/18 00:12:41 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2011/04/18 00:12:40 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comsnap.dll
[2011/04/18 00:12:40 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2011/04/18 00:12:40 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2011/04/18 00:12:39 | 001,823,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2011/04/18 00:12:39 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2011/04/18 00:12:39 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2011/04/18 00:12:39 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmifw.dll
[2011/04/18 00:12:38 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscisvif.dll
[2011/04/18 00:12:37 | 001,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2011/04/18 00:12:37 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2011/04/18 00:12:37 | 000,299,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjtes40.dll
[2011/04/18 00:12:37 | 000,251,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassdo.dll
[2011/04/18 00:12:37 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msconfig.exe
[2011/04/18 00:12:37 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cipher.exe
[2011/04/18 00:12:36 | 004,595,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWSnapin.dll
[2011/04/18 00:12:36 | 000,431,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll
[2011/04/18 00:12:36 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
[2011/04/18 00:12:36 | 000,286,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll
[2011/04/18 00:12:36 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdskmgr.dll
[2011/04/18 00:12:36 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3api.dll
[2011/04/18 00:12:36 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cbsra.exe
[2011/04/18 00:12:35 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2011/04/18 00:12:35 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2011/04/18 00:12:35 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtutil.exe
[2011/04/18 00:12:34 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localsec.dll
[2011/04/18 00:12:34 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2011/04/18 00:12:34 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2011/04/18 00:12:34 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2011/04/18 00:12:34 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\loadperf.dll
[2011/04/18 00:12:34 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlancfg.dll
[2011/04/18 00:12:34 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcVSp1res.dll
[2011/04/18 00:12:33 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl
[2011/04/18 00:12:33 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOD.DLL
[2011/04/18 00:12:33 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
[2011/04/18 00:12:33 | 000,383,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSATAPI.dll
[2011/04/18 00:12:33 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hnetcfg.dll
[2011/04/18 00:12:33 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe
[2011/04/18 00:12:32 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2011/04/18 00:12:32 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\filemgmt.dll
[2011/04/18 00:12:32 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPMONTR.DLL
[2011/04/18 00:12:32 | 000,123,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys
[2011/04/18 00:12:32 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPENCDD.dll
[2011/04/18 00:12:32 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\profprov.dll
[2011/04/18 00:12:31 | 001,295,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsecedit.dll
[2011/04/18 00:12:31 | 001,186,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll
[2011/04/18 00:12:31 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll
[2011/04/18 00:12:31 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tracerpt.exe
[2011/04/18 00:12:31 | 000,336,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2PGraph.dll
[2011/04/18 00:12:31 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2011/04/18 00:12:31 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
[2011/04/18 00:12:31 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MuiUnattend.exe
[2011/04/18 00:12:31 | 000,016,896 | ---- | C] (Microsoft) -- C:\Windows\System32\grb.rs
[2011/04/18 00:12:30 | 000,825,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdlg.dll
[2011/04/18 00:12:30 | 000,317,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroleui.dll
[2011/04/18 00:12:30 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSHVHOST.DLL
[2011/04/18 00:12:30 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpresult.exe
[2011/04/18 00:12:30 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassvcs.dll
[2011/04/18 00:12:29 | 000,498,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\HelpPane.exe
[2011/04/18 00:12:29 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe
[2011/04/18 00:12:28 | 000,413,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2011/04/18 00:12:28 | 000,354,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe
[2011/04/18 00:12:28 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizeng.dll
[2011/04/18 00:12:28 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srrstr.dll
[2011/04/18 00:12:28 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmontr.dll
[2011/04/18 00:12:27 | 000,736,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unbcl.dll
[2011/04/18 00:12:27 | 000,464,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msra.exe
[2011/04/18 00:12:27 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpmon.dll
[2011/04/18 00:12:27 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shrink.dll
[2011/04/18 00:12:26 | 001,642,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPEncEn.dll
[2011/04/18 00:12:26 | 001,342,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcpl.dll
[2011/04/18 00:12:26 | 000,936,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpedit.dll
[2011/04/18 00:12:26 | 000,415,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2011/04/18 00:12:26 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL
[2011/04/18 00:12:26 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashlpr.dll
[2011/04/18 00:12:25 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll
[2011/04/18 00:12:24 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2011/04/18 00:12:24 | 000,520,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntvdm.exe
[2011/04/18 00:12:24 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2011/04/18 00:12:24 | 000,127,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys
[2011/04/18 00:12:24 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWSD.dll
[2011/04/18 00:12:23 | 001,086,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NetProjW.dll
[2011/04/18 00:12:23 | 001,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2011/04/18 00:12:23 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedyn.dll
[2011/04/18 00:12:23 | 000,155,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dssenh.dll
[2011/04/18 00:12:23 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntlanman.dll
[2011/04/18 00:12:23 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Storprop.dll
[2011/04/18 00:12:23 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2nacp.dll
[2011/04/18 00:12:23 | 000,035,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2011/04/18 00:12:22 | 000,913,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WlanMM.dll
[2011/04/18 00:12:22 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxs.dll
[2011/04/18 00:12:22 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsnt.dll
[2011/04/18 00:12:22 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certreq.exe
[2011/04/18 00:12:22 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2011/04/18 00:12:21 | 000,628,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WLanConn.dll
[2011/04/18 00:12:21 | 000,142,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\scsiport.sys
[2011/04/18 00:12:21 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2011/04/18 00:12:21 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2011/04/18 00:12:21 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\umb.dll
[2011/04/18 00:12:20 | 000,487,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\catsrvut.dll
[2011/04/18 00:12:20 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiobj.dll
[2011/04/18 00:12:20 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VAN.dll
[2011/04/18 00:12:20 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe
[2011/04/18 00:12:20 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll
[2011/04/18 00:12:20 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/04/18 00:12:19 | 002,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2011/04/18 00:12:19 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll
[2011/04/18 00:12:19 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MdSched.exe
[2011/04/18 00:12:19 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netid.dll
[2011/04/18 00:12:18 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsecsnp.dll
[2011/04/18 00:12:18 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2011/04/18 00:12:18 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll
[2011/04/18 00:12:18 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSCard.dll
[2011/04/18 00:12:18 | 000,110,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2011/04/18 00:12:18 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spbcd.dll
[2011/04/18 00:12:17 | 000,939,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2011/04/18 00:12:17 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnntfy.dll
[2011/04/18 00:12:17 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPSTAT.EXE
[2011/04/18 00:12:16 | 000,388,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdlgs.dll
[2011/04/18 00:12:16 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelMon.dll
[2011/04/18 00:12:16 | 000,242,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdh.dll
[2011/04/18 00:12:16 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\activeds.dll
[2011/04/18 00:12:16 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2011/04/18 00:12:16 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpsapi.dll
[2011/04/18 00:12:16 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2011/04/18 00:12:15 | 008,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssBranded.scr
[2011/04/18 00:12:15 | 002,585,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallControlPanel.exe
[2011/04/18 00:12:15 | 000,451,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\catsrv.dll
[2011/04/18 00:12:15 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netdiagfx.dll
[2011/04/18 00:12:15 | 000,096,768 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\dfrgfat.exe
[2011/04/18 00:12:14 | 000,506,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ENC.DLL
[2011/04/18 00:12:14 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wvc.dll
[2011/04/18 00:12:14 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2011/04/18 00:12:14 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcorehc.dll
[2011/04/18 00:12:14 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPHLPR.DLL
[2011/04/18 00:12:14 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2011/04/18 00:12:14 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msacm32.dll
[2011/04/18 00:12:14 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll
[2011/04/18 00:12:14 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2011/04/18 00:12:14 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifmon.dll
[2011/04/18 00:12:13 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wow32.dll
[2011/04/18 00:12:13 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldp.dll
[2011/04/18 00:12:13 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2011/04/18 00:12:13 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastapi.dll
[2011/04/18 00:12:13 | 000,028,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\battc.sys
[2011/04/18 00:12:12 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll
[2011/04/18 00:12:12 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdt.dll
[2011/04/18 00:12:12 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\els.dll
[2011/04/18 00:12:12 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QUTIL.DLL
[2011/04/18 00:12:11 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hhctrl.ocx
[2011/04/18 00:12:11 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2011/04/18 00:12:11 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net1.exe
[2011/04/18 00:12:11 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsprop.dll
[2011/04/18 00:12:11 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdSSDP.dll
[2011/04/18 00:12:11 | 000,045,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys
[2011/04/18 00:12:10 | 000,842,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2011/04/18 00:12:10 | 000,226,816 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\Defrag.exe
[2011/04/18 00:12:10 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldpc.dll
[2011/04/18 00:12:10 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprmsg.dll
[2011/04/18 00:12:10 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlgpclnt.dll
[2011/04/18 00:12:10 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nci.dll
[2011/04/18 00:12:09 | 001,405,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActiveContentWizard.dll
[2011/04/18 00:12:09 | 000,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2011/04/18 00:12:09 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CompatUI.dll
[2011/04/18 00:12:09 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2P.dll
[2011/04/18 00:12:09 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationSettings.exe
[2011/04/18 00:12:09 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSAC3ENC.DLL
[2011/04/18 00:12:09 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fde.dll
[2011/04/18 00:12:09 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleprn.dll
[2011/04/18 00:12:09 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rascfg.dll
[2011/04/18 00:12:09 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasman.dll
[2011/04/18 00:12:09 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\loghours.dll
[2011/04/18 00:12:08 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2011/04/18 00:12:07 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll
[2011/04/18 00:12:07 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll
[2011/04/18 00:12:07 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll
[2011/04/18 00:12:07 | 000,094,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MigAutoPlay.exe
[2011/04/18 00:12:07 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll
[2011/04/18 00:12:07 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DFDWiz.exe
[2011/04/18 00:12:07 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcl.exe
[2011/04/18 00:12:06 | 000,377,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devmgr.dll
[2011/04/18 00:12:06 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2011/04/18 00:12:06 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtm.dll
[2011/04/18 00:12:06 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\videoprt.sys
[2011/04/18 00:12:06 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPCRYPT.DLL
[2011/04/18 00:12:06 | 000,036,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys
[2011/04/18 00:12:05 | 000,632,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollUI.dll
[2011/04/18 00:12:05 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2011/04/18 00:12:05 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifsutil.dll
[2011/04/18 00:12:05 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsroam.dll
[2011/04/18 00:12:05 | 000,029,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys
[2011/04/18 00:12:05 | 000,021,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdusb.dll
[2011/04/18 00:12:04 | 002,204,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2011/04/18 00:12:04 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswmdm.dll
[2011/04/18 00:12:04 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[2011/04/18 00:12:04 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011/04/18 00:12:04 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vssadmin.exe
[2011/04/18 00:12:04 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2011/04/18 00:12:04 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usbmon.dll
[2011/04/18 00:12:04 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2011/04/18 00:12:04 | 000,024,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BOOTVID.DLL
[2011/04/18 00:12:03 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlandlg.dll
[2011/04/18 00:12:03 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mycomput.dll
[2011/04/18 00:12:03 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll
[2011/04/18 00:12:03 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scecli.dll
[2011/04/18 00:12:03 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSTPager.ax
[2011/04/18 00:12:03 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uudf.dll
[2011/04/18 00:12:03 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\activeds.tlb
[2011/04/18 00:12:03 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regapi.dll
[2011/04/18 00:12:02 | 001,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2011/04/18 00:12:02 | 000,485,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspaint.exe
[2011/04/18 00:12:02 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2011/04/18 00:12:02 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll
[2011/04/18 00:12:02 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiapi.dll
[2011/04/18 00:12:02 | 000,019,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdcom.dll
[2011/04/18 00:12:01 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2011/04/18 00:12:01 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\termmgr.dll
[2011/04/18 00:12:01 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2011/04/18 00:12:01 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\duser.dll
[2011/04/18 00:12:01 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cic.dll
[2011/04/18 00:12:01 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetpp.dll
[2011/04/18 00:12:01 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxoci.dll
[2011/04/18 00:12:00 | 000,087,552 | ---- | C] (Microsoft) -- C:\Windows\System32\Robocopy.exe
[2011/04/18 00:12:00 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AzSqlExt.dll
[2011/04/18 00:11:59 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2011/04/18 00:11:59 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdt.exe
[2011/04/18 00:11:59 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2011/04/18 00:11:59 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\verifier.exe
[2011/04/18 00:11:59 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdshext.dll
[2011/04/18 00:11:59 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtclog.dll
[2011/04/18 00:11:59 | 000,017,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\wmilib.sys
[2011/04/18 00:11:58 | 001,039,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d8.dll
[2011/04/18 00:11:58 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdial32.dll
[2011/04/18 00:11:58 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011/04/18 00:11:58 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oledlg.dll
[2011/04/18 00:11:58 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmview.ocx
[2011/04/18 00:11:58 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clfsw32.dll
[2011/04/18 00:11:58 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll
[2011/04/18 00:11:57 | 001,580,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2011/04/18 00:11:57 | 000,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasgcw.dll
[2011/04/18 00:11:57 | 000,301,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcbase.dll
[2011/04/18 00:11:57 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2011/04/18 00:11:57 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SnippingTool.exe
[2011/04/18 00:11:57 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2011/04/18 00:11:57 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mlang.dll
[2011/04/18 00:11:57 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpsetup.dll
[2011/04/18 00:11:57 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icfupgd.dll
[2011/04/18 00:11:57 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsldr.exe
[2011/04/18 00:11:56 | 002,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2011/04/18 00:11:56 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2011/04/18 00:11:56 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd3x40.dll
[2011/04/18 00:11:56 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2011/04/18 00:11:56 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaatext.dll
[2011/04/18 00:11:56 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2011/04/18 00:11:56 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasqec.dll
[2011/04/18 00:11:56 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncobjapi.dll
[2011/04/18 00:11:55 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2011/04/18 00:11:55 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpui.dll
[2011/04/18 00:11:55 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2011/04/18 00:11:55 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2011/04/18 00:11:55 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ulib.dll
[2011/04/18 00:11:55 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cabinet.dll
[2011/04/18 00:11:55 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syssetup.dll
[2011/04/18 00:11:55 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lodctr.exe
[2011/04/18 00:11:55 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe
[2011/04/18 00:11:55 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iaspolcy.dll
[2011/04/18 00:11:55 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll
[2011/04/18 00:11:54 | 002,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oobefldr.dll
[2011/04/18 00:11:54 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Utilman.exe
[2011/04/18 00:11:54 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scesrv.dll
[2011/04/18 00:11:54 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattend.dll
[2011/04/18 00:11:54 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lnkstub.exe
[2011/04/18 00:11:53 | 001,107,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ogldrv.dll
[2011/04/18 00:11:53 | 000,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcao.dll
[2011/04/18 00:11:53 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wermgr.exe
[2011/04/18 00:11:53 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthci.dll
[2011/04/18 00:11:53 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfdts.dll
[2011/04/18 00:11:52 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2pcollab.dll
[2011/04/18 00:11:52 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2011/04/18 00:11:52 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2011/04/18 00:11:52 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basesrv.dll
[2011/04/18 00:11:52 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdspres.dll
[2011/04/18 00:11:51 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispdiag.exe
[2011/04/18 00:11:51 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2011/04/18 00:11:51 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DHCPQEC.DLL
[2011/04/18 00:11:49 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\verifier.dll
[2011/04/18 00:11:48 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RstrtMgr.dll
[2011/04/18 00:11:47 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\efsadu.dll
[2011/04/18 00:11:46 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprapi.dll
[2011/04/18 00:11:45 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2011/04/18 00:11:44 | 001,575,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL
[2011/04/18 00:11:44 | 000,349,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2011/04/18 00:11:43 | 002,249,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Firewall.cpl
[2011/04/18 00:11:43 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoeacct.dll
[2011/04/18 00:11:43 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2011/04/18 00:11:43 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupugc.exe
[2011/04/18 00:11:43 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icacls.exe
[2011/04/18 00:11:42 | 003,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2011/04/18 00:11:42 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiascanprofiles.dll
[2011/04/18 00:11:42 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSVRMGMT.DLL
[2011/04/18 00:11:41 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2011/04/18 00:11:41 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaaut.dll
[2011/04/18 00:11:41 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrdc.dll
[2011/04/18 00:11:41 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2pnetsh.dll
[2011/04/18 00:11:41 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactsrv.dll
[2011/04/18 00:11:41 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
[2011/04/18 00:11:41 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011/04/18 00:11:41 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll
[2011/04/18 00:11:40 | 000,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2011/04/18 00:11:40 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapimig.exe
[2011/04/18 00:11:40 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2011/04/18 00:11:40 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systeminfo.exe
[2011/04/18 00:11:40 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssoc.dll
[2011/04/18 00:11:40 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2011/04/18 00:11:40 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssocPrx.dll
[2011/04/18 00:11:40 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappprxy.dll
[2011/04/18 00:11:40 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcadm.dll
[2011/04/18 00:11:39 | 000,691,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabletPC.cpl
[2011/04/18 00:11:39 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xwizards.dll
[2011/04/18 00:11:39 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2011/04/18 00:11:39 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011/04/18 00:11:39 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VBICodec.ax
[2011/04/18 00:11:39 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWWIN.EXE
[2011/04/18 00:11:39 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdl32.exe
[2011/04/18 00:11:39 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\resutils.dll
[2011/04/18 00:11:39 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe
[2011/04/18 00:11:38 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2011/04/18 00:11:38 | 000,669,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netprof.dll
[2011/04/18 00:11:38 | 000,614,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFWMAAEC.DLL
[2011/04/18 00:11:38 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\intl.cpl
[2011/04/18 00:11:38 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3ui.dll
[2011/04/18 00:11:38 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbnetlib.dll
[2011/04/18 00:11:38 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgifc.exe
[2011/04/18 00:11:37 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssText3d.scr
[2011/04/18 00:11:37 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apircl.dll
[2011/04/18 00:11:37 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011/04/18 00:11:37 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\btpanui.dll
[2011/04/18 00:11:37 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\txflog.dll
[2011/04/18 00:11:37 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskkill.exe
[2011/04/18 00:11:37 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll
[2011/04/18 00:11:36 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2011/04/18 00:11:36 | 000,975,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RASMM.dll
[2011/04/18 00:11:36 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2011/04/18 00:11:36 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2011/04/18 00:11:36 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\provthrd.dll
[2011/04/18 00:11:36 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionQueue.dll
[2011/04/18 00:11:36 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxva2.dll
[2011/04/18 00:11:36 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdprov.dll
[2011/04/18 00:11:35 | 000,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcc.dll
[2011/04/18 00:11:35 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMASF.DLL
[2011/04/18 00:11:35 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raserver.exe
[2011/04/18 00:11:35 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCExt.dll
[2011/04/18 00:11:35 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aclui.dll
[2011/04/18 00:11:35 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EAPQEC.DLL
[2011/04/18 00:11:35 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmocx.dll
[2011/04/18 00:11:35 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll
[2011/04/18 00:11:34 | 002,588,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIHub.dll
[2011/04/18 00:11:34 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2011/04/18 00:11:34 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2011/04/18 00:11:34 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcplsdw.dll
[2011/04/18 00:11:34 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xcopy.exe
[2011/04/18 00:11:34 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ias.dll
[2011/04/18 00:11:33 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\upnp.dll
[2011/04/18 00:11:33 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icsfiltr.dll
[2011/04/18 00:11:33 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoert2.dll
[2011/04/18 00:11:33 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstp.exe
[2011/04/18 00:11:33 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QCLIPROV.DLL
[2011/04/18 00:11:33 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reg.exe
[2011/04/18 00:11:33 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mountvol.exe
[2011/04/18 00:11:32 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayApi.dll
[2011/04/18 00:11:32 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetmib1.dll
[2011/04/18 00:11:32 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfts.dll
[2011/04/18 00:11:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PING.EXE
[2011/04/18 00:11:31 | 000,990,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2011/04/18 00:11:31 | 000,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL
[2011/04/18 00:11:31 | 000,338,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SysFxUI.dll
[2011/04/18 00:11:31 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cewmdm.dll
[2011/04/18 00:11:31 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qasf.dll
[2011/04/18 00:11:31 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcap.dll
[2011/04/18 00:11:31 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsadmin.exe
[2011/04/18 00:11:31 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011/04/18 00:11:31 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SoundRecorder.exe
[2011/04/18 00:11:31 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmusic.dll
[2011/04/18 00:11:31 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2011/04/18 00:11:31 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdMtpUS.dll
[2011/04/18 00:11:31 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rekeywiz.exe
[2011/04/18 00:11:30 | 001,312,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMALFXGFXDSP.dll
[2011/04/18 00:11:30 | 000,767,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSENCD.DLL
[2011/04/18 00:11:30 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscandui.dll
[2011/04/18 00:11:30 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpsrcwp.dll
[2011/04/18 00:11:30 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtstocom.exe
[2011/04/18 00:11:30 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\makecab.exe
[2011/04/18 00:11:30 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsmsext.dll
[2011/04/18 00:11:30 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2011/04/18 00:11:30 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SecEdit.exe
[2011/04/18 00:11:30 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsmproxy.dll
[2011/04/18 00:11:30 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\batt.dll
[2011/04/18 00:11:29 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdadiag.dll
[2011/04/18 00:11:29 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ndfapi.dll
[2011/04/18 00:11:29 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xwtpw32.dll
[2011/04/18 00:11:29 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppnp.dll
[2011/04/18 00:11:29 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3gpclnt.dll
[2011/04/18 00:11:28 | 000,415,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadefui.dll
[2011/04/18 00:11:28 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011/04/18 00:11:28 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apss.dll
[2011/04/18 00:11:28 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msorcl32.dll
[2011/04/18 00:11:28 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll
[2011/04/18 00:11:28 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wzcdlg.dll
[2011/04/18 00:11:28 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscmisetup.dll
[2011/04/18 00:11:27 | 001,329,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOE.DLL
[2011/04/18 00:11:27 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpdwcn.dll
[2011/04/18 00:11:27 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2phost.exe
[2011/04/18 00:11:27 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\keymgr.dll
[2011/04/18 00:11:27 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfmon.exe
[2011/04/18 00:11:27 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HelpPaneProxy.dll
[2011/04/18 00:11:27 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\System32\esrb.rs
[2011/04/18 00:11:27 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napipsec.dll
[2011/04/18 00:11:27 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxstrace.exe
[2011/04/18 00:11:27 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ktmutil.exe
[2011/04/18 00:11:26 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prntvpt.dll
[2011/04/18 00:11:26 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TapiMigPlugin.dll
[2011/04/18 00:11:26 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tasklist.exe
[2011/04/18 00:11:26 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2011/04/18 00:11:26 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2011/04/18 00:11:25 | 000,816,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dim700.dll
[2011/04/18 00:11:25 | 000,686,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\colorui.dll
[2011/04/18 00:11:25 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2011/04/18 00:11:25 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksproxy.ax
[2011/04/18 00:11:25 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fmifs.dll
[2011/04/18 00:11:25 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2011/04/18 00:11:24 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshipsec.dll
[2011/04/18 00:11:24 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011/04/18 00:11:24 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\driverquery.exe
[2011/04/18 00:11:24 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winethc.dll
[2011/04/18 00:11:24 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cryptdll.dll
[2011/04/18 00:11:24 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\takeown.exe
[2011/04/18 00:11:24 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPutil.exe
[2011/04/18 00:11:24 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll
[2011/04/18 00:11:24 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\txfw32.dll
[2011/04/18 00:11:24 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscproxystub.dll
[2011/04/18 00:11:23 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasplap.dll
[2011/04/18 00:11:23 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdm.tsp
[2011/04/18 00:11:23 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll
[2011/04/18 00:11:23 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findnetprinters.dll
[2011/04/18 00:11:23 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmiprop.dll
[2011/04/18 00:11:23 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\capisp.dll
[2011/04/18 00:11:23 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pots.dll
[2011/04/18 00:11:22 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\joy.cpl
[2011/04/18 00:11:22 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shrpubw.exe
[2011/04/18 00:11:22 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RESAMPLEDMO.DLL
[2011/04/18 00:11:22 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WLanHC.dll
[2011/04/18 00:11:22 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi.dll
[2011/04/18 00:11:22 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\luainstall.dll
[2011/04/18 00:11:22 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olecli32.dll
[2011/04/18 00:11:22 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shgina.dll
[2011/04/18 00:11:22 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011/04/18 00:11:22 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe
[2011/04/18 00:11:22 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmmon32.exe
[2011/04/18 00:11:22 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnshc.dll
[2011/04/18 00:11:22 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RpcPing.exe
[2011/04/18 00:11:22 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfnet.dll
[2011/04/18 00:11:21 | 001,298,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TMM.dll
[2011/04/18 00:11:21 | 000,384,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dim.dll
[2011/04/18 00:11:21 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compstui.dll
[2011/04/18 00:11:21 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\runonce.exe
[2011/04/18 00:11:21 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ktmw32.dll
[2011/04/18 00:11:20 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOE.DLL
[2011/04/18 00:11:20 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mdminst.dll
[2011/04/18 00:11:20 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaacmgr.exe
[2011/04/18 00:11:20 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\getmac.exe
[2011/04/18 00:11:20 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net.exe
[2011/04/18 00:11:20 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsjob.dll
[2011/04/18 00:11:20 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys
[2011/04/18 00:11:20 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmlua.dll
[2011/04/18 00:11:20 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsauth.dll
[2011/04/18 00:11:19 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MPG4DECD.DLL
[2011/04/18 00:11:19 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP43DECD.DLL
[2011/04/18 00:11:19 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w32tm.exe
[2011/04/18 00:11:19 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscupgrd.exe
[2011/04/18 00:11:19 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011/04/18 00:11:18 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\credui.dll
[2011/04/18 00:11:18 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWiaCompat.dll
[2011/04/18 00:11:18 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\migisol.dll
[2011/04/18 00:11:18 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diantz.exe
[2011/04/18 00:11:18 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comrepl.dll
[2011/04/18 00:11:18 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdchange.exe
[2011/04/18 00:11:18 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ACW.exe
[2011/04/18 00:11:18 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2011/04/18 00:11:18 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmutil.dll
[2011/04/18 00:11:18 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispci.dll
[2011/04/18 00:11:18 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipconfig.exe
[2011/04/18 00:11:18 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpts.dll
[2011/04/18 00:11:17 | 001,370,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Aurora.scr
[2011/04/18 00:11:17 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dinput8.dll
[2011/04/18 00:11:17 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSTheme.exe
[2011/04/18 00:11:17 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
[2011/04/18 00:11:17 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2011/04/18 00:11:17 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sfc.exe
[2011/04/18 00:11:16 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\desk.cpl
[2011/04/18 00:11:16 | 000,287,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\modemui.dll
[2011/04/18 00:11:16 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDump.dll
[2011/04/18 00:11:16 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmidx.dll
[2011/04/18 00:11:16 | 000,129,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\McxDriv.dll
[2011/04/18 00:11:16 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\softkbd.dll
[2011/04/18 00:11:16 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TpmInit.exe
[2011/04/18 00:11:16 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hlink.dll
[2011/04/18 00:11:16 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\colbact.dll
[2011/04/18 00:11:16 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fwcfg.dll
[2011/04/18 00:11:16 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\expand.exe
[2011/04/18 00:11:16 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cfgbkend.dll
[2011/04/18 00:11:16 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdhui.dll
[2011/04/18 00:11:16 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/04/18 00:11:16 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmredir.dll
[2011/04/18 00:11:16 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe
[2011/04/18 00:11:16 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\utildll.dll
[2011/04/18 00:11:16 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bridgeunattend.exe
[2011/04/18 00:11:15 | 000,879,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Bubbles.scr
[2011/04/18 00:11:15 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sti_ci.dll
[2011/04/18 00:11:15 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmvdspa.dll
[2011/04/18 00:11:15 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esentutl.exe
[2011/04/18 00:11:15 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootcfg.exe
[2011/04/18 00:11:15 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amstream.dll
[2011/04/18 00:11:15 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tabcal.exe
[2011/04/18 00:11:15 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2011/04/18 00:11:15 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/04/18 00:11:15 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2011/04/18 00:11:15 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vds_ps.dll
[2011/04/18 00:11:15 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\waitfor.exe
[2011/04/18 00:11:15 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmcfg32.dll
[2011/04/18 00:11:15 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrleakdiag.exe
[2011/04/18 00:11:15 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsium.dll
[2011/04/18 00:11:14 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2011/04/18 00:11:14 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdv.dll
[2011/04/18 00:11:14 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Ribbons.scr
[2011/04/18 00:11:14 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2011/04/18 00:11:14 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osblprov.dll
[2011/04/18 00:11:13 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mystify.scr
[2011/04/18 00:11:13 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shutdown.exe
[2011/04/18 00:11:13 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cacls.exe
[2011/04/18 00:11:13 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wfapigp.dll
[2011/04/18 00:11:11 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\COLORCNV.DLL
[2011/04/18 00:11:11 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DpiScaling.exe
[2011/04/18 00:11:11 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmsynth.dll
[2011/04/18 00:11:11 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olethk32.dll
[2011/04/18 00:11:11 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsiwmi.dll
[2011/04/18 00:11:11 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfvdsp.dll
[2011/04/18 00:11:11 | 000,053,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\1394bus.sys
[2011/04/18 00:11:11 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpnpinst.exe
[2011/04/18 00:11:11 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olesvr32.dll
[2011/04/18 00:11:11 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpcm.dll
[2011/04/18 00:11:10 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstext40.dll
[2011/04/18 00:11:10 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wavemsp.dll
[2011/04/18 00:11:10 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe
[2011/04/18 00:11:10 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercfg.cpl
[2011/04/18 00:11:10 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll
[2011/04/18 00:11:10 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ufat.dll
[2011/04/18 00:11:10 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfui.dll
[2011/04/18 00:11:10 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll
[2011/04/18 00:11:10 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\werdiagcontroller.dll
[2011/04/18 00:11:10 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxproxy.dll
[2011/04/18 00:11:10 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\at.exe
[2011/04/18 00:11:10 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2011/04/18 00:11:09 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rgb9rast.dll
[2011/04/18 00:11:09 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrstub.exe
[2011/04/18 00:11:09 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ucsvc.exe
[2011/04/18 00:11:09 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TimeDateMUICallback.dll
[2011/04/18 00:11:09 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/04/18 00:11:09 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegCtrl.dll
[2011/04/18 00:11:09 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdConns.dll
[2011/04/18 00:11:09 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsigd.dll
[2011/04/18 00:11:09 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\convert.exe
[2011/04/18 00:11:09 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlprovi.dll
[2011/04/18 00:11:08 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWGP.dll
[2011/04/18 00:11:08 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dskquota.dll
[2011/04/18 00:11:08 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll
[2011/04/18 00:11:08 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AtBroker.exe
[2011/04/18 00:11:08 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
[2011/04/18 00:11:08 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netbtugc.exe
[2011/04/18 00:11:08 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tbs.dll
[2011/04/18 00:11:08 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsied.dll
[2011/04/18 00:11:07 | 005,714,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logon.scr
[2011/04/18 00:11:07 | 000,178,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmime.dll
[2011/04/18 00:11:07 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcln.dll
[2011/04/18 00:11:07 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kstvtune.ax
[2011/04/18 00:11:07 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\GuidedHelp.dll
[2011/04/18 00:11:07 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2gpstore.dll
[2011/04/18 00:11:07 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fphc.dll
[2011/04/18 00:11:07 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2011/04/18 00:11:07 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattendedjoin.exe
[2011/04/18 00:11:07 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmpbk32.dll
[2011/04/18 00:11:07 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll
[2011/04/18 00:11:06 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VIDRESZR.DLL
[2011/04/18 00:11:06 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsdmo.dll
[2011/04/18 00:11:06 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdart.dll
[2011/04/18 00:11:06 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usbui.dll
[2011/04/18 00:11:06 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll
[2011/04/18 00:11:06 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll
[2011/04/18 00:11:06 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napdsnap.dll
[2011/04/18 00:11:06 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devenum.dll
[2011/04/18 00:11:06 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msident.dll
[2011/04/18 00:11:06 | 000,052,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys
[2011/04/18 00:11:06 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3dlg.dll
[2011/04/18 00:11:06 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regini.exe
[2011/04/18 00:11:06 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tape.sys
[2011/04/18 00:11:06 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacAgent.exe
[2011/04/18 00:11:06 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
[2011/04/18 00:11:06 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstplua.dll
[2011/04/18 00:11:05 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpclsp.dll
[2011/04/18 00:11:05 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\graftabl.com
[2011/04/18 00:11:05 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxlegih.dll
[2011/04/18 00:11:05 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfcsubs.dll
[2011/04/18 00:11:05 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vss_ps.dll
[2011/04/18 00:11:05 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srwmi.dll
[2011/04/18 00:11:05 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\upnpcont.exe
[2011/04/18 00:11:05 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxdm.dll
[2011/04/18 00:11:05 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WINSRPC.DLL
[2011/04/18 00:11:05 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpupdate.exe
[2011/04/18 00:11:05 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nbtstat.exe
[2011/04/18 00:11:05 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll
[2011/04/18 00:11:04 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexcl40.dll
[2011/04/18 00:11:04 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vfwwdm32.dll
[2011/04/18 00:11:04 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\extrac32.exe
[2011/04/18 00:11:04 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WavDest.dll
[2011/04/18 00:11:04 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksxbar.ax
[2011/04/18 00:11:04 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasphone.exe
[2011/04/18 00:11:04 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiarpc.dll
[2011/04/18 00:11:04 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ndfetw.dll
[2011/04/18 00:11:04 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcbcp.dll
[2011/04/18 00:11:04 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syskey.exe
[2011/04/18 00:11:04 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsock32.dll
[2011/04/18 00:11:03 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgrade.exe
[2011/04/18 00:11:03 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadss.dll
[2011/04/18 00:11:03 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP3DMOD.DLL
[2011/04/18 00:11:03 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dxof.dll
[2011/04/18 00:11:03 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabbtnEx.dll
[2011/04/18 00:11:03 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eventcls.dll
[2011/04/18 00:11:03 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\procinst.dll
[2011/04/18 00:11:02 | 000,450,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxbde40.dll
[2011/04/18 00:11:02 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Tabbtn.dll
[2011/04/18 00:11:02 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmscript.dll
[2011/04/18 00:11:02 | 000,041,472 | ---- | C] (Microsoft) -- C:\Windows\System32\WlanMmHC.dll
[2011/04/18 00:11:02 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psbase.dll
[2011/04/18 00:11:02 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmloader.dll
[2011/04/18 00:11:02 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2011/04/18 00:11:02 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetppui.dll
[2011/04/18 00:11:02 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\fveupdate.exe
[2011/04/18 00:11:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollCtrl.exe
[2011/04/18 00:11:01 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbde40.dll
[2011/04/18 00:11:01 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msltus40.dll
[2011/04/18 00:11:01 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshcon.dll
[2011/04/18 00:11:01 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Netplwiz.exe
[2011/04/18 00:11:01 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdi.sys
[2011/04/18 00:11:01 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icsunattend.exe
[2011/04/18 00:11:00 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ComputerDefaults.exe
[2011/04/18 00:11:00 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lltdapi.dll
[2011/04/18 00:11:00 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxsstore.dll
[2011/04/18 00:11:00 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll
[2011/04/18 00:11:00 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PlaySndSrv.dll
[2011/04/18 00:11:00 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSHTCPIP.DLL
[2011/04/18 00:11:00 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll
[2011/04/18 00:10:59 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LangCleanupSysprepAction.dll
[2011/04/18 00:10:59 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icaapi.dll
[2011/04/18 00:10:59 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localui.dll
[2011/04/18 00:10:59 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupSNK.exe
[2011/04/18 00:10:58 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OptionalFeatures.exe
[2011/04/18 00:10:58 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\g711codc.ax
[2011/04/18 00:10:58 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmutil.dll
[2011/04/18 00:10:58 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2011/04/18 00:10:58 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbunattend.exe
[2011/04/18 00:10:57 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbisurf.ax
[2011/04/18 00:10:57 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NcdProp.dll
[2011/04/18 00:10:57 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spopk.dll
[2011/04/18 00:10:57 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\serialui.dll
[2011/04/18 00:10:57 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usbperf.dll
[2011/04/18 00:10:56 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2011/04/18 00:10:56 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cofiredm.dll
[2011/04/18 00:10:56 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/04/18 00:10:55 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2011/04/18 00:10:55 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2011/04/18 00:10:55 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[2011/04/18 00:10:55 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasctrs.dll
[2011/04/18 00:10:54 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esentprf.dll
[2011/04/18 00:10:54 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll
[2011/04/18 00:10:54 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hnetmon.dll
[2011/04/18 00:10:54 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InfDefaultInstall.exe
[2011/04/18 00:10:53 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\drmk.sys
[2011/04/18 00:10:53 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/04/18 00:10:53 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlsbres.dll
[2011/04/18 00:10:53 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtprio.dll
[2011/04/18 00:10:52 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osbaseln.dll
[2011/04/18 00:10:51 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys
[2011/04/18 00:10:51 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msisip.dll
[2011/04/18 00:10:50 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmmsp.dll
[2011/04/18 00:10:49 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispex.dll
[2011/04/18 00:10:49 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winusb.dll
[2011/04/18 00:10:49 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcfgex.dll
[2011/04/18 00:10:47 | 000,025,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2011/04/18 00:10:47 | 000,025,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2011/04/18 00:10:47 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Nlsdl.dll
[2011/04/18 00:10:47 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mcd.sys
[2011/04/18 00:10:47 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll
[2011/04/18 00:10:46 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\idndl.dll
[2011/04/18 00:10:46 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msidle.dll
[2011/04/18 00:10:45 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\smclib.sys
[2011/04/18 00:10:45 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\bdasup.sys
[2011/04/18 00:10:44 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxapi.sys
[2011/04/18 00:10:44 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDJPN.DLL
[2011/04/18 00:10:44 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDKOR.DLL
[2011/04/18 00:10:43 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsilog.dll
[2011/04/18 00:10:42 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga256.dll
[2011/04/18 00:10:42 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga64k.dll
[2011/04/18 00:10:42 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsddd.dll
[2011/04/18 00:10:42 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framebuf.dll
[2011/04/18 00:10:42 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2011/04/18 00:10:41 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga.dll
[2011/04/18 00:10:41 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootstr.dll
[2011/04/18 00:10:40 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdskres2.dll
[2011/04/18 00:10:39 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizres.dll
[2011/04/18 00:10:39 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
[2011/04/18 00:10:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wertargets.wtl
[2011/04/18 00:10:29 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vsp1cln.exe
[2011/04/18 00:09:52 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll
[2011/04/18 00:09:47 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiInstaller.dll
[2011/04/18 00:09:47 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqmapi.dll
[2011/04/18 00:09:46 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2011/04/18 00:09:43 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2011/04/18 00:09:43 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2011/04/18 00:09:34 | 000,246,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2011/04/18 00:09:33 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdelta.dll
[2011/04/18 00:09:33 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll
[2011/04/18 00:09:33 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspatcha.dll
[2007/09/25 08:10:06 | 000,098,304 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll
[2007/09/25 08:10:05 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/10 19:10:57 | 001,280,815 | ---- | M] () -- C:\Users\laptop\Desktop\tdsskiller.zip
[2011/05/10 18:51:43 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/05/10 18:38:47 | 004,345,498 | R--- | M] () -- C:\Users\laptop\Desktop\ComboFix.exe
[2011/05/10 18:38:00 | 000,003,168 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/10 18:38:00 | 000,003,168 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/10 18:37:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/10 16:59:27 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\laptop\Desktop\OTL.exe
[2011/05/10 13:44:35 | 000,001,905 | ---- | M] () -- C:\Windows\diagwrn.xml
[2011/05/10 13:44:35 | 000,001,905 | ---- | M] () -- C:\Windows\diagerr.xml
[2011/05/10 13:00:15 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2011/05/09 11:42:16 | 000,035,328 | ---- | M] () -- C:\Users\laptop\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/03 21:45:08 | 000,100,480 | ---- | M] (GMER) -- C:\uxdirpow.sys
[2011/05/03 13:41:02 | 007,414,116 | ---- | M] () -- C:\Users\laptop\Desktop\todays hike!.zip
[2011/05/03 00:50:36 | 000,000,000 | ---- | M] () -- C:\Users\laptop\defogger_reenable
[2011/05/02 00:49:50 | 000,000,680 | ---- | M] () -- C:\Users\laptop\AppData\Local\d3d9caps.dat
[2011/05/02 00:45:50 | 000,379,512 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/05/01 23:43:09 | 000,000,160 | ---- | M] () -- C:\ProgramData\~40427272r
[2011/05/01 23:43:09 | 000,000,136 | ---- | M] () -- C:\ProgramData\~40427272
[2011/05/01 23:39:45 | 000,000,344 | ---- | M] () -- C:\ProgramData\40427272
[2011/04/30 14:13:59 | 000,654,114 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/04/30 14:13:59 | 000,122,536 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/04/27 13:56:28 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2011/04/26 22:14:39 | 000,101,888 | ---- | M] (Infineon Technologies AG) -- C:\Windows\System32\ifxcardm.dll
[2011/04/26 22:14:19 | 000,082,432 | ---- | M] (Gemalto, Inc.) -- C:\Windows\System32\axaltocm.dll
[2011/04/17 15:00:19 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2011/04/15 10:17:45 | 000,000,475 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2011/04/15 10:17:45 | 000,000,027 | ---- | M] () -- C:\Windows\BRPP2KA.INI
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/10 19:10:52 | 001,280,815 | ---- | C] () -- C:\Users\laptop\Desktop\tdsskiller.zip
[2011/05/10 11:19:26 | 000,001,905 | ---- | C] () -- C:\Windows\diagwrn.xml
[2011/05/10 11:19:26 | 000,001,905 | ---- | C] () -- C:\Windows\diagerr.xml
[2011/05/03 13:41:09 | 007,414,116 | ---- | C] () -- C:\Users\laptop\Desktop\todays hike!.zip
[2011/05/03 00:50:36 | 000,000,000 | ---- | C] () -- C:\Users\laptop\defogger_reenable
[2011/05/02 12:20:16 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/05/02 12:20:16 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/05/02 12:20:16 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011/05/02 12:20:16 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/05/02 12:20:16 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/05/02 12:19:31 | 004,345,498 | R--- | C] () -- C:\Users\laptop\Desktop\ComboFix.exe
[2011/05/02 00:29:01 | 000,000,680 | ---- | C] () -- C:\Users\laptop\AppData\Local\d3d9caps.dat
[2011/05/01 23:39:54 | 000,000,160 | ---- | C] () -- C:\ProgramData\~40427272r
[2011/05/01 23:39:54 | 000,000,136 | ---- | C] () -- C:\ProgramData\~40427272
[2011/05/01 23:39:45 | 000,000,344 | ---- | C] () -- C:\ProgramData\40427272
[2011/04/30 03:00:59 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2011/04/30 03:00:59 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2011/04/30 03:00:59 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2011/04/28 13:43:23 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/04/28 13:43:23 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011/04/28 13:43:19 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2011/04/27 13:56:28 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2011/04/26 23:08:08 | 000,000,949 | ---- | C] () -- C:\Users\laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/04/18 00:13:44 | 000,206,830 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2011/04/18 00:13:15 | 000,132,148 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2011/04/18 00:12:31 | 000,175,508 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2011/04/18 00:12:16 | 000,289,467 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2011/04/18 00:12:11 | 000,261,163 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2011/04/18 00:11:56 | 000,080,047 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2011/04/18 00:10:59 | 000,009,987 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2011/04/18 00:10:36 | 000,012,198 | ---- | C] () -- C:\Windows\System32\gatherWiredInfo.vbs
[2011/04/18 00:10:35 | 000,144,909 | ---- | C] () -- C:\Windows\System32\fsmgmt.msc
[2011/04/18 00:10:33 | 000,000,150 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2011/04/18 00:10:29 | 000,145,455 | ---- | C] () -- C:\Windows\System32\perfmon.msc
[2011/04/18 00:10:29 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01007_Inbox_Critical.Wdf
[2011/03/21 13:00:41 | 000,035,328 | ---- | C] () -- C:\Users\laptop\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/17 16:30:44 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/03/17 12:51:18 | 000,000,475 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011/03/17 12:51:18 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2011/03/17 12:51:16 | 000,000,030 | ---- | C] () -- C:\Windows\System32\brss01a.ini
[2011/03/17 12:50:26 | 000,106,496 | ---- | C] () -- C:\Windows\System32\BrMuSNMP.dll
[2011/03/17 12:43:29 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf05a.dat
[2011/03/17 12:20:20 | 000,000,000 | ---- | C] () -- C:\Program Files\error.dat
[2008/02/11 19:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2008/02/11 19:34:48 | 002,215,364 | ---- | C] () -- C:\Windows\System32\igklg400.bin
[2008/02/11 19:34:48 | 001,971,732 | ---- | C] () -- C:\Windows\System32\igklg450.bin
[2008/02/11 19:34:48 | 000,029,932 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.bin
[2007/09/25 08:45:45 | 001,560,576 | ---- | C] () -- C:\Windows\System32\MainOp.dll
[2007/09/25 08:45:45 | 001,327,104 | ---- | C] () -- C:\Windows\System32\ImageReog.dll
[2007/09/25 08:45:45 | 000,622,592 | ---- | C] () -- C:\Windows\System32\PicNotify.dll
[2007/09/25 08:45:45 | 000,491,520 | ---- | C] () -- C:\Windows\System32\picn.dll
[2007/09/25 08:45:45 | 000,208,896 | ---- | C] () -- C:\Windows\System32\Image.dll
[2007/09/25 08:45:45 | 000,126,976 | ---- | C] () -- C:\Windows\System32\VideoOp.dll
[2007/09/25 08:45:45 | 000,094,208 | ---- | C] () -- C:\Windows\System32\Momo.dll
[2007/09/25 08:45:45 | 000,094,208 | ---- | C] () -- C:\Windows\System32\ApBlend.dll
[2007/09/25 08:45:45 | 000,049,152 | ---- | C] () -- C:\Windows\System32\DevFilt.dll
[2007/09/25 08:17:50 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2007/09/25 08:10:06 | 009,599,744 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2007/09/25 08:10:06 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2007/09/25 08:06:06 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat
[2007/09/25 08:06:06 | 000,000,143 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2007/07/17 23:33:25 | 000,910,464 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007/07/17 23:33:25 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1268.dll
[2006/11/02 05:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 05:47:37 | 000,379,512 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 05:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 03:33:01 | 000,654,114 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 03:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 03:33:01 | 000,122,536 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 03:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 03:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 01:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 01:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 00:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 00:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

< End of report >

How concerned should I be with the "Warning-One or more of the identified infections is a backdoor trojan and password stealer" Also noticed that the recycle bin is no longer on desktop and that system restore can't be found

#7 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:06:39 AM

Posted 11 May 2011 - 07:37 AM

Hi!

How concerned should I be with the "Warning-One or more of the identified infections is a backdoor trojan and password stealer" Also noticed that the recycle bin is no longer on desktop and that system restore can't be found

I'd be concerned with it, If this PC has ever been used for banking transactions, then I'd inform your financial institutes of your account being potentially compromised.

Locating ComboFix Log
  • Right click on START on the left end of your Windows toolbar (lower left corner of your screen)
  • Click on Explore
  • Click on Local Disk (C:) in the left-hand window pane
  • Look for ComboFix.txt in the right-hand window pane and right click on it
  • Put your cursor (arrow) on Open With
  • Move your cursor to the new menu that opens and click on Choose Program...
  • Click on Notepad

When file opens, Copy/Paste text here.

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#8 L A Slim

L A Slim
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:06:39 AM

Posted 11 May 2011 - 12:26 PM

Once changing the passwords for any banking accounts should I be o.k.? Or would you recommend that I use another computer for anything to do with banking?




ComboFix 11-05-09.04 - laptop 05/10/2011 18:42:40.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.1014.258 [GMT -7:00]
Running from: c:\users\laptop\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\laptop\AppData\Roaming\225B5082EC31EE454413538895195CF0
c:\users\laptop\AppData\Roaming\225B5082EC31EE454413538895195CF0\enemies-names.txt
c:\users\laptop\AppData\Roaming\225B5082EC31EE454413538895195CF0\local.ini
c:\users\laptop\AppData\Roaming\225B5082EC31EE454413538895195CF0\trsin24pob.exe
c:\users\laptop\AppData\Roaming\Adobe\plugs
c:\users\laptop\AppData\Roaming\Adobe\shed
c:\users\laptop\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk
c:\users\laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Antimalware Doctor.lnk
c:\users\laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Antimalware Doctor.lnk
c:\users\laptop\Desktop\Antimalware Doctor.lnk
.
---- Previous Run -------
.
c:\programdata\40427272.exe
c:\programdata\GDxGGDhgGbAFl.exe
c:\users\laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Recovery
c:\users\laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Recovery\Uninstall Windows Recovery.lnk
c:\users\laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Recovery\Windows Recovery.lnk
c:\users\laptop\Desktop\Windows Recovery.lnk
c:\windows\s.bat
D:\install.exe
.
Infected copy of c:\windows\system32\drivers\volsnap.sys was found and disinfected
Restored copy from - Kitty had a snack :P
.
((((((((((((((((((((((((( Files Created from 2011-04-11 to 2011-05-11 )))))))))))))))))))))))))))))))
.
.
2011-05-11 01:51 . 2011-05-11 01:51 -------- d-----w- c:\users\laptop\AppData\Local\temp
2011-05-11 01:51 . 2011-05-11 01:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-11 00:27 . 2011-05-11 00:27 -------- d--h--w- c:\windows\PIF
2011-05-10 21:14 . 2011-05-10 21:14 -------- d-----w- C:\Boot
2011-05-10 08:59 . 2011-04-11 07:04 7071056 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8C27E873-AB61-4ACD-8421-4B8CF4CEC355}\mpengine.dll
2011-05-06 20:30 . 2011-05-09 19:44 791270 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2011-05-04 06:24 . 2011-05-10 20:35 -------- d-----w- c:\program files\Google
2011-05-04 06:23 . 2011-05-10 19:45 -------- d-----w- c:\users\laptop\AppData\Local\Google
2011-05-04 04:45 . 2011-05-04 04:45 100480 ----a-w- C:\uxdirpow.sys
2011-05-02 18:42 . 2011-05-02 18:42 -------- d-----w- c:\users\laptop\AppData\Roaming\Bc
2011-05-02 18:11 . 2011-05-02 18:11 -------- d-----w- c:\programdata\IObit
2011-05-02 18:10 . 2011-05-02 18:10 -------- d-----w- c:\program files\IObit
2011-04-30 10:05 . 2010-09-20 09:25 231936 ----a-w- c:\windows\system32\msshsq.dll
2011-04-30 10:01 . 2009-10-09 21:56 2048 ----a-w- c:\windows\system32\winrsmgr.dll
2011-04-30 10:01 . 2009-10-09 21:56 12800 ----a-w- c:\windows\system32\wsmprovhost.exe
2011-04-30 10:01 . 2009-10-09 21:56 20480 ----a-w- c:\windows\system32\winrshost.exe
2011-04-30 10:01 . 2009-10-09 21:56 40448 ----a-w- c:\windows\system32\winrs.exe
2011-04-30 10:01 . 2009-10-09 21:56 10240 ----a-w- c:\windows\system32\wsmplpxy.dll
2011-04-30 10:01 . 2009-10-09 21:56 10240 ----a-w- c:\windows\system32\winrssrv.dll
2011-04-30 10:01 . 2009-10-09 21:56 41472 ----a-w- c:\windows\system32\pwrshplugin.dll
2011-04-30 10:01 . 2009-10-09 21:55 79872 ----a-w- c:\windows\system32\wecutil.exe
2011-04-30 10:01 . 2009-10-09 21:55 54272 ----a-w- c:\windows\system32\WsmRes.dll
2011-04-30 10:01 . 2009-10-09 21:55 146944 ----a-w- c:\windows\system32\wecsvc.dll
2011-04-30 10:01 . 2009-10-09 21:55 81408 ----a-w- c:\windows\system32\wevtfwd.dll
2011-04-30 10:01 . 2009-10-09 21:55 56320 ----a-w- c:\windows\system32\wecapi.dll
2011-04-30 10:00 . 2009-08-01 06:27 201184 ----a-w- c:\windows\system32\winrm.vbs
2011-04-30 10:00 . 2009-10-09 21:56 214016 ----a-w- c:\windows\system32\WsmWmiPl.dll
2011-04-30 10:00 . 2009-10-09 21:56 241152 ----a-w- c:\windows\system32\winrscmd.dll
2011-04-30 10:00 . 2009-10-09 21:56 246272 ----a-w- c:\windows\system32\WSManHTTPConfig.exe
2011-04-30 10:00 . 2009-10-09 21:56 145408 ----a-w- c:\windows\system32\WsmAuto.dll
2011-04-30 10:00 . 2009-10-09 21:55 252416 ----a-w- c:\windows\system32\WSManMigrationPlugin.dll
2011-04-30 10:00 . 2009-10-09 21:56 1181696 ----a-w- c:\windows\system32\WsmSvc.dll
2011-04-29 19:42 . 2011-03-03 14:56 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-04-29 19:42 . 2011-03-03 13:01 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-04-28 20:36 . 2010-04-14 17:46 80896 ----a-w- c:\windows\system32\MSNP.ax
2011-04-28 20:36 . 2010-04-14 17:47 293376 ----a-w- c:\windows\system32\psisdecd.dll
2011-04-28 20:36 . 2010-04-14 17:47 217088 ----a-w- c:\windows\system32\psisrndr.ax
2011-04-28 20:30 . 2009-11-08 17:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-04-28 20:30 . 2009-11-08 17:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2011-04-28 20:30 . 2009-11-08 17:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2011-04-28 20:30 . 2009-11-08 17:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2011-04-28 20:30 . 2009-11-08 17:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
2011-04-28 20:28 . 2011-04-28 20:28 -------- d-----w- c:\programdata\WindowsSearch
2011-04-28 07:58 . 2010-09-06 16:24 125952 ----a-w- c:\windows\system32\srvsvc.dll
2011-04-28 07:58 . 2010-09-06 16:23 17920 ----a-w- c:\windows\system32\netevent.dll
2011-04-28 07:58 . 2010-04-16 16:10 501760 ----a-w- c:\windows\system32\usp10.dll
2011-04-28 07:56 . 2010-09-10 16:35 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2011-04-28 07:56 . 2010-09-10 16:37 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2011-04-28 07:54 . 2010-08-17 13:32 126464 ----a-w- c:\windows\system32\spoolsv.exe
2011-04-28 07:53 . 2010-04-05 16:08 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2011-04-28 07:52 . 2008-08-02 03:26 36864 ----a-w- c:\windows\system32\cdd.dll
2011-04-28 07:51 . 2010-08-31 15:40 531968 ----a-w- c:\windows\system32\comctl32.dll
2011-04-27 05:56 . 2011-04-27 05:56 -------- d-----w- C:\PerfLogs
2011-04-27 04:30 . 2011-04-27 04:30 -------- d-----w- c:\program files\Common Files\Windows Live
2011-04-27 04:26 . 2011-04-27 04:26 -------- d-----w- c:\windows\system32\x64
2011-04-19 21:14 . 2011-04-19 21:14 -------- d-----w- c:\users\laptop\AppData\Roaming\Flickr
2011-04-19 21:14 . 2011-04-19 21:14 -------- d-----w- c:\users\laptop\AppData\Local\Flickr
2011-04-18 07:14 . 2008-01-19 07:36 1541120 ----a-w- c:\windows\system32\onex.dll
2011-04-18 07:14 . 2008-01-19 07:33 2623488 ----a-w- c:\windows\system32\SLsvc.exe
2011-04-18 07:14 . 2008-01-19 07:42 51768 ----a-w- c:\windows\system32\PSHED.DLL
2011-04-18 07:14 . 2008-01-19 07:29 705536 ----a-w- c:\windows\system32\imagesp1.dll
2011-04-18 07:12 . 2008-01-19 07:42 151096 ----a-w- c:\windows\system32\drivers\pci.sys
2011-04-18 07:11 . 2008-01-19 07:41 17976 ----a-w- c:\windows\system32\drivers\wmilib.sys
2011-04-18 07:10 . 2008-01-19 07:34 13824 ----a-w- c:\windows\system32\localui.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-27 05:14 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2011-04-27 05:14 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2011-03-21 16:08 . 2011-03-21 16:08 378368 ----a-w- c:\windows\system32\winhttp.dll
2011-03-21 16:06 . 2011-03-21 16:06 269312 ----a-w- c:\windows\system32\es.dll
2011-03-21 16:04 . 2011-03-21 16:04 36864 ----a-w- c:\windows\system32\drivers\en-US\http.sys.mui
2011-03-18 09:17 . 2011-03-18 09:17 97800 ----a-w- c:\windows\system32\infocardapi.dll
2011-03-18 09:17 . 2011-03-18 09:17 622080 ----a-w- c:\windows\system32\icardagt.exe
2011-03-18 09:17 . 2011-03-18 09:17 37384 ----a-w- c:\windows\system32\infocardcpl.cpl
2011-03-18 09:17 . 2011-03-18 09:17 11264 ----a-w- c:\windows\system32\icardres.dll
2011-03-18 09:16 . 2011-03-18 09:16 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2011-03-18 09:16 . 2011-03-18 09:16 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2011-03-18 01:52 . 2011-03-18 01:52 23552 ----a-w- c:\windows\system32\lpk.dll
2011-03-18 01:52 . 2011-03-18 01:52 10240 ----a-w- c:\windows\system32\dciman32.dll
2011-03-18 01:49 . 2011-03-18 01:49 72704 ----a-w- c:\windows\system32\admparse.dll
2011-03-18 01:49 . 2011-03-18 01:49 48128 ----a-w- c:\windows\system32\mshtmler.dll
2011-03-18 01:47 . 2011-03-18 01:47 61440 ----a-w- c:\windows\system32\winipsec.dll
2011-03-18 01:47 . 2011-03-18 01:47 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL
2011-03-18 01:47 . 2011-03-18 01:47 28672 ----a-w- c:\windows\system32\FwRemoteSvr.dll
2011-03-18 01:47 . 2011-03-18 01:47 272896 ----a-w- c:\windows\system32\polstore.dll
2011-03-18 01:43 . 2011-03-18 01:43 94720 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2011-03-18 01:43 . 2011-03-18 01:43 241152 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2011-03-18 01:43 . 2011-03-18 01:43 160768 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2011-03-18 01:42 . 2011-03-18 01:42 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2011-03-18 01:42 . 2011-03-18 01:42 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2011-03-18 01:42 . 2011-03-18 01:42 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2011-03-18 01:42 . 2011-03-18 01:42 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2011-03-18 01:42 . 2011-03-18 01:42 19968 ----a-w- c:\windows\system32\ARP.EXE
2011-03-18 01:42 . 2011-03-18 01:42 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2011-03-18 01:42 . 2011-03-18 01:42 104960 ----a-w- c:\windows\system32\netiohlp.dll
2011-03-18 01:42 . 2011-03-18 01:42 10240 ----a-w- c:\windows\system32\finger.exe
2011-03-18 01:38 . 2011-03-18 01:38 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2011-03-18 01:38 . 2011-03-18 01:38 68096 ----a-w- c:\windows\system32\wlanhlp.dll
2011-03-18 01:38 . 2011-03-18 01:38 64512 ----a-w- c:\windows\system32\wlanapi.dll
2011-03-18 01:38 . 2011-03-18 01:38 513024 ----a-w- c:\windows\system32\wlansvc.dll
2011-03-18 01:38 . 2011-03-18 01:38 302592 ----a-w- c:\windows\system32\wlansec.dll
2011-03-18 01:38 . 2011-03-18 01:38 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2011-03-18 01:38 . 2011-03-18 01:38 15181 ----a-w- c:\windows\system32\gatherWirelessInfo.vbs
2011-03-18 01:36 . 2011-03-18 01:36 2048 ----a-w- c:\windows\system32\msxml3r.dll
2011-03-18 01:36 . 2011-03-18 01:36 2048 ----a-w- c:\windows\system32\msxml6r.dll
2011-03-18 01:36 . 2011-03-18 01:36 1399296 ----a-w- c:\windows\system32\msxml6.dll
2011-03-18 01:35 . 2011-03-18 01:35 213504 ----a-w- c:\windows\system32\msv1_0.dll
2011-03-18 01:32 . 2011-03-18 01:32 2868224 ----a-w- c:\windows\system32\mf.dll
2011-03-18 01:32 . 2011-03-18 01:32 98816 ----a-w- c:\windows\system32\mfps.dll
2011-03-18 01:32 . 2011-03-18 01:32 53248 ----a-w- c:\windows\system32\rrinstaller.exe
2011-03-18 01:32 . 2011-03-18 01:32 24576 ----a-w- c:\windows\system32\mfpmp.exe
2011-03-18 01:32 . 2011-03-18 01:32 2048 ----a-w- c:\windows\system32\mferror.dll
2011-03-18 01:26 . 2011-03-18 01:26 71680 ----a-w- c:\windows\system32\atl.dll
2011-03-18 01:25 . 2011-03-18 01:25 296960 ----a-w- c:\windows\system32\gdi32.dll
2011-03-18 01:20 . 2011-03-18 01:20 562176 ----a-w- c:\windows\system32\msdtcprx.dll
2011-03-18 01:20 . 2011-03-18 01:20 38912 ----a-w- c:\windows\system32\xolehlp.dll
2011-03-18 01:19 . 2011-03-18 01:19 160256 ----a-w- c:\windows\system32\wkssvc.dll
2011-03-18 01:18 . 2011-03-18 01:18 136192 ----a-w- c:\windows\system32\aaclient.dll
2011-03-18 01:18 . 2011-03-18 01:18 53248 ----a-w- c:\windows\system32\tsgqec.dll
2011-03-18 01:16 . 2011-03-18 01:16 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2011-03-18 01:14 . 2011-03-18 01:14 714240 ----a-w- c:\windows\system32\timedate.cpl
2011-03-18 01:06 . 2011-03-18 01:06 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax
2011-03-18 01:06 . 2011-03-18 01:06 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2011-03-18 01:02 . 2011-03-18 01:02 636928 ----a-w- c:\windows\system32\localspl.dll
2011-03-18 00:59 . 2011-03-18 00:59 2927104 ----a-w- c:\windows\explorer.exe
2011-03-18 00:56 . 2011-03-18 00:56 9728 ----a-w- c:\windows\system32\lsass.exe
2011-03-18 00:56 . 2011-03-18 00:56 72704 ----a-w- c:\windows\system32\secur32.dll
2011-03-18 00:56 . 2011-03-18 00:56 499712 ----a-w- c:\windows\system32\kerberos.dll
2011-03-18 00:56 . 2011-03-18 00:56 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2011-03-18 00:56 . 2011-03-18 00:56 175104 ----a-w- c:\windows\system32\wdigest.dll
2011-03-18 00:56 . 2011-03-18 00:56 1256448 ----a-w- c:\windows\system32\lsasrv.dll
2011-03-18 00:53 . 2011-03-18 00:53 1808896 ----a-w- c:\windows\system32\NlsLexicons0046.dll
2011-03-18 00:53 . 2011-03-18 00:53 1793536 ----a-w- c:\windows\system32\NlsLexicons0045.dll
2011-03-18 00:53 . 2011-03-18 00:53 1558016 ----a-w- c:\windows\system32\NlsLexicons0049.dll
2011-03-18 00:53 . 2011-03-18 00:53 1411072 ----a-w- c:\windows\system32\NlsLexicons0047.dll
2011-03-18 00:53 . 2011-03-18 00:53 1236992 ----a-w- c:\windows\system32\NlsLexicons0020.dll
2011-03-18 00:53 . 2011-03-18 00:53 5499904 ----a-w- c:\windows\system32\NlsLexicons0022.dll
2011-03-18 00:53 . 2011-03-18 00:53 2136064 ----a-w- c:\windows\system32\NlsLexicons0021.dll
2011-03-18 00:53 . 2011-03-18 00:53 1782272 ----a-w- c:\windows\system32\NlsLexicons0039.dll
2011-03-18 00:53 . 2011-03-18 00:53 7964672 ----a-w- c:\windows\system32\NlsLexicons0024.dll
2011-03-18 00:53 . 2011-03-18 00:53 5791232 ----a-w- c:\windows\system32\NlsLexicons0026.dll
2011-03-18 00:53 . 2011-03-18 00:53 6224896 ----a-w- c:\windows\system32\NlsLexicons0027.dll
2011-03-18 00:53 . 2011-03-18 00:53 4175872 ----a-w- c:\windows\system32\NlsLexicons0010.dll
2011-03-18 00:53 . 2011-03-18 00:53 2466816 ----a-w- c:\windows\system32\NlsLexicons0011.dll
2011-03-18 00:53 . 2011-03-18 00:53 4981248 ----a-w- c:\windows\system32\NlsLexicons0013.dll
2011-03-18 00:53 . 2011-03-18 00:53 3331072 ----a-w- c:\windows\system32\NlsLexicons0018.dll
2011-03-18 00:53 . 2011-03-18 00:53 6781440 ----a-w- c:\windows\system32\NlsLexicons0019.dll
2011-03-18 00:53 . 2011-03-18 00:53 11722752 ----a-w- c:\windows\system32\NlsLexicons0001.dll
2011-03-18 00:53 . 2011-03-18 00:53 4164096 ----a-w- c:\windows\system32\NlsLexicons0002.dll
2011-03-18 00:53 . 2011-03-18 00:53 1452544 ----a-w- c:\windows\system32\NlsLexicons0003.dll
2011-03-18 00:53 . 2011-03-18 00:53 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2011-03-18 00:53 . 2011-03-18 00:53 3419136 ----a-w- c:\windows\system32\NlsLexicons004a.dll
2011-03-18 00:53 . 2011-03-18 00:53 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2011-03-18 00:53 . 2011-03-18 00:53 1702912 ----a-w- c:\windows\system32\NlsLexicons004b.dll
2011-03-18 00:53 . 2011-03-18 00:53 4096 ----a-w- c:\windows\system32\NlsLexicons002a.dll
2011-03-18 00:53 . 2011-03-18 00:53 4093440 ----a-w- c:\windows\system32\NlsLexicons004c.dll
2011-03-18 00:53 . 2011-03-18 00:53 4045824 ----a-w- c:\windows\system32\NlsLexicons003e.dll
2011-03-18 00:53 . 2011-03-18 00:53 1972736 ----a-w- c:\windows\system32\NlsLexicons004e.dll
2011-03-18 00:53 . 2011-03-18 00:53 6585856 ----a-w- c:\windows\system32\NlsLexicons001b.dll
2011-03-18 00:53 . 2011-03-18 00:53 6014976 ----a-w- c:\windows\system32\NlsLexicons001a.dll
2011-03-18 00:53 . 2011-03-18 00:53 6346240 ----a-w- c:\windows\system32\NlsLexicons001d.dll
2011-03-18 00:53 . 2011-03-18 00:53 9892864 ----a-w- c:\windows\system32\NlsLexicons000a.dll
2011-03-18 00:53 . 2011-03-18 00:53 6237696 ----a-w- c:\windows\system32\NlsLexicons000c.dll
2011-03-18 00:53 . 2011-03-18 00:53 1722368 ----a-w- c:\windows\system32\NlsLexicons000d.dll
2011-03-18 00:53 . 2011-03-18 00:53 5654528 ----a-w- c:\windows\system32\NlsLexicons000f.dll
2011-03-18 00:53 . 2011-03-18 00:53 4616192 ----a-w- c:\windows\system32\NlsLexicons0414.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-04-23 4435968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 CapFilt;CapFilt; [x]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S2 ASRservice;ASRservice;c:\program files\IObit\Advanced Spyware Remover\ASRsrv.exe [2009-12-10 697104]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2009-05-19 21520]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2007-02-08 179712]
.
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://yahoo.com/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\laptop\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\laptop\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-trsin24pob.exe - c:\users\laptop\AppData\Roaming\225B5082EC31EE454413538895195CF0\trsin24pob.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-10 18:51
Windows 6.0.6001 Service Pack 1 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3996626569-1508135729-66935545-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*)đ]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-3996626569-1508135729-66935545-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*)đ\OpenWithList]
@Class="Shell"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
Completion time: 2011-05-10 18:56:09
ComboFix-quarantined-files.txt 2011-05-11 01:56
.
Pre-Run: 5,900,972,032 bytes free
Post-Run: 7,274,606,592 bytes free
.
- - End Of File - - AC144D4493EA2FA40EF86D53768B6976

#9 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:06:39 AM

Posted 11 May 2011 - 01:27 PM

Hi!

Once changing the passwords for any banking accounts should I be o.k.? Or would you recommend that I use another computer for anything to do with banking?

This is a tough question for me to answer, as I don't really know what damage was done by the infection before I started working with you. I'd love to be able to tell you that you would be okay using this computer after changing the passwords on it for your banking, but I'm going to recommend you use another computer that has not been infected to do your banking.

If you'd like to use this computer for banking again, I'd suggest reformatting and re-install which would ensure you were starting with a fresh system with no infections.

Please let me know if you'd still like to proceed with cleaning this computer.

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#10 L A Slim

L A Slim
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:06:39 AM

Posted 11 May 2011 - 01:49 PM

Yes, I'd still like to continue cleaning this computer. Also I'd like to note that I can't find my calculator on here anymore and system restore.

Thanks,

#11 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:06:39 AM

Posted 11 May 2011 - 02:19 PM

Hi!

ComboFix Script
  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below.
  • They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
Copy/paste the text inside the Codebox below into notepad:

Here's how to do that:
Click Start > Run type Notepad click OK.
This will open an empty notepad file:

Copy all the text inside of the code box - Press Ctrl+C (or right click on the highlighted section and choose 'copy')

KillAll::
File::
C:\uxdirpow.sys
DirLook::
c:\users\laptop\AppData\Roaming\Bc
c:\windows\system32\x64
Driver::
CapFilt

Now paste the copied text into the open notepad - press CTRL+V (or right click and choose 'paste')

Save this file to your desktop, Save this as "CFScript"


Here's how to do that:

1.Click File;
2.Click Save As... Change the directory to your desktop;
3.Change the Save as type to "All Files";
4.Type in the file name: CFScript
5.Click Save ...

Posted Image
  • Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
  • ComboFix will now run a scan on your system. If ComboFix prompts you to update to the newest version, please allow it to do so. It may reboot your system when it finishes. This is normal.
  • When finished, it shall produce a log for you.
  • Copy and paste the contents of the log in your next reply.

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.



NEXT:



Scanning with MalwareBytes' Anti-Malware

Please download Malwarebytes' Anti-Malware (v1.50) and save it to your desktop.
Download Link 1
Download Link 2Malwarebytes' may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes' when done.
Note: If Malwarebytes' encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes' from removing all the malware.



NEXT:



ESET Online Scanner
I'd like us to scan your machine with ESET Online Scan

Note: It is recommended to disable on-board anti-virus program and anti-spyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your anti-virus along with your anti-spyware programs.



  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Check Posted Image
  • Make sure that the option "Remove found threats" is Unchecked
  • When the Computer scan settings display shows, click the Advanced option, the place a check next to the following (if it is not already checked):
    • Enable Anti-Stealth technology
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin
    scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as
    ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NEXT:



Security Check
Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#12 L A Slim

L A Slim
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:06:39 AM

Posted 12 May 2011 - 04:07 AM

Hi again, I was unable to pull up a ComboFix scan as the cursor just hanged. This was after several tries and the longest I waited was 45-60 minutes. Figures the results should have popped up. Here are the others though. Please note I'm still unable to pull up any accessories such as Calculator and Paint,etc. Also games are missing.

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6557

Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

5/12/2011 12:17:23 AM
mbam-log-2011-05-12 (00-17-23).txt

Scan type: Quick scan
Objects scanned: 144969
Time elapsed: 4 minute(s), 26 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\laptop\AppData\Roaming\Bc\pl1.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\laptop\AppData\Roaming\Bc\svhst.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\Program Files\Lenovo\EnergyCut\EnergyKor.chm probably a variant of Win32/Agent.CIJSTIF trojan
C:\Qoobox\Quarantine\C\ProgramData\40427272.exe.vir a variant of Win32/Kryptik.NGB trojan
C:\Qoobox\Quarantine\C\ProgramData\GDxGGDhgGbAFl.exe.vir a variant of Win32/Kryptik.NGB trojan
C:\Qoobox\Quarantine\C\Users\laptop\AppData\Roaming\225B5082EC31EE454413538895195CF0\enemies-names.txt.vir Win32/Adware.AntimalwareDoctor.AE.Gen application
C:\Qoobox\Quarantine\C\Users\laptop\AppData\Roaming\225B5082EC31EE454413538895195CF0\local.ini.vir Win32/Adware.AntimalwareDoctor.AE.Gen application
C:\Qoobox\Quarantine\C\Users\laptop\AppData\Roaming\225B5082EC31EE454413538895195CF0\trsin24pob.exe.vir a variant of Win32/Kryptik.MNT trojan
D:\Users\michael\Downloads\GrabIt Downloads\Rick James - 17 (Single Version).mp3.rar Win32/TrojanDownloader.Delf.OXE trojan

#13 L A Slim

L A Slim
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:06:39 AM

Posted 12 May 2011 - 04:11 AM

Results of screen317's Security Check version 0.99.10
Windows Vista Service Pack 1 (UAC is disabled!)
Out of date service pack!!
Internet Explorer 7 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
ESET Online Scanner v3
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware
Java™ 6 Update 24
Adobe Flash Player
Adobe Reader 8
Out of date Adobe Reader installed!
````````````````````````````````
Process Check:
objlist.exe by Laurent

Malwarebytes' Anti-Malware mbam.exe
windows defender MpCmdRun.exe
``````````End of Log````````````

#14 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:06:39 AM

Posted 12 May 2011 - 12:30 PM

Hi!

Thanks for the information on ComboFix not working for you. We will do what we need to do a different way.

The instructions in this post may seem slightly longer than normal, but a lot of it is for updating files to the latest version. Please take your time running through the instructions in this post, and let me know if you have any questions or experience any issues.

These items below are currently in quarantine and will be dealt with once we clean-up our tools later.

C:\Qoobox\Quarantine\C\ProgramData\40427272.exe.vir a variant of Win32/Kryptik.NGB trojan
C:\Qoobox\Quarantine\C\ProgramData\GDxGGDhgGbAFl.exe.vir a variant of Win32/Kryptik.NGB trojan
C:\Qoobox\Quarantine\C\Users\laptop\AppData\Roaming\225B5082EC31EE454413538895195CF0\enemies-names.txt.vir Win32/Adware.AntimalwareDoctor.AE.Gen application
C:\Qoobox\Quarantine\C\Users\laptop\AppData\Roaming\225B5082EC31EE454413538895195CF0\local.ini.vir Win32/Adware.AntimalwareDoctor.AE.Gen application
C:\Qoobox\Quarantine\C\Users\laptop\AppData\Roaming\225B5082EC31EE454413538895195CF0\trsin24pob.exe.vir a variant of Win32/Kryptik.MNT trojan




VirusTotal File Scan
Please go to: VirusTotal
  • Posted Image
  • Click the Browse button and search for the following file: C:\Program Files\Lenovo\EnergyCut\EnergyKor.chm
  • Click Open
  • Then click Send File
  • Please be patient while the file is scanned.
  • Once the scan results appear, please provide them in your next reply.
If it says already scanned -- click "reanalyze now"

Please post the results in your next reply




NEXT:



Update Adobe Reader
Earlier versions of Adobe Reader have known security flaws so it is recommended that you update your copy
  • Go to Start > Control Panel > Add/Remove Programs
  • Remove ALL instances of Adobe Reader
  • Re-boot your computer as required.
  • Once ALL versions of Adobe Reader have been uninstalled, visit: <<here>> and download the latest version of Adobe Reader
Alternative Option: after uninstalling Adobe Reader, you could try installing Foxit Reader from >here< Foxit Reader has fewer add-ons therefore loads more quickly.



NEXT:



Java Outdated
Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 6 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform.
    • 32-bit Select: Windows x86 Offline.
    • 64-bit Select: Windows x64.
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u25-windows-i586.exe to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.
-- Starting with Java 6u10, the uninstaller incorporated in each new release uses Enhanced Auto update to automatically remove the previous version when updating to a later update release. It will not remove older versions, so they will need to be removed manually.
-- Java is updated frequently. If you want to be automatically notified of future updates, just turn on the Java Automatic Update feature and you will not have to remember to update when Java releases a new version.


Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.


NEXT



OTL Fix

We need to run an OTL Fix
  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.
    :Services
    :OTL
    
    :Reg
    
    :Files
    c:\users\laptop\AppData\Roaming\Bc
    C:\uxdirpow.sys
    D:\Users\michael\Downloads\GrabIt Downloads\Rick James - 17 (Single Version).mp3.rar
    ipconfig /flushdns /c
    dir /s /a "c:\windows\system32\x64" /c
    :Commands
    [purity]
    [resethosts]
    [CreateRestorePoint]
    [emptytemp]
    [EMPTYFLASH]
    
  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click the OK button.
  • A report will open. Copy and Paste that report in your next reply.
  • If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date of the tool run.


NEXT:



Your computer is currently running with an outdated Service Pack installed. This is not something that I recommend you continue to do. Please visit this link here: http://support.microsoft.com/kb/935791#Method2 for information on how to obtain the latest Service Pack for Vista. The latest service pack for Vista is currently Service Pack 2.


NEXT:



No Anti-Virus Present

Looking over your log it seems you don't have any evidence of an anti-virus software.

Anti-virus software are programs that detect cleans and erase harmful virus files on a computer
Web server or network.
Unchecked virus files can unintentionally be forwarded to others including trading partners and thereby spreading infection. Because new viruses regularly emerge anti-virus software should be updated frequently. Anti-virus software can scan the computer memory and disk drives for malicious code. They can alert the user if a virus is present and will clean delete (or quarantine) infected files or directories. Please download a free anti-virus software from one these excellent vendors
  • Avira AntiVir Personal - Free anti-virus software for Windows. Detects and removes more than 50000 viruses. Free support.
  • avast! 6 Home Edition - Anti-virus program for Windows. The home edition is freeware for noncommercial users.

It is strongly recommended that you run only one antivirus program at a time. Having more than one antivirus program active in memory uses additional resources and can result in program conflicts and false virus alerts. If you choose to install more than one antivirus program on your computer then only one of them should be active in memory at a time.


NEXT:



OTL Custom Scan

We need to run an OTL Custom Scan
  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.


    netsvcs
    drivers32
    hklm\software\clients\startmenuinternet|command /rs
    %USERPROFILE%\AppData\Local\Google\Chrome\User Data\*.* /s
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

  • Push the Posted Image button.
  • A report will open. Copy and Paste that report in your next reply.


NEXT:



What outstanding issues (if any) are you still experiencing with your computer?

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#15 L A Slim

L A Slim
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:06:39 AM

Posted 12 May 2011 - 03:08 PM

I'm missing a report. Think it was the first one. Issues now that I still see are almost complete depletion of space on C drive and all the accessories(paint), system tools that I once had are missing. Oh yeah, and can't forget the preinstalled games. All are missing and I used them all the time. Can't even find Word on here anymore even though I no it's still on here somewhere.

All processes killed
========== SERVICES/DRIVERS ==========
========== OTL ==========
========== REGISTRY ==========
========== FILES ==========
c:\users\laptop\AppData\Roaming\Bc folder moved successfully.
File\Folder C:\uxdirpow.sys not found.
D:\Users\michael\Downloads\GrabIt Downloads\Rick James - 17 (Single Version).mp3.rar moved successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\laptop\Desktop\cmd.bat deleted successfully.
C:\Users\laptop\Desktop\cmd.txt deleted successfully.
< dir /s /a "c:\windows\system32\x64" /c >
Volume in drive C has no label.
Volume Serial Number is 7063-9D12
Directory of c:\windows\system32\x64
04/26/2011 09:26 PM <DIR> .
04/26/2011 09:26 PM <DIR> ..
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
2 Dir(s) 5,103,214,592 bytes free
C:\Users\laptop\Desktop\cmd.bat deleted successfully.
C:\Users\laptop\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully


[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56466 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: laptop
->Temp folder emptied: 4442577 bytes
->Temporary Internet Files folder emptied: 83993389 bytes
->Java cache emptied: 3547530 bytes
->Flash cache emptied: 48604 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1254 bytes
RecycleBin emptied: 145184 bytes

Total Files Cleaned = 88.00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: laptop
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.22.3 log created on 05122011_115456

Files\Folders moved on Reboot...
File\Folder C:\Users\laptop\AppData\Local\Temp\flaF363.tmp not found!
C:\Users\laptop\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OJMRLZGX\page__p__2233003[1].htm moved successfully.
C:\Users\laptop\AppData\Local\Microsoft\Windows\Temporary Internet Files\AntiPhishing\A0AB7674-8D67-4F4D-B5E1-96FAEADFB79D.dat moved successfully.

Registry entries deleted on Reboot...


OTL logfile created on: 5/12/2011 12:57:13 PM - Run 3
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\laptop\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,014.00 Mb Total Physical Memory | 324.00 Mb Available Physical Memory | 32.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 52.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 29.30 Gb Total Space | 4.36 Gb Free Space | 14.87% Space Free | Partition Type: NTFS
Drive D: | 105.94 Gb Total Space | 89.16 Gb Free Space | 84.16% Space Free | Partition Type: NTFS

Computer Name: LAPTOP-PC | User Name: laptop | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/10 16:59:27 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\laptop\Desktop\OTL.exe
PRC - [2011/03/28 16:15:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011/03/28 16:15:40 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/03/28 16:15:30 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/03/28 16:15:29 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011/03/17 17:59:00 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/12/10 12:34:26 | 000,697,104 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced Spyware Remover\ASRsrv.exe
PRC - [2007/04/23 00:51:44 | 004,435,968 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe


========== Modules (SafeList) ==========

MOD - [2011/05/10 16:59:27 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\laptop\Desktop\OTL.exe
MOD - [2010/08/31 08:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/03/28 16:15:40 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/03/28 16:15:30 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/12/10 12:34:26 | 000,697,104 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced Spyware Remover\ASRsrv.exe -- (ASRservice)
SRV - [2008/01/19 00:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2011/04/01 17:07:59 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/04/01 17:07:59 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/06/17 15:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/10/26 15:09:06 | 001,095,936 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2009/05/19 05:43:08 | 000,021,520 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV - [2007/08/02 01:46:24 | 000,156,672 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/06/20 13:51:30 | 002,222,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel®
DRV - [2007/03/21 19:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/02/24 11:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/01/23 13:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/12/28 13:20:40 | 009,599,744 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2006/11/02 00:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel®


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========



[2011/04/19 14:15:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\laptop\AppData\Roaming\Mozilla\Extensions
[2011/04/19 14:15:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\laptop\AppData\Roaming\Mozilla\Extensions\uploadr@flickr.com

O1 HOSTS File: ([2011/05/12 11:55:01 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 157
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Free YouTube Download - C:\Users\laptop\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\laptop\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: Password Administration Box - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - File not found
O9 - Extra 'Tools' menuitem : Password Administration Box - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - File not found
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos-beta/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.clmp3enc - C:\Program Files\Lenovo\Power2Go\CLMP3Enc.ACM (CyberLink Corp.)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: wave1 - C:\Windows\System32\serwvdrv.dll (Microsoft Corporation)

========== Files/Folders - Created Within 30 Days ==========

[2011/05/12 12:49:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011/05/12 12:49:13 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2011/05/12 12:49:12 | 000,137,656 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011/05/12 12:49:12 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011/05/12 12:49:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011/05/12 12:49:07 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011/05/12 11:54:56 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/05/12 11:40:53 | 000,000,000 | ---D | C] -- C:\Program Files\Sun
[2011/05/12 11:36:47 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011/05/12 11:20:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011/05/12 11:17:59 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011/05/12 11:17:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2011/05/12 07:58:47 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011/05/12 00:27:48 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/05/12 00:04:44 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2011/05/12 00:03:00 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/05/12 00:03:00 | 000,000,000 | ---D | C] -- C:\Users\laptop\AppData\Local\temp
[2011/05/11 23:52:28 | 000,000,000 | ---D | C] -- C:\ComboFix
[2011/05/11 23:49:38 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2011/05/11 15:09:49 | 000,000,000 | ---D | C] -- C:\Users\laptop\AppData\Roaming\Malwarebytes
[2011/05/11 15:09:13 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/05/11 15:09:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/11 15:09:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/05/11 15:09:09 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/05/11 15:09:09 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/11 15:08:37 | 007,734,240 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\laptop\Desktop\mbam-setup.exe
[2011/05/11 13:09:20 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\COMODO
[2011/05/11 01:22:19 | 000,000,000 | ---D | C] -- C:\Users\laptop\Desktop\porno8tracks
[2011/05/10 21:20:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Traction Software
[2011/05/10 21:20:58 | 000,000,000 | ---D | C] -- C:\Program Files\Traction Software
[2011/05/10 21:18:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeerBlock
[2011/05/10 21:18:27 | 000,000,000 | ---D | C] -- C:\Program Files\PeerBlock
[2011/05/10 20:52:21 | 000,000,000 | ---D | C] -- C:\Users\laptop\AppData\Roaming\dvdcss
[2011/05/10 19:11:12 | 000,000,000 | ---D | C] -- C:\Users\laptop\Desktop\tdsskiller
[2011/05/10 17:27:06 | 000,000,000 | -H-D | C] -- C:\Windows\PIF
[2011/05/10 16:59:25 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\laptop\Desktop\OTL.exe
[2011/05/10 14:14:54 | 000,000,000 | ---D | C] -- C:\Boot
[2011/05/03 23:24:10 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2011/05/03 23:23:49 | 000,000,000 | ---D | C] -- C:\Users\laptop\AppData\Local\Google
[2011/05/02 12:20:16 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/05/02 12:20:16 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/05/02 12:20:16 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/05/02 12:20:05 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/05/02 12:19:55 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/05/02 11:12:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft
[2011/05/02 11:11:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Spyware Remover
[2011/05/02 11:11:01 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2011/05/02 11:10:59 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2011/04/30 03:04:52 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2011/04/28 13:28:21 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2011/04/26 22:56:26 | 000,000,000 | ---D | C] -- C:\PerfLogs
[2011/04/26 21:30:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2011/04/26 21:26:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\x64
[2011/04/23 09:22:10 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/04/19 14:14:59 | 000,000,000 | ---D | C] -- C:\Users\laptop\AppData\Roaming\Mozilla
[2011/04/19 14:14:58 | 000,000,000 | ---D | C] -- C:\Users\laptop\AppData\Roaming\Flickr
[2011/04/19 14:14:58 | 000,000,000 | ---D | C] -- C:\Users\laptop\AppData\Local\Flickr
[2007/09/25 08:10:06 | 000,098,304 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll
[2007/09/25 08:10:05 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll

========== Files - Modified Within 30 Days ==========

[2011/05/12 12:49:39 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011/05/12 12:41:27 | 052,676,424 | ---- | M] () -- C:\Users\laptop\Desktop\avira_antivir_personal_en.exe
[2011/05/12 12:34:10 | 000,000,943 | ---- | M] () -- C:\Users\laptop\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/05/12 12:32:51 | 000,003,168 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/12 12:32:51 | 000,003,168 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/12 12:32:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/12 11:55:01 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2011/05/12 11:25:55 | 080,381,720 | ---- | M] () -- C:\Users\laptop\Desktop\jdk-6u25-windows-i586.exe
[2011/05/12 11:21:28 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/05/12 02:42:48 | 011,128,832 | ---- | M] () -- C:\Users\laptop\Desktop\DJ_Schmolli_-_Wicked_Wedding.mp3
[2011/05/12 02:00:13 | 000,879,081 | ---- | M] () -- C:\Users\laptop\Desktop\SecurityCheck.exe
[2011/05/12 00:20:18 | 000,001,358 | ---- | M] () -- C:\Users\laptop\Desktop\mbam-log-2011-05-12 (00-17-23)x1 - Shortcut.lnk
[2011/05/11 23:49:27 | 004,346,463 | R--- | M] () -- C:\Users\laptop\Desktop\ComboFix.exe
[2011/05/11 15:09:13 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/11 15:08:42 | 007,734,240 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\laptop\Desktop\mbam-setup.exe
[2011/05/11 15:03:47 | 000,667,314 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/05/11 15:03:47 | 000,127,138 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/05/11 14:33:10 | 000,000,475 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2011/05/11 14:33:10 | 000,000,027 | ---- | M] () -- C:\Windows\BRPP2KA.INI
[2011/05/11 13:37:56 | 000,191,408 | ---- | M] () -- C:\Windows\System32\drivers\sfi.dat
[2011/05/11 01:04:13 | 089,126,324 | ---- | M] () -- C:\Users\laptop\Desktop\porno8tracks.zip
[2011/05/10 21:41:08 | 000,000,118 | ---- | M] () -- C:\Users\laptop\Desktop\wsm.asx
[2011/05/10 21:32:37 | 000,000,586 | ---- | M] () -- C:\Users\laptop\Desktop\autostitch.lnk
[2011/05/10 21:20:58 | 000,001,053 | ---- | M] () -- C:\Users\Public\Desktop\Screen Grab Pro.lnk
[2011/05/10 21:18:27 | 000,001,728 | ---- | M] () -- C:\Users\laptop\Desktop\PeerBlock.lnk
[2011/05/10 21:13:42 | 000,000,104 | ---- | M] () -- C:\Users\laptop\Desktop\Recycle Bin.lnk
[2011/05/10 21:11:39 | 000,000,828 | ---- | M] () -- C:\Users\laptop\Desktop\cdisplayex.lnk
[2011/05/10 21:09:51 | 000,000,797 | ---- | M] () -- C:\Users\laptop\Desktop\calibre - Shortcut.lnk
[2011/05/10 21:08:01 | 000,001,339 | ---- | M] () -- C:\Users\laptop\Desktop\FreeYouTubeToMP3Converter -.lnk
[2011/05/10 21:07:48 | 000,001,253 | ---- | M] () -- C:\Users\laptop\Desktop\FreeYouTubeDownload.lnk
[2011/05/10 21:05:29 | 000,000,804 | ---- | M] () -- C:\Users\laptop\Desktop\uTorrent.lnk
[2011/05/10 21:04:59 | 000,000,577 | ---- | M] () -- C:\Program Files\uTorrent - Shortcut.lnk
[2011/05/10 21:04:48 | 000,000,597 | ---- | M] () -- C:\Program Files\DVDVideoSoft - Shortcut.lnk
[2011/05/10 21:04:25 | 000,000,864 | ---- | M] () -- C:\Users\laptop\Desktop\FinePixViewer.lnk
[2011/05/10 20:59:41 | 000,000,752 | ---- | M] () -- C:\Users\laptop\Desktop\MOVIEMK.lnk
[2011/05/10 16:59:27 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\laptop\Desktop\OTL.exe
[2011/05/10 13:44:35 | 000,001,905 | ---- | M] () -- C:\Windows\diagwrn.xml
[2011/05/10 13:44:35 | 000,001,905 | ---- | M] () -- C:\Windows\diagerr.xml
[2011/05/10 13:00:15 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2011/05/09 11:42:16 | 000,035,328 | ---- | M] () -- C:\Users\laptop\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/03 13:41:02 | 007,414,116 | ---- | M] () -- C:\Users\laptop\Desktop\todays hike!.zip
[2011/05/03 00:50:36 | 000,000,000 | ---- | M] () -- C:\Users\laptop\defogger_reenable
[2011/05/02 00:49:50 | 000,000,680 | ---- | M] () -- C:\Users\laptop\AppData\Local\d3d9caps.dat
[2011/05/02 00:45:50 | 000,379,512 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/05/01 23:43:09 | 000,000,160 | ---- | M] () -- C:\ProgramData\~40427272r
[2011/05/01 23:43:09 | 000,000,136 | ---- | M] () -- C:\ProgramData\~40427272
[2011/05/01 23:39:45 | 000,000,344 | ---- | M] () -- C:\ProgramData\40427272
[2011/04/27 13:56:28 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2011/04/26 22:14:39 | 000,101,888 | ---- | M] (Infineon Technologies AG) -- C:\Windows\System32\ifxcardm.dll
[2011/04/26 22:14:19 | 000,082,432 | ---- | M] (Gemalto, Inc.) -- C:\Windows\System32\axaltocm.dll
[2011/04/17 15:00:19 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf

========== Files Created - No Company Name ==========

[2011/05/12 12:49:39 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011/05/12 12:41:32 | 052,676,424 | ---- | C] () -- C:\Users\laptop\Desktop\avira_antivir_personal_en.exe
[2011/05/12 12:34:10 | 000,000,943 | ---- | C] () -- C:\Users\laptop\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/05/12 12:23:46 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011/05/12 11:25:56 | 080,381,720 | ---- | C] () -- C:\Users\laptop\Desktop\jdk-6u25-windows-i586.exe
[2011/05/12 11:21:28 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/05/12 11:21:28 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011/05/12 02:42:48 | 011,128,832 | ---- | C] () -- C:\Users\laptop\Desktop\DJ_Schmolli_-_Wicked_Wedding.mp3
[2011/05/12 02:00:10 | 000,879,081 | ---- | C] () -- C:\Users\laptop\Desktop\SecurityCheck.exe
[2011/05/12 00:20:18 | 000,001,358 | ---- | C] () -- C:\Users\laptop\Desktop\mbam-log-2011-05-12 (00-17-23)x1 - Shortcut.lnk
[2011/05/11 15:09:13 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/11 13:08:07 | 000,191,408 | ---- | C] () -- C:\Windows\System32\drivers\sfi.dat
[2011/05/11 01:04:13 | 089,126,324 | ---- | C] () -- C:\Users\laptop\Desktop\porno8tracks.zip
[2011/05/10 21:41:14 | 000,000,118 | ---- | C] () -- C:\Users\laptop\Desktop\wsm.asx
[2011/05/10 21:32:37 | 000,000,586 | ---- | C] () -- C:\Users\laptop\Desktop\autostitch.lnk
[2011/05/10 21:20:58 | 000,001,053 | ---- | C] () -- C:\Users\Public\Desktop\Screen Grab Pro.lnk
[2011/05/10 21:18:27 | 000,001,728 | ---- | C] () -- C:\Users\laptop\Desktop\PeerBlock.lnk
[2011/05/10 21:13:42 | 000,000,104 | ---- | C] () -- C:\Users\laptop\Desktop\Recycle Bin.lnk
[2011/05/10 21:11:39 | 000,000,828 | ---- | C] () -- C:\Users\laptop\Desktop\cdisplayex.lnk
[2011/05/10 21:09:51 | 000,000,797 | ---- | C] () -- C:\Users\laptop\Desktop\calibre - Shortcut.lnk
[2011/05/10 21:08:01 | 000,001,339 | ---- | C] () -- C:\Users\laptop\Desktop\FreeYouTubeToMP3Converter -.lnk
[2011/05/10 21:07:48 | 000,001,253 | ---- | C] () -- C:\Users\laptop\Desktop\FreeYouTubeDownload.lnk
[2011/05/10 21:05:29 | 000,000,804 | ---- | C] () -- C:\Users\laptop\Desktop\uTorrent.lnk
[2011/05/10 21:04:59 | 000,000,577 | ---- | C] () -- C:\Program Files\uTorrent - Shortcut.lnk
[2011/05/10 21:04:48 | 000,000,597 | ---- | C] () -- C:\Program Files\DVDVideoSoft - Shortcut.lnk
[2011/05/10 21:04:25 | 000,000,864 | ---- | C] () -- C:\Users\laptop\Desktop\FinePixViewer.lnk
[2011/05/10 20:59:41 | 000,000,752 | ---- | C] () -- C:\Users\laptop\Desktop\MOVIEMK.lnk
[2011/05/10 11:19:26 | 000,001,905 | ---- | C] () -- C:\Windows\diagwrn.xml
[2011/05/10 11:19:26 | 000,001,905 | ---- | C] () -- C:\Windows\diagerr.xml
[2011/05/03 13:41:09 | 007,414,116 | ---- | C] () -- C:\Users\laptop\Desktop\todays hike!.zip
[2011/05/03 00:50:36 | 000,000,000 | ---- | C] () -- C:\Users\laptop\defogger_reenable
[2011/05/02 12:20:16 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/05/02 12:20:16 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/05/02 12:20:16 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011/05/02 12:20:16 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/05/02 12:20:16 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/05/02 12:19:31 | 004,346,463 | R--- | C] () -- C:\Users\laptop\Desktop\ComboFix.exe
[2011/05/02 00:29:01 | 000,000,680 | ---- | C] () -- C:\Users\laptop\AppData\Local\d3d9caps.dat
[2011/05/01 23:39:54 | 000,000,160 | ---- | C] () -- C:\ProgramData\~40427272r
[2011/05/01 23:39:54 | 000,000,136 | ---- | C] () -- C:\ProgramData\~40427272
[2011/05/01 23:39:45 | 000,000,344 | ---- | C] () -- C:\ProgramData\40427272
[2011/04/30 03:00:59 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2011/04/30 03:00:59 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2011/04/30 03:00:59 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2011/04/28 13:43:23 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/04/28 13:43:23 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011/04/28 13:43:19 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2011/04/27 13:56:28 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2011/04/26 23:08:08 | 000,000,949 | ---- | C] () -- C:\Users\laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/04/18 00:13:44 | 000,206,830 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2011/04/18 00:13:15 | 000,132,148 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2011/04/18 00:12:31 | 000,175,508 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2011/04/18 00:12:16 | 000,289,467 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2011/04/18 00:12:11 | 000,261,163 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2011/04/18 00:11:56 | 000,080,047 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2011/04/18 00:10:59 | 000,009,987 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2011/04/18 00:10:36 | 000,012,198 | ---- | C] () -- C:\Windows\System32\gatherWiredInfo.vbs
[2011/04/18 00:10:35 | 000,144,909 | ---- | C] () -- C:\Windows\System32\fsmgmt.msc
[2011/04/18 00:10:33 | 000,000,150 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2011/04/18 00:10:29 | 000,145,455 | ---- | C] () -- C:\Windows\System32\perfmon.msc
[2011/04/18 00:10:29 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01007_Inbox_Critical.Wdf
[2011/03/21 13:00:41 | 000,035,328 | ---- | C] () -- C:\Users\laptop\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/17 16:30:44 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/03/17 12:51:18 | 000,000,475 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011/03/17 12:51:18 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2011/03/17 12:51:16 | 000,000,030 | ---- | C] () -- C:\Windows\System32\brss01a.ini
[2011/03/17 12:50:26 | 000,106,496 | ---- | C] () -- C:\Windows\System32\BrMuSNMP.dll
[2011/03/17 12:43:29 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf05a.dat
[2011/03/17 12:20:20 | 000,000,000 | ---- | C] () -- C:\Program Files\error.dat
[2008/02/11 19:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2008/02/11 19:34:48 | 002,215,364 | ---- | C] () -- C:\Windows\System32\igklg400.bin
[2008/02/11 19:34:48 | 001,971,732 | ---- | C] () -- C:\Windows\System32\igklg450.bin
[2008/02/11 19:34:48 | 000,029,932 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.bin
[2007/09/25 08:45:45 | 001,560,576 | ---- | C] () -- C:\Windows\System32\MainOp.dll
[2007/09/25 08:45:45 | 001,327,104 | ---- | C] () -- C:\Windows\System32\ImageReog.dll
[2007/09/25 08:45:45 | 000,622,592 | ---- | C] () -- C:\Windows\System32\PicNotify.dll
[2007/09/25 08:45:45 | 000,491,520 | ---- | C] () -- C:\Windows\System32\picn.dll
[2007/09/25 08:45:45 | 000,208,896 | ---- | C] () -- C:\Windows\System32\Image.dll
[2007/09/25 08:45:45 | 000,126,976 | ---- | C] () -- C:\Windows\System32\VideoOp.dll
[2007/09/25 08:45:45 | 000,094,208 | ---- | C] () -- C:\Windows\System32\Momo.dll
[2007/09/25 08:45:45 | 000,094,208 | ---- | C] () -- C:\Windows\System32\ApBlend.dll
[2007/09/25 08:45:45 | 000,049,152 | ---- | C] () -- C:\Windows\System32\DevFilt.dll
[2007/09/25 08:17:50 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2007/09/25 08:10:06 | 009,599,744 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2007/09/25 08:10:06 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2007/09/25 08:06:06 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat
[2007/09/25 08:06:06 | 000,000,143 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2007/07/17 23:33:25 | 000,910,464 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007/07/17 23:33:25 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1268.dll
[2006/11/02 05:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 05:47:37 | 000,379,512 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 05:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 03:33:01 | 000,667,314 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 03:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 03:33:01 | 000,127,138 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 03:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 03:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 01:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 01:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 00:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 00:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

========== LOP Check ==========

[2011/04/07 19:28:10 | 000,000,000 | ---D | M] -- C:\Users\laptop\AppData\Roaming\calibre
[2011/03/17 01:35:12 | 000,000,000 | ---D | M] -- C:\Users\laptop\AppData\Roaming\DVDVideoSoft
[2011/03/17 01:35:58 | 000,000,000 | ---D | M] -- C:\Users\laptop\AppData\Roaming\DVDVideoSoftIEHelpers
[2011/04/19 14:14:58 | 000,000,000 | ---D | M] -- C:\Users\laptop\AppData\Roaming\Flickr
[2011/03/21 12:58:46 | 000,000,000 | ---D | M] -- C:\Users\laptop\AppData\Roaming\FUJIFILM
[2011/05/06 10:53:27 | 000,000,000 | ---D | M] -- C:\Users\laptop\AppData\Roaming\GrabIt
[2011/03/18 01:49:40 | 000,000,000 | ---D | M] -- C:\Users\laptop\AppData\Roaming\uTorrent
[2011/05/12 12:30:53 | 000,032,646 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2010/12/17 21:48:23 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2010/12/17 21:48:23 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2010/12/17 21:48:23 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2010/12/17 23:28:35 | 000,638,232 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2010/12/17 23:28:35 | 000,638,232 | ---- | M] (Microsoft Corporation)

< %USERPROFILE%\AppData\Local\Google\Chrome\User Data\*.* /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-05-12 19:24:46

< >

< >

< >

< End of report >




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users