Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Find-Fast Answers problem


  • This topic is locked This topic is locked
19 replies to this topic

#1 smuckers

smuckers

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:28 AM

Posted 26 August 2011 - 06:20 AM

Recently I've had a problem with google redirecting some links to something called find fast answers search and other unrelated websites that what the link indicated. This would only happen every once in a while but it has been occurring more frequently this past week. I tried removing it with malwarebytes anti-malware but the problem still persists.

Thanks for the time and help.

Logs:
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_22
Run by Wesley at 2:26:47 on 2011-08-26
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7991.5273 [GMT -7:00]
.
AV: Trend Micro Titanium *Enabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Trend Micro Titanium *Enabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
C:\Windows\system32\conhost.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgent.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe
C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\taskhost.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
C:\Windows\System32\igfxtray.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\Java\jre6\bin\javaw.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\Wesley\Downloads\Defogger.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = my.daemon-search.com
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: TmIEPlugInBHO Class: {1ca1377b-dc1d-4a52-9585-6e06050fac53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1081\TmIEPlg32.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: TmBpIeBHO Class: {bbacbafd-fa5e-4079-8b33-00eb9f13d4ac} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
uRun: [Best Buy pc app] C:\Users\Wesley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot
mRun: [NACAgentUI] C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
StartupFolder: C:\Users\Wesley\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files (x86)\Dell\DellDock\DellDock.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
DPF: {4D2D3A17-9B46-483C-A5F4-1DC471080009} - hxxps://resnet-cca1-cpl.reshsg.uci.edu/auth/taweb.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
TCP: DhcpNameServer = 192.168.11.1
TCP: Interfaces\{699360FA-B447-42A2-8061-CB8E669FA764} : DhcpNameServer = 192.168.11.1
TCP: Interfaces\{699360FA-B447-42A2-8061-CB8E669FA764}\2375942554434313 : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{699360FA-B447-42A2-8061-CB8E669FA764}\45341405 : DhcpNameServer = 10.0.1.1
TCP: Interfaces\{699360FA-B447-42A2-8061-CB8E669FA764}\C696E6B6379737F5750535F563435353 : DhcpNameServer = 68.105.28.16 68.105.29.16
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1464\6.6.1081\TmIEPlg32.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: C:\ProgramData\mfc4232.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1081\TmIEPlg32.dll
BHO-X64: Trend Micro NSC BHO - No File
BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO-X64: Increase performance and video formats for your HTML5 <video> - No File
BHO-X64: DivX HiQ: {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO-X64: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Skype Plug-In: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
BHO-X64: TmBpIeBHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun-x64: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot
mRun-x64: [NACAgentUI] C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe
mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRunOnce-x64: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
mRunOnce-x64: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE-X64: {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} - C:\Users\Wesley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UBNet\UBNet.lnk
AppInit_DLLs-X64: C:\ProgramData\mfc4232.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Wesley\AppData\Roaming\Mozilla\Firefox\Profiles\es037tj2.default\
FF - prefs.js: browser.startup.homepage - yahoo.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?&q=
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll
FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(yahoo.homepage.dontask, true
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7};Power Control [2011/01/08 20:26:07];C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl [2011-1-8 146928]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-1-8 89600]
R2 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2011-4-10 256336]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-2-28 821664]
R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2010-9-28 606720]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-1-8 13336]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-8-17 366640]
R2 NACAgent;Cisco NAC Agent;C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgent.exe [2011-1-6 1104608]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-4-24 483688]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-1-8 705856]
R2 tmevtmgr;tmevtmgr;C:\Windows\system32\DRIVERS\tmevtmgr.sys --> C:\Windows\system32\DRIVERS\tmevtmgr.sys [?]
R2 Toolbar Updater Service;Toolbar Updater Service;C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe [2011-3-24 199904]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-1-8 2320920]
R2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [2010-9-28 911872]
R3 bpenum;bpenum;C:\Windows\system32\DRIVERS\bpenum.sys --> C:\Windows\system32\DRIVERS\bpenum.sys [?]
R3 bpmp;Intel® Centrino® WiMAX 6050 Series;C:\Windows\system32\DRIVERS\bpmp.sys --> C:\Windows\system32\DRIVERS\bpmp.sys [?]
R3 bpusb;bpusb;C:\Windows\system32\Drivers\bpusb.sys --> C:\Windows\system32\Drivers\bpusb.sys [?]
R3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETw5s64.sys --> C:\Windows\system32\DRIVERS\NETw5s64.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-4-24 209768]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-6-12 135664]
S3 Gun;Gun;C:\Game\SoftnyxGame\GunboundIS\Gun64.sys [2011-7-3 45176]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-6-12 135664]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-3-5 340240]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-2 126352]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S4 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe --> C:\Program Files\Dell\DellDock\DockLogin.exe [?]
S4 PNRPAutoReg32;PNRP Machine Name Publication Service ; [x]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2011-08-24 23:35:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-08-24 23:35:29 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-08-14 06:06:00 159232 ----a-w- C:\ProgramData\mfc4232.dll
2011-08-10 09:28:28 8898 --sha-w- C:\ProgramData\cngprovider32.dll
2011-08-10 08:28:25 8898 --sha-w- C:\ProgramData\KBDBU32.dll
2011-08-10 07:28:21 8898 --sha-w- C:\ProgramData\RpcDiag32.dll
2011-08-10 06:28:19 8898 --sha-w- C:\ProgramData\KBDROST32.dll
2011-08-10 05:28:18 8898 --sha-w- C:\ProgramData\stclient32.dll
2011-08-10 04:28:16 8898 --sha-w- C:\ProgramData\npmproxy32.dll
2011-08-10 03:27:05 8899 --sha-w- C:\ProgramData\qwave32.dll
2011-08-10 02:21:34 8899 --sha-w- C:\ProgramData\DWrite32.dll
2011-08-10 01:23:59 288768 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2011-08-09 12:44:42 8899 --sha-w- C:\ProgramData\WcnEapPeerProxy32.dll
2011-08-09 11:44:39 8899 --sha-w- C:\ProgramData\clusapi32.dll
2011-08-09 10:44:36 8899 --sha-w- C:\ProgramData\KBDHE31932.dll
2011-08-09 09:44:33 8899 --sha-w- C:\ProgramData\wmpeffects32.dll
2011-08-09 08:44:30 8899 --sha-w- C:\ProgramData\MSAC3ENC32.dll
2011-08-09 07:44:29 8899 --sha-w- C:\ProgramData\NlsData004932.dll
2011-08-09 06:44:27 8899 --sha-w- C:\ProgramData\SyncInfrastructureps32.dll
2011-08-09 05:44:23 8899 --sha-w- C:\ProgramData\KBDSL32.dll
2011-08-09 03:08:54 8899 --sha-w- C:\ProgramData\w32topl32.dll
2011-08-09 02:08:54 8899 --sha-w- C:\ProgramData\sendmail32.dll
2011-08-09 01:08:51 8899 --sha-w- C:\ProgramData\xactengine3_532.dll
2011-08-09 00:08:48 8899 --sha-w- C:\ProgramData\qasf32.dll
2011-08-08 08:06:42 8899 --sha-w- C:\ProgramData\KBDUZB32.dll
2011-08-08 07:06:38 8899 --sha-w- C:\ProgramData\odfox3232.dll
2011-08-08 06:06:35 8899 --sha-w- C:\ProgramData\odbccr3232.dll
2011-08-08 05:06:33 8899 --sha-w- C:\ProgramData\KBDFO32.dll
2011-08-08 04:06:30 8899 --sha-w- C:\ProgramData\secproc_ssp32.dll
2011-08-08 03:06:27 8899 --sha-w- C:\ProgramData\cmipnpinstall32.dll
2011-08-08 02:06:24 8899 --sha-w- C:\ProgramData\chtbrkr32.dll
2011-08-08 01:06:20 8899 --sha-w- C:\ProgramData\certCredProvider32.dll
2011-08-08 00:06:14 8899 --sha-w- C:\ProgramData\migisol32.dll
2011-08-07 23:06:13 8899 --sha-w- C:\ProgramData\NlsLexicons004932.dll
2011-08-07 12:39:16 8899 --sha-w- C:\ProgramData\msdelta32.dll
2011-08-07 11:39:10 8899 --sha-w- C:\ProgramData\mfcm10032.dll
2011-08-07 10:39:05 8899 --sha-w- C:\ProgramData\nlhtml32.dll
2011-08-07 07:48:30 8899 --sha-w- C:\ProgramData\sirenacm32.dll
2011-08-07 06:48:25 8899 --sha-w- C:\ProgramData\sfc_os32.dll
2011-08-07 02:38:53 8899 --sha-w- C:\ProgramData\WcnEapAuthProxy32.dll
2011-08-07 01:38:48 8899 --sha-w- C:\ProgramData\nlmgp32.dll
2011-08-07 00:38:43 8899 --sha-w- C:\ProgramData\KBDUR132.dll
2011-08-06 11:48:44 8898 --sha-w- C:\ProgramData\netevent32.dll
2011-08-06 10:48:41 8898 --sha-w- C:\ProgramData\atl10032.dll
2011-08-06 09:48:38 8898 --sha-w- C:\ProgramData\wmdrmsdk32.dll
2011-08-06 08:48:33 8898 --sha-w- C:\ProgramData\hlink32.dll
2011-08-06 03:24:08 8899 --sha-w- C:\ProgramData\dtsh32.dll
2011-08-06 02:24:02 8899 --sha-w- C:\ProgramData\asferror32.dll
2011-08-06 01:23:57 8899 --sha-w- C:\ProgramData\X3DAudio1_532.dll
2011-08-06 00:23:53 8899 --sha-w- C:\ProgramData\dhcpcsvc32.dll
2011-08-05 10:12:18 8898 --sha-w- C:\ProgramData\shsvcs32.dll
2011-08-05 09:12:17 8898 --sha-w- C:\ProgramData\avicap3232.dll
2011-08-05 08:10:49 8898 --sha-w- C:\ProgramData\SampleRes32.dll
2011-08-05 06:22:14 8898 --sha-w- C:\ProgramData\wmdrmnet32.dll
2011-08-05 05:22:07 8898 --sha-w- C:\ProgramData\xlivefnt32.dll
2011-08-05 04:22:02 8898 --sha-w- C:\ProgramData\NlsLexicons004532.dll
2011-08-05 03:21:59 8898 --sha-w- C:\ProgramData\mmci32.dll
2011-08-05 02:21:56 8898 --sha-w- C:\ProgramData\PresentationNative_v030032.dll
2011-08-05 01:21:52 8898 --sha-w- C:\ProgramData\oleaut3232.dll
2011-08-05 00:21:48 8898 --sha-w- C:\ProgramData\printui32.dll
2011-08-04 23:21:44 8898 --sha-w- C:\ProgramData\P2P32.dll
2011-08-04 12:50:52 8899 --sha-w- C:\ProgramData\EAPQEC32.dll
2011-08-04 04:48:29 8899 --sha-w- C:\ProgramData\osbaseln32.dll
2011-08-04 03:48:25 8899 --sha-w- C:\ProgramData\cryptsvc32.dll
2011-08-04 02:48:22 8899 --sha-w- C:\ProgramData\shfolder32.dll
2011-08-03 11:26:44 8899 --sha-w- C:\ProgramData\sqlwoa32.dll
2011-08-03 09:20:54 8899 --sha-w- C:\ProgramData\L2SecHC32.dll
2011-08-03 08:15:23 8899 --sha-w- C:\ProgramData\spp32.dll
2011-08-02 20:03:19 8899 --sha-w- C:\ProgramData\rastls32.dll
2011-08-02 11:32:34 8899 --sha-w- C:\ProgramData\NlsData004732.dll
2011-08-02 10:32:29 8899 --sha-w- C:\ProgramData\X3DAudio1_632.dll
2011-08-02 09:32:25 8899 --sha-w- C:\ProgramData\KBDNEPR32.dll
2011-08-02 08:32:19 8899 --sha-w- C:\ProgramData\prncache32.dll
2011-08-02 07:32:18 8899 --sha-w- C:\ProgramData\mssign3232.dll
2011-08-02 06:32:17 8899 --sha-w- C:\ProgramData\powercpl32.dll
2011-08-02 03:49:37 8899 --sha-w- C:\ProgramData\tsmf32.dll
2011-08-02 02:49:37 8899 --sha-w- C:\ProgramData\raschap32.dll
2011-08-02 01:49:35 8899 --sha-w- C:\ProgramData\dsuiext32.dll
2011-08-02 00:49:30 8899 --sha-w- C:\ProgramData\SensorsCpl32.dll
2011-08-01 07:54:11 8899 --sha-w- C:\ProgramData\ieaksie32.dll
2011-08-01 06:54:10 8899 --sha-w- C:\ProgramData\NlsData000d32.dll
2011-08-01 05:54:09 8899 --sha-w- C:\ProgramData\Wldap3232.dll
2011-08-01 03:09:47 8899 --sha-w- C:\ProgramData\miguiresource32.dll
2011-08-01 02:08:38 8899 --sha-w- C:\ProgramData\KBDUSL32.dll
2011-08-01 01:05:34 8899 --sha-w- C:\ProgramData\wshqos32.dll
2011-07-31 23:43:37 8899 --sha-w- C:\ProgramData\iassdo32.dll
2011-07-31 22:43:32 8899 --sha-w- C:\ProgramData\vbscript32.dll
2011-07-31 21:43:28 8899 --sha-w- C:\ProgramData\fontsub32.dll
2011-07-31 20:43:26 8899 --sha-w- C:\ProgramData\UIAutomationCore32.dll
2011-07-31 10:54:18 8899 --sha-w- C:\ProgramData\wshbth32.dll
2011-07-31 09:54:15 8899 --sha-w- C:\ProgramData\tdh32.dll
2011-07-31 08:54:10 8899 --sha-w- C:\ProgramData\adsldpc32.dll
2011-07-31 07:54:05 8899 --sha-w- C:\ProgramData\KBDLA32.dll
2011-07-31 05:41:06 8899 --sha-w- C:\ProgramData\iyuv_3232.dll
2011-07-31 04:06:17 8899 --sha-w- C:\ProgramData\perfnet32.dll
2011-07-30 14:17:33 8899 --sha-w- C:\ProgramData\NlsLexicons004732.dll
2011-07-30 13:17:32 8899 --sha-w- C:\ProgramData\FXSCOMEX32.dll
2011-07-30 11:59:44 8899 --sha-w- C:\ProgramData\iscsidsc32.dll
2011-07-30 10:59:43 8899 --sha-w- C:\ProgramData\fwcfg32.dll
2011-07-30 09:59:41 8899 --sha-w- C:\ProgramData\CSVer32.dll
2011-07-30 05:52:05 8899 --sha-w- C:\ProgramData\msdtcuiu32.dll
2011-07-30 04:52:04 8899 --sha-w- C:\ProgramData\netapi3232.dll
2011-07-30 03:52:03 8899 --sha-w- C:\ProgramData\XAudio2_332.dll
2011-07-30 02:52:02 8899 --sha-w- C:\ProgramData\mfc100enu32.dll
2011-07-30 01:52:00 8899 --sha-w- C:\ProgramData\CertEnrollUI32.dll
2011-07-30 00:51:57 8899 --sha-w- C:\ProgramData\XAudio2_232.dll
2011-07-29 23:51:55 8899 --sha-w- C:\ProgramData\iscsicpl32.dll
2011-07-29 08:00:12 8898 --sha-w- C:\ProgramData\idndl32.dll
2011-07-29 06:54:41 8898 --sha-w- C:\ProgramData\KBDTUF32.dll
2011-07-29 05:53:53 8898 --sha-w- C:\ProgramData\pdhui32.dll
2011-07-29 04:51:19 8898 --sha-w- C:\ProgramData\netjoin32.dll
2011-07-29 03:49:00 8898 --sha-w- C:\ProgramData\KBDINUK232.dll
2011-07-29 02:48:59 8898 --sha-w- C:\ProgramData\mapistub32.dll
2011-07-29 01:48:56 8898 --sha-w- C:\ProgramData\msmpeg2vdec32.dll
2011-07-29 00:48:53 8898 --sha-w- C:\ProgramData\DDORes32.dll
2011-07-28 23:48:51 8898 --sha-w- C:\ProgramData\KBDEST32.dll
2011-07-28 22:48:50 8898 --sha-w- C:\ProgramData\KBDMLT4732.dll
2011-07-28 21:48:49 8898 --sha-w- C:\ProgramData\pstorsvc32.dll
2011-07-28 20:48:48 8898 --sha-w- C:\ProgramData\xactengine2_832.dll
2011-07-28 10:28:09 8899 --sha-w- C:\ProgramData\rasctrs32.dll
2011-07-28 09:28:08 8899 --sha-w- C:\ProgramData\tpmcompc32.dll
2011-07-28 08:26:53 8899 --sha-w- C:\ProgramData\traffic32.dll
2011-07-28 07:22:33 8899 --sha-w- C:\ProgramData\CNHMCA32.dll
2011-07-28 06:21:53 8899 --sha-w- C:\ProgramData\tsgqec32.dll
2011-07-28 05:21:48 8899 --sha-w- C:\ProgramData\duser32.dll
2011-07-28 04:21:45 8899 --sha-w- C:\ProgramData\ocsetapi32.dll
2011-07-28 02:21:38 8899 --sha-w- C:\ProgramData\Faultrep32.dll
2011-07-28 01:21:37 8899 --sha-w- C:\ProgramData\TSpkg32.dll
2011-07-27 23:21:33 8899 --sha-w- C:\ProgramData\NlsData004e32.dll
2011-07-27 13:04:21 8898 --sha-w- C:\ProgramData\jsproxy32.dll
2011-07-27 12:04:20 8898 --sha-w- C:\ProgramData\amxread32.dll
2011-07-27 11:04:19 8898 --sha-w- C:\ProgramData\KBDHE22032.dll
2011-07-27 10:04:08 8898 --sha-w- C:\ProgramData\ir41_qcx32.dll
.
==================== Find3M ====================
.
2011-08-10 01:48:36 128512 ----a-w- C:\Windows\RegBootClean64.exe
2011-07-27 09:03:33 8898 --sha-w- C:\ProgramData\winusb32.dll
2011-07-27 08:03:11 8898 --sha-w- C:\ProgramData\d3dx10_4232.dll
2011-07-27 07:02:28 8898 --sha-w- C:\ProgramData\KBDMONMO32.dll
2011-07-27 06:02:12 8898 --sha-w- C:\ProgramData\CNC250U32.dll
2011-07-23 23:57:09 12800 ----a-w- C:\Windows\DCEBoot64.exe
2011-07-23 10:26:27 8896 --sha-w- C:\ProgramData\msisip32.dll
2011-07-23 09:24:04 8896 --sha-w- C:\ProgramData\NlsData002032.dll
2011-07-23 08:24:01 8896 --sha-w- C:\ProgramData\winrscmd32.dll
2011-07-23 07:23:58 8896 --sha-w- C:\ProgramData\cfgbkend32.dll
2011-07-23 06:23:55 8896 --sha-w- C:\ProgramData\powrprof32.dll
2011-07-23 05:23:52 8896 --sha-w- C:\ProgramData\taskcomp32.dll
2011-07-23 03:27:30 8896 --sha-w- C:\ProgramData\xlive32.dll
2011-07-23 02:27:28 8896 --sha-w- C:\ProgramData\dnsapi32.dll
2011-07-23 01:27:25 8896 --sha-w- C:\ProgramData\PhotoMetadataHandler32.dll
2011-07-23 00:27:21 8896 --sha-w- C:\ProgramData\wow3232.dll
2011-07-22 23:27:18 8896 --sha-w- C:\ProgramData\msimsg32.dll
2011-07-22 22:27:12 8896 --sha-w- C:\ProgramData\KBDCR32.dll
2011-07-22 11:41:07 8895 --sha-w- C:\ProgramData\pngfilt32.dll
2011-07-22 10:40:56 8895 --sha-w- C:\ProgramData\packager32.dll
2011-07-22 09:40:53 8895 --sha-w- C:\ProgramData\PortableDeviceTypes32.dll
2011-07-22 08:40:51 8895 --sha-w- C:\ProgramData\lz3232.dll
2011-07-22 07:40:47 8895 --sha-w- C:\ProgramData\msdtcVSp1res32.dll
2011-07-22 06:40:43 8895 --sha-w- C:\ProgramData\esent32.dll
2011-07-22 05:40:40 8895 --sha-w- C:\ProgramData\dhcpcmonitor32.dll
2011-07-22 05:22:26 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-07-22 04:54:18 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-07-22 04:40:37 8895 --sha-w- C:\ProgramData\chsbrkr32.dll
2011-07-22 03:40:35 8895 --sha-w- C:\ProgramData\KBDRU132.dll
2011-07-22 02:39:17 8895 --sha-w- C:\ProgramData\SmartcardCredentialProvider32.dll
2011-07-22 01:37:12 8895 --sha-w- C:\ProgramData\KBDUGHR32.dll
2011-07-22 00:35:35 8895 --sha-w- C:\ProgramData\mfc4032.dll
2011-07-21 10:57:36 8895 --sha-w- C:\ProgramData\resutils32.dll
2011-07-21 09:57:21 8895 --sha-w- C:\ProgramData\wintrust32.dll
2011-07-21 08:57:11 8895 --sha-w- C:\ProgramData\InkEd32.dll
2011-07-21 07:57:10 8895 --sha-w- C:\ProgramData\riched3232.dll
2011-07-21 06:57:08 8895 --sha-w- C:\ProgramData\d3dx9_2732.dll
2011-07-21 05:57:07 8895 --sha-w- C:\ProgramData\spwizeng32.dll
2011-07-21 04:57:06 8895 --sha-w- C:\ProgramData\rpchttp32.dll
2011-07-21 03:57:05 8895 --sha-w- C:\ProgramData\sqmapi32.dll
2011-07-21 02:57:04 8895 --sha-w- C:\ProgramData\netcenter32.dll
2011-07-21 00:57:02 8895 --sha-w- C:\ProgramData\dbnmpntw32.dll
2011-07-20 23:52:32 8895 --sha-w- C:\ProgramData\msnetobj32.dll
2011-07-19 03:09:35 8894 --sha-w- C:\ProgramData\capiprovider32.dll
2011-07-19 02:09:29 8894 --sha-w- C:\ProgramData\secproc_isv32.dll
2011-07-19 01:09:28 8894 --sha-w- C:\ProgramData\KBDINKAN32.dll
2011-07-19 00:09:27 8894 --sha-w- C:\ProgramData\wsecedit32.dll
2011-07-18 23:09:27 8894 --sha-w- C:\ProgramData\KBDDIV232.dll
2011-07-18 22:09:26 8894 --sha-w- C:\ProgramData\KBDUKX32.dll
2011-07-18 21:09:25 8894 --sha-w- C:\ProgramData\XPSSHHDR32.dll
2011-07-18 08:20:44 8894 --sha-w- C:\ProgramData\KBDLAO32.dll
2011-07-18 07:20:42 8894 --sha-w- C:\ProgramData\adsmsext32.dll
2011-07-18 06:20:41 8894 --sha-w- C:\ProgramData\ntvdm6432.dll
2011-07-18 05:20:37 8894 --sha-w- C:\ProgramData\btpanui32.dll
2011-07-18 04:17:58 8894 --sha-w- C:\ProgramData\colorui32.dll
2011-07-17 12:16:43 8896 --sha-w- C:\ProgramData\wsnmp3232.dll
2011-07-17 11:16:42 8896 --sha-w- C:\ProgramData\UserAccountControlSettings32.dll
2011-07-17 10:16:41 8896 --sha-w- C:\ProgramData\d3dcsx_4232.dll
2011-07-17 09:16:41 8896 --sha-w- C:\ProgramData\dmusic32.dll
2011-07-17 08:16:40 8896 --sha-w- C:\ProgramData\basecsp32.dll
2011-07-17 07:16:37 8896 --sha-w- C:\ProgramData\wshext32.dll
2011-07-17 06:16:37 8896 --sha-w- C:\ProgramData\KBDIBO32.dll
2011-07-17 05:16:36 8896 --sha-w- C:\ProgramData\mfc100jpn32.dll
2011-07-17 04:13:41 8896 --sha-w- C:\ProgramData\icardres32.dll
2011-07-17 02:30:50 8896 --sha-w- C:\ProgramData\netplwiz32.dll
2011-07-17 00:53:49 8896 --sha-w- C:\ProgramData\dmdskmgr32.dll
2011-07-16 23:52:00 8896 --sha-w- C:\ProgramData\themeui32.dll
2011-07-16 22:29:17 8896 --sha-w- C:\ProgramData\dot3gpclnt32.dll
2011-07-16 21:24:26 8896 --sha-w- C:\ProgramData\sechost32.dll
2011-07-16 20:21:41 8896 --sha-w- C:\ProgramData\apilogen32.dll
2011-07-16 12:36:14 8895 --sha-w- C:\ProgramData\Apphlpdm32.dll
2011-07-16 11:36:12 8895 --sha-w- C:\ProgramData\KBDBGPH132.dll
2011-07-16 10:36:07 8895 --sha-w- C:\ProgramData\RGSS102E32.dll
2011-07-16 09:36:06 8895 --sha-w- C:\ProgramData\KBDRO32.dll
2011-07-16 08:36:04 8895 --sha-w- C:\ProgramData\ssdpapi32.dll
2011-07-16 07:36:03 8895 --sha-w- C:\ProgramData\wmerror32.dll
2011-07-16 06:36:02 8895 --sha-w- C:\ProgramData\KBDTH032.dll
2011-07-16 05:41:50 362496 ----a-w- C:\Windows\System32\wow64win.dll
2011-07-16 05:41:49 243200 ----a-w- C:\Windows\System32\wow64.dll
2011-07-16 05:41:49 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2011-07-16 05:39:10 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2011-07-16 05:37:12 421888 ----a-w- C:\Windows\System32\KernelBase.dll
2011-07-16 05:35:15 8895 --sha-w- C:\ProgramData\NlsModels001132.dll
2011-07-16 04:35:15 8895 --sha-w- C:\ProgramData\D3DCompiler_4132.dll
2011-07-16 04:29:19 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2011-07-16 04:26:00 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2011-07-16 04:25:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2011-07-16 04:24:23 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2011-07-16 04:24:22 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2011-07-16 03:35:14 8895 --sha-w- C:\ProgramData\QSVRMGMT32.dll
2011-07-16 02:34:59 8895 --sha-w- C:\ProgramData\dwmapi32.dll
2011-07-16 02:21:44 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2011-07-16 02:21:41 2048 ----a-w- C:\Windows\SysWow64\user.exe
2011-07-16 02:17:19 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2011-07-16 02:17:19 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:17:19 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:17:19 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2011-07-16 01:26:40 8895 --sha-w- C:\ProgramData\wshirda32.dll
2011-07-16 00:26:40 8895 --sha-w- C:\ProgramData\KBDIC32.dll
2011-07-15 23:24:04 8895 --sha-w- C:\ProgramData\Nlsdl32.dll
.
============= FINISH: 2:27:39.98 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,665 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:28 AM

Posted 31 August 2011 - 06:25 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/416128 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,708 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:02:28 PM

Posted 31 August 2011 - 08:54 AM

Hello smuckers,

Apologies for the delay. I will assist you.

Please update me on the current condition of your computer and the issue you are having.

Please download OTL by OldTimer.
  • Save it to your desktop.
  • Double click on the OTL icon on your desktop.
  • Check the "Scan All Users" checkbox.
  • Check the "Standard Output".
  • Click Run Scan button.
  • Two reports will open, copy and paste OTL.txt and attach Extra.txt to your reply:
  • OTL.txt <-- Will be opened
  • Extra.txt <-- Will be minimized


#4 smuckers

smuckers
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:28 AM

Posted 01 September 2011 - 02:10 AM

Also I wanted to mention that I got a blue screen recently but the computer restarted itself before i could write down the the number and thanks for the time and help.



OTL logfile created on: 8/31/2011 11:20:57 PM - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Users\Wesley\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.80 Gb Total Physical Memory | 5.05 Gb Available Physical Memory | 64.76% Memory free
15.61 Gb Paging File | 12.68 Gb Available in Paging File | 81.29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 683.89 Gb Total Space | 469.73 Gb Free Space | 68.68% Space Free | Partition Type: NTFS

Computer Name: WESLEY-PC | User Name: Wesley | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/08/31 23:19:10 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Wesley\Desktop\OTL.exe
PRC - [2011/08/27 05:04:23 | 000,102,400 | ---- | M] (S2 Games) -- C:\Program Files (x86)\Heroes of Newerth\hon.exe
PRC - [2011/08/17 19:11:14 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/07/16 02:34:44 | 003,077,528 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2011/07/06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/06/25 01:31:05 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011/03/24 02:59:34 | 000,199,904 | ---- | M] () -- C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe
PRC - [2011/03/21 11:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/01/20 02:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2011/01/13 11:54:26 | 000,464,856 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2011/01/13 11:42:12 | 003,811,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/01/13 11:39:32 | 000,783,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2011/01/13 11:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2011/01/06 10:57:26 | 000,524,512 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe
PRC - [2011/01/06 10:56:06 | 001,104,608 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgent.exe
PRC - [2010/06/08 09:49:30 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/06/08 09:49:26 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/04/24 01:10:34 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010/04/24 01:10:28 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010/03/03 13:42:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/03/03 13:41:58 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009/12/29 15:35:38 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/12/29 13:19:14 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2009/10/15 02:10:28 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2009/06/24 15:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe


========== Modules (No Company Name) ==========

MOD - [2011/08/27 05:04:23 | 008,024,064 | ---- | M] () -- C:\Program Files (x86)\Heroes of Newerth\k2.dll
MOD - [2011/08/27 05:04:23 | 004,403,200 | ---- | M] () -- c:\Program Files (x86)\Heroes of Newerth\game\game_shared.dll
MOD - [2011/08/27 05:04:23 | 001,769,472 | ---- | M] () -- c:\Program Files (x86)\Heroes of Newerth\game\cgame.dll
MOD - [2011/08/27 05:04:23 | 000,770,048 | ---- | M] () -- c:\Program Files (x86)\Heroes of Newerth\vid_d3d9.dll
MOD - [2011/08/17 19:11:14 | 001,846,232 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/08/10 21:33:31 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\ebdaeeb5ef1a6209d67a2f70fcaf5cd5\System.Core.ni.dll
MOD - [2011/08/10 21:32:25 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\87728d92c9859b06f319711e429d2163\IAStorUtil.ni.dll
MOD - [2011/08/10 03:29:23 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7f94f6b13f92f1e093716d3e15bf86d1\PresentationFramework.Aero.ni.dll
MOD - [2011/08/10 03:29:04 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e3e3b399b69c569ab1ed3b0ace2c8c20\System.Runtime.Remoting.ni.dll
MOD - [2011/08/10 03:28:53 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\c60906a715473ceccf93f0559527e84d\PresentationFramework.ni.dll
MOD - [2011/08/10 03:28:35 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0d43c5e77ee7b8466700b16d7e7d4bb7\System.Windows.Forms.ni.dll
MOD - [2011/08/10 03:28:27 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\9e87dd8fe5d0f925d80a6a6eaf74fdb9\System.Drawing.ni.dll
MOD - [2011/08/10 03:28:25 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\5566b57732d9edea236f54d06149835a\PresentationCore.ni.dll
MOD - [2011/08/10 03:28:15 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\6124dbbfd45927c4a6226d6e6bca6253\WindowsBase.ni.dll
MOD - [2011/08/10 03:28:12 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\16d2854bf69d59d94e64a918365705f1\System.Xml.ni.dll
MOD - [2011/08/10 03:28:09 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\36d0ed3f2a65b9d67933ed46dfcd2ccb\System.Configuration.ni.dll
MOD - [2011/08/10 03:28:08 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\3da7c6c1a0f26ae91883fd8b03ec192d\System.ni.dll
MOD - [2011/08/10 03:28:00 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\16b68fcaff063835ae0ee348a1201f2a\mscorlib.ni.dll
MOD - [2011/07/16 02:34:44 | 003,077,528 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MOD - [2011/05/26 13:42:00 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/03/21 11:57:34 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/03/21 11:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/01/13 11:42:02 | 000,025,920 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftBRCCPiped.dll
MOD - [2011/01/13 11:39:32 | 000,783,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2011/01/13 11:37:50 | 000,079,168 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll
MOD - [2011/01/13 11:37:26 | 000,075,072 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll
MOD - [2011/01/13 11:37:24 | 000,111,936 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll
MOD - [2011/01/13 11:37:20 | 000,121,152 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll
MOD - [2011/01/13 11:37:18 | 000,128,320 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
MOD - [2011/01/13 11:37:14 | 000,234,816 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll
MOD - [2011/01/13 11:37:04 | 000,025,920 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STBRCCServCLR.dll
MOD - [2011/01/13 11:36:50 | 001,123,648 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\libxml2.dll
MOD - [2011/01/08 19:24:55 | 005,969,360 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2010/01/27 15:59:18 | 000,074,240 | ---- | M] () -- C:\Program Files (x86)\Heroes of Newerth\zlibwapi.dll
MOD - [2009/10/15 02:10:28 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
MOD - [2009/06/04 22:16:26 | 000,664,576 | ---- | M] () -- C:\Program Files (x86)\Heroes of Newerth\libxml2.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/02/16 20:20:04 | 000,256,336 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe -- (Amsp)
SRV:64bit: - [2010/09/28 11:32:44 | 000,911,872 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe -- (WiMAXAppSrv)
SRV:64bit: - [2010/09/28 11:27:06 | 000,606,720 | ---- | M] (Red Bend Ltd.) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe -- (DMAgent)
SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/06/17 22:10:14 | 000,258,048 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/03/05 09:26:38 | 001,425,168 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2010/03/05 09:07:58 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2010/03/05 09:06:22 | 000,831,760 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2009/12/29 13:19:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/11/02 11:48:18 | 000,126,352 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/03/03 03:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2011/07/27 16:10:43 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/06/25 01:31:05 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/03/24 02:59:34 | 000,199,904 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe -- (Toolbar Updater Service)
SRV - [2011/01/13 11:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2011/01/08 19:25:38 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2011/01/06 10:56:06 | 001,104,608 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgent.exe -- (NACAgent)
SRV - [2010/06/08 09:49:30 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®
SRV - [2010/04/24 01:10:34 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010/04/24 01:10:28 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/03 13:42:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010/03/03 13:41:58 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/07/06 19:52:42 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/06/12 04:14:43 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/11 19:16:38 | 010,628,640 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 04:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/09/19 19:11:28 | 000,175,104 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpmp.sys -- (bpmp) Intel® Centrino®
DRV:64bit: - [2010/09/19 19:11:22 | 000,081,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpusb.sys -- (bpusb)
DRV:64bit: - [2010/09/19 19:11:18 | 000,071,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpenum.sys -- (bpenum)
DRV:64bit: - [2010/09/17 01:33:02 | 000,144,464 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmcomm.sys -- (tmcomm)
DRV:64bit: - [2010/09/17 01:33:02 | 000,105,552 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi)
DRV:64bit: - [2010/09/17 01:33:02 | 000,090,704 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmactmon.sys -- (tmactmon)
DRV:64bit: - [2010/09/17 01:33:02 | 000,067,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV:64bit: - [2010/08/30 05:17:36 | 000,289,280 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel®
DRV:64bit: - [2010/07/12 11:36:10 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/06/17 22:10:14 | 000,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/06/08 09:33:14 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/05/31 11:05:06 | 007,689,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Intel®
DRV:64bit: - [2010/04/24 01:10:32 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2010/04/24 01:10:28 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2010/04/24 01:10:28 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2010/04/24 01:10:20 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2010/03/30 12:58:06 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010/03/30 12:58:06 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010/03/30 12:58:06 | 000,053,800 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2010/03/30 12:58:06 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010/03/30 12:58:06 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010/03/17 14:44:44 | 000,301,104 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/03/17 14:41:48 | 000,325,152 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/03/17 14:29:52 | 000,232,480 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/02/26 17:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/11/02 11:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009/09/17 11:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®
DRV:64bit: - [2009/08/13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/15 12:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009/06/10 13:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2006/11/01 11:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2011/07/03 00:47:40 | 000,045,176 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Game\SoftnyxGame\GunboundIS\Gun64.sys -- (Gun)
DRV - [2009/12/29 15:35:40 | 000,146,928 | ---- | M] (CyberLink Corp.) [2011/01/08 20:26:07] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl -- ({1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7})
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 0C B3 6E 16 DD 7C 01 4A 80 4B 2F 77 C7 2C 51 B6 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "yahoo.com"
FF - prefs.js..keyword.URL: "http://www.google.com/search?&q="


FF:64bit: - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011/06/12 02:38:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011/06/12 02:38:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1081\firefoxextension\ [2011/08/25 05:50:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/08/17 19:11:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/07/06 13:54:35 | 000,000,000 | ---D | M]

[2011/04/10 13:49:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wesley\AppData\Roaming\Mozilla\Extensions
[2011/08/01 17:05:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wesley\AppData\Roaming\Mozilla\Firefox\Profiles\es037tj2.default\extensions
[2011/08/13 23:05:57 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Users\Wesley\AppData\Roaming\Mozilla\Firefox\Profiles\es037tj2.default\extensions\{4c47c87e-bfd6-4a26-9a9c-9dd1b513898b}
[2011/06/12 00:19:11 | 000,000,000 | ---D | M] (StartNow Toolbar) -- C:\Users\Wesley\AppData\Roaming\Mozilla\Firefox\Profiles\es037tj2.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
[2011/08/01 17:05:31 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Wesley\AppData\Roaming\Mozilla\Firefox\Profiles\es037tj2.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/06/12 04:14:38 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Users\Wesley\AppData\Roaming\Mozilla\Firefox\Profiles\es037tj2.default\extensions\DTToolbar@toolbarnet.com
[2011/06/12 00:19:12 | 000,002,264 | ---- | M] () -- C:\Users\Wesley\AppData\Roaming\Mozilla\Firefox\Profiles\es037tj2.default\searchplugins\bing-zugo.xml
[2011/06/12 04:14:29 | 000,002,055 | ---- | M] () -- C:\Users\Wesley\AppData\Roaming\Mozilla\Firefox\Profiles\es037tj2.default\searchplugins\daemon-search.xml
[2011/05/19 16:22:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/04/29 17:04:43 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/05/19 16:22:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/08/17 19:11:14 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/05/19 16:22:21 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010/01/01 01:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml.old

O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1464\6.6.1081\TmIEPlg.dll (Trend Micro Inc.)
O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe64.dll (Trend Micro Inc.)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1464\6.6.1081\TmIEPlg32.dll (Trend Micro Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [IntelWirelessWiMAX] C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NACAgentUI] C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKCU..\Run: [Best Buy pc app] File not found
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] File not found
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe (Softthinks)
O4 - Startup: C:\Users\Wesley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {4D2D3A17-9B46-483C-A5F4-1DC471080009} https://resnet-cca1-cpl.reshsg.uci.edu/auth/taweb.cab (Cisco NAC Web Agent Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.11.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{699360FA-B447-42A2-8061-CB8E669FA764}: DhcpNameServer = 192.168.11.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe64.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1464\6.6.1081\TmIEPlg.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1464\6.6.1081\TmIEPlg32.dll (Trend Micro Inc.)
O20 - AppInit_DLLs: (C:\ProgramData\mfc4232.dll) - C:\ProgramData\mfc4232.dll (People Can Fly)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - Reg Error: Key error. - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (MACHINE BootExecut) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/08/31 23:19:10 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Users\Wesley\Desktop\OTL.exe
[2011/08/29 03:00:47 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/08/28 02:05:06 | 000,000,000 | ---D | C] -- C:\Users\Wesley\Documents\Dell WebCam Central
[2011/08/28 02:05:06 | 000,000,000 | ---D | C] -- C:\Users\Wesley\AppData\Roaming\Creative
[2011/08/28 02:05:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Creative
[2011/08/13 23:06:00 | 000,159,232 | ---- | C] (People Can Fly) -- C:\ProgramData\mfc4232.dll
[2011/08/09 18:24:02 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2011/08/09 18:24:01 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2011/08/09 18:24:01 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2011/08/09 18:24:01 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2011/08/09 18:24:01 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2011/08/09 18:24:01 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2011/08/09 18:24:01 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2011/08/09 18:24:01 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2011/08/09 18:24:01 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2011/08/09 18:24:01 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2011/08/09 18:23:54 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2011/08/09 18:23:54 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2011/08/09 18:23:54 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2011/08/09 18:23:54 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2011/08/09 18:23:54 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2011/08/09 18:23:54 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2011/08/09 18:23:54 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2011/08/09 18:23:54 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2011/08/09 18:23:54 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2011/08/09 18:23:54 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2011/08/09 18:23:54 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2011/08/09 18:23:54 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2011/08/09 18:23:54 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2011/08/09 18:23:54 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2011/08/09 18:23:54 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2011/08/09 18:23:54 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2011/08/09 18:23:54 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2011/08/09 18:23:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2011/08/09 18:23:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2011/08/09 18:23:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2011/08/09 18:23:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2011/08/09 18:23:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2011/08/09 18:23:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2011/08/09 18:23:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2011/08/09 18:23:54 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2011/08/09 18:23:54 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2011/08/09 18:23:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2011/08/09 18:23:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2011/08/09 18:23:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2011/08/09 18:23:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2011/08/09 18:23:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2011/08/09 18:23:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2011/08/09 18:23:53 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2011/08/09 18:23:53 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2011/08/09 18:23:52 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2011/08/09 18:23:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2011/08/09 18:23:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2011/08/09 18:23:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2011/08/09 18:23:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2011/08/09 18:23:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2011/08/09 18:23:43 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/08/09 18:23:43 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/08/09 18:23:43 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/08/09 18:23:43 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011/08/09 18:23:43 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/08/09 18:23:43 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/08/09 18:23:43 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/08/09 18:23:40 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011/08/09 18:23:39 | 005,561,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011/08/09 18:23:38 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011/08/05 17:28:55 | 000,000,000 | ---D | C] -- C:\Users\Wesley\Documents\DragonNest
[2011/08/05 00:45:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oplex Origins
[2011/08/05 00:44:28 | 000,000,000 | ---D | C] -- C:\Users\Wesley\Documents\Games
[2006/06/25 22:33:46 | 000,163,840 | ---- | C] (アリスソフト) -- C:\Users\Wesley\AppData\Local\Tempals_inst.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Wesley\Documents\*.tmp files -> C:\Users\Wesley\Documents\*.tmp -> ]
[1 C:\Users\Wesley\Desktop\*.tmp files -> C:\Users\Wesley\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/08/31 23:19:10 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Wesley\Desktop\OTL.exe
[2011/08/31 23:17:59 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/08/31 23:17:59 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/08/31 23:14:58 | 000,795,716 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/08/31 23:14:58 | 000,672,386 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/08/31 23:14:58 | 000,125,364 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/08/31 23:11:21 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/08/31 23:10:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/08/31 23:10:30 | 1989,160,959 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/31 03:50:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/08/30 17:51:00 | 000,002,346 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/08/30 02:30:39 | 013,636,619 | ---- | M] () -- C:\Users\Wesley\Documents\jimmysfirsthighsessions.wma
[2011/08/13 23:06:00 | 000,159,232 | ---- | M] (People Can Fly) -- C:\ProgramData\mfc4232.dll
[2011/08/13 23:06:00 | 000,000,163 | ---- | M] () -- C:\Windows\SysWow64\115380643
[2011/08/10 03:09:25 | 000,000,118 | ---- | M] () -- C:\Windows\SysNative\MRT.INI
[2011/08/10 03:06:21 | 000,789,932 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/08/10 02:28:28 | 000,008,898 | -HS- | M] () -- C:\ProgramData\cngprovider32.dll
[2011/08/10 01:28:25 | 000,008,898 | -HS- | M] () -- C:\ProgramData\KBDBU32.dll
[2011/08/10 00:28:21 | 000,008,898 | -HS- | M] () -- C:\ProgramData\RpcDiag32.dll
[2011/08/09 23:28:19 | 000,008,898 | -HS- | M] () -- C:\ProgramData\KBDROST32.dll
[2011/08/09 22:28:18 | 000,008,898 | -HS- | M] () -- C:\ProgramData\stclient32.dll
[2011/08/09 21:28:16 | 000,008,898 | -HS- | M] () -- C:\ProgramData\npmproxy32.dll
[2011/08/09 20:27:05 | 000,008,899 | -HS- | M] () -- C:\ProgramData\qwave32.dll
[2011/08/09 19:21:34 | 000,008,899 | -HS- | M] () -- C:\ProgramData\DWrite32.dll
[2011/08/09 18:48:36 | 000,128,512 | ---- | M] () -- C:\Windows\RegBootClean64.exe
[2011/08/09 05:44:42 | 000,008,899 | -HS- | M] () -- C:\ProgramData\WcnEapPeerProxy32.dll
[2011/08/09 04:44:39 | 000,008,899 | -HS- | M] () -- C:\ProgramData\clusapi32.dll
[2011/08/09 03:44:36 | 000,008,899 | -HS- | M] () -- C:\ProgramData\KBDHE31932.dll
[2011/08/09 02:44:33 | 000,008,899 | -HS- | M] () -- C:\ProgramData\wmpeffects32.dll
[2011/08/09 01:44:30 | 000,008,899 | -HS- | M] () -- C:\ProgramData\MSAC3ENC32.dll
[2011/08/09 00:44:29 | 000,008,899 | -HS- | M] () -- C:\ProgramData\NlsData004932.dll
[2011/08/08 23:44:27 | 000,008,899 | -HS- | M] () -- C:\ProgramData\SyncInfrastructureps32.dll
[2011/08/08 22:44:23 | 000,008,899 | -HS- | M] () -- C:\ProgramData\KBDSL32.dll
[2011/08/08 20:08:54 | 000,008,899 | -HS- | M] () -- C:\ProgramData\w32topl32.dll
[2011/08/08 19:08:54 | 000,008,899 | -HS- | M] () -- C:\ProgramData\sendmail32.dll
[2011/08/08 18:08:51 | 000,008,899 | -HS- | M] () -- C:\ProgramData\xactengine3_532.dll
[2011/08/08 17:08:48 | 000,008,899 | -HS- | M] () -- C:\ProgramData\qasf32.dll
[2011/08/08 01:06:42 | 000,008,899 | -HS- | M] () -- C:\ProgramData\KBDUZB32.dll
[2011/08/08 00:06:38 | 000,008,899 | -HS- | M] () -- C:\ProgramData\odfox3232.dll
[2011/08/07 23:06:35 | 000,008,899 | -HS- | M] () -- C:\ProgramData\odbccr3232.dll
[2011/08/07 22:06:33 | 000,008,899 | -HS- | M] () -- C:\ProgramData\KBDFO32.dll
[2011/08/07 21:06:30 | 000,008,899 | -HS- | M] () -- C:\ProgramData\secproc_ssp32.dll
[2011/08/07 20:06:27 | 000,008,899 | -HS- | M] () -- C:\ProgramData\cmipnpinstall32.dll
[2011/08/07 19:06:24 | 000,008,899 | -HS- | M] () -- C:\ProgramData\chtbrkr32.dll
[2011/08/07 18:06:20 | 000,008,899 | -HS- | M] () -- C:\ProgramData\certCredProvider32.dll
[2011/08/07 17:06:14 | 000,008,899 | -HS- | M] () -- C:\ProgramData\migisol32.dll
[2011/08/07 16:06:13 | 000,008,899 | -HS- | M] () -- C:\ProgramData\NlsLexicons004932.dll
[2011/08/07 05:39:16 | 000,008,899 | -HS- | M] () -- C:\ProgramData\msdelta32.dll
[2011/08/07 04:39:10 | 000,008,899 | -HS- | M] () -- C:\ProgramData\mfcm10032.dll
[2011/08/07 03:39:05 | 000,008,899 | -HS- | M] () -- C:\ProgramData\nlhtml32.dll
[2011/08/07 00:48:30 | 000,008,899 | -HS- | M] () -- C:\ProgramData\sirenacm32.dll
[2011/08/06 23:48:25 | 000,008,899 | -HS- | M] () -- C:\ProgramData\sfc_os32.dll
[2011/08/06 19:38:53 | 000,008,899 | -HS- | M] () -- C:\ProgramData\WcnEapAuthProxy32.dll
[2011/08/06 18:38:48 | 000,008,899 | -HS- | M] () -- C:\ProgramData\nlmgp32.dll
[2011/08/06 17:38:43 | 000,008,899 | -HS- | M] () -- C:\ProgramData\KBDUR132.dll
[2011/08/06 04:48:44 | 000,008,898 | -HS- | M] () -- C:\ProgramData\netevent32.dll
[2011/08/06 03:48:41 | 000,008,898 | -HS- | M] () -- C:\ProgramData\atl10032.dll
[2011/08/06 02:48:38 | 000,008,898 | -HS- | M] () -- C:\ProgramData\wmdrmsdk32.dll
[2011/08/06 01:48:33 | 000,008,898 | -HS- | M] () -- C:\ProgramData\hlink32.dll
[2011/08/05 20:24:08 | 000,008,899 | -HS- | M] () -- C:\ProgramData\dtsh32.dll
[2011/08/05 19:24:02 | 000,008,899 | -HS- | M] () -- C:\ProgramData\asferror32.dll
[2011/08/05 18:23:57 | 000,008,899 | -HS- | M] () -- C:\ProgramData\X3DAudio1_532.dll
[2011/08/05 17:23:53 | 000,008,899 | -HS- | M] () -- C:\ProgramData\dhcpcsvc32.dll
[2011/08/05 03:12:18 | 000,008,898 | -HS- | M] () -- C:\ProgramData\shsvcs32.dll
[2011/08/05 02:12:17 | 000,008,898 | -HS- | M] () -- C:\ProgramData\avicap3232.dll
[2011/08/05 01:10:49 | 000,008,898 | -HS- | M] () -- C:\ProgramData\SampleRes32.dll
[2011/08/04 23:22:14 | 000,008,898 | -HS- | M] () -- C:\ProgramData\wmdrmnet32.dll
[2011/08/04 22:22:07 | 000,008,898 | -HS- | M] () -- C:\ProgramData\xlivefnt32.dll
[2011/08/04 21:22:02 | 000,008,898 | -HS- | M] () -- C:\ProgramData\NlsLexicons004532.dll
[2011/08/04 20:21:59 | 000,008,898 | -HS- | M] () -- C:\ProgramData\mmci32.dll
[2011/08/04 19:21:56 | 000,008,898 | -HS- | M] () -- C:\ProgramData\PresentationNative_v030032.dll
[2011/08/04 18:21:52 | 000,008,898 | -HS- | M] () -- C:\ProgramData\oleaut3232.dll
[2011/08/04 17:21:48 | 000,008,898 | -HS- | M] () -- C:\ProgramData\printui32.dll
[2011/08/04 16:21:44 | 000,008,898 | -HS- | M] () -- C:\ProgramData\P2P32.dll
[2011/08/04 05:50:52 | 000,008,899 | -HS- | M] () -- C:\ProgramData\EAPQEC32.dll
[2011/08/03 21:48:29 | 000,008,899 | -HS- | M] () -- C:\ProgramData\osbaseln32.dll
[2011/08/03 20:48:25 | 000,008,899 | -HS- | M] () -- C:\ProgramData\cryptsvc32.dll
[2011/08/03 19:48:22 | 000,008,899 | -HS- | M] () -- C:\ProgramData\shfolder32.dll
[2011/08/03 04:26:44 | 000,008,899 | -HS- | M] () -- C:\ProgramData\sqlwoa32.dll
[2011/08/03 02:20:54 | 000,008,899 | -HS- | M] () -- C:\ProgramData\L2SecHC32.dll
[2011/08/03 01:15:23 | 000,008,899 | -HS- | M] () -- C:\ProgramData\spp32.dll
[2011/08/02 13:03:19 | 000,008,899 | -HS- | M] () -- C:\ProgramData\rastls32.dll
[2011/08/02 04:32:34 | 000,008,899 | -HS- | M] () -- C:\ProgramData\NlsData004732.dll
[2011/08/02 03:32:29 | 000,008,899 | -HS- | M] () -- C:\ProgramData\X3DAudio1_632.dll
[2011/08/02 02:32:25 | 000,008,899 | -HS- | M] () -- C:\ProgramData\KBDNEPR32.dll
[2011/08/02 01:32:19 | 000,008,899 | -HS- | M] () -- C:\ProgramData\prncache32.dll
[2011/08/02 00:32:18 | 000,008,899 | -HS- | M] () -- C:\ProgramData\mssign3232.dll
[2011/08/01 23:32:17 | 000,008,899 | -HS- | M] () -- C:\ProgramData\powercpl32.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Wesley\Documents\*.tmp files -> C:\Users\Wesley\Documents\*.tmp -> ]
[1 C:\Users\Wesley\Desktop\*.tmp files -> C:\Users\Wesley\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/08/30 02:30:39 | 013,636,619 | ---- | C] () -- C:\Users\Wesley\Documents\jimmysfirsthighsessions.wma
[2011/08/10 02:28:28 | 000,008,898 | -HS- | C] () -- C:\ProgramData\cngprovider32.dll
[2011/08/10 01:28:25 | 000,008,898 | -HS- | C] () -- C:\ProgramData\KBDBU32.dll
[2011/08/10 00:28:21 | 000,008,898 | -HS- | C] () -- C:\ProgramData\RpcDiag32.dll
[2011/08/09 23:28:19 | 000,008,898 | -HS- | C] () -- C:\ProgramData\KBDROST32.dll
[2011/08/09 22:28:18 | 000,008,898 | -HS- | C] () -- C:\ProgramData\stclient32.dll
[2011/08/09 21:28:16 | 000,008,898 | -HS- | C] () -- C:\ProgramData\npmproxy32.dll
[2011/08/09 20:27:05 | 000,008,899 | -HS- | C] () -- C:\ProgramData\qwave32.dll
[2011/08/09 19:21:34 | 000,008,899 | -HS- | C] () -- C:\ProgramData\DWrite32.dll
[2011/08/09 05:44:42 | 000,008,899 | -HS- | C] () -- C:\ProgramData\WcnEapPeerProxy32.dll
[2011/08/09 04:44:39 | 000,008,899 | -HS- | C] () -- C:\ProgramData\clusapi32.dll
[2011/08/09 03:44:36 | 000,008,899 | -HS- | C] () -- C:\ProgramData\KBDHE31932.dll
[2011/08/09 02:44:33 | 000,008,899 | -HS- | C] () -- C:\ProgramData\wmpeffects32.dll
[2011/08/09 01:44:30 | 000,008,899 | -HS- | C] () -- C:\ProgramData\MSAC3ENC32.dll
[2011/08/09 00:44:29 | 000,008,899 | -HS- | C] () -- C:\ProgramData\NlsData004932.dll
[2011/08/08 23:44:27 | 000,008,899 | -HS- | C] () -- C:\ProgramData\SyncInfrastructureps32.dll
[2011/08/08 22:44:23 | 000,008,899 | -HS- | C] () -- C:\ProgramData\KBDSL32.dll
[2011/08/08 20:08:54 | 000,008,899 | -HS- | C] () -- C:\ProgramData\w32topl32.dll
[2011/08/08 19:08:54 | 000,008,899 | -HS- | C] () -- C:\ProgramData\sendmail32.dll
[2011/08/08 18:08:51 | 000,008,899 | -HS- | C] () -- C:\ProgramData\xactengine3_532.dll
[2011/08/08 17:08:48 | 000,008,899 | -HS- | C] () -- C:\ProgramData\qasf32.dll
[2011/08/08 01:06:42 | 000,008,899 | -HS- | C] () -- C:\ProgramData\KBDUZB32.dll
[2011/08/08 00:06:38 | 000,008,899 | -HS- | C] () -- C:\ProgramData\odfox3232.dll
[2011/08/07 23:06:35 | 000,008,899 | -HS- | C] () -- C:\ProgramData\odbccr3232.dll
[2011/08/07 22:06:33 | 000,008,899 | -HS- | C] () -- C:\ProgramData\KBDFO32.dll
[2011/08/07 21:06:30 | 000,008,899 | -HS- | C] () -- C:\ProgramData\secproc_ssp32.dll
[2011/08/07 20:06:27 | 000,008,899 | -HS- | C] () -- C:\ProgramData\cmipnpinstall32.dll
[2011/08/07 19:06:24 | 000,008,899 | -HS- | C] () -- C:\ProgramData\chtbrkr32.dll
[2011/08/07 18:06:20 | 000,008,899 | -HS- | C] () -- C:\ProgramData\certCredProvider32.dll
[2011/08/07 17:06:14 | 000,008,899 | -HS- | C] () -- C:\ProgramData\migisol32.dll
[2011/08/07 16:06:13 | 000,008,899 | -HS- | C] () -- C:\ProgramData\NlsLexicons004932.dll
[2011/08/07 05:39:16 | 000,008,899 | -HS- | C] () -- C:\ProgramData\msdelta32.dll
[2011/08/07 04:39:10 | 000,008,899 | -HS- | C] () -- C:\ProgramData\mfcm10032.dll
[2011/08/07 03:39:05 | 000,008,899 | -HS- | C] () -- C:\ProgramData\nlhtml32.dll
[2011/08/07 00:48:30 | 000,008,899 | -HS- | C] () -- C:\ProgramData\sirenacm32.dll
[2011/08/06 23:48:25 | 000,008,899 | -HS- | C] () -- C:\ProgramData\sfc_os32.dll
[2011/08/06 19:38:53 | 000,008,899 | -HS- | C] () -- C:\ProgramData\WcnEapAuthProxy32.dll
[2011/08/06 18:38:48 | 000,008,899 | -HS- | C] () -- C:\ProgramData\nlmgp32.dll
[2011/08/06 17:38:43 | 000,008,899 | -HS- | C] () -- C:\ProgramData\KBDUR132.dll
[2011/08/06 04:48:44 | 000,008,898 | -HS- | C] () -- C:\ProgramData\netevent32.dll
[2011/08/06 03:48:41 | 000,008,898 | -HS- | C] () -- C:\ProgramData\atl10032.dll
[2011/08/06 02:48:38 | 000,008,898 | -HS- | C] () -- C:\ProgramData\wmdrmsdk32.dll
[2011/08/06 01:48:33 | 000,008,898 | -HS- | C] () -- C:\ProgramData\hlink32.dll
[2011/08/05 20:24:08 | 000,008,899 | -HS- | C] () -- C:\ProgramData\dtsh32.dll
[2011/08/05 19:24:02 | 000,008,899 | -HS- | C] () -- C:\ProgramData\asferror32.dll
[2011/08/05 18:23:57 | 000,008,899 | -HS- | C] () -- C:\ProgramData\X3DAudio1_532.dll
[2011/08/05 17:23:53 | 000,008,899 | -HS- | C] () -- C:\ProgramData\dhcpcsvc32.dll
[2011/08/05 03:12:18 | 000,008,898 | -HS- | C] () -- C:\ProgramData\shsvcs32.dll
[2011/08/05 02:12:17 | 000,008,898 | -HS- | C] () -- C:\ProgramData\avicap3232.dll
[2011/08/05 01:10:49 | 000,008,898 | -HS- | C] () -- C:\ProgramData\SampleRes32.dll
[2011/08/04 23:22:14 | 000,008,898 | -HS- | C] () -- C:\ProgramData\wmdrmnet32.dll
[2011/08/04 22:22:07 | 000,008,898 | -HS- | C] () -- C:\ProgramData\xlivefnt32.dll
[2011/08/04 21:22:02 | 000,008,898 | -HS- | C] () -- C:\ProgramData\NlsLexicons004532.dll
[2011/08/04 20:21:59 | 000,008,898 | -HS- | C] () -- C:\ProgramData\mmci32.dll
[2011/08/04 19:21:56 | 000,008,898 | -HS- | C] () -- C:\ProgramData\PresentationNative_v030032.dll
[2011/08/04 18:21:52 | 000,008,898 | -HS- | C] () -- C:\ProgramData\oleaut3232.dll
[2011/08/04 17:21:48 | 000,008,898 | -HS- | C] () -- C:\ProgramData\printui32.dll
[2011/08/04 16:21:44 | 000,008,898 | -HS- | C] () -- C:\ProgramData\P2P32.dll
[2011/08/04 05:50:52 | 000,008,899 | -HS- | C] () -- C:\ProgramData\EAPQEC32.dll
[2011/08/03 21:48:29 | 000,008,899 | -HS- | C] () -- C:\ProgramData\osbaseln32.dll
[2011/08/03 20:48:25 | 000,008,899 | -HS- | C] () -- C:\ProgramData\cryptsvc32.dll
[2011/08/03 19:48:22 | 000,008,899 | -HS- | C] () -- C:\ProgramData\shfolder32.dll
[2011/08/03 04:26:44 | 000,008,899 | -HS- | C] () -- C:\ProgramData\sqlwoa32.dll
[2011/08/03 02:20:54 | 000,008,899 | -HS- | C] () -- C:\ProgramData\L2SecHC32.dll
[2011/08/03 01:15:23 | 000,008,899 | -HS- | C] () -- C:\ProgramData\spp32.dll
[2011/08/02 13:03:19 | 000,008,899 | -HS- | C] () -- C:\ProgramData\rastls32.dll
[2011/08/02 04:32:34 | 000,008,899 | -HS- | C] () -- C:\ProgramData\NlsData004732.dll
[2011/08/02 03:32:29 | 000,008,899 | -HS- | C] () -- C:\ProgramData\X3DAudio1_632.dll
[2011/08/02 02:32:25 | 000,008,899 | -HS- | C] () -- C:\ProgramData\KBDNEPR32.dll
[2011/08/02 01:32:19 | 000,008,899 | -HS- | C] () -- C:\ProgramData\prncache32.dll
[2011/08/02 00:32:18 | 000,008,899 | -HS- | C] () -- C:\ProgramData\mssign3232.dll
[2011/08/01 23:32:17 | 000,008,899 | -HS- | C] () -- C:\ProgramData\powercpl32.dll
[2011/08/01 20:49:37 | 000,008,899 | -HS- | C] () -- C:\ProgramData\tsmf32.dll
[2011/08/01 19:49:37 | 000,008,899 | -HS- | C] () -- C:\ProgramData\raschap32.dll
[2011/08/01 18:49:35 | 000,008,899 | -HS- | C] () -- C:\ProgramData\dsuiext32.dll
[2011/08/01 17:49:30 | 000,008,899 | -HS- | C] () -- C:\ProgramData\SensorsCpl32.dll
[2011/08/01 00:54:11 | 000,008,899 | -HS- | C] () -- C:\ProgramData\ieaksie32.dll
[2011/07/31 23:54:10 | 000,008,899 | -HS- | C] () -- C:\ProgramData\NlsData000d32.dll
[2011/07/31 22:54:09 | 000,008,899 | -HS- | C] () -- C:\ProgramData\Wldap3232.dll
[2011/07/31 20:09:47 | 000,008,899 | -HS- | C] () -- C:\ProgramData\miguiresource32.dll
[2011/07/31 19:08:38 | 000,008,899 | -HS- | C] () -- C:\ProgramData\KBDUSL32.dll
[2011/07/31 18:05:34 | 000,008,899 | -HS- | C] () -- C:\ProgramData\wshqos32.dll
[2011/07/31 16:43:37 | 000,008,899 | -HS- | C] () -- C:\ProgramData\iassdo32.dll
[2011/07/31 15:43:32 | 000,008,899 | -HS- | C] () -- C:\ProgramData\vbscript32.dll
[2011/07/31 14:43:28 | 000,008,899 | -HS- | C] () -- C:\ProgramData\fontsub32.dll
[2011/07/31 13:43:26 | 000,008,899 | -HS- | C] () -- C:\ProgramData\UIAutomationCore32.dll
[2011/07/31 03:54:18 | 000,008,899 | -HS- | C] () -- C:\ProgramData\wshbth32.dll
[2011/07/31 02:54:15 | 000,008,899 | -HS- | C] () -- C:\ProgramData\tdh32.dll
[2011/07/31 01:54:10 | 000,008,899 | -HS- | C] () -- C:\ProgramData\adsldpc32.dll
[2011/07/31 00:54:05 | 000,008,899 | -HS- | C] () -- C:\ProgramData\KBDLA32.dll
[2011/07/30 22:41:06 | 000,008,899 | -HS- | C] () -- C:\ProgramData\iyuv_3232.dll
[2011/07/30 21:06:17 | 000,008,899 | -HS- | C] () -- C:\ProgramData\perfnet32.dll
[2011/07/30 07:17:33 | 000,008,899 | -HS- | C] () -- C:\ProgramData\NlsLexicons004732.dll
[2011/07/30 06:17:32 | 000,008,899 | -HS- | C] () -- C:\ProgramData\FXSCOMEX32.dll
[2011/07/30 04:59:44 | 000,008,899 | -HS- | C] () -- C:\ProgramData\iscsidsc32.dll
[2011/07/30 03:59:43 | 000,008,899 | -HS- | C] () -- C:\ProgramData\fwcfg32.dll
[2011/07/30 02:59:41 | 000,008,899 | -HS- | C] () -- C:\ProgramData\CSVer32.dll
[2011/07/29 22:52:05 | 000,008,899 | -HS- | C] () -- C:\ProgramData\msdtcuiu32.dll
[2011/07/29 21:52:04 | 000,008,899 | -HS- | C] () -- C:\ProgramData\netapi3232.dll
[2011/07/29 20:52:03 | 000,008,899 | -HS- | C] () -- C:\ProgramData\XAudio2_332.dll
[2011/07/29 19:52:02 | 000,008,899 | -HS- | C] () -- C:\ProgramData\mfc100enu32.dll
[2011/07/29 18:52:00 | 000,008,899 | -HS- | C] () -- C:\ProgramData\CertEnrollUI32.dll
[2011/07/29 17:51:57 | 000,008,899 | -HS- | C] () -- C:\ProgramData\XAudio2_232.dll
[2011/07/29 16:51:55 | 000,008,899 | -HS- | C] () -- C:\ProgramData\iscsicpl32.dll
[2011/07/29 01:00:12 | 000,008,898 | -HS- | C] () -- C:\ProgramData\idndl32.dll
[2011/07/28 23:54:41 | 000,008,898 | -HS- | C] () -- C:\ProgramData\KBDTUF32.dll
[2011/07/28 22:53:53 | 000,008,898 | -HS- | C] () -- C:\ProgramData\pdhui32.dll
[2011/07/28 21:51:19 | 000,008,898 | -HS- | C] () -- C:\ProgramData\netjoin32.dll
[2011/07/28 20:49:00 | 000,008,898 | -HS- | C] () -- C:\ProgramData\KBDINUK232.dll
[2011/07/28 19:48:59 | 000,008,898 | -HS- | C] () -- C:\ProgramData\mapistub32.dll
[2011/07/28 18:48:56 | 000,008,898 | -HS- | C] () -- C:\ProgramData\msmpeg2vdec32.dll
[2011/07/28 17:48:53 | 000,008,898 | -HS- | C] () -- C:\ProgramData\DDORes32.dll
[2011/07/28 16:48:51 | 000,008,898 | -HS- | C] () -- C:\ProgramData\KBDEST32.dll
[2011/07/28 15:48:50 | 000,008,898 | -HS- | C] () -- C:\ProgramData\KBDMLT4732.dll
[2011/07/28 14:48:49 | 000,008,898 | -HS- | C] () -- C:\ProgramData\pstorsvc32.dll
[2011/07/28 13:48:48 | 000,008,898 | -HS- | C] () -- C:\ProgramData\xactengine2_832.dll
[2011/07/28 03:28:09 | 000,008,899 | -HS- | C] () -- C:\ProgramData\rasctrs32.dll
[2011/07/28 02:28:08 | 000,008,899 | -HS- | C] () -- C:\ProgramData\tpmcompc32.dll
[2011/07/28 01:26:53 | 000,008,899 | -HS- | C] () -- C:\ProgramData\traffic32.dll
[2011/07/28 00:22:33 | 000,008,899 | -HS- | C] () -- C:\ProgramData\CNHMCA32.dll
[2011/07/27 23:21:53 | 000,008,899 | -HS- | C] () -- C:\ProgramData\tsgqec32.dll
[2011/07/27 22:21:48 | 000,008,899 | -HS- | C] () -- C:\ProgramData\duser32.dll
[2011/07/27 21:21:45 | 000,008,899 | -HS- | C] () -- C:\ProgramData\ocsetapi32.dll
[2011/07/27 19:21:38 | 000,008,899 | -HS- | C] () -- C:\ProgramData\Faultrep32.dll
[2011/07/27 18:21:37 | 000,008,899 | -HS- | C] () -- C:\ProgramData\TSpkg32.dll
[2011/07/27 16:21:33 | 000,008,899 | -HS- | C] () -- C:\ProgramData\NlsData004e32.dll
[2011/07/27 06:04:21 | 000,008,898 | -HS- | C] () -- C:\ProgramData\jsproxy32.dll
[2011/07/27 05:04:20 | 000,008,898 | -HS- | C] () -- C:\ProgramData\amxread32.dll
[2011/07/27 04:04:19 | 000,008,898 | -HS- | C] () -- C:\ProgramData\KBDHE22032.dll
[2011/07/27 03:04:08 | 000,008,898 | -HS- | C] () -- C:\ProgramData\ir41_qcx32.dll
[2011/07/27 02:03:33 | 000,008,898 | -HS- | C] () -- C:\ProgramData\winusb32.dll
[2011/07/27 01:03:11 | 000,008,898 | -HS- | C] () -- C:\ProgramData\d3dx10_4232.dll
[2011/07/27 00:02:28 | 000,008,898 | -HS- | C] () -- C:\ProgramData\KBDMONMO32.dll
[2011/07/26 23:02:12 | 000,008,898 | -HS- | C] () -- C:\ProgramData\CNC250U32.dll
[2011/07/23 16:57:03 | 000,012,800 | ---- | C] () -- C:\Windows\DCEBoot64.exe
[2011/07/23 16:56:57 | 000,128,512 | ---- | C] () -- C:\Windows\RegBootClean64.exe
[2011/07/23 03:26:27 | 000,008,896 | -HS- | C] () -- C:\ProgramData\msisip32.dll
[2011/07/23 02:24:04 | 000,008,896 | -HS- | C] () -- C:\ProgramData\NlsData002032.dll
[2011/07/23 01:24:01 | 000,008,896 | -HS- | C] () -- C:\ProgramData\winrscmd32.dll
[2011/07/23 00:23:58 | 000,008,896 | -HS- | C] () -- C:\ProgramData\cfgbkend32.dll
[2011/07/22 23:23:55 | 000,008,896 | -HS- | C] () -- C:\ProgramData\powrprof32.dll
[2011/07/22 22:23:52 | 000,008,896 | -HS- | C] () -- C:\ProgramData\taskcomp32.dll
[2011/07/22 20:27:30 | 000,008,896 | -HS- | C] () -- C:\ProgramData\xlive32.dll
[2011/07/22 19:27:28 | 000,008,896 | -HS- | C] () -- C:\ProgramData\dnsapi32.dll
[2011/07/22 18:27:25 | 000,008,896 | -HS- | C] () -- C:\ProgramData\PhotoMetadataHandler32.dll
[2011/07/22 17:27:21 | 000,008,896 | -HS- | C] () -- C:\ProgramData\wow3232.dll
[2011/07/22 16:27:18 | 000,008,896 | -HS- | C] () -- C:\ProgramData\msimsg32.dll
[2011/07/22 15:27:12 | 000,008,896 | -HS- | C] () -- C:\ProgramData\KBDCR32.dll
[2011/07/22 04:41:07 | 000,008,895 | -HS- | C] () -- C:\ProgramData\pngfilt32.dll
[2011/07/22 03:40:56 | 000,008,895 | -HS- | C] () -- C:\ProgramData\packager32.dll
[2011/07/22 02:40:53 | 000,008,895 | -HS- | C] () -- C:\ProgramData\PortableDeviceTypes32.dll
[2011/07/22 01:40:51 | 000,008,895 | -HS- | C] () -- C:\ProgramData\lz3232.dll
[2011/07/22 00:40:47 | 000,008,895 | -HS- | C] () -- C:\ProgramData\msdtcVSp1res32.dll
[2011/07/21 23:40:43 | 000,008,895 | -HS- | C] () -- C:\ProgramData\esent32.dll
[2011/07/21 22:40:40 | 000,008,895 | -HS- | C] () -- C:\ProgramData\dhcpcmonitor32.dll
[2011/07/21 21:40:37 | 000,008,895 | -HS- | C] () -- C:\ProgramData\chsbrkr32.dll
[2011/07/21 20:40:35 | 000,008,895 | -HS- | C] () -- C:\ProgramData\KBDRU132.dll
[2011/07/21 19:39:17 | 000,008,895 | -HS- | C] () -- C:\ProgramData\SmartcardCredentialProvider32.dll
[2011/07/21 18:37:12 | 000,008,895 | -HS- | C] () -- C:\ProgramData\KBDUGHR32.dll
[2011/07/21 17:35:35 | 000,008,895 | -HS- | C] () -- C:\ProgramData\mfc4032.dll
[2011/07/21 03:57:36 | 000,008,895 | -HS- | C] () -- C:\ProgramData\resutils32.dll
[2011/07/21 02:57:21 | 000,008,895 | -HS- | C] () -- C:\ProgramData\wintrust32.dll
[2011/07/21 01:57:11 | 000,008,895 | -HS- | C] () -- C:\ProgramData\InkEd32.dll
[2011/07/21 00:57:10 | 000,008,895 | -HS- | C] () -- C:\ProgramData\riched3232.dll
[2011/07/20 23:57:08 | 000,008,895 | -HS- | C] () -- C:\ProgramData\d3dx9_2732.dll
[2011/07/20 22:57:07 | 000,008,895 | -HS- | C] () -- C:\ProgramData\spwizeng32.dll
[2011/07/20 21:57:06 | 000,008,895 | -HS- | C] () -- C:\ProgramData\rpchttp32.dll
[2011/07/20 20:57:05 | 000,008,895 | -HS- | C] () -- C:\ProgramData\sqmapi32.dll
[2011/07/20 19:57:04 | 000,008,895 | -HS- | C] () -- C:\ProgramData\netcenter32.dll
[2011/07/20 17:57:02 | 000,008,895 | -HS- | C] () -- C:\ProgramData\dbnmpntw32.dll
[2011/07/20 16:52:32 | 000,008,895 | -HS- | C] () -- C:\ProgramData\msnetobj32.dll
[2011/07/18 20:09:35 | 000,008,894 | -HS- | C] () -- C:\ProgramData\capiprovider32.dll
[2011/07/18 19:09:29 | 000,008,894 | -HS- | C] () -- C:\ProgramData\secproc_isv32.dll
[2011/07/18 18:09:28 | 000,008,894 | -HS- | C] () -- C:\ProgramData\KBDINKAN32.dll
[2011/07/18 17:09:27 | 000,008,894 | -HS- | C] () -- C:\ProgramData\wsecedit32.dll
[2011/07/18 16:09:27 | 000,008,894 | -HS- | C] () -- C:\ProgramData\KBDDIV232.dll
[2011/07/18 15:09:26 | 000,008,894 | -HS- | C] () -- C:\ProgramData\KBDUKX32.dll
[2011/07/18 14:09:25 | 000,008,894 | -HS- | C] () -- C:\ProgramData\XPSSHHDR32.dll
[2011/07/18 01:20:44 | 000,008,894 | -HS- | C] () -- C:\ProgramData\KBDLAO32.dll
[2011/07/18 00:20:42 | 000,008,894 | -HS- | C] () -- C:\ProgramData\adsmsext32.dll
[2011/07/17 23:20:41 | 000,008,894 | -HS- | C] () -- C:\ProgramData\ntvdm6432.dll
[2011/07/17 22:20:37 | 000,008,894 | -HS- | C] () -- C:\ProgramData\btpanui32.dll
[2011/07/17 21:17:58 | 000,008,894 | -HS- | C] () -- C:\ProgramData\colorui32.dll
[2011/07/17 05:16:43 | 000,008,896 | -HS- | C] () -- C:\ProgramData\wsnmp3232.dll
[2011/07/17 04:16:42 | 000,008,896 | -HS- | C] () -- C:\ProgramData\UserAccountControlSettings32.dll
[2011/07/17 03:16:41 | 000,008,896 | -HS- | C] () -- C:\ProgramData\d3dcsx_4232.dll
[2011/07/17 02:16:41 | 000,008,896 | -HS- | C] () -- C:\ProgramData\dmusic32.dll
[2011/07/17 01:16:40 | 000,008,896 | -HS- | C] () -- C:\ProgramData\basecsp32.dll
[2011/07/17 00:25:04 | 000,000,056 | ---- | C] () -- C:\Windows\kgt2k.INI
[2011/07/17 00:16:37 | 000,008,896 | -HS- | C] () -- C:\ProgramData\wshext32.dll
[2011/07/16 23:16:37 | 000,008,896 | -HS- | C] () -- C:\ProgramData\KBDIBO32.dll
[2011/07/16 22:16:36 | 000,008,896 | -HS- | C] () -- C:\ProgramData\mfc100jpn32.dll
[2011/07/16 21:13:41 | 000,008,896 | -HS- | C] () -- C:\ProgramData\icardres32.dll
[2011/07/16 19:30:50 | 000,008,896 | -HS- | C] () -- C:\ProgramData\netplwiz32.dll
[2011/07/16 17:53:49 | 000,008,896 | -HS- | C] () -- C:\ProgramData\dmdskmgr32.dll
[2011/07/16 16:52:00 | 000,008,896 | -HS- | C] () -- C:\ProgramData\themeui32.dll
[2011/07/16 15:29:17 | 000,008,896 | -HS- | C] () -- C:\ProgramData\dot3gpclnt32.dll
[2011/07/16 14:24:26 | 000,008,896 | -HS- | C] () -- C:\ProgramData\sechost32.dll
[2011/07/16 13:21:41 | 000,008,896 | -HS- | C] () -- C:\ProgramData\apilogen32.dll
[2011/07/16 05:36:14 | 000,008,895 | -HS- | C] () -- C:\ProgramData\Apphlpdm32.dll
[2011/07/16 04:36:12 | 000,008,895 | -HS- | C] () -- C:\ProgramData\KBDBGPH132.dll
[2011/07/16 03:36:07 | 000,008,895 | -HS- | C] () -- C:\ProgramData\RGSS102E32.dll
[2011/07/16 02:36:06 | 000,008,895 | -HS- | C] () -- C:\ProgramData\KBDRO32.dll
[2011/07/16 01:36:04 | 000,008,895 | -HS- | C] () -- C:\ProgramData\ssdpapi32.dll
[2011/07/16 00:36:03 | 000,008,895 | -HS- | C] () -- C:\ProgramData\wmerror32.dll
[2011/07/15 23:36:02 | 000,008,895 | -HS- | C] () -- C:\ProgramData\KBDTH032.dll
[2011/07/15 22:35:15 | 000,008,895 | -HS- | C] () -- C:\ProgramData\NlsModels001132.dll
[2011/07/15 21:35:15 | 000,008,895 | -HS- | C] () -- C:\ProgramData\D3DCompiler_4132.dll
[2011/07/15 20:35:14 | 000,008,895 | -HS- | C] () -- C:\ProgramData\QSVRMGMT32.dll
[2011/07/15 19:34:59 | 000,008,895 | -HS- | C] () -- C:\ProgramData\dwmapi32.dll
[2011/07/15 18:26:40 | 000,008,895 | -HS- | C] () -- C:\ProgramData\wshirda32.dll
[2011/07/15 17:26:40 | 000,008,895 | -HS- | C] () -- C:\ProgramData\KBDIC32.dll
[2011/07/15 16:24:04 | 000,008,895 | -HS- | C] () -- C:\ProgramData\Nlsdl32.dll
[2011/07/15 03:41:37 | 000,008,896 | -HS- | C] () -- C:\ProgramData\mfc100rus32.dll
[2011/07/15 02:41:14 | 000,008,896 | -HS- | C] () -- C:\ProgramData\dhcpcsvc632.dll
[2011/07/15 01:41:12 | 000,008,896 | -HS- | C] () -- C:\ProgramData\CNC250L32.dll
[2011/07/15 00:41:12 | 000,008,896 | -HS- | C] () -- C:\ProgramData\icm3232.dll
[2011/07/14 23:41:09 | 000,008,896 | -HS- | C] () -- C:\ProgramData\secproc_ssp_isv32.dll
[2011/07/14 22:41:08 | 000,008,896 | -HS- | C] () -- C:\ProgramData\netutils32.dll
[2011/07/14 21:41:07 | 000,008,896 | -HS- | C] () -- C:\ProgramData\dmime32.dll
[2011/07/14 20:38:40 | 000,008,896 | -HS- | C] () -- C:\ProgramData\tlscsp32.dll
[2011/07/14 19:38:18 | 000,008,896 | -HS- | C] () -- C:\ProgramData\dot3hc32.dll
[2011/07/14 18:38:17 | 000,008,896 | -HS- | C] () -- C:\ProgramData\secproc32.dll
[2011/07/14 17:38:16 | 000,008,896 | -HS- | C] () -- C:\ProgramData\IconCodecService32.dll
[2011/07/14 16:38:15 | 000,008,896 | -HS- | C] () -- C:\ProgramData\apircl32.dll
[2011/07/14 06:28:20 | 000,008,896 | -HS- | C] () -- C:\ProgramData\FXSCOM32.dll
[2011/07/14 05:28:14 | 000,008,896 | -HS- | C] () -- C:\ProgramData\aspnet_counters32.dll
[2011/07/14 04:28:11 | 000,008,896 | -HS- | C] () -- C:\ProgramData\cngaudit32.dll
[2011/07/14 03:28:10 | 000,008,896 | -HS- | C] () -- C:\ProgramData\KBDBR32.dll
[2011/07/14 02:28:08 | 000,008,896 | -HS- | C] () -- C:\ProgramData\rnr2032.dll
[2011/07/14 01:28:07 | 000,008,896 | -HS- | C] () -- C:\ProgramData\KBDROPR32.dll
[2011/07/14 00:28:05 | 000,008,896 | -HS- | C] () -- C:\ProgramData\SSShim32.dll
[2011/07/13 23:28:02 | 000,008,896 | -HS- | C] () -- C:\ProgramData\wmidx32.dll
[2011/07/13 22:27:59 | 000,008,896 | -HS- | C] () -- C:\ProgramData\KBDTIPRC32.dll
[2011/07/13 21:27:57 | 000,008,896 | -HS- | C] () -- C:\ProgramData\normaliz32.dll
[2011/07/13 20:27:51 | 000,008,896 | -HS- | C] () -- C:\ProgramData\D3DCompiler_4232.dll
[2011/07/13 19:26:40 | 000,008,896 | -HS- | C] () -- C:\ProgramData\QUTIL32.dll
[2011/07/13 17:48:28 | 000,008,895 | -HS- | C] () -- C:\ProgramData\dwmcore32.dll
[2011/07/10 02:21:59 | 000,020,263 | ---- | C] () -- C:\Users\Wesley\AppData\Roaming\6262.1EA
[2011/07/03 06:35:22 | 000,000,040 | ---- | C] () -- C:\ProgramData\2cce81d3
[2011/06/25 01:31:07 | 000,281,656 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/06/25 01:31:05 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/06/18 18:22:50 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011/06/07 09:48:05 | 000,011,728 | -HS- | C] () -- C:\Users\Wesley\AppData\Local\qf7j006i307x31d2eq0db61ygjdt21e46428472a
[2011/06/07 09:48:05 | 000,011,728 | -HS- | C] () -- C:\ProgramData\qf7j006i307x31d2eq0db61ygjdt21e46428472a
[2011/04/29 17:06:30 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011/04/11 12:51:56 | 000,789,932 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/04/10 15:43:32 | 000,000,268 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2011/04/10 13:49:30 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/02/11 19:15:08 | 000,874,048 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2011/01/08 20:07:21 | 000,104,796 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2011/01/08 20:07:20 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2011/01/08 20:04:57 | 000,000,035 | ---- | C] () -- C:\Windows\DELL_LANGCODE.ini
[2011/01/08 20:04:57 | 000,000,033 | ---- | C] () -- C:\Windows\DELL_OSTYPE.ini
[2011/01/08 20:04:57 | 000,000,032 | ---- | C] () -- C:\Windows\WisHWDest.ini
[2011/01/08 20:04:57 | 000,000,023 | ---- | C] () -- C:\Windows\WisSysInfo.ini
[2011/01/08 20:04:56 | 000,000,325 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2011/01/08 20:04:56 | 000,000,271 | ---- | C] () -- C:\Windows\WisPriority.ini
[2011/01/08 20:04:56 | 000,000,028 | ---- | C] () -- C:\Windows\WisLangCode.ini
[2011/01/08 19:26:45 | 000,000,074 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2009/07/13 22:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 19:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 19:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 17:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 14:59:36 | 000,982,196 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009/07/13 14:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009/07/13 14:59:36 | 000,097,448 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2009/07/13 14:59:35 | 000,417,344 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009/07/13 14:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/07/08 18:03:02 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2009/06/10 14:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2005/08/30 00:00:00 | 000,781,312 | ---- | C] () -- C:\Windows\SysWow64\RGSS102J.dll
[2005/08/30 00:00:00 | 000,778,752 | ---- | C] () -- C:\Windows\SysWow64\RGSS102E.dll
[2005/08/30 00:00:00 | 000,771,584 | ---- | C] () -- C:\Windows\SysWow64\RGSS100J.dll

< End of report >

Attached Files



#5 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,708 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:02:28 PM

Posted 01 September 2011 - 09:09 AM

Please before we proceed update me on the current condition of your computer. Are you getting redirected. Is there any issue?

#6 smuckers

smuckers
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:28 AM

Posted 01 September 2011 - 04:26 PM

It is still redirecting the links to the wrong sites. Other than that one blue screen that I didn't get to record everything has been normal. Do you need any other logs?

#7 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,708 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:02:28 PM

Posted 02 September 2011 - 01:14 AM

Please do all the steps in the order they are written and give me feedback.

  • Please go to start => Control Panel => Programs and Features and uninstall the following bad software:

    StartNow Toolbar 2.0

    Please let me know if you could do it.
  • Please open OTL.
  • Copy the text in code box and paste it to Custom Scans/Fixes section:

    :otl
    O20 - AppInit_DLLs: (C:\ProgramData\mfc4232.dll) - C:\ProgramData\mfc4232.dll (People Can Fly)
    SRV - [2011/03/24 02:59:34 | 000,199,904 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe -- (Toolbar Updater Service)
    
    :files
    C:\Windows\SysWow64\115380643
    C:\ProgramData\cngprovider32.dll
    C:\ProgramData\KBDBU32.dll
    C:\ProgramData\RpcDiag32.dll
    C:\ProgramData\KBDROST32.dll
    C:\ProgramData\stclient32.dll
    C:\ProgramData\npmproxy32.dll
    C:\ProgramData\qwave32.dll
    C:\ProgramData\DWrite32.dll
    C:\ProgramData\WcnEapPeerProxy32.dll
    C:\ProgramData\clusapi32.dll
    C:\ProgramData\KBDHE31932.dll
    C:\ProgramData\wmpeffects32.dll
    C:\ProgramData\MSAC3ENC32.dll
    C:\ProgramData\NlsData004932.dll
    C:\ProgramData\SyncInfrastructureps32.dll
    C:\ProgramData\KBDSL32.dll
    C:\ProgramData\w32topl32.dll
    C:\ProgramData\sendmail32.dll
    C:\ProgramData\xactengine3_532.dll
    C:\ProgramData\qasf32.dll
    C:\ProgramData\KBDUZB32.dll
    C:\ProgramData\odfox3232.dll
    C:\ProgramData\odbccr3232.dll
    C:\ProgramData\KBDFO32.dll
    C:\ProgramData\secproc_ssp32.dll
    C:\ProgramData\cmipnpinstall32.dll
    C:\ProgramData\chtbrkr32.dll
    C:\ProgramData\certCredProvider32.dll
    C:\ProgramData\migisol32.dll
    C:\ProgramData\NlsLexicons004932.dll
    C:\ProgramData\msdelta32.dll
    C:\ProgramData\mfcm10032.dll
    C:\ProgramData\nlhtml32.dll
    C:\ProgramData\sirenacm32.dll
    C:\ProgramData\sfc_os32.dll
    C:\ProgramData\WcnEapAuthProxy32.dll
    C:\ProgramData\nlmgp32.dll
    C:\ProgramData\KBDUR132.dll
    C:\ProgramData\netevent32.dll
    C:\ProgramData\atl10032.dll
    C:\ProgramData\wmdrmsdk32.dll
    C:\ProgramData\hlink32.dll
    C:\ProgramData\dtsh32.dll
    C:\ProgramData\asferror32.dll
    C:\ProgramData\X3DAudio1_532.dll
    C:\ProgramData\dhcpcsvc32.dll
    C:\ProgramData\shsvcs32.dll
    C:\ProgramData\avicap3232.dll
    C:\ProgramData\SampleRes32.dll
    C:\ProgramData\wmdrmnet32.dll
    C:\ProgramData\xlivefnt32.dll
    C:\ProgramData\NlsLexicons004532.dll
    C:\ProgramData\mmci32.dll
    C:\ProgramData\PresentationNative_v030032.dll
    C:\ProgramData\oleaut3232.dll
    C:\ProgramData\printui32.dll
    C:\ProgramData\P2P32.dll
    C:\ProgramData\EAPQEC32.dll
    C:\ProgramData\osbaseln32.dll
    C:\ProgramData\cryptsvc32.dll
    C:\ProgramData\shfolder32.dll
    C:\ProgramData\sqlwoa32.dll
    C:\ProgramData\L2SecHC32.dll
    C:\ProgramData\spp32.dll
    C:\ProgramData\rastls32.dll
    C:\ProgramData\NlsData004732.dll
    C:\ProgramData\X3DAudio1_632.dll
    C:\ProgramData\KBDNEPR32.dll
    C:\ProgramData\prncache32.dll
    C:\ProgramData\mssign3232.dll
    C:\ProgramData\powercpl32.dll
    C:\ProgramData\tsmf32.dll
    C:\ProgramData\raschap32.dll
    C:\ProgramData\dsuiext32.dll
    C:\ProgramData\SensorsCpl32.dll
    C:\ProgramData\ieaksie32.dll
    C:\ProgramData\NlsData000d32.dll
    C:\ProgramData\Wldap3232.dll
    C:\ProgramData\miguiresource32.dll
    C:\ProgramData\KBDUSL32.dll
    C:\ProgramData\wshqos32.dll
    C:\ProgramData\iassdo32.dll
    C:\ProgramData\vbscript32.dll
    C:\ProgramData\fontsub32.dll
    C:\ProgramData\UIAutomationCore32.dll
    C:\ProgramData\wshbth32.dll
    C:\ProgramData\tdh32.dll
    C:\ProgramData\adsldpc32.dll
    C:\ProgramData\KBDLA32.dll
    C:\ProgramData\iyuv_3232.dll
    C:\ProgramData\perfnet32.dll
    C:\ProgramData\NlsLexicons004732.dll
    C:\ProgramData\FXSCOMEX32.dll
    C:\ProgramData\iscsidsc32.dll
    C:\ProgramData\fwcfg32.dll
    C:\ProgramData\CSVer32.dll
    C:\ProgramData\msdtcuiu32.dll
    C:\ProgramData\netapi3232.dll
    C:\ProgramData\XAudio2_332.dll
    C:\ProgramData\mfc100enu32.dll
    C:\ProgramData\CertEnrollUI32.dll
    C:\ProgramData\XAudio2_232.dll
    C:\ProgramData\iscsicpl32.dll
    C:\ProgramData\idndl32.dll
    C:\ProgramData\KBDTUF32.dll
    C:\ProgramData\pdhui32.dll
    C:\ProgramData\netjoin32.dll
    C:\ProgramData\KBDINUK232.dll
    C:\ProgramData\mapistub32.dll
    C:\ProgramData\msmpeg2vdec32.dll
    C:\ProgramData\DDORes32.dll
    C:\ProgramData\KBDEST32.dll
    C:\ProgramData\KBDMLT4732.dll
    C:\ProgramData\pstorsvc32.dll
    C:\ProgramData\xactengine2_832.dll
    C:\ProgramData\rasctrs32.dll
    C:\ProgramData\tpmcompc32.dll
    C:\ProgramData\traffic32.dll
    C:\ProgramData\CNHMCA32.dll
    C:\ProgramData\tsgqec32.dll
    C:\ProgramData\duser32.dll
    C:\ProgramData\ocsetapi32.dll
    C:\ProgramData\Faultrep32.dll
    C:\ProgramData\TSpkg32.dll
    C:\ProgramData\NlsData004e32.dll
    C:\ProgramData\jsproxy32.dll
    C:\ProgramData\amxread32.dll
    C:\ProgramData\KBDHE22032.dll
    C:\ProgramData\ir41_qcx32.dll
    C:\ProgramData\winusb32.dll
    C:\ProgramData\d3dx10_4232.dll
    C:\ProgramData\KBDMONMO32.dll
    C:\ProgramData\CNC250U32.dll
    C:\ProgramData\msisip32.dll
    C:\ProgramData\NlsData002032.dll
    C:\ProgramData\winrscmd32.dll
    C:\ProgramData\cfgbkend32.dll
    C:\ProgramData\powrprof32.dll
    C:\ProgramData\taskcomp32.dll
    C:\ProgramData\xlive32.dll
    C:\ProgramData\dnsapi32.dll
    C:\ProgramData\PhotoMetadataHandler32.dll
    C:\ProgramData\wow3232.dll
    C:\ProgramData\msimsg32.dll
    C:\ProgramData\KBDCR32.dll
    C:\ProgramData\pngfilt32.dll
    C:\ProgramData\packager32.dll
    C:\ProgramData\PortableDeviceTypes32.dll
    C:\ProgramData\lz3232.dll
    C:\ProgramData\msdtcVSp1res32.dll
    C:\ProgramData\esent32.dll
    C:\ProgramData\dhcpcmonitor32.dll
    C:\ProgramData\chsbrkr32.dll
    C:\ProgramData\KBDRU132.dll
    C:\ProgramData\SmartcardCredentialProvider32.dll
    C:\ProgramData\KBDUGHR32.dll
    C:\ProgramData\mfc4032.dll
    C:\ProgramData\resutils32.dll
    C:\ProgramData\wintrust32.dll
    C:\ProgramData\InkEd32.dll
    C:\ProgramData\riched3232.dll
    C:\ProgramData\d3dx9_2732.dll
    C:\ProgramData\spwizeng32.dll
    C:\ProgramData\rpchttp32.dll
    C:\ProgramData\sqmapi32.dll
    C:\ProgramData\netcenter32.dll
    C:\ProgramData\dbnmpntw32.dll
    C:\ProgramData\msnetobj32.dll
    C:\ProgramData\capiprovider32.dll
    C:\ProgramData\secproc_isv32.dll
    C:\ProgramData\KBDINKAN32.dll
    C:\ProgramData\wsecedit32.dll
    C:\ProgramData\KBDDIV232.dll
    C:\ProgramData\KBDUKX32.dll
    C:\ProgramData\XPSSHHDR32.dll
    C:\ProgramData\KBDLAO32.dll
    C:\ProgramData\adsmsext32.dll
    C:\ProgramData\ntvdm6432.dll
    C:\ProgramData\btpanui32.dll
    C:\ProgramData\colorui32.dll
    C:\ProgramData\wsnmp3232.dll
    C:\ProgramData\UserAccountControlSettings32.dll
    C:\ProgramData\d3dcsx_4232.dll
    C:\ProgramData\dmusic32.dll
    C:\ProgramData\basecsp32.dll
    C:\ProgramData\wshext32.dll
    C:\ProgramData\KBDIBO32.dll
    C:\ProgramData\mfc100jpn32.dll
    C:\ProgramData\icardres32.dll
    C:\ProgramData\netplwiz32.dll
    C:\ProgramData\dmdskmgr32.dll
    C:\ProgramData\themeui32.dll
    C:\ProgramData\dot3gpclnt32.dll
    C:\ProgramData\sechost32.dll
    C:\ProgramData\apilogen32.dll
    C:\ProgramData\Apphlpdm32.dll
    C:\ProgramData\KBDBGPH132.dll
    C:\ProgramData\RGSS102E32.dll
    C:\ProgramData\KBDRO32.dll
    C:\ProgramData\ssdpapi32.dll
    C:\ProgramData\wmerror32.dll
    C:\ProgramData\KBDTH032.dll
    C:\ProgramData\NlsModels001132.dll
    C:\ProgramData\D3DCompiler_4132.dll
    C:\ProgramData\QSVRMGMT32.dll
    C:\ProgramData\dwmapi32.dll
    C:\ProgramData\wshirda32.dll
    C:\ProgramData\KBDIC32.dll
    C:\ProgramData\Nlsdl32.dll
    C:\ProgramData\mfc100rus32.dll
    C:\ProgramData\dhcpcsvc632.dll
    C:\ProgramData\CNC250L32.dll
    C:\ProgramData\icm3232.dll
    C:\ProgramData\secproc_ssp_isv32.dll
    C:\ProgramData\netutils32.dll
    C:\ProgramData\dmime32.dll
    C:\ProgramData\tlscsp32.dll
    C:\ProgramData\dot3hc32.dll
    C:\ProgramData\secproc32.dll
    C:\ProgramData\IconCodecService32.dll
    C:\ProgramData\apircl32.dll
    C:\ProgramData\FXSCOM32.dll
    C:\ProgramData\aspnet_counters32.dll
    C:\ProgramData\cngaudit32.dll
    C:\ProgramData\KBDBR32.dll
    C:\ProgramData\rnr2032.dll
    C:\ProgramData\KBDROPR32.dll
    C:\ProgramData\SSShim32.dll
    C:\ProgramData\wmidx32.dll
    C:\ProgramData\KBDTIPRC32.dll
    C:\ProgramData\normaliz32.dll
    C:\ProgramData\D3DCompiler_4232.dll
    C:\ProgramData\QUTIL32.dll
    C:\ProgramData\dwmcore32.dll
    
    
  • Click Run Fix button.
  • If the fix needed a reboot please do it.
  • After finished a log will open. Copy and paste the log to your reply.


#8 smuckers

smuckers
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:28 AM

Posted 02 September 2011 - 03:00 AM

the toolbar was unintstalled sucessfully and here's the log. I tested google and it still gets redirected to a find fast answers link.

========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\ProgramData\mfc4232.dll deleted successfully.
C:\ProgramData\mfc4232.dll moved successfully.
Error: No service named Toolbar Updater Service was found to stop!
Service\Driver key Toolbar Updater Service not found.
File C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe not found.
========== FILES ==========
C:\Windows\SysWow64\115380643 moved successfully.
C:\ProgramData\cngprovider32.dll moved successfully.
C:\ProgramData\KBDBU32.dll moved successfully.
C:\ProgramData\RpcDiag32.dll moved successfully.
C:\ProgramData\KBDROST32.dll moved successfully.
C:\ProgramData\stclient32.dll moved successfully.
C:\ProgramData\npmproxy32.dll moved successfully.
C:\ProgramData\qwave32.dll moved successfully.
C:\ProgramData\DWrite32.dll moved successfully.
C:\ProgramData\WcnEapPeerProxy32.dll moved successfully.
C:\ProgramData\clusapi32.dll moved successfully.
C:\ProgramData\KBDHE31932.dll moved successfully.
C:\ProgramData\wmpeffects32.dll moved successfully.
C:\ProgramData\MSAC3ENC32.dll moved successfully.
C:\ProgramData\NlsData004932.dll moved successfully.
C:\ProgramData\SyncInfrastructureps32.dll moved successfully.
C:\ProgramData\KBDSL32.dll moved successfully.
C:\ProgramData\w32topl32.dll moved successfully.
C:\ProgramData\sendmail32.dll moved successfully.
C:\ProgramData\xactengine3_532.dll moved successfully.
C:\ProgramData\qasf32.dll moved successfully.
C:\ProgramData\KBDUZB32.dll moved successfully.
C:\ProgramData\odfox3232.dll moved successfully.
C:\ProgramData\odbccr3232.dll moved successfully.
C:\ProgramData\KBDFO32.dll moved successfully.
C:\ProgramData\secproc_ssp32.dll moved successfully.
C:\ProgramData\cmipnpinstall32.dll moved successfully.
C:\ProgramData\chtbrkr32.dll moved successfully.
C:\ProgramData\certCredProvider32.dll moved successfully.
C:\ProgramData\migisol32.dll moved successfully.
C:\ProgramData\NlsLexicons004932.dll moved successfully.
C:\ProgramData\msdelta32.dll moved successfully.
C:\ProgramData\mfcm10032.dll moved successfully.
C:\ProgramData\nlhtml32.dll moved successfully.
C:\ProgramData\sirenacm32.dll moved successfully.
C:\ProgramData\sfc_os32.dll moved successfully.
C:\ProgramData\WcnEapAuthProxy32.dll moved successfully.
C:\ProgramData\nlmgp32.dll moved successfully.
C:\ProgramData\KBDUR132.dll moved successfully.
C:\ProgramData\netevent32.dll moved successfully.
C:\ProgramData\atl10032.dll moved successfully.
C:\ProgramData\wmdrmsdk32.dll moved successfully.
C:\ProgramData\hlink32.dll moved successfully.
C:\ProgramData\dtsh32.dll moved successfully.
C:\ProgramData\asferror32.dll moved successfully.
C:\ProgramData\X3DAudio1_532.dll moved successfully.
C:\ProgramData\dhcpcsvc32.dll moved successfully.
C:\ProgramData\shsvcs32.dll moved successfully.
C:\ProgramData\avicap3232.dll moved successfully.
C:\ProgramData\SampleRes32.dll moved successfully.
C:\ProgramData\wmdrmnet32.dll moved successfully.
C:\ProgramData\xlivefnt32.dll moved successfully.
C:\ProgramData\NlsLexicons004532.dll moved successfully.
C:\ProgramData\mmci32.dll moved successfully.
C:\ProgramData\PresentationNative_v030032.dll moved successfully.
C:\ProgramData\oleaut3232.dll moved successfully.
C:\ProgramData\printui32.dll moved successfully.
C:\ProgramData\P2P32.dll moved successfully.
C:\ProgramData\EAPQEC32.dll moved successfully.
C:\ProgramData\osbaseln32.dll moved successfully.
C:\ProgramData\cryptsvc32.dll moved successfully.
C:\ProgramData\shfolder32.dll moved successfully.
C:\ProgramData\sqlwoa32.dll moved successfully.
C:\ProgramData\L2SecHC32.dll moved successfully.
C:\ProgramData\spp32.dll moved successfully.
C:\ProgramData\rastls32.dll moved successfully.
C:\ProgramData\NlsData004732.dll moved successfully.
C:\ProgramData\X3DAudio1_632.dll moved successfully.
C:\ProgramData\KBDNEPR32.dll moved successfully.
C:\ProgramData\prncache32.dll moved successfully.
C:\ProgramData\mssign3232.dll moved successfully.
C:\ProgramData\powercpl32.dll moved successfully.
C:\ProgramData\tsmf32.dll moved successfully.
C:\ProgramData\raschap32.dll moved successfully.
C:\ProgramData\dsuiext32.dll moved successfully.
C:\ProgramData\SensorsCpl32.dll moved successfully.
C:\ProgramData\ieaksie32.dll moved successfully.
C:\ProgramData\NlsData000d32.dll moved successfully.
C:\ProgramData\Wldap3232.dll moved successfully.
C:\ProgramData\miguiresource32.dll moved successfully.
C:\ProgramData\KBDUSL32.dll moved successfully.
C:\ProgramData\wshqos32.dll moved successfully.
C:\ProgramData\iassdo32.dll moved successfully.
C:\ProgramData\vbscript32.dll moved successfully.
C:\ProgramData\fontsub32.dll moved successfully.
C:\ProgramData\UIAutomationCore32.dll moved successfully.
C:\ProgramData\wshbth32.dll moved successfully.
C:\ProgramData\tdh32.dll moved successfully.
C:\ProgramData\adsldpc32.dll moved successfully.
C:\ProgramData\KBDLA32.dll moved successfully.
C:\ProgramData\iyuv_3232.dll moved successfully.
C:\ProgramData\perfnet32.dll moved successfully.
C:\ProgramData\NlsLexicons004732.dll moved successfully.
C:\ProgramData\FXSCOMEX32.dll moved successfully.
C:\ProgramData\iscsidsc32.dll moved successfully.
C:\ProgramData\fwcfg32.dll moved successfully.
C:\ProgramData\CSVer32.dll moved successfully.
C:\ProgramData\msdtcuiu32.dll moved successfully.
C:\ProgramData\netapi3232.dll moved successfully.
C:\ProgramData\XAudio2_332.dll moved successfully.
C:\ProgramData\mfc100enu32.dll moved successfully.
C:\ProgramData\CertEnrollUI32.dll moved successfully.
C:\ProgramData\XAudio2_232.dll moved successfully.
C:\ProgramData\iscsicpl32.dll moved successfully.
C:\ProgramData\idndl32.dll moved successfully.
C:\ProgramData\KBDTUF32.dll moved successfully.
C:\ProgramData\pdhui32.dll moved successfully.
C:\ProgramData\netjoin32.dll moved successfully.
C:\ProgramData\KBDINUK232.dll moved successfully.
C:\ProgramData\mapistub32.dll moved successfully.
C:\ProgramData\msmpeg2vdec32.dll moved successfully.
C:\ProgramData\DDORes32.dll moved successfully.
C:\ProgramData\KBDEST32.dll moved successfully.
C:\ProgramData\KBDMLT4732.dll moved successfully.
C:\ProgramData\pstorsvc32.dll moved successfully.
C:\ProgramData\xactengine2_832.dll moved successfully.
C:\ProgramData\rasctrs32.dll moved successfully.
C:\ProgramData\tpmcompc32.dll moved successfully.
C:\ProgramData\traffic32.dll moved successfully.
C:\ProgramData\CNHMCA32.dll moved successfully.
C:\ProgramData\tsgqec32.dll moved successfully.
C:\ProgramData\duser32.dll moved successfully.
C:\ProgramData\ocsetapi32.dll moved successfully.
C:\ProgramData\Faultrep32.dll moved successfully.
C:\ProgramData\TSpkg32.dll moved successfully.
C:\ProgramData\NlsData004e32.dll moved successfully.
C:\ProgramData\jsproxy32.dll moved successfully.
C:\ProgramData\amxread32.dll moved successfully.
C:\ProgramData\KBDHE22032.dll moved successfully.
C:\ProgramData\ir41_qcx32.dll moved successfully.
C:\ProgramData\winusb32.dll moved successfully.
C:\ProgramData\d3dx10_4232.dll moved successfully.
C:\ProgramData\KBDMONMO32.dll moved successfully.
C:\ProgramData\CNC250U32.dll moved successfully.
C:\ProgramData\msisip32.dll moved successfully.
C:\ProgramData\NlsData002032.dll moved successfully.
C:\ProgramData\winrscmd32.dll moved successfully.
C:\ProgramData\cfgbkend32.dll moved successfully.
C:\ProgramData\powrprof32.dll moved successfully.
C:\ProgramData\taskcomp32.dll moved successfully.
C:\ProgramData\xlive32.dll moved successfully.
C:\ProgramData\dnsapi32.dll moved successfully.
C:\ProgramData\PhotoMetadataHandler32.dll moved successfully.
C:\ProgramData\wow3232.dll moved successfully.
C:\ProgramData\msimsg32.dll moved successfully.
C:\ProgramData\KBDCR32.dll moved successfully.
C:\ProgramData\pngfilt32.dll moved successfully.
C:\ProgramData\packager32.dll moved successfully.
C:\ProgramData\PortableDeviceTypes32.dll moved successfully.
C:\ProgramData\lz3232.dll moved successfully.
C:\ProgramData\msdtcVSp1res32.dll moved successfully.
C:\ProgramData\esent32.dll moved successfully.
C:\ProgramData\dhcpcmonitor32.dll moved successfully.
C:\ProgramData\chsbrkr32.dll moved successfully.
C:\ProgramData\KBDRU132.dll moved successfully.
C:\ProgramData\SmartcardCredentialProvider32.dll moved successfully.
C:\ProgramData\KBDUGHR32.dll moved successfully.
C:\ProgramData\mfc4032.dll moved successfully.
C:\ProgramData\resutils32.dll moved successfully.
C:\ProgramData\wintrust32.dll moved successfully.
C:\ProgramData\InkEd32.dll moved successfully.
C:\ProgramData\riched3232.dll moved successfully.
C:\ProgramData\d3dx9_2732.dll moved successfully.
C:\ProgramData\spwizeng32.dll moved successfully.
C:\ProgramData\rpchttp32.dll moved successfully.
C:\ProgramData\sqmapi32.dll moved successfully.
C:\ProgramData\netcenter32.dll moved successfully.
C:\ProgramData\dbnmpntw32.dll moved successfully.
C:\ProgramData\msnetobj32.dll moved successfully.
C:\ProgramData\capiprovider32.dll moved successfully.
C:\ProgramData\secproc_isv32.dll moved successfully.
C:\ProgramData\KBDINKAN32.dll moved successfully.
C:\ProgramData\wsecedit32.dll moved successfully.
C:\ProgramData\KBDDIV232.dll moved successfully.
C:\ProgramData\KBDUKX32.dll moved successfully.
C:\ProgramData\XPSSHHDR32.dll moved successfully.
C:\ProgramData\KBDLAO32.dll moved successfully.
C:\ProgramData\adsmsext32.dll moved successfully.
C:\ProgramData\ntvdm6432.dll moved successfully.
C:\ProgramData\btpanui32.dll moved successfully.
C:\ProgramData\colorui32.dll moved successfully.
C:\ProgramData\wsnmp3232.dll moved successfully.
C:\ProgramData\UserAccountControlSettings32.dll moved successfully.
C:\ProgramData\d3dcsx_4232.dll moved successfully.
C:\ProgramData\dmusic32.dll moved successfully.
C:\ProgramData\basecsp32.dll moved successfully.
C:\ProgramData\wshext32.dll moved successfully.
C:\ProgramData\KBDIBO32.dll moved successfully.
C:\ProgramData\mfc100jpn32.dll moved successfully.
C:\ProgramData\icardres32.dll moved successfully.
C:\ProgramData\netplwiz32.dll moved successfully.
C:\ProgramData\dmdskmgr32.dll moved successfully.
C:\ProgramData\themeui32.dll moved successfully.
C:\ProgramData\dot3gpclnt32.dll moved successfully.
C:\ProgramData\sechost32.dll moved successfully.
C:\ProgramData\apilogen32.dll moved successfully.
C:\ProgramData\Apphlpdm32.dll moved successfully.
C:\ProgramData\KBDBGPH132.dll moved successfully.
C:\ProgramData\RGSS102E32.dll moved successfully.
C:\ProgramData\KBDRO32.dll moved successfully.
C:\ProgramData\ssdpapi32.dll moved successfully.
C:\ProgramData\wmerror32.dll moved successfully.
C:\ProgramData\KBDTH032.dll moved successfully.
C:\ProgramData\NlsModels001132.dll moved successfully.
C:\ProgramData\D3DCompiler_4132.dll moved successfully.
C:\ProgramData\QSVRMGMT32.dll moved successfully.
C:\ProgramData\dwmapi32.dll moved successfully.
C:\ProgramData\wshirda32.dll moved successfully.
C:\ProgramData\KBDIC32.dll moved successfully.
C:\ProgramData\Nlsdl32.dll moved successfully.
C:\ProgramData\mfc100rus32.dll moved successfully.
C:\ProgramData\dhcpcsvc632.dll moved successfully.
C:\ProgramData\CNC250L32.dll moved successfully.
C:\ProgramData\icm3232.dll moved successfully.
C:\ProgramData\secproc_ssp_isv32.dll moved successfully.
C:\ProgramData\netutils32.dll moved successfully.
C:\ProgramData\dmime32.dll moved successfully.
C:\ProgramData\tlscsp32.dll moved successfully.
C:\ProgramData\dot3hc32.dll moved successfully.
C:\ProgramData\secproc32.dll moved successfully.
C:\ProgramData\IconCodecService32.dll moved successfully.
C:\ProgramData\apircl32.dll moved successfully.
C:\ProgramData\FXSCOM32.dll moved successfully.
C:\ProgramData\aspnet_counters32.dll moved successfully.
C:\ProgramData\cngaudit32.dll moved successfully.
C:\ProgramData\KBDBR32.dll moved successfully.
C:\ProgramData\rnr2032.dll moved successfully.
C:\ProgramData\KBDROPR32.dll moved successfully.
C:\ProgramData\SSShim32.dll moved successfully.
C:\ProgramData\wmidx32.dll moved successfully.
C:\ProgramData\KBDTIPRC32.dll moved successfully.
C:\ProgramData\normaliz32.dll moved successfully.
C:\ProgramData\D3DCompiler_4232.dll moved successfully.
C:\ProgramData\QUTIL32.dll moved successfully.
C:\ProgramData\dwmcore32.dll moved successfully.

OTL by OldTimer - Version 3.2.27.0 log created on 09022011_005900

#9 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,708 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:02:28 PM

Posted 02 September 2011 - 04:38 AM

  • Please download TDSSKiller.zip and and extract it.
    • Run TDSSKiller.exe.
    • Click Start scan.
    • When it is finished the utility outputs a list of detected objects with description.
      The utility automatically selects an action (Cure or Delete) for malicious objects.
      The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
    • Let reboot if needed and tell me if the tool needed a reboot.
    • Click on Report and post the contents of the text file that will open.

      Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.
  • Please download GooredFix from one of the locations below and save it to your Desktop
    Download Mirror #1
    Download Mirror #2
    • Ensure all Firefox windows are closed.
    • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
    • When prompted to run the scan, click Yes.
    • GooredFix will check for infections, and then a log will appear. Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).
  • Please run OTL.
    • Set Services and Drivers to "All".
    • Click Run Scan button.
    • Post OTL.txt

Edited by farbar, 02 September 2011 - 04:44 AM.


#10 smuckers

smuckers
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:28 AM

Posted 02 September 2011 - 07:01 PM

It didn't need a reboot
2011/09/02 16:44:24.0530 7524 TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57
2011/09/02 16:44:25.0149 7524 ================================================================================
2011/09/02 16:44:25.0149 7524 SystemInfo:
2011/09/02 16:44:25.0149 7524
2011/09/02 16:44:25.0149 7524 OS Version: 6.1.7601 ServicePack: 1.0
2011/09/02 16:44:25.0149 7524 Product type: Workstation
2011/09/02 16:44:25.0149 7524 ComputerName: WESLEY-PC
2011/09/02 16:44:25.0149 7524 UserName: Wesley
2011/09/02 16:44:25.0149 7524 Windows directory: C:\Windows
2011/09/02 16:44:25.0149 7524 System windows directory: C:\Windows
2011/09/02 16:44:25.0149 7524 Running under WOW64
2011/09/02 16:44:25.0149 7524 Processor architecture: Intel x64
2011/09/02 16:44:25.0149 7524 Number of processors: 4
2011/09/02 16:44:25.0149 7524 Page size: 0x1000
2011/09/02 16:44:25.0149 7524 Boot type: Normal boot
2011/09/02 16:44:25.0149 7524 ================================================================================
2011/09/02 16:44:25.0790 7524 Initialize success
2011/09/02 16:44:31.0273 0184 ================================================================================
2011/09/02 16:44:31.0273 0184 Scan started
2011/09/02 16:44:31.0273 0184 Mode: Manual;
2011/09/02 16:44:31.0273 0184 ================================================================================
2011/09/02 16:44:32.0809 0184 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
2011/09/02 16:44:32.0885 0184 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
2011/09/02 16:44:32.0937 0184 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
2011/09/02 16:44:32.0979 0184 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/09/02 16:44:33.0010 0184 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/09/02 16:44:33.0054 0184 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/09/02 16:44:33.0155 0184 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
2011/09/02 16:44:33.0221 0184 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
2011/09/02 16:44:33.0283 0184 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
2011/09/02 16:44:33.0310 0184 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
2011/09/02 16:44:33.0345 0184 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/09/02 16:44:33.0383 0184 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/09/02 16:44:33.0432 0184 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
2011/09/02 16:44:33.0470 0184 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/09/02 16:44:33.0500 0184 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
2011/09/02 16:44:33.0556 0184 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
2011/09/02 16:44:33.0616 0184 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/09/02 16:44:33.0655 0184 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/09/02 16:44:33.0711 0184 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/09/02 16:44:33.0773 0184 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
2011/09/02 16:44:33.0857 0184 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/09/02 16:44:33.0901 0184 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/09/02 16:44:33.0964 0184 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/09/02 16:44:34.0013 0184 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/09/02 16:44:34.0091 0184 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
2011/09/02 16:44:34.0127 0184 bpenum (86a4289ee7663e0a51f1a523f8466ea2) C:\Windows\system32\DRIVERS\bpenum.sys
2011/09/02 16:44:34.0157 0184 bpmp (cfaddb7733e91214f04641bca3cc1d06) C:\Windows\system32\DRIVERS\bpmp.sys
2011/09/02 16:44:34.0185 0184 bpusb (24884464fce06814158752af782a0b18) C:\Windows\system32\Drivers\bpusb.sys
2011/09/02 16:44:34.0226 0184 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/09/02 16:44:34.0246 0184 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/09/02 16:44:34.0289 0184 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/09/02 16:44:34.0324 0184 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/09/02 16:44:34.0338 0184 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/09/02 16:44:34.0377 0184 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/09/02 16:44:34.0448 0184 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
2011/09/02 16:44:34.0489 0184 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/09/02 16:44:34.0520 0184 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
2011/09/02 16:44:34.0552 0184 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
2011/09/02 16:44:34.0604 0184 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
2011/09/02 16:44:34.0624 0184 btusbflt (d3466f77c2c49c6e393ba5fba963a33e) C:\Windows\system32\drivers\btusbflt.sys
2011/09/02 16:44:34.0673 0184 btwaudio (af838d8029ae7c27470862d63fa54d24) C:\Windows\system32\drivers\btwaudio.sys
2011/09/02 16:44:34.0696 0184 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\DRIVERS\btwavdt.sys
2011/09/02 16:44:34.0737 0184 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
2011/09/02 16:44:34.0760 0184 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\DRIVERS\btwrchid.sys
2011/09/02 16:44:34.0809 0184 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/09/02 16:44:34.0866 0184 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
2011/09/02 16:44:34.0914 0184 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/09/02 16:44:34.0948 0184 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/09/02 16:44:35.0000 0184 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/09/02 16:44:35.0048 0184 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
2011/09/02 16:44:35.0113 0184 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
2011/09/02 16:44:35.0177 0184 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/09/02 16:44:35.0224 0184 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
2011/09/02 16:44:35.0268 0184 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/09/02 16:44:35.0324 0184 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys
2011/09/02 16:44:35.0396 0184 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
2011/09/02 16:44:35.0432 0184 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/09/02 16:44:35.0455 0184 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/09/02 16:44:35.0536 0184 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/09/02 16:44:35.0596 0184 dtsoftbus01 (fb9bef3401ee5ecc2603311b9c64f44a) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
2011/09/02 16:44:35.0700 0184 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
2011/09/02 16:44:35.0836 0184 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/09/02 16:44:35.0951 0184 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/09/02 16:44:35.0997 0184 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
2011/09/02 16:44:36.0056 0184 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/09/02 16:44:36.0091 0184 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/09/02 16:44:36.0129 0184 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/09/02 16:44:36.0169 0184 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/09/02 16:44:36.0193 0184 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/09/02 16:44:36.0219 0184 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/09/02 16:44:36.0280 0184 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
2011/09/02 16:44:36.0327 0184 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/09/02 16:44:36.0349 0184 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/09/02 16:44:36.0475 0184 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/09/02 16:44:36.0508 0184 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/09/02 16:44:36.0565 0184 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/09/02 16:44:36.0739 0184 Gun (721ce1551f8198714f3cabfe2147939b) C:\Game\SoftnyxGame\GunBoundIS\Gun64.sys
2011/09/02 16:44:36.0855 0184 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/09/02 16:44:36.0933 0184 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
2011/09/02 16:44:36.0999 0184 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
2011/09/02 16:44:37.0045 0184 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
2011/09/02 16:44:37.0080 0184 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/09/02 16:44:37.0107 0184 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/09/02 16:44:37.0135 0184 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/09/02 16:44:37.0196 0184 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
2011/09/02 16:44:37.0247 0184 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
2011/09/02 16:44:37.0316 0184 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
2011/09/02 16:44:37.0370 0184 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
2011/09/02 16:44:37.0427 0184 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
2011/09/02 16:44:37.0508 0184 iaStor (2064090c9faad92c090d77e50e735b2e) C:\Windows\system32\DRIVERS\iaStor.sys
2011/09/02 16:44:37.0594 0184 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
2011/09/02 16:44:37.0834 0184 igfx (c6238c6abd6ac99f5d152da4e9439a3d) C:\Windows\system32\DRIVERS\igdkmd64.sys
2011/09/02 16:44:38.0064 0184 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/09/02 16:44:38.0127 0184 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
2011/09/02 16:44:38.0189 0184 IntcDAud (c6c1f19205da83c801be7c25f4e2ee07) C:\Windows\system32\DRIVERS\IntcDAud.sys
2011/09/02 16:44:38.0237 0184 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
2011/09/02 16:44:38.0279 0184 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/09/02 16:44:38.0325 0184 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/09/02 16:44:38.0355 0184 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
2011/09/02 16:44:38.0392 0184 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/09/02 16:44:38.0466 0184 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/09/02 16:44:38.0516 0184 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
2011/09/02 16:44:38.0542 0184 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
2011/09/02 16:44:38.0594 0184 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/09/02 16:44:38.0640 0184 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/09/02 16:44:38.0694 0184 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
2011/09/02 16:44:38.0749 0184 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
2011/09/02 16:44:38.0779 0184 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/09/02 16:44:38.0840 0184 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/09/02 16:44:38.0897 0184 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/09/02 16:44:38.0943 0184 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/09/02 16:44:38.0976 0184 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/09/02 16:44:39.0008 0184 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/09/02 16:44:39.0048 0184 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/09/02 16:44:39.0118 0184 MBAMProtector (9c4fb231b6e02f84580de2f00f3c5293) C:\Windows\system32\drivers\mbam.sys
2011/09/02 16:44:39.0215 0184 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/09/02 16:44:39.0247 0184 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/09/02 16:44:39.0291 0184 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/09/02 16:44:39.0315 0184 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/09/02 16:44:39.0369 0184 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2011/09/02 16:44:39.0400 0184 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/09/02 16:44:39.0449 0184 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
2011/09/02 16:44:39.0503 0184 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
2011/09/02 16:44:39.0550 0184 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/09/02 16:44:39.0606 0184 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
2011/09/02 16:44:39.0661 0184 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/09/02 16:44:39.0723 0184 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/09/02 16:44:39.0767 0184 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/09/02 16:44:39.0818 0184 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
2011/09/02 16:44:39.0869 0184 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
2011/09/02 16:44:39.0930 0184 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/09/02 16:44:39.0949 0184 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/09/02 16:44:39.0999 0184 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
2011/09/02 16:44:40.0051 0184 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/09/02 16:44:40.0087 0184 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/09/02 16:44:40.0127 0184 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/09/02 16:44:40.0182 0184 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
2011/09/02 16:44:40.0213 0184 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
2011/09/02 16:44:40.0232 0184 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/09/02 16:44:40.0268 0184 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/09/02 16:44:40.0304 0184 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/09/02 16:44:40.0374 0184 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/09/02 16:44:40.0459 0184 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
2011/09/02 16:44:40.0502 0184 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/09/02 16:44:40.0538 0184 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/09/02 16:44:40.0588 0184 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/09/02 16:44:40.0639 0184 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/09/02 16:44:40.0692 0184 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
2011/09/02 16:44:40.0721 0184 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/09/02 16:44:40.0776 0184 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
2011/09/02 16:44:40.0969 0184 NETw5s64 (18555f48844c2861d9dce8f2b7223ae5) C:\Windows\system32\DRIVERS\NETw5s64.sys
2011/09/02 16:44:41.0153 0184 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/09/02 16:44:41.0191 0184 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/09/02 16:44:41.0229 0184 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/09/02 16:44:41.0308 0184 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
2011/09/02 16:44:41.0378 0184 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/09/02 16:44:41.0427 0184 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
2011/09/02 16:44:41.0459 0184 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
2011/09/02 16:44:41.0511 0184 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
2011/09/02 16:44:41.0543 0184 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
2011/09/02 16:44:41.0597 0184 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/09/02 16:44:41.0650 0184 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
2011/09/02 16:44:41.0680 0184 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
2011/09/02 16:44:41.0705 0184 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
2011/09/02 16:44:41.0744 0184 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/09/02 16:44:41.0784 0184 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/09/02 16:44:41.0815 0184 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/09/02 16:44:42.0020 0184 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
2011/09/02 16:44:42.0068 0184 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/09/02 16:44:42.0136 0184 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
2011/09/02 16:44:42.0176 0184 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
2011/09/02 16:44:42.0228 0184 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/09/02 16:44:42.0283 0184 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/09/02 16:44:42.0310 0184 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/09/02 16:44:42.0344 0184 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/09/02 16:44:42.0379 0184 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/09/02 16:44:42.0441 0184 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/09/02 16:44:42.0478 0184 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/09/02 16:44:42.0525 0184 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/09/02 16:44:42.0577 0184 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
2011/09/02 16:44:42.0614 0184 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/09/02 16:44:42.0643 0184 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/09/02 16:44:42.0679 0184 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/09/02 16:44:42.0707 0184 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/09/02 16:44:42.0756 0184 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
2011/09/02 16:44:42.0802 0184 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
2011/09/02 16:44:42.0860 0184 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
2011/09/02 16:44:42.0915 0184 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/09/02 16:44:42.0950 0184 RSUSBSTOR (30f463768d5143bfd7b2df822b53cf4d) C:\Windows\system32\Drivers\RtsUStor.sys
2011/09/02 16:44:42.0995 0184 RTL8167 (fd978b2bf8a9b2390dcbef435e9c1f9f) C:\Windows\system32\DRIVERS\Rt64win7.sys
2011/09/02 16:44:43.0054 0184 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
2011/09/02 16:44:43.0125 0184 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
2011/09/02 16:44:43.0184 0184 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/09/02 16:44:43.0234 0184 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/09/02 16:44:43.0277 0184 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/09/02 16:44:43.0334 0184 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/09/02 16:44:43.0390 0184 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
2011/09/02 16:44:43.0420 0184 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
2011/09/02 16:44:43.0443 0184 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
2011/09/02 16:44:43.0476 0184 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/09/02 16:44:43.0526 0184 Sftfs (72cd52403efc137290cb5a328510ebca) C:\Windows\system32\DRIVERS\Sftfslh.sys
2011/09/02 16:44:43.0594 0184 Sftplay (31a36ef71af36eabcc4b4f8ab8f76465) C:\Windows\system32\DRIVERS\Sftplaylh.sys
2011/09/02 16:44:43.0633 0184 Sftredir (2d969194fcc8eb41ed1d52863bfe7f52) C:\Windows\system32\DRIVERS\Sftredirlh.sys
2011/09/02 16:44:43.0660 0184 Sftvol (08b36d2f63af3ca2248458a4280c0c50) C:\Windows\system32\DRIVERS\Sftvollh.sys
2011/09/02 16:44:43.0708 0184 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/09/02 16:44:43.0741 0184 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/09/02 16:44:43.0777 0184 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/09/02 16:44:43.0845 0184 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/09/02 16:44:43.0907 0184 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
2011/09/02 16:44:43.0941 0184 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
2011/09/02 16:44:43.0966 0184 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
2011/09/02 16:44:44.0058 0184 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/09/02 16:44:44.0114 0184 STHDA (4304b75094e106fb5423a290c95841e5) C:\Windows\system32\DRIVERS\stwrt64.sys
2011/09/02 16:44:44.0186 0184 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
2011/09/02 16:44:44.0246 0184 SynTP (8a3fbcb3d6d4710730d27da4392a4863) C:\Windows\system32\DRIVERS\SynTP.sys
2011/09/02 16:44:44.0345 0184 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys
2011/09/02 16:44:44.0509 0184 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys
2011/09/02 16:44:44.0570 0184 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
2011/09/02 16:44:44.0643 0184 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/09/02 16:44:44.0670 0184 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/09/02 16:44:44.0739 0184 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
2011/09/02 16:44:44.0795 0184 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
2011/09/02 16:44:44.0890 0184 tmactmon (73aaffdd2ac3c8814b26c440e5dd9dd4) C:\Windows\system32\DRIVERS\tmactmon.sys
2011/09/02 16:44:44.0979 0184 tmcomm (360e61217d4e1e333583d0c721057f70) C:\Windows\system32\DRIVERS\tmcomm.sys
2011/09/02 16:44:45.0016 0184 tmevtmgr (699d34eb7c670139ca23a65372bd5743) C:\Windows\system32\DRIVERS\tmevtmgr.sys
2011/09/02 16:44:45.0058 0184 tmtdi (262198efb734012bfcd17e7479ae4a09) C:\Windows\system32\DRIVERS\tmtdi.sys
2011/09/02 16:44:45.0127 0184 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/09/02 16:44:45.0202 0184 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
2011/09/02 16:44:45.0296 0184 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
2011/09/02 16:44:45.0347 0184 TurboB (825e7a1f48fb8bcfba27c178aab4e275) C:\Windows\system32\DRIVERS\TurboB.sys
2011/09/02 16:44:45.0403 0184 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/09/02 16:44:45.0457 0184 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
2011/09/02 16:44:45.0533 0184 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
2011/09/02 16:44:45.0563 0184 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
2011/09/02 16:44:45.0601 0184 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/09/02 16:44:45.0686 0184 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
2011/09/02 16:44:45.0736 0184 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/09/02 16:44:45.0785 0184 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
2011/09/02 16:44:45.0834 0184 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
2011/09/02 16:44:45.0876 0184 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
2011/09/02 16:44:45.0910 0184 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
2011/09/02 16:44:45.0963 0184 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/09/02 16:44:46.0020 0184 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
2011/09/02 16:44:46.0075 0184 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
2011/09/02 16:44:46.0103 0184 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
2011/09/02 16:44:46.0174 0184 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
2011/09/02 16:44:46.0239 0184 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
2011/09/02 16:44:46.0287 0184 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/09/02 16:44:46.0317 0184 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/09/02 16:44:46.0371 0184 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
2011/09/02 16:44:46.0454 0184 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
2011/09/02 16:44:46.0480 0184 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
2011/09/02 16:44:46.0526 0184 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
2011/09/02 16:44:46.0587 0184 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
2011/09/02 16:44:46.0631 0184 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/09/02 16:44:46.0659 0184 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
2011/09/02 16:44:46.0697 0184 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
2011/09/02 16:44:46.0723 0184 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
2011/09/02 16:44:46.0759 0184 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/09/02 16:44:46.0815 0184 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/02 16:44:46.0830 0184 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/02 16:44:46.0909 0184 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/09/02 16:44:46.0940 0184 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/09/02 16:44:47.0012 0184 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/09/02 16:44:47.0066 0184 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
2011/09/02 16:44:47.0096 0184 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/09/02 16:44:47.0248 0184 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
2011/09/02 16:44:47.0306 0184 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/09/02 16:44:47.0367 0184 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
2011/09/02 16:44:47.0394 0184 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/09/02 16:44:47.0482 0184 xusb21 (2ee48cfce7ca8e0db4c44c7476c0943b) C:\Windows\system32\DRIVERS\xusb21.sys
2011/09/02 16:44:47.0526 0184 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
2011/09/02 16:44:47.0597 0184 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7} (74983addca2d9618512c088d856d6615) C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl
2011/09/02 16:44:47.0666 0184 MBR (0x1B8) (c3220eb08add62e3ed9f72a1f4e4b1bb) \Device\Harddisk0\DR0
2011/09/02 16:44:47.0697 0184 Boot (0x1200) (b4a651ea79a9998884da67ecffb5e2e7) \Device\Harddisk0\DR0\Partition0
2011/09/02 16:44:47.0716 0184 Boot (0x1200) (02d3c531ac736f85f2d45f0e1fd3f66f) \Device\Harddisk0\DR0\Partition1
2011/09/02 16:44:47.0721 0184 ================================================================================
2011/09/02 16:44:47.0721 0184 Scan finished
2011/09/02 16:44:47.0721 0184 ================================================================================
2011/09/02 16:44:47.0730 2408 Detected object count: 0
2011/09/02 16:44:47.0730 2408 Actual detected object count: 0

GooredFix by jpshortstuff (03.07.10.1)
Log created at 16:47 on 02/09/2011 (Wesley)
Firefox version 6.0.1 (en-US)

========== GooredScan ==========

Deleting "C:\Users\Wesley\Application Data\Mozilla\Firefox\Profiles\es037tj2.default\extensions\{4c47c87e-bfd6-4a26-9a9c-9dd1b513898b}" -> Success!

========== GooredLog ==========

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [00:04 30/04/2011]
{972ce4c6-7e08-4474-a285-3208198ce6fd} [20:49 10/04/2011]
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [23:22 19/05/2011]

C:\Users\Wesley\Application Data\Mozilla\Firefox\Profiles\es037tj2.default\extensions\
DTToolbar@toolbarnet.com [11:14 12/06/2011]
{635abd67-4fe9-1b23-4f01-e679fa7484c1} [00:05 02/08/2011]

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"="C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video" [09:38 12/06/2011]
"{6904342A-8307-11DF-A508-4AE2DFD72085}"="C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa" [09:38 12/06/2011]
"{22C7F6C6-8D67-4534-92B5-529A0EC09405}"="C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1081\firefoxextension\" [12:50 25/08/2011]

-=E.O.F=-

OTL logfile created on: 9/2/2011 4:49:07 PM - Run 2
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Users\Wesley\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.80 Gb Total Physical Memory | 5.57 Gb Available Physical Memory | 71.35% Memory free
15.61 Gb Paging File | 12.95 Gb Available in Paging File | 83.01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 683.89 Gb Total Space | 459.35 Gb Free Space | 67.17% Space Free | Partition Type: NTFS

Computer Name: WESLEY-PC | User Name: Wesley | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (All) ==========

PRC - [2011/09/01 02:39:46 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/09/01 02:39:45 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2011/08/31 23:19:10 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Wesley\Desktop\OTL.exe
PRC - [2011/08/01 16:48:54 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2011/07/06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/06/25 01:31:05 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011/06/07 17:51:12 | 000,421,160 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
PRC - [2011/05/25 14:06:20 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2011/04/06 16:20:16 | 000,349,472 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe
PRC - [2011/03/21 11:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/01/20 02:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2011/01/13 11:54:26 | 000,464,856 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2011/01/13 11:42:12 | 003,811,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/01/13 11:39:32 | 000,783,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2011/01/13 11:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2011/01/06 10:57:26 | 000,524,512 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe
PRC - [2011/01/06 10:56:06 | 001,104,608 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgent.exe
PRC - [2010/06/08 09:49:30 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/06/08 09:49:26 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/04/24 01:10:34 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010/04/24 01:10:28 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010/03/03 13:42:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/03/03 13:41:58 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/02/28 02:33:14 | 000,821,664 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
PRC - [2009/12/29 15:35:38 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/12/29 13:19:14 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2009/10/15 02:10:28 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2009/06/24 15:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe


========== Modules (All) ==========

MOD - [2011/09/01 02:39:46 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
MOD - [2011/09/01 02:39:46 | 000,719,832 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozcpp19.dll
MOD - [2011/09/01 02:39:46 | 000,715,736 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozcrt19.dll
MOD - [2011/09/01 02:39:46 | 000,269,272 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\freebl3.dll
MOD - [2011/09/01 02:39:46 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
MOD - [2011/09/01 02:39:46 | 000,015,832 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
MOD - [2011/09/01 02:39:45 | 015,494,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\xul.dll
MOD - [2011/09/01 02:39:45 | 001,846,232 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/09/01 02:39:45 | 000,785,368 | ---- | M] (sqlite.org) -- C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll
MOD - [2011/09/01 02:39:45 | 000,646,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nss3.dll
MOD - [2011/09/01 02:39:45 | 000,347,096 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll
MOD - [2011/09/01 02:39:45 | 000,203,736 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nspr4.dll
MOD - [2011/09/01 02:39:45 | 000,166,872 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
MOD - [2011/09/01 02:39:45 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\ssl3.dll
MOD - [2011/09/01 02:39:45 | 000,109,528 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\smime3.dll
MOD - [2011/09/01 02:39:45 | 000,105,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll
MOD - [2011/09/01 02:39:45 | 000,089,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll
MOD - [2011/09/01 02:39:45 | 000,021,976 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\plc4.dll
MOD - [2011/09/01 02:39:45 | 000,019,416 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\xpcom.dll
MOD - [2011/09/01 02:39:45 | 000,019,416 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\plds4.dll
MOD - [2011/09/01 02:39:45 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
MOD - [2011/08/31 23:19:10 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Wesley\Desktop\OTL.exe
MOD - [2011/08/10 21:33:31 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\ebdaeeb5ef1a6209d67a2f70fcaf5cd5\System.Core.ni.dll
MOD - [2011/08/10 21:32:25 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\87728d92c9859b06f319711e429d2163\IAStorUtil.ni.dll
MOD - [2011/08/10 03:29:23 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7f94f6b13f92f1e093716d3e15bf86d1\PresentationFramework.Aero.ni.dll
MOD - [2011/08/10 03:29:04 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e3e3b399b69c569ab1ed3b0ace2c8c20\System.Runtime.Remoting.ni.dll
MOD - [2011/08/10 03:28:53 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\c60906a715473ceccf93f0559527e84d\PresentationFramework.ni.dll
MOD - [2011/08/10 03:28:35 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0d43c5e77ee7b8466700b16d7e7d4bb7\System.Windows.Forms.ni.dll
MOD - [2011/08/10 03:28:27 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\9e87dd8fe5d0f925d80a6a6eaf74fdb9\System.Drawing.ni.dll
MOD - [2011/08/10 03:28:25 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\5566b57732d9edea236f54d06149835a\PresentationCore.ni.dll
MOD - [2011/08/10 03:28:15 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\6124dbbfd45927c4a6226d6e6bca6253\WindowsBase.ni.dll
MOD - [2011/08/10 03:28:12 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\16d2854bf69d59d94e64a918365705f1\System.Xml.ni.dll
MOD - [2011/08/10 03:28:09 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\36d0ed3f2a65b9d67933ed46dfcd2ccb\System.Configuration.ni.dll
MOD - [2011/08/10 03:28:08 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\3da7c6c1a0f26ae91883fd8b03ec192d\System.ni.dll
MOD - [2011/08/10 03:28:00 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\16b68fcaff063835ae0ee348a1201f2a\mscorlib.ni.dll
MOD - [2011/08/02 12:04:23 | 000,296,744 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\crashhandler.dll
MOD - [2011/08/02 12:04:21 | 006,133,544 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\steamclient.dll
MOD - [2011/08/02 12:04:21 | 000,436,008 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\vstdlib_s.dll
MOD - [2011/08/02 12:04:21 | 000,288,552 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\tier0_s.dll
MOD - [2011/08/02 12:04:21 | 000,122,864 | ---- | M] (Valve) -- C:\Program Files (x86)\Steam\CSERHelper.dll
MOD - [2011/08/02 12:04:18 | 001,103,656 | ---- | M] (Valve Corporation) -- c:\Program Files (x86)\Steam\bin\ServerBrowser.dll
MOD - [2011/08/02 12:04:18 | 000,980,776 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\bin\SteamService.dll
MOD - [2011/08/02 12:04:18 | 000,583,464 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\bin\vgui2_s.dll
MOD - [2011/08/02 12:04:17 | 014,401,832 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2011/08/02 12:04:16 | 010,899,456 | ---- | M] (IBM Corporation and others) -- C:\Program Files (x86)\Steam\bin\icudt42.dll
MOD - [2011/08/02 12:04:14 | 002,958,672 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.dll
MOD - [2011/08/02 12:04:14 | 001,541,928 | ---- | M] (Valve Corporation) -- c:\Program Files (x86)\Steam\bin\friendsUI.dll
MOD - [2011/08/02 12:04:14 | 000,914,216 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-52.dll
MOD - [2011/08/02 12:04:14 | 000,190,248 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2011/08/02 12:04:14 | 000,186,152 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\bin\FileSystem_Steam.dll
MOD - [2011/08/02 12:04:14 | 000,155,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-52.dll
MOD - [2011/08/02 12:04:14 | 000,091,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-50.dll
MOD - [2011/08/02 12:04:13 | 003,225,384 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\SteamUI.dll
MOD - [2011/08/02 12:04:13 | 001,039,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Steam\dbghelp.dll
MOD - [2011/08/01 16:48:54 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
MOD - [2011/07/21 23:33:14 | 005,988,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtml.dll
MOD - [2011/07/15 21:24:22 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2011/07/15 21:24:22 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2011/07/06 19:52:40 | 002,224,176 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
MOD - [2011/07/06 19:52:40 | 000,174,128 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
MOD - [2011/07/06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
MOD - [2011/06/20 22:28:33 | 000,981,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2011/06/20 22:28:30 | 001,231,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2011/06/20 22:26:00 | 002,073,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2011/06/20 22:25:59 | 010,991,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
MOD - [2011/06/20 22:25:59 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
MOD - [2011/06/16 03:03:10 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
MOD - [2011/06/16 03:03:10 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
MOD - [2011/06/16 03:03:04 | 000,159,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll
MOD - [2011/06/16 03:01:15 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
MOD - [2011/06/16 03:01:15 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
MOD - [2011/06/16 03:01:15 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcm80.dll
MOD - [2011/06/15 21:33:18 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll
MOD - [2011/06/07 17:51:12 | 000,421,160 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
MOD - [2011/06/07 17:51:12 | 000,165,152 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.dll
MOD - [2011/06/07 17:51:12 | 000,048,928 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
MOD - [2011/06/07 17:51:12 | 000,047,904 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll
MOD - [2011/05/26 13:42:00 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/05/26 13:41:44 | 000,406,816 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
MOD - [2011/05/26 13:41:42 | 000,124,192 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
MOD - [2011/05/26 13:41:42 | 000,053,024 | ---- | M] (Open Source Software community project) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
MOD - [2011/05/26 13:41:40 | 000,042,784 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
MOD - [2011/05/26 13:41:38 | 014,021,920 | ---- | M] (IBM Corporation and others) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt40.dll
MOD - [2011/05/26 13:41:38 | 001,041,696 | ---- | M] (IBM Corporation and others) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icuin40.dll
MOD - [2011/05/26 13:41:38 | 000,922,912 | ---- | M] (IBM Corporation and others) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icuuc40.dll
MOD - [2011/05/26 13:41:30 | 000,828,704 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
MOD - [2011/05/26 13:41:24 | 000,628,000 | ---- | M] (Apple, Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
MOD - [2011/05/26 13:41:24 | 000,075,040 | ---- | M] (Apple, Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
MOD - [2011/05/25 14:06:44 | 001,307,936 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
MOD - [2011/05/24 03:40:05 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2011/05/24 03:40:05 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devrtl.dll
MOD - [2011/05/24 03:39:38 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2011/04/06 16:20:16 | 000,152,864 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
MOD - [2011/03/29 15:33:49 | 005,924,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
MOD - [2011/03/29 15:33:48 | 000,363,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
MOD - [2011/03/21 11:57:34 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/03/21 11:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/03/02 22:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2011/02/24 22:34:36 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2011/02/18 23:30:51 | 001,076,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll
MOD - [2011/02/18 23:30:50 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll
MOD - [2011/02/17 22:41:57 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript.dll
MOD - [2011/02/11 19:12:16 | 004,967,424 | ---- | M] (Intel Corporation) -- C:\Windows\SysWOW64\igdumd32.dll
MOD - [2011/02/11 19:09:48 | 000,571,904 | ---- | M] (Intel Corporation) -- C:\Windows\SysWOW64\igdumdx32.dll
MOD - [2011/02/11 19:04:40 | 004,411,392 | ---- | M] (Intel Corporation) -- C:\Windows\SysWOW64\igd10umd32.dll
MOD - [2011/01/26 10:40:00 | 000,017,216 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\DsProtectionIndex.dll
MOD - [2011/01/20 02:20:44 | 002,834,240 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\Engine.dll
MOD - [2011/01/20 02:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
MOD - [2011/01/20 02:19:46 | 001,455,424 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTCommonRes.dll
MOD - [2011/01/16 22:47:13 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1.dll
MOD - [2011/01/13 11:54:26 | 000,464,856 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
MOD - [2011/01/13 11:42:12 | 003,811,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
MOD - [2011/01/13 11:42:04 | 000,259,392 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\STUICore.dll
MOD - [2011/01/13 11:42:02 | 000,038,208 | ---- | M] (SoftThinks) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftBRCC.dll
MOD - [2011/01/13 11:42:02 | 000,025,920 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftBRCCPiped.dll
MOD - [2011/01/13 11:39:32 | 000,783,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2011/01/13 11:39:32 | 000,333,120 | ---- | M] (SoftThinks) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STSCheduler.dll
MOD - [2011/01/13 11:37:50 | 000,079,168 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll
MOD - [2011/01/13 11:37:42 | 000,124,224 | ---- | M] (SoftThinks) -- C:\Program Files (x86)\Dell DataSafe Local Backup\STXml.dll
MOD - [2011/01/13 11:37:32 | 000,124,224 | ---- | M] (SoftThinks) -- C:\Program Files (x86)\Dell DataSafe Local Backup\STString.dll
MOD - [2011/01/13 11:37:32 | 000,116,032 | ---- | M] (SoftThinks) -- C:\Program Files (x86)\Dell DataSafe Local Backup\STSystems.dll
MOD - [2011/01/13 11:37:32 | 000,083,264 | ---- | M] (SoftThinks) -- C:\Program Files (x86)\Dell DataSafe Local Backup\STStringArray.dll
MOD - [2011/01/13 11:37:26 | 000,075,072 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll
MOD - [2011/01/13 11:37:24 | 000,111,936 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll
MOD - [2011/01/13 11:37:20 | 000,121,152 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll
MOD - [2011/01/13 11:37:18 | 000,128,320 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
MOD - [2011/01/13 11:37:14 | 000,234,816 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll
MOD - [2011/01/13 11:37:06 | 000,111,936 | ---- | M] (SoftThinks) -- C:\Program Files (x86)\Dell DataSafe Local Backup\STBRCCServices.dll
MOD - [2011/01/13 11:37:04 | 000,025,920 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STBRCCServCLR.dll
MOD - [2011/01/13 11:36:52 | 000,513,344 | ---- | M] (SoftThinks) -- C:\Program Files (x86)\Dell DataSafe Local Backup\MiddleLayerCLRLib.dll
MOD - [2011/01/13 11:36:50 | 001,123,648 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\libxml2.dll
MOD - [2011/01/13 11:36:38 | 000,062,784 | ---- | M] (SOFTTHINKS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\CSTError.dll
MOD - [2011/01/08 19:24:55 | 005,969,360 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011/01/07 15:39:22 | 000,055,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc100enu.dll
MOD - [2011/01/06 11:00:08 | 001,828,064 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco NAC Agent\NacAgent.dll
MOD - [2011/01/06 10:57:26 | 000,524,512 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe
MOD - [2011/01/06 10:50:44 | 000,014,336 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco NAC Agent\Lang\1033.dll
MOD - [2010/11/29 17:38:12 | 012,115,968 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\QuickTime\QTSystem\QuickTime.qts
MOD - [2010/11/29 17:38:08 | 000,180,224 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\QuickTime\QTSystem\QTCF.dll
MOD - [2010/11/29 00:38:50 | 000,292,160 | ---- | M] (DT Soft Ltd.) -- C:\Program Files (x86)\DAEMON Tools Lite\imgengine.dll
MOD - [2010/11/20 05:24:35 | 001,292,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2010/11/20 05:21:39 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2010/11/20 05:21:39 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wshbth.dll
MOD - [2010/11/20 05:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2010/11/20 05:21:36 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2010/11/20 05:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll
MOD - [2010/11/20 05:21:36 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2010/11/20 05:21:36 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2010/11/20 05:21:36 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2010/11/20 05:21:36 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
MOD - [2010/11/20 05:21:36 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll
MOD - [2010/11/20 05:21:35 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wer.dll
MOD - [2010/11/20 05:21:35 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll
MOD - [2010/11/20 05:21:34 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2010/11/20 05:21:34 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbemcomn.dll
MOD - [2010/11/20 05:21:33 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2010/11/20 05:21:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2010/11/20 05:21:30 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\thumbcache.dll
MOD - [2010/11/20 05:21:27 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
MOD - [2010/11/20 05:21:27 | 000,363,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\StructuredQuery.dll
MOD - [2010/11/20 05:21:26 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2010/11/20 05:21:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2010/11/20 05:21:19 | 012,872,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2010/11/20 05:21:19 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2010/11/20 05:21:15 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2010/11/20 05:21:14 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2010/11/20 05:21:07 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2010/11/20 05:21:04 | 000,224,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll
MOD - [2010/11/20 05:21:04 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
MOD - [2010/11/20 05:21:03 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll
MOD - [2010/11/20 05:21:03 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll
MOD - [2010/11/20 05:20:57 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2010/11/20 05:20:49 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2010/11/20 05:20:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2010/11/20 05:20:46 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2010/11/20 05:20:46 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntlanman.dll
MOD - [2010/11/20 05:20:30 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll
MOD - [2010/11/20 05:20:29 | 001,661,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\networkexplorer.dll
MOD - [2010/11/20 05:20:29 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2010/11/20 05:19:56 | 001,390,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml6.dll
MOD - [2010/11/20 05:19:56 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml3.dll
MOD - [2010/11/20 05:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2010/11/20 05:19:46 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msdmo.dll
MOD - [2010/11/20 05:19:45 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
MOD - [2010/11/20 05:19:45 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2010/11/20 05:19:39 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2010/11/20 05:19:23 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2010/11/20 05:19:21 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
MOD - [2010/11/20 05:19:05 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gameux.dll
MOD - [2010/11/20 05:19:03 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2010/11/20 05:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\fastprox.dll
MOD - [2010/11/20 05:19:01 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll
MOD - [2010/11/20 05:18:36 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll
MOD - [2010/11/20 05:18:27 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll
MOD - [2010/11/20 05:18:26 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\davclnt.dll
MOD - [2010/11/20 05:18:25 | 001,828,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d9.dll
MOD - [2010/11/20 05:18:25 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1core.dll
MOD - [2010/11/20 05:18:25 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2010/11/20 05:18:24 | 001,154,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2010/11/20 05:18:24 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll
MOD - [2010/11/20 05:18:23 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
MOD - [2010/11/20 05:18:23 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2010/11/20 05:18:09 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cabinet.dll
MOD - [2010/11/20 05:18:05 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
MOD - [2010/11/20 05:18:03 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2010/11/20 05:18:02 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2010/11/20 05:18:01 | 000,562,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\AcLayers.dll
MOD - [2010/11/20 05:18:01 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\actxprxy.dll
MOD - [2010/11/20 05:18:00 | 002,175,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\AcGenral.dll
MOD - [2010/11/20 05:16:50 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2010/11/20 05:16:50 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv
MOD - [2010/11/20 05:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2010/11/20 05:08:57 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2010/11/20 05:08:57 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2010/11/20 05:08:51 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2010/11/20 05:08:51 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2010/11/20 04:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2010/11/20 04:55:08 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\GdiPlus.dll
MOD - [2010/11/18 05:50:14 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\DAEMON Tools Lite\msvcr100.dll
MOD - [2010/11/18 05:50:14 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\DAEMON Tools Lite\msvcp100.dll
MOD - [2010/11/18 05:50:12 | 004,368,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\DAEMON Tools Lite\mfc100u.dll
MOD - [2010/11/04 18:58:19 | 000,297,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscoree.dll
MOD - [2010/11/04 18:57:40 | 000,572,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
MOD - [2010/11/04 18:53:31 | 001,736,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
MOD - [2010/09/21 13:03:14 | 000,145,280 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
MOD - [2010/07/12 11:36:10 | 000,100,848 | ---- | M] (Sonic Solutions) -- C:\Program Files (x86)\Common Files\PX Storage Engine\vxblock.dll
MOD - [2010/06/08 09:49:26 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
MOD - [2010/06/08 09:44:26 | 000,162,816 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUIHelper.dll
MOD - [2010/06/08 09:44:24 | 001,046,528 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll
MOD - [2010/03/18 13:16:28 | 000,413,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MOD - [2009/12/29 15:35:56 | 000,074,984 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\Kernel\common\CLRCEngine3.dll
MOD - [2009/12/29 15:35:46 | 000,602,448 | ---- | M] (Cyberlink) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\Kernel\BD\FileSystemMgr.dll
MOD - [2009/12/29 15:35:42 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\MFC71.dll
MOD - [2009/12/29 15:35:42 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\msvcp71.dll
MOD - [2009/12/29 15:35:42 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\msvcr71.dll
MOD - [2009/12/29 15:35:40 | 000,111,848 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD DX\CLFormatDetector.dll
MOD - [2009/12/29 15:35:38 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
MOD - [2009/12/29 13:19:14 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
MOD - [2009/10/15 02:10:28 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
MOD - [2009/07/13 18:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll
MOD - [2009/07/13 18:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009/07/13 18:16:20 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wpc.dll
MOD - [2009/07/13 18:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2009/07/13 18:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll
MOD - [2009/07/13 18:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL
MOD - [2009/07/13 18:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll
MOD - [2009/07/13 18:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2009/07/13 18:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wevtapi.dll
MOD - [2009/07/13 18:16:17 | 000,561,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\UIAutomationCore.dll
MOD - [2009/07/13 18:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009/07/13 18:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemsvc.dll
MOD - [2009/07/13 18:16:17 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemprox.dll
MOD - [2009/07/13 18:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009/07/13 18:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2009/07/13 18:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
MOD - [2009/07/13 18:16:14 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sfc_os.dll
MOD - [2009/07/13 18:16:14 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shfolder.dll
MOD - [2009/07/13 18:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009/07/13 18:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2009/07/13 18:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll
MOD - [2009/07/13 18:16:12 | 000,791,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\opengl32.dll
MOD - [2009/07/13 18:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll
MOD - [2009/07/13 18:16:12 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2009/07/13 18:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2009/07/13 18:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll
MOD - [2009/07/13 18:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll
MOD - [2009/07/13 18:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll
MOD - [2009/07/13 18:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009/07/13 18:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2009/07/13 18:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009/07/13 18:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009/07/13 18:16:11 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdsapi.dll
MOD - [2009/07/13 18:16:11 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Nlsdl.dll
MOD - [2009/07/13 18:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2009/07/13 18:16:02 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll
MOD - [2009/07/13 18:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll
MOD - [2009/07/13 18:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2009/07/13 18:15:45 | 000,157,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msls31.dll
MOD - [2009/07/13 18:15:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimtf.dll
MOD - [2009/07/13 18:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2009/07/13 18:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009/07/13 18:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll
MOD - [2009/07/13 18:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll
MOD - [2009/07/13 18:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll
MOD - [2009/07/13 18:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll
MOD - [2009/07/13 18:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2009/07/13 18:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll
MOD - [2009/07/13 18:15:27 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icm32.dll
MOD - [2009/07/13 18:15:27 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IconCodecService.dll
MOD - [2009/07/13 18:15:22 | 000,130,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\glu32.dll
MOD - [2009/07/13 18:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll
MOD - [2009/07/13 18:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FirewallAPI.dll
MOD - [2009/07/13 18:15:20 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\feclient.dll
MOD - [2009/07/13 18:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2009/07/13 18:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll
MOD - [2009/07/13 18:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
MOD - [2009/07/13 18:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll
MOD - [2009/07/13 18:15:13 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxva2.dll
MOD - [2009/07/13 18:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009/07/13 18:15:13 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\drprov.dll
MOD - [2009/07/13 18:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll
MOD - [2009/07/13 18:15:11 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll
MOD - [2009/07/13 18:15:10 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddraw.dll
MOD - [2009/07/13 18:15:10 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devenum.dll
MOD - [2009/07/13 18:15:09 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dciman32.dll
MOD - [2009/07/13 18:15:08 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\davhlpr.dll
MOD - [2009/07/13 18:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d8thk.dll
MOD - [2009/07/13 18:15:07 | 001,030,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10.dll
MOD - [2009/07/13 18:15:07 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10core.dll
MOD - [2009/07/13 18:15:07 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll
MOD - [2009/07/13 18:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll
MOD - [2009/07/13 18:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009/07/13 18:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009/07/13 18:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
MOD - [2009/07/13 18:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009/07/13 18:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009/07/13 18:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv
MOD - [2009/07/13 18:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009/07/13 18:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009/07/13 18:11:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll
MOD - [2009/07/13 18:10:22 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sfc.dll
MOD - [2009/07/13 18:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2009/06/24 15:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
MOD - [2009/06/23 16:16:36 | 000,065,536 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\CtPinMgr.dll
MOD - [2009/06/23 11:46:40 | 004,233,712 | ---- | M] (Sonic Solutions) -- C:\Program Files (x86)\Roxio\Roxio Burn\AS_Storage_w32.dll
MOD - [2009/06/22 19:15:26 | 000,235,008 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\CTLoadRs.dll
MOD - [2009/06/10 14:23:08 | 000,074,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
MOD - [2006/12/14 20:45:52 | 000,981,760 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\mfc42u.dll


========== Win32 Services (All) ==========

SRV:64bit: - [2011/06/07 17:51:16 | 000,934,176 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV:64bit: - [2011/05/24 04:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2011/05/03 22:19:28 | 000,591,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SearchIndexer.exe -- (WSearch)
SRV:64bit: - [2011/04/11 03:01:39 | 001,255,736 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV:64bit: - [2011/03/02 23:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2011/02/19 05:05:15 | 001,139,200 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:64bit: - [2011/02/16 20:20:04 | 000,256,336 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe -- (Amsp)
SRV:64bit: - [2010/11/20 06:27:32 | 002,420,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2010/11/20 06:27:32 | 000,078,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\WUDFSvc.dll -- (wudfsvc)
SRV:64bit: - [2010/11/20 06:27:29 | 002,018,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WsmSvc.dll -- (WinRM)
SRV:64bit: - [2010/11/20 06:27:28 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:64bit: - [2010/11/20 06:27:28 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2010/11/20 06:27:28 | 000,444,416 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\winhttp.dll -- (WinHttpAutoProxySvc)
SRV:64bit: - [2010/11/20 06:27:28 | 000,258,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WebClnt.dll -- (WebClient)
SRV:64bit: - [2010/11/20 06:27:28 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)
SRV:64bit: - [2010/11/20 06:27:28 | 000,117,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wpdbusenum.dll -- (WPDBusEnum)
SRV:64bit: - [2010/11/20 06:27:27 | 000,367,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wcncsvc.dll -- (wcncsvc)
SRV:64bit: - [2010/11/20 06:27:26 | 001,743,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\sysmain.dll -- (SysMain)
SRV:64bit: - [2010/11/20 06:27:26 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\termsrv.dll -- (TermService)
SRV:64bit: - [2010/11/20 06:27:26 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2010/11/20 06:27:26 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2010/11/20 06:27:26 | 000,092,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TabSvc.dll -- (TabletInputService)
SRV:64bit: - [2010/11/20 06:27:25 | 001,110,016 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2010/11/20 06:27:25 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV:64bit: - [2010/11/20 06:27:25 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:64bit: - [2010/11/20 06:27:25 | 000,121,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SessEnv.dll -- (SessionEnv)
SRV:64bit: - [2010/11/20 06:27:25 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2010/11/20 06:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2010/11/20 06:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2010/11/20 06:27:24 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2010/11/20 06:27:23 | 001,389,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pla.dll -- (pla)
SRV:64bit: - [2010/11/20 06:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2010/11/20 06:27:23 | 000,476,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\QAGENTRT.DLL -- (napagent)
SRV:64bit: - [2010/11/20 06:27:23 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2010/11/20 06:27:23 | 000,187,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\provsvc.dll -- (HomeGroupProvider)
SRV:64bit: - [2010/11/20 06:27:22 | 000,303,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2010/11/20 06:26:59 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2010/11/20 06:26:50 | 000,084,992 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Mcx2Svc.dll -- (Mcx2Svc)
SRV:64bit: - [2010/11/20 06:26:46 | 000,232,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ListSvc.dll -- (HomeGroupListener)
SRV:64bit: - [2010/11/20 06:26:42 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\KMSVC.DLL -- (hkmsvc)
SRV:64bit: - [2010/11/20 06:26:39 | 000,569,344 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\iphlpsvc.dll -- (iphlpsvc)
SRV:64bit: - [2010/11/20 06:26:39 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
SRV:64bit: - [2010/11/20 06:26:36 | 000,853,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\IKEEXT.DLL -- (IKEEXT)
SRV:64bit: - [2010/11/20 06:26:28 | 000,777,728 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\gpsvc.dll -- (gpsvc)
SRV:64bit: - [2010/11/20 06:26:07 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2010/11/20 06:26:07 | 000,162,816 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\dps.dll -- (DPS)
SRV:64bit: - [2010/11/20 06:26:04 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2010/11/20 06:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2010/11/20 06:25:49 | 000,080,384 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\certprop.dll -- (SCPolicySvc)
SRV:64bit: - [2010/11/20 06:25:49 | 000,080,384 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\certprop.dll -- (CertPropSvc)
SRV:64bit: - [2010/11/20 06:25:47 | 000,136,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2010/11/20 06:25:45 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2010/11/20 06:25:44 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AxInstSv.dll -- (AxInstSV)
SRV:64bit: - [2010/11/20 06:25:42 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2010/11/20 06:25:42 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2010/11/20 06:25:40 | 000,070,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2010/11/20 06:25:33 | 001,525,248 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV:64bit: - [2010/11/20 06:25:28 | 001,504,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbengine.exe -- (wbengine)
SRV:64bit: - [2010/11/20 06:25:27 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2010/11/20 06:25:25 | 000,533,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vds.exe -- (vds)
SRV:64bit: - [2010/11/20 06:25:21 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2010/11/20 06:25:04 | 003,524,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\sppsvc.exe -- (sppsvc)
SRV:64bit: - [2010/11/20 06:24:58 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV:64bit: - [2010/11/20 06:24:47 | 000,689,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FXSSVC.exe -- (Fax)
SRV:64bit: - [2010/09/28 11:32:44 | 000,911,872 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe -- (WiMAXAppSrv)
SRV:64bit: - [2010/09/28 11:27:06 | 000,606,720 | ---- | M] (Red Bend Ltd.) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe -- (DMAgent)
SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/09/21 13:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV:64bit: - [2010/06/17 22:10:14 | 000,258,048 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/03/05 09:26:38 | 001,425,168 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2010/03/05 09:07:58 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2010/03/05 09:06:22 | 000,831,760 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2010/01/09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV:64bit: - [2009/12/29 13:19:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/11/02 11:48:18 | 000,126,352 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009/07/13 18:41:59 | 000,229,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wwansvc.dll -- (WwanSvc)
SRV:64bit: - [2009/07/13 18:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2009/07/13 18:41:57 | 000,012,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wpcsvc.dll -- (WPCSvc)
SRV:64bit: - [2009/07/13 18:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2009/07/13 18:41:56 | 000,381,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\w32time.dll -- (W32Time)
SRV:64bit: - [2009/07/13 18:41:56 | 000,353,792 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\upnphost.dll -- (upnphost)
SRV:64bit: - [2009/07/13 18:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2009/07/13 18:41:56 | 000,237,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wecsvc.dll -- (Wecsvc)
SRV:64bit: - [2009/07/13 18:41:56 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbiosrvc.dll -- (WbioSrvc)
SRV:64bit: - [2009/07/13 18:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpo.dll -- (Power)
SRV:64bit: - [2009/07/13 18:41:56 | 000,090,624 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\wdi.dll -- (WdiSystemHost)
SRV:64bit: - [2009/07/13 18:41:56 | 000,090,624 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\wdi.dll -- (WdiServiceHost)
SRV:64bit: - [2009/07/13 18:41:56 | 000,084,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wercplsupport.dll -- (wercplsupport)
SRV:64bit: - [2009/07/13 18:41:56 | 000,076,800 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wersvc.dll -- (WerSvc)
SRV:64bit: - [2009/07/13 18:41:56 | 000,040,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WcsPlugInService.dll -- (WcsPlugInService)
SRV:64bit: - [2009/07/13 18:41:56 | 000,038,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\uxsms.dll -- (UxSms)
SRV:64bit: - [2009/07/13 18:41:55 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\trkwks.dll -- (TrkWks)
SRV:64bit: - [2009/07/13 18:41:55 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tbssvc.dll -- (TBS)
SRV:64bit: - [2009/07/13 18:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2009/07/13 18:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009/07/13 18:41:54 | 000,193,024 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ssdpsrv.dll -- (SSDPSRV)
SRV:64bit: - [2009/07/13 18:41:54 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sstpsvc.dll -- (SstpSvc)
SRV:64bit: - [2009/07/13 18:41:54 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sppuinotify.dll -- (sppuinotify)
SRV:64bit: - [2009/07/13 18:41:54 | 000,029,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sensrsvc.dll -- (SensrSvc)
SRV:64bit: - [2009/07/13 18:41:53 | 000,438,784 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\p2psvc.dll -- (p2psvc)
SRV:64bit: - [2009/07/13 18:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\pnrpsvc.dll -- (PNRPsvc)
SRV:64bit: - [2009/07/13 18:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\pnrpsvc.dll -- (p2pimsvc)
SRV:64bit: - [2009/07/13 18:41:53 | 000,242,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\qwave.dll -- (QWAVE)
SRV:64bit: - [2009/07/13 18:41:53 | 000,190,976 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\SCardSvr.dll -- (SCardSvr)
SRV:64bit: - [2009/07/13 18:41:53 | 000,186,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\pcasvc.dll -- (PcaSvc)
SRV:64bit: - [2009/07/13 18:41:53 | 000,159,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\regsvc.dll -- (RemoteRegistry)
SRV:64bit: - [2009/07/13 18:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2009/07/13 18:41:53 | 000,067,072 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\RpcEpMap.dll -- (RpcEptMapper)
SRV:64bit: - [2009/07/13 18:41:53 | 000,064,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\Sens.dll -- (SENS)
SRV:64bit: - [2009/07/13 18:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2009/07/13 18:41:53 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpauto.dll -- (PNRPAutoReg)
SRV:64bit: - [2009/07/13 18:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV:64bit: - [2009/07/13 18:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2009/07/13 18:41:28 | 000,368,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msdtckrm.dll -- (KtmRm)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 18:41:27 | 000,097,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\mprdim.dll -- (RemoteAccess)
SRV:64bit: - [2009/07/13 18:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (THREADORDER)
SRV:64bit: - [2009/07/13 18:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2009/07/13 18:41:18 | 000,300,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lltdsvc.dll -- (lltdsvc)
SRV:64bit: - [2009/07/13 18:41:18 | 000,023,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lmhsvc.dll -- (lmhosts)
SRV:64bit: - [2009/07/13 18:41:11 | 000,156,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\iscsiexe.dll -- (MSiSCSI)
SRV:64bit: - [2009/07/13 18:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2009/07/13 18:41:09 | 000,101,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IPBusEnum.dll -- (IPBusEnum)
SRV:64bit: - [2009/07/13 18:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV:64bit: - [2009/07/13 18:40:52 | 000,034,816 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\FDResPub.dll -- (FDResPub)
SRV:64bit: - [2009/07/13 18:40:52 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\fdPHost.dll -- (fdPHost)
SRV:64bit: - [2009/07/13 18:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV:64bit: - [2009/07/13 18:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009/07/13 18:40:28 | 000,291,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\defragsvc.dll -- (defragsvc)
SRV:64bit: - [2009/07/13 18:40:13 | 000,083,968 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\bthserv.dll -- (bthserv)
SRV:64bit: - [2009/07/13 18:40:10 | 000,100,864 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\bdesvc.dll -- (BDESVC)
SRV:64bit: - [2009/07/13 18:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2009/07/13 18:40:01 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appidsvc.dll -- (AppIDSvc)
SRV:64bit: - [2009/07/13 18:39:55 | 000,203,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbem\WmiApSrv.exe -- (wmiApSrv)
SRV:64bit: - [2009/07/13 18:39:48 | 000,040,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\UI0Detect.exe -- (UI0Detect)
SRV:64bit: - [2009/07/13 18:39:41 | 000,014,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\snmptrap.exe -- (SNMPTRAP)
SRV:64bit: - [2009/07/13 18:39:21 | 000,141,824 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\msdtc.exe -- (MSDTC)
SRV:64bit: - [2009/07/13 18:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (VaultSvc)
SRV:64bit: - [2009/07/13 18:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2009/07/13 18:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
SRV:64bit: - [2009/07/13 18:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (Netlogon)
SRV:64bit: - [2009/07/13 18:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009/07/13 18:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\lsass.exe -- (EFS)
SRV:64bit: - [2009/07/13 18:39:15 | 000,010,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Locator.exe -- (RpcLocator)
SRV:64bit: - [2009/07/13 18:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dllhost.exe -- (COMSysApp)
SRV:64bit: - [2009/07/13 18:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2009/03/03 03:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2011/07/27 16:10:43 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/06/25 01:31:05 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/06/12 02:35:16 | 000,135,664 | ---- | M] (Google Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe -- (gupdatem) Google Update Service (gupdatem)
SRV - [2011/06/12 02:35:16 | 000,135,664 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe -- (gupdate) Google Update Service (gupdate)
SRV - [2011/05/25 14:06:20 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2011/05/03 21:28:31 | 000,427,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWow64\SearchIndexer.exe -- (WSearch)
SRV - [2011/04/06 16:20:16 | 000,349,472 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2011/01/13 11:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2011/01/08 19:25:38 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2011/01/06 10:56:06 | 001,104,608 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgent.exe -- (NACAgent)
SRV - [2010/11/20 06:25:23 | 000,194,048 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\servicing\TrustedInstaller.exe -- (TrustedInstaller)
SRV - [2010/11/20 06:24:42 | 000,696,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr)
SRV - [2010/11/20 05:21:39 | 001,175,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WsmSvc.dll -- (WinRM) Windows Remote Management (WS-Management)
SRV - [2010/11/20 05:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWow64\winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2010/11/20 05:21:35 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\wcncsvc.dll -- (wcncsvc)
SRV - [2010/11/20 05:21:35 | 000,204,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WebClnt.dll -- (WebClient)
SRV - [2010/11/20 05:21:28 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/20 05:21:19 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/20 05:21:08 | 000,113,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\SessEnv.dll -- (SessionEnv)
SRV - [2010/11/20 05:20:57 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\provsvc.dll -- (HomeGroupProvider)
SRV - [2010/11/20 05:20:54 | 001,508,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\pla.dll -- (pla)
SRV - [2010/11/20 05:18:30 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/20 05:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV - [2010/11/20 05:17:22 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV - [2010/11/04 18:53:03 | 000,042,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2010/11/04 18:52:14 | 000,856,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2010/06/08 09:49:30 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®
SRV - [2010/04/24 01:10:34 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010/04/24 01:10:28 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/03/18 17:23:04 | 000,044,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010/03/18 14:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/03 13:42:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010/03/03 13:41:58 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010/02/28 02:33:14 | 000,821,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE -- (cvhsvc)
SRV - [2010/01/09 21:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2009/07/13 18:39:09 | 000,127,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\ehome\ehsched.exe -- (ehSched)
SRV - [2009/07/13 18:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\wpcsvc.dll -- (WPCSvc)
SRV - [2009/07/13 18:16:18 | 000,076,288 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysWOW64\wdi.dll -- (WdiSystemHost)
SRV - [2009/07/13 18:16:18 | 000,076,288 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysWOW64\wdi.dll -- (WdiServiceHost)
SRV - [2009/07/13 18:16:18 | 000,032,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WcsPlugInService.dll -- (WcsPlugInService)
SRV - [2009/07/13 18:16:17 | 000,266,752 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\upnphost.dll -- (upnphost)
SRV - [2009/07/13 18:16:13 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\Sens.dll -- (SENS)
SRV - [2009/07/13 18:16:12 | 000,210,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\qwave.dll -- (QWAVE)
SRV - [2009/07/13 18:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV - [2009/07/13 18:15:41 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\mprdim.dll -- (RemoteAccess)
SRV - [2009/07/13 18:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV - [2009/07/13 18:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV - [2009/07/13 18:14:28 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\perfhost.exe -- (PerfHost)
SRV - [2009/07/13 18:14:18 | 000,007,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\dllhost.exe -- (COMSysApp)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/10 13:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)


========== Driver Services (All) ==========

DRV:64bit: - [2011/07/08 19:46:28 | 000,288,768 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxsmb10.sys -- (mrxsmb10)
DRV:64bit: - [2011/07/06 19:52:42 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/06/20 23:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tcpip.sys -- (TCPIP6)
DRV:64bit: - [2011/06/20 23:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tcpip.sys -- (Tcpip)
DRV:64bit: - [2011/06/12 04:14:43 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/04/28 20:06:10 | 000,467,456 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\srv.sys -- (srv)
DRV:64bit: - [2011/04/28 20:05:49 | 000,410,112 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\srv2.sys -- (srv2)
DRV:64bit: - [2011/04/28 20:05:37 | 000,168,448 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\srvnet.sys -- (srvnet)
DRV:64bit: - [2011/04/27 20:55:08 | 000,552,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthport.sys -- (BTHPORT)
DRV:64bit: - [2011/04/27 20:54:56 | 000,080,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BTHUSB.SYS -- (BTHUSB)
DRV:64bit: - [2011/04/26 19:40:40 | 000,158,208 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxsmb.sys -- (mrxsmb)
DRV:64bit: - [2011/04/26 19:39:37 | 000,128,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxsmb20.sys -- (mrxsmb20)
DRV:64bit: - [2011/04/24 19:34:03 | 000,499,200 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afd.sys -- (AFD)
DRV:64bit: - [2011/03/24 20:29:26 | 000,343,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbhub.sys -- (usbhub)
DRV:64bit: - [2011/03/24 20:29:14 | 000,098,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbccgp.sys -- (usbccgp)
DRV:64bit: - [2011/03/24 20:29:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbehci.sys -- (usbehci)
DRV:64bit: - [2011/03/24 20:29:04 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbohci.sys -- (usbohci)
DRV:64bit: - [2011/03/24 20:29:03 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbuhci.sys -- (usbuhci)
DRV:64bit: - [2011/03/10 23:41:34 | 001,659,776 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\ntfs.sys -- (Ntfs)
DRV:64bit: - [2011/03/10 23:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstor.sys -- (nvstor)
DRV:64bit: - [2011/03/10 23:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvraid.sys -- (nvraid)
DRV:64bit: - [2011/03/10 23:41:26 | 000,410,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaStorV.sys -- (iaStorV)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/10 21:37:16 | 000,091,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBSTOR.SYS -- (USBSTOR)
DRV:64bit: - [2011/02/22 21:55:04 | 000,090,624 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\bowser.sys -- (bowser)
DRV:64bit: - [2011/02/11 19:16:38 | 010,628,640 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/11/20 06:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volsnap.sys -- (volsnap)
DRV:64bit: - [2010/11/20 06:34:01 | 000,363,392 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volmgrx.sys -- (volmgrx)
DRV:64bit: - [2010/11/20 06:34:01 | 000,071,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volmgr.sys -- (volmgr)
DRV:64bit: - [2010/11/20 06:34:00 | 000,215,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhdmp.sys -- (vhdmp)
DRV:64bit: - [2010/11/20 06:33:57 | 000,063,360 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\termdd.sys -- (TermDD)
DRV:64bit: - [2010/11/20 06:33:54 | 000,103,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sbp2port.sys -- (sbp2port)
DRV:64bit: - [2010/11/20 06:33:53 | 000,213,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\rdyboost.sys -- (rdyboost)
DRV:64bit: - [2010/11/20 06:33:48 | 000,184,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pci.sys -- (pci)
DRV:64bit: - [2010/11/20 06:33:48 | 000,075,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\partmgr.sys -- (partmgr)
DRV:64bit: - [2010/11/20 06:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ndis.sys -- (NDIS)
DRV:64bit: - [2010/11/20 06:33:45 | 000,366,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msrpc.sys -- (MsRPC)
DRV:64bit: - [2010/11/20 06:33:45 | 000,273,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msiscsi.sys -- (iScsiPrt)
DRV:64bit: - [2010/11/20 06:33:44 | 000,155,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mpio.sys -- (mpio)
DRV:64bit: - [2010/11/20 06:33:44 | 000,140,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msdsm.sys -- (msdsm)
DRV:64bit: - [2010/11/20 06:33:44 | 000,031,104 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\msahci.sys -- (msahci)
DRV:64bit: - [2010/11/20 06:33:43 | 000,094,592 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mountmgr.sys -- (mountmgr)
DRV:64bit: - [2010/11/20 06:33:38 | 000,152,960 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecpkg.sys -- (KSecPkg)
DRV:64bit: - [2010/11/20 06:33:38 | 000,095,616 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecdd.sys -- (KSecDD)
DRV:64bit: - [2010/11/20 06:33:36 | 000,014,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hwpolicy.sys -- (hwpolicy)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:33:34 | 000,289,664 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\fltMgr.sys -- (FltMgr)
DRV:64bit: - [2010/11/20 06:33:25 | 000,982,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dxgkrnl.sys -- (DXGKrnl)
DRV:64bit: - [2010/11/20 06:32:46 | 000,334,208 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpi.sys -- (ACPI)
DRV:64bit: - [2010/11/20 06:28:59 | 000,459,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cng.sys -- (CNG)
DRV:64bit: - [2010/11/20 06:28:59 | 000,223,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fvevol.sys -- (fvevol)
DRV:64bit: - [2010/11/20 04:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 04:04:37 | 000,210,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpwd.sys -- (RDPWD)
DRV:64bit: - [2010/11/20 04:04:09 | 000,039,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tssecsrv.sys -- (tssecsrv)
DRV:64bit: - [2010/11/20 03:52:37 | 000,088,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wanarp.sys -- (Wanarpv6)
DRV:64bit: - [2010/11/20 03:52:37 | 000,088,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wanarp.sys -- (WANARP)
DRV:64bit: - [2010/11/20 03:52:35 | 000,129,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rasl2tp.sys -- (Rasl2tp) WAN Miniport (L2TP)
DRV:64bit: - [2010/11/20 03:52:34 | 000,164,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndiswan.sys -- (NdisWan)
DRV:64bit: - [2010/11/20 03:52:32 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\raspptp.sys -- (PptpMiniport) WAN Miniport (PPTP)
DRV:64bit: - [2010/11/20 03:52:20 | 000,131,584 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\pacer.sys -- (Psched)
DRV:64bit: - [2010/11/20 03:52:20 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndproxy.sys -- (NDProxy)
DRV:64bit: - [2010/11/20 03:52:19 | 000,082,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV:64bit: - [2010/11/20 03:51:50 | 000,125,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tunnel.sys -- (tunnel)
DRV:64bit: - [2010/11/20 03:51:48 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tcpipreg.sys -- (tcpipreg)
DRV:64bit: - [2010/11/20 03:50:08 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndisuio.sys -- (Ndisuio)
DRV:64bit: - [2010/11/20 03:44:56 | 000,229,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\1394ohci.sys -- (1394ohci)
DRV:64bit: - [2010/11/20 03:44:37 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\umbus.sys -- (umbus)
DRV:64bit: - [2010/11/20 03:44:34 | 000,184,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbvideo.sys -- (usbvideo) USB Video Device (WDM)
DRV:64bit: - [2010/11/20 03:44:23 | 000,350,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
DRV:64bit: - [2010/11/20 03:43:49 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hidusb.sys -- (HidUsb)
DRV:64bit: - [2010/11/20 03:43:43 | 000,122,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hdaudbus.sys -- (HDAudBus)
DRV:64bit: - [2010/11/20 03:43:32 | 000,172,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WUDFRd.sys -- (WUDFRd)
DRV:64bit: - [2010/11/20 03:42:44 | 000,112,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WUDFPf.sys -- (WudfPf)
DRV:64bit: - [2010/11/20 03:34:00 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffp_sd.sys -- (sffp_sd)
DRV:64bit: - [2010/11/20 03:33:25 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbdhid.sys -- (kbdhid)
DRV:64bit: - [2010/11/20 03:33:17 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CompositeBus.sys -- (CompositeBus)
DRV:64bit: - [2010/11/20 03:14:37 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\appid.sys -- (AppID)
DRV:64bit: - [2010/11/20 03:09:59 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\SysNative\drivers\scfilter.sys -- (scfilter)
DRV:64bit: - [2010/11/20 03:04:53 | 000,078,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IPMIDrv.sys -- (IPMIDRV)
DRV:64bit: - [2010/11/20 02:30:42 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipmi.sys -- (AcpiPmi)
DRV:64bit: - [2010/11/20 02:27:54 | 000,309,248 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\rdbss.sys -- (rdbss)
DRV:64bit: - [2010/11/20 02:26:42 | 000,140,800 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mrxdav.sys -- (MRxDAV)
DRV:64bit: - [2010/11/20 02:26:32 | 000,102,400 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\dfsc.sys -- (DfsC)
DRV:64bit: - [2010/11/20 02:26:11 | 000,328,192 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\udfs.sys -- (udfs)
DRV:64bit: - [2010/11/20 02:25:14 | 000,753,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\http.sys -- (HTTP)
DRV:64bit: - [2010/11/20 02:23:20 | 000,261,632 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\netbt.sys -- (NetBT)
DRV:64bit: - [2010/11/20 02:21:56 | 000,119,296 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tdx.sys -- (tdx)
DRV:64bit: - [2010/11/20 02:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cdrom.sys -- (cdrom)
DRV:64bit: - [2010/09/19 19:11:28 | 000,175,104 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpmp.sys -- (bpmp) Intel® Centrino®
DRV:64bit: - [2010/09/19 19:11:22 | 000,081,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpusb.sys -- (bpusb)
DRV:64bit: - [2010/09/19 19:11:18 | 000,071,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpenum.sys -- (bpenum)
DRV:64bit: - [2010/09/17 01:33:02 | 000,144,464 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmcomm.sys -- (tmcomm)
DRV:64bit: - [2010/09/17 01:33:02 | 000,105,552 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi)
DRV:64bit: - [2010/09/17 01:33:02 | 000,090,704 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmactmon.sys -- (tmactmon)
DRV:64bit: - [2010/09/17 01:33:02 | 000,067,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV:64bit: - [2010/08/30 05:17:36 | 000,289,280 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel®
DRV:64bit: - [2010/07/12 11:36:10 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/06/17 22:10:14 | 000,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/06/08 09:33:14 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/05/31 11:05:06 | 007,689,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Intel®
DRV:64bit: - [2010/04/24 01:10:32 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2010/04/24 01:10:28 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2010/04/24 01:10:28 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2010/04/24 01:10:20 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2010/03/30 12:58:06 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010/03/30 12:58:06 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010/03/30 12:58:06 | 000,053,800 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2010/03/30 12:58:06 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010/03/30 12:58:06 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010/03/17 14:44:44 | 000,301,104 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/03/17 14:41:48 | 000,325,152 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/03/17 14:29:52 | 000,232,480 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/02/26 17:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/11/02 11:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009/09/17 11:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®
DRV:64bit: - [2009/08/13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/13 18:52:31 | 000,367,696 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Running] -- C:\Windows\SysNative\clfs.sys -- (CLFS) Common Log (CLFS)
DRV:64bit: - [2009/07/13 18:52:31 | 000,021,584 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\compbatt.sys -- (Compbatt)
DRV:64bit: - [2009/07/13 18:52:31 | 000,017,488 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cmdide.sys -- (cmdide)
DRV:64bit: - [2009/07/13 18:52:21 | 000,491,088 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\adp94xx.sys -- (adp94xx)
DRV:64bit: - [2009/07/13 18:52:21 | 000,339,536 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\adpahci.sys -- (adpahci)
DRV:64bit: - [2009/07/13 18:52:21 | 000,182,864 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\adpu320.sys -- (adpu320)
DRV:64bit: - [2009/07/13 18:52:21 | 000,097,856 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\arcsas.sys -- (arcsas)
DRV:64bit: - [2009/07/13 18:52:21 | 000,087,632 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\arc.sys -- (arc)
DRV:64bit: - [2009/07/13 18:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AGP440.sys -- (agp440)
DRV:64bit: - [2009/07/13 18:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\atapi.sys -- (atapi)
DRV:64bit: - [2009/07/13 18:52:21 | 000,015,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdide.sys -- (amdide)
DRV:64bit: - [2009/07/13 18:52:21 | 000,015,440 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aliide.sys -- (aliide)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:27 | 000,060,496 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\mup.sys -- (Mup)
DRV:64bit: - [2009/07/13 18:48:27 | 000,049,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mouclass.sys -- (mouclass)
DRV:64bit: - [2009/07/13 18:48:27 | 000,032,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mssmbios.sys -- (mssmbios)
DRV:64bit: - [2009/07/13 18:48:27 | 000,015,424 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\msisadrv.sys -- (msisadrv)
DRV:64bit: - [2009/07/13 18:48:26 | 000,122,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NV_AGP.SYS -- (nv_agp)
DRV:64bit: - [2009/07/13 18:48:26 | 000,051,264 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nfrd960.sys -- (nfrd960)
DRV:64bit: - [2009/07/13 18:48:04 | 000,284,736 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MegaSR.sys -- (MegaSR)
DRV:64bit: - [2009/07/13 18:48:04 | 000,115,776 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV:64bit: - [2009/07/13 18:48:04 | 000,114,752 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_fc.sys -- (LSI_FC)
DRV:64bit: - [2009/07/13 18:48:04 | 000,106,560 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas.sys -- (LSI_SAS)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:48:04 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbdclass.sys -- (kbdclass)
DRV:64bit: - [2009/07/13 18:48:04 | 000,044,112 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iirsp.sys -- (iirsp)
DRV:64bit: - [2009/07/13 18:48:04 | 000,035,392 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\megasas.sys -- (megasas)
DRV:64bit: - [2009/07/13 18:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\isapnp.sys -- (isapnp)
DRV:64bit: - [2009/07/13 18:48:04 | 000,016,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelide.sys -- (intelide)
DRV:64bit: - [2009/07/13 18:47:49 | 000,055,376 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fsdepends.sys -- (FsDepends)
DRV:64bit: - [2009/07/13 18:47:48 | 000,530,496 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\elxstor.sys -- (elxstor)
DRV:64bit: - [2009/07/13 18:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\disk.sys -- (Disk)
DRV:64bit: - [2009/07/13 18:47:48 | 000,070,224 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\fileinfo.sys -- (FileInfo)
DRV:64bit: - [2009/07/13 18:47:48 | 000,065,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GAGP30KX.SYS -- (gagp30kx)
DRV:64bit: - [2009/07/13 18:47:48 | 000,024,144 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\crcdisk.sys -- (crcdisk)
DRV:64bit: - [2009/07/13 18:45:56 | 000,022,096 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wimmount.sys -- (WIMMount)
DRV:64bit: - [2009/07/13 18:45:55 | 000,654,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Wdf01000.sys -- (Wdf01000)
DRV:64bit: - [2009/07/13 18:45:55 | 000,161,872 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vsmraid.sys -- (vsmraid)
DRV:64bit: - [2009/07/13 18:45:55 | 000,064,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ULIAGPKX.SYS -- (uliagpkx)
DRV:64bit: - [2009/07/13 18:45:55 | 000,064,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UAGP35.SYS -- (uagp35)
DRV:64bit: - [2009/07/13 18:45:55 | 000,036,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vdrvroot.sys -- (vdrvroot)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 18:45:55 | 000,021,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wd.sys -- (Wd)
DRV:64bit: - [2009/07/13 18:45:55 | 000,019,008 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spldr.sys -- (spldr)
DRV:64bit: - [2009/07/13 18:45:55 | 000,017,488 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\viaide.sys -- (viaide)
DRV:64bit: - [2009/07/13 18:45:55 | 000,012,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\swenum.sys -- (swenum)
DRV:64bit: - [2009/07/13 18:45:46 | 001,524,816 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ql2300.sys -- (ql2300)
DRV:64bit: - [2009/07/13 18:45:46 | 000,080,464 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sisraid4.sys -- (SiSRaid4)
DRV:64bit: - [2009/07/13 18:45:45 | 000,220,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pcmcia.sys -- (pcmcia)
DRV:64bit: - [2009/07/13 18:45:45 | 000,128,592 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ql40xx.sys -- (ql40xx)
DRV:64bit: - [2009/07/13 18:45:45 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pcw.sys -- (pcw)
DRV:64bit: - [2009/07/13 18:45:45 | 000,043,584 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sisraid2.sys -- (SiSRaid2)
DRV:64bit: - [2009/07/13 18:45:45 | 000,012,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pciide.sys -- (pciide)
DRV:64bit: - [2009/07/13 18:19:07 | 000,286,720 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrSerId.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV:64bit: - [2009/07/13 18:01:19 | 000,651,264 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\PEAuth.sys -- (PEAUTH)
DRV:64bit: - [2009/07/13 17:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbprint.sys -- (usbprint)
DRV:64bit: - [2009/07/13 17:35:32 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbscan.sys -- (usbscan)
DRV:64bit: - [2009/07/13 17:17:46 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpbus.sys -- (rdpbus)
DRV:64bit: - [2009/07/13 17:16:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV:64bit: - [2009/07/13 17:16:34 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPENCDD.sys -- (RDPENCDD)
DRV:64bit: - [2009/07/13 17:16:34 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPCDD.sys -- (RDPCDD)
DRV:64bit: - [2009/07/13 17:16:32 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdtcp.sys -- (TDTCP)
DRV:64bit: - [2009/07/13 17:16:32 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdpipe.sys -- (TDPIPE)
DRV:64bit: - [2009/07/13 17:10:48 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\modem.sys -- (Modem)
DRV:64bit: - [2009/07/13 17:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV:64bit: - [2009/07/13 17:10:25 | 000,083,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rassstp.sys -- (RasSstp) WAN Miniport (SSTP)
DRV:64bit: - [2009/07/13 17:10:24 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV:64bit: - [2009/07/13 17:10:17 | 000,092,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\raspppoe.sys -- (RasPppoe)
DRV:64bit: - [2009/07/13 17:10:13 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\asyncmac.sys -- (AsyncMac)
DRV:64bit: - [2009/07/13 17:10:09 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rasacd.sys -- (RasAcd)
DRV:64bit: - [2009/07/13 17:10:03 | 000,116,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipnat.sys -- (IPNAT)
DRV:64bit: - [2009/07/13 17:10:00 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndistapi.sys -- (NdisTapi)
DRV:64bit: - [2009/07/13 17:09:48 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qwavedrv.sys -- (QWAVEdrv)
DRV:64bit: - [2009/07/13 17:09:26 | 000,044,544 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\netbios.sys -- (NetBIOS)
DRV:64bit: - [2009/07/13 17:09:26 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wfplwf.sys -- (WfpLwf)
DRV:64bit: - [2009/07/13 17:09:09 | 000,093,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\smb.sys -- (Smb) Message-oriented TCP/IP and TCP/IPv6 Protocol (SMB session)
DRV:64bit: - [2009/07/13 17:08:59 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irenum.sys -- (IRENUM)
DRV:64bit: - [2009/07/13 17:08:51 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rspndr.sys -- (rspndr)
DRV:64bit: - [2009/07/13 17:08:51 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lltdio.sys -- (lltdio)
DRV:64bit: - [2009/07/13 17:08:25 | 000,077,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mpsdrv.sys -- (mpsdrv)
DRV:64bit: - [2009/07/13 17:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndiscap.sys -- (NdisCap)
DRV:64bit: - [2009/07/13 17:07:28 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vwifimp.sys -- (vwifimp)
DRV:64bit: - [2009/07/13 17:07:23 | 000,318,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nwifi.sys -- (NativeWifiP)
DRV:64bit: - [2009/07/13 17:07:22 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vwififlt.sys -- (vwififlt)
DRV:64bit: - [2009/07/13 17:07:21 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vwifibus.sys -- (vwifibus)
DRV:64bit: - [2009/07/13 17:07:00 | 000,118,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bthpan.sys -- (BthPan) Bluetooth Device (Personal Area Network)
DRV:64bit: - [2009/07/13 17:06:56 | 000,158,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rfcomm.sys -- (RFCOMM) Bluetooth Device (RFCOMM Protocol TDI)
DRV:64bit: - [2009/07/13 17:06:53 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bthenum.sys -- (BthEnum)
DRV:64bit: - [2009/07/13 17:06:52 | 000,100,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbth.sys -- (HidBth)
DRV:64bit: - [2009/07/13 17:06:52 | 000,072,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthmodem.sys -- (BTHMODEM)
DRV:64bit: - [2009/07/13 17:06:52 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\umpass.sys -- (UmPass)
DRV:64bit: - [2009/07/13 17:06:45 | 000,072,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ohci1394.sys -- (ohci1394) 1394 OHCI Compliant Host Controller (Legacy)
DRV:64bit: - [2009/07/13 17:06:37 | 000,100,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbcir.sys -- (usbcir) eHome Infrared Receiver (USBCIR)
DRV:64bit: - [2009/07/13 17:06:34 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\circlass.sys -- (circlass)
DRV:64bit: - [2009/07/13 17:06:24 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV:64bit: - [2009/07/13 17:06:23 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidir.sys -- (HidIr)
DRV:64bit: - [2009/07/13 17:06:16 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\drmkaud.sys -- (drmkaud)
DRV:64bit: - [2009/07/13 17:02:08 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MTConfig.sys -- (MTConfig)
DRV:64bit: - [2009/07/13 17:02:07 | 000,027,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacompen.sys -- (WacomPen)
DRV:64bit: - [2009/07/13 17:01:03 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffp_mmc.sys -- (sffp_mmc)
DRV:64bit: - [2009/07/13 17:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sfloppy.sys -- (sfloppy)
DRV:64bit: - [2009/07/13 17:01:01 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffdisk.sys -- (sffdisk)
DRV:64bit: - [2009/07/13 17:00:54 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fdc.sys -- (fdc)
DRV:64bit: - [2009/07/13 17:00:54 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\flpydisk.sys -- (flpydisk)
DRV:64bit: - [2009/07/13 17:00:41 | 000,097,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\parport.sys -- (Parport)
DRV:64bit: - [2009/07/13 17:00:40 | 000,094,208 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serial.sys -- (Serial)
DRV:64bit: - [2009/07/13 17:00:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serenum.sys -- (Serenum)
DRV:64bit: - [2009/07/13 17:00:20 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mouhid.sys -- (mouhid)
DRV:64bit: - [2009/07/13 17:00:20 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sermouse.sys -- (sermouse)
DRV:64bit: - [2009/07/13 17:00:19 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ksthunk.sys -- (ksthunk)
DRV:64bit: - [2009/07/13 17:00:18 | 000,011,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mskssrv.sys -- (MSKSSRV)
DRV:64bit: - [2009/07/13 17:00:17 | 000,008,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mstee.sys -- (MSTEE)
DRV:64bit: - [2009/07/13 17:00:17 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mspclock.sys -- (MSPCLOCK)
DRV:64bit: - [2009/07/13 17:00:17 | 000,006,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mspqm.sys -- (MSPQM)
DRV:64bit: - [2009/07/13 17:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\beep.sys -- (Beep)
DRV:64bit: - [2009/07/13 16:38:52 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\monitor.sys -- (monitor)
DRV:64bit: - [2009/07/13 16:38:47 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vga.sys -- (VgaSave)
DRV:64bit: - [2009/07/13 16:38:47 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vgapnp.sys -- (vga)
DRV:64bit: - [2009/07/13 16:37:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\discache.sys -- (discache)
DRV:64bit: - [2009/07/13 16:35:59 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\blbdrive.sys -- (blbdrive)
DRV:64bit: - [2009/07/13 16:31:06 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbatt.sys -- (HidBatt)
DRV:64bit: - [2009/07/13 16:31:04 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\errdev.sys -- (ErrDev)
DRV:64bit: - [2009/07/13 16:31:03 | 000,017,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CmBatt.sys -- (CmBatt)
DRV:64bit: - [2009/07/13 16:31:02 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wmiacpi.sys -- (WmiAcpi)
DRV:64bit: - [2009/07/13 16:26:13 | 000,113,152 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\luafv.sys -- (luafv)
DRV:64bit: - [2009/07/13 16:25:40 | 000,034,304 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\filetrace.sys -- (Filetrace)
DRV:64bit: - [2009/07/13 16:23:29 | 000,204,800 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\fastfat.sys -- (fastfat)
DRV:64bit: - [2009/07/13 16:23:29 | 000,195,072 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\exfat.sys -- (exfat)
DRV:64bit: - [2009/07/13 16:21:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\nsiproxy.sys -- (nsiproxy)
DRV:64bit: - [2009/07/13 16:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\i8042prt.sys -- (i8042prt)
DRV:64bit: - [2009/07/13 16:19:48 | 000,044,032 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\npfs.sys -- (Npfs)
DRV:64bit: - [2009/07/13 16:19:47 | 000,092,160 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\Windows\SysNative\drivers\cdfs.sys -- (cdfs)
DRV:64bit: - [2009/07/13 16:19:47 | 000,026,112 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\msfs.sys -- (Msfs)
DRV:64bit: - [2009/07/13 16:19:38 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\null.sys -- (Null)
DRV:64bit: - [2009/07/13 16:19:25 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdk8.sys -- (AmdK8)
DRV:64bit: - [2009/07/13 16:19:25 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\intelppm.sys -- (intelppm)
DRV:64bit: - [2009/07/13 16:19:25 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdppm.sys -- (AmdPPM)
DRV:64bit: - [2009/07/13 16:19:25 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\processr.sys -- (Processor)
DRV:64bit: - [2009/06/15 12:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009/06/10 13:41:10 | 000,047,104 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrSerWdm.sys -- (BrSerWdm)
DRV:64bit: - [2009/06/10 13:41:10 | 000,014,976 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV:64bit: - [2009/06/10 13:41:10 | 000,014,720 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrUsbSer.sys -- (BrUsbSer)
DRV:64bit: - [2009/06/10 13:41:06 | 000,018,432 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrFiltLo.sys -- (BrFiltLo)
DRV:64bit: - [2009/06/10 13:41:06 | 000,008,704 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrFiltUp.sys -- (BrFiltUp)
DRV:64bit: - [2009/06/10 13:37:19 | 000,023,040 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\secdrv.sys -- (secdrv)
DRV:64bit: - [2009/06/10 13:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2006/11/01 11:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2011/07/03 00:47:40 | 000,045,176 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Game\SoftnyxGame\GunboundIS\Gun64.sys -- (Gun)
DRV - [2009/12/29 15:35:40 | 000,146,928 | ---- | M] (CyberLink Corp.) [2011/01/08 20:26:07] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl -- ({1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7})
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 0C B3 6E 16 DD 7C 01 4A 80 4B 2F 77 C7 2C 51 B6 [binary data]
IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 0C B3 6E 16 DD 7C 01 4A 80 4B 2F 77 C7 2C 51 B6 [binary data]
IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-21-3018392225-1008607422-2694153148-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
IE - HKU\S-1-5-21-3018392225-1008607422-2694153148-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-3018392225-1008607422-2694153148-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-3018392225-1008607422-2694153148-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com
IE - HKU\S-1-5-21-3018392225-1008607422-2694153148-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://yahoo.com/
IE - HKU\S-1-5-21-3018392225-1008607422-2694153148-1000\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 0C B3 6E 16 DD 7C 01 4A 80 4B 2F 77 C7 2C 51 B6 [binary data]
IE - HKU\S-1-5-21-3018392225-1008607422-2694153148-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-3018392225-1008607422-2694153148-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3018392225-1008607422-2694153148-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "yahoo.com"
FF - prefs.js..keyword.URL: "http://www.google.com/search?&q="


FF:64bit: - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011/06/12 02:38:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011/06/12 02:38:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1081\firefoxextension\ [2011/08/25 05:50:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/09/01 02:39:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/07/06 13:54:35 | 000,000,000 | ---D | M]

[2011/04/10 13:49:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wesley\AppData\Roaming\Mozilla\Extensions
[2011/09/02 16:47:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wesley\AppData\Roaming\Mozilla\Firefox\Profiles\es037tj2.default\extensions
[2011/08/01 17:05:31 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Wesley\AppData\Roaming\Mozilla\Firefox\Profiles\es037tj2.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/06/12 04:14:38 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Users\Wesley\AppData\Roaming\Mozilla\Firefox\Profiles\es037tj2.default\extensions\DTToolbar@toolbarnet.com
[2011/06/12 00:19:12 | 000,002,264 | ---- | M] () -- C:\Users\Wesley\AppData\Roaming\Mozilla\Firefox\Profiles\es037tj2.default\searchplugins\bing-zugo.xml
[2011/06/12 04:14:29 | 000,002,055 | ---- | M] () -- C:\Users\Wesley\AppData\Roaming\Mozilla\Firefox\Profiles\es037tj2.default\searchplugins\daemon-search.xml
[2011/05/19 16:22:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/04/29 17:04:43 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/09/01 02:39:46 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2011/05/19 16:22:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/09/01 02:39:46 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/05/19 16:22:21 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2009/07/07 14:20:42 | 000,061,440 | ---- | M] (AOL LLC) -- C:\Program Files (x86)\mozilla firefox\plugins\npdnu.dll
[2009/07/07 14:20:42 | 000,065,536 | ---- | M] (AOL LLC) -- C:\Program Files (x86)\mozilla firefox\plugins\npdnupdater2.dll
[2011/06/07 12:35:34 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll
[2011/07/03 07:41:32 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll
[2011/07/03 07:41:32 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll
[2011/07/03 07:41:33 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll
[2011/07/03 07:41:33 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll
[2011/07/03 07:41:33 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll
[2011/07/03 07:41:33 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll
[2011/07/03 07:41:33 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll
[2010/01/01 01:00:00 | 000,001,394 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom.xml
[2010/01/01 01:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml.old
[2010/01/01 01:00:00 | 000,001,131 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay.xml
[2010/01/01 01:00:00 | 000,002,364 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml
[2010/01/01 01:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia.xml
[2010/01/01 01:00:00 | 000,001,096 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1464\6.6.1081\TmIEPlg.dll (Trend Micro Inc.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe64.dll (Trend Micro Inc.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1464\6.6.1081\TmIEPlg32.dll (Trend Micro Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3:64bit: - HKU\S-1-5-21-3018392225-1008607422-2694153148-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKU\S-1-5-21-3018392225-1008607422-2694153148-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [IntelWirelessWiMAX] C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NACAgentUI] C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3018392225-1008607422-2694153148-1000..\Run: [Best Buy pc app] File not found
O4 - HKU\S-1-5-21-3018392225-1008607422-2694153148-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3018392225-1008607422-2694153148-1000..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\S-1-5-21-3018392225-1008607422-2694153148-1000..\Run: [RESTART_STICKY_NOTES] File not found
O4 - HKU\S-1-5-21-3018392225-1008607422-2694153148-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe (Softthinks)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Wesley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\S-1-5-21-3018392225-1008607422-2694153148-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {4D2D3A17-9B46-483C-A5F4-1DC471080009} https://resnet-cca1-cpl.reshsg.uci.edu/auth/taweb.cab (Cisco NAC Web Agent Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.11.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{699360FA-B447-42A2-8061-CB8E669FA764}: DhcpNameServer = 192.168.11.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe64.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1464\6.6.1081\TmIEPlg.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1464\6.6.1081\TmIEPlg32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:[b]64bit:[/b] - Winlogon\Notify\GoToAssist: DllName - Reg Error: Key error. - File not found
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O29:[b]64bit:[/b] - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corp.)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (MACHINE BootExecut) - File not found
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/09/02 16:47:49 | 000,000,000 | ---D | C] -- C:\Users\Wesley\Desktop\GooredFix Backups
[2011/09/02 00:59:00 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/08/31 23:19:10 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Users\Wesley\Desktop\OTL.exe
[2011/08/28 02:05:06 | 000,000,000 | ---D | C] -- C:\Users\Wesley\Documents\Dell WebCam Central
[2011/08/28 02:05:06 | 000,000,000 | ---D | C] -- C:\Users\Wesley\AppData\Roaming\Creative
[2011/08/28 02:05:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Creative
[2011/08/09 18:24:02 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2011/08/09 18:24:01 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2011/08/09 18:24:01 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2011/08/09 18:24:01 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2011/08/09 18:24:01 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2011/08/09 18:24:01 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2011/08/09 18:24:01 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2011/08/09 18:24:01 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2011/08/09 18:24:01 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2011/08/09 18:24:01 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2011/08/09 18:23:54 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2011/08/09 18:23:54 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2011/08/09 18:23:54 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2011/08/09 18:23:54 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2011/08/09 18:23:54 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2011/08/09 18:23:54 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2011/08/09 18:23:54 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2011/08/09 18:23:54 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2011/08/09 18:23:54 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2011/08/09 18:23:54 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2011/08/09 18:23:54 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2011/08/09 18:23:54 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2011/08/09 18:23:54 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2011/08/09 18:23:54 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2011/08/09 18:23:54 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2011/08/09 18:23:54 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2011/08/09 18:23:54 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2011/08/09 18:23:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2011/08/09 18:23:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2011/08/09 18:23:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2011/08/09 18:23:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2011/08/09 18:23:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2011/08/09 18:23:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2011/08/09 18:23:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2011/08/09 18:23:54 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2011/08/09 18:23:54 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2011/08/09 18:23:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2011/08/09 18:23:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2011/08/09 18:23:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2011/08/09 18:23:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2011/08/09 18:23:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2011/08/09 18:23:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2011/08/09 18:23:53 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2011/08/09 18:23:53 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2011/08/09 18:23:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2011/08/09 18:23:52 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2011/08/09 18:23:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2011/08/09 18:23:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2011/08/09 18:23:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2011/08/09 18:23:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2011/08/09 18:23:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2011/08/09 18:23:43 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/08/09 18:23:43 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/08/09 18:23:43 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/08/09 18:23:43 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011/08/09 18:23:43 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/08/09 18:23:43 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/08/09 18:23:43 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/08/09 18:23:40 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011/08/09 18:23:39 | 005,561,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011/08/09 18:23:38 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011/08/05 17:28:55 | 000,000,000 | ---D | C] -- C:\Users\Wesley\Documents\DragonNest
[2011/08/05 00:45:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oplex Origins
[2011/08/05 00:44:28 | 000,000,000 | ---D | C] -- C:\Users\Wesley\Documents\Games
[2006/06/25 22:33:46 | 000,163,840 | ---- | C] (アリスソフト) -- C:\Users\Wesley\AppData\Local\Tempals_inst.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Wesley\Documents\*.tmp files -> C:\Users\Wesley\Documents\*.tmp -> ]
[1 C:\Users\Wesley\Desktop\*.tmp files -> C:\Users\Wesley\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/09/02 16:50:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/02 15:53:41 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/09/02 15:53:41 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/09/02 12:50:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/02 12:22:55 | 000,795,716 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/09/02 12:22:55 | 000,672,386 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/09/02 12:22:55 | 000,125,364 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/09/02 12:15:30 | 000,274,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/09/02 12:15:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/09/02 12:15:16 | 1989,160,959 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/31 23:19:10 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Wesley\Desktop\OTL.exe
[2011/08/30 17:51:00 | 000,002,346 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/08/30 02:30:39 | 013,636,619 | ---- | M] () -- C:\Users\Wesley\Documents\jimmysfirsthighsessions.wma
[2011/08/10 03:09:25 | 000,000,118 | ---- | M] () -- C:\Windows\SysNative\MRT.INI
[2011/08/10 03:06:21 | 000,789,932 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/08/09 18:48:36 | 000,128,512 | ---- | M] () -- C:\Windows\RegBootClean64.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Wesley\Documents\*.tmp files -> C:\Users\Wesley\Documents\*.tmp -> ]
[1 C:\Users\Wesley\Desktop\*.tmp files -> C:\Users\Wesley\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/08/30 02:30:39 | 013,636,619 | ---- | C] () -- C:\Users\Wesley\Documents\jimmysfirsthighsessions.wma
[2011/07/23 16:57:03 | 000,012,800 | ---- | C] () -- C:\Windows\DCEBoot64.exe
[2011/07/23 16:56:57 | 000,128,512 | ---- | C] () -- C:\Windows\RegBootClean64.exe
[2011/07/17 00:25:04 | 000,000,056 | ---- | C] () -- C:\Windows\kgt2k.INI
[2011/07/10 02:21:59 | 000,020,263 | ---- | C] () -- C:\Users\Wesley\AppData\Roaming\6262.1EA
[2011/07/03 06:35:22 | 000,000,040 | ---- | C] () -- C:\ProgramData\2cce81d3
[2011/06/25 01:31:07 | 000,281,656 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/06/25 01:31:05 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/06/18 18:22:50 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011/06/07 09:48:05 | 000,011,728 | -HS- | C] () -- C:\Users\Wesley\AppData\Local\qf7j006i307x31d2eq0db61ygjdt21e46428472a
[2011/06/07 09:48:05 | 000,011,728 | -HS- | C] () -- C:\ProgramData\qf7j006i307x31d2eq0db61ygjdt21e46428472a
[2011/04/29 17:06:30 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011/04/11 12:51:56 | 000,789,932 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/04/10 15:43:32 | 000,000,268 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2011/04/10 13:49:30 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/02/11 19:15:08 | 000,874,048 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2011/01/08 20:07:21 | 000,104,796 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2011/01/08 20:07:20 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2011/01/08 20:04:57 | 000,000,035 | ---- | C] () -- C:\Windows\DELL_LANGCODE.ini
[2011/01/08 20:04:57 | 000,000,033 | ---- | C] () -- C:\Windows\DELL_OSTYPE.ini
[2011/01/08 20:04:57 | 000,000,032 | ---- | C] () -- C:\Windows\WisHWDest.ini
[2011/01/08 20:04:57 | 000,000,023 | ---- | C] () -- C:\Windows\WisSysInfo.ini
[2011/01/08 20:04:56 | 000,000,325 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2011/01/08 20:04:56 | 000,000,271 | ---- | C] () -- C:\Windows\WisPriority.ini
[2011/01/08 20:04:56 | 000,000,028 | ---- | C] () -- C:\Windows\WisLangCode.ini
[2011/01/08 19:26:45 | 000,000,074 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2009/07/13 22:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 19:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 19:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 17:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 14:59:36 | 000,982,196 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009/07/13 14:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009/07/13 14:59:36 | 000,097,448 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2009/07/13 14:59:35 | 000,417,344 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009/07/13 14:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/07/08 18:03:02 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2009/06/10 14:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2005/08/30 00:00:00 | 000,781,312 | ---- | C] () -- C:\Windows\SysWow64\RGSS102J.dll
[2005/08/30 00:00:00 | 000,778,752 | ---- | C] () -- C:\Windows\SysWow64\RGSS102E.dll
[2005/08/30 00:00:00 | 000,771,584 | ---- | C] () -- C:\Windows\SysWow64\RGSS100J.dll

< End of report >

#11 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,708 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:02:28 PM

Posted 03 September 2011 - 03:32 AM

TDSSKiller didn't detect it but confirmed my suspicious. We will make sure.

Please download MBRCheck by clicking here and save it to your desktop.
  • Double click on the file to run it (Vista and Windows 7 users will have to confirm the UAC prompt).
  • A window will open on your desktop.
  • If an unknown bootcode is found you will have further options available to you, at this time press N then press Enter twice.
  • If nothing unusual is found just press Enter.
  • A .txt file named MBRCheck_mm.dd.yy_hh.mm.txt should appear on your desktop.
  • Please post the contents of that file in your next reply.


#12 smuckers

smuckers
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:28 AM

Posted 03 September 2011 - 05:57 PM

MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer: Dell Inc.
BIOS Manufacturer: Dell Inc.
System Manufacturer: Dell Inc.
System Product Name: Inspiron N5010
Logical Drives Mask: 0x0001001c

Kernel Drivers (total 215):
0x02E10000 \SystemRoot\system32\ntoskrnl.exe
0x033F9000 \SystemRoot\system32\hal.dll
0x00BBA000 \SystemRoot\system32\kdcom.dll
0x00C64000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00CB3000 \SystemRoot\system32\PSHED.dll
0x00CC7000 \SystemRoot\system32\CLFS.SYS
0x00D25000 \SystemRoot\system32\CI.dll
0x00E61000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00F05000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00F14000 \SystemRoot\system32\drivers\ACPI.sys
0x00F6B000 \SystemRoot\system32\drivers\WMILIB.SYS
0x00F74000 \SystemRoot\system32\drivers\msisadrv.sys
0x00F7E000 \SystemRoot\system32\drivers\pci.sys
0x00FB1000 \SystemRoot\system32\drivers\vdrvroot.sys
0x00FBE000 \SystemRoot\System32\drivers\partmgr.sys
0x00FD3000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00FDC000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00FE8000 \SystemRoot\system32\drivers\volmgr.sys
0x00E00000 \SystemRoot\System32\drivers\volmgrx.sys
0x00DE5000 \SystemRoot\System32\drivers\mountmgr.sys
0x01003000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x0120D000 \SystemRoot\system32\drivers\atapi.sys
0x01216000 \SystemRoot\system32\drivers\ataport.SYS
0x01240000 \SystemRoot\system32\drivers\msahci.sys
0x0124B000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x0125B000 \SystemRoot\system32\drivers\amdxata.sys
0x01266000 \SystemRoot\system32\drivers\fltmgr.sys
0x012B2000 \SystemRoot\system32\drivers\fileinfo.sys
0x012C6000 \SystemRoot\System32\Drivers\PxHlpa64.sys
0x01450000 \SystemRoot\System32\Drivers\Ntfs.sys
0x012D3000 \SystemRoot\System32\Drivers\msrpc.sys
0x01400000 \SystemRoot\System32\Drivers\ksecdd.sys
0x01331000 \SystemRoot\System32\Drivers\cng.sys
0x0141B000 \SystemRoot\System32\drivers\pcw.sys
0x0142C000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x01651000 \SystemRoot\system32\drivers\ndis.sys
0x01744000 \SystemRoot\system32\drivers\NETIO.SYS
0x017A4000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x0181B000 \SystemRoot\System32\drivers\tcpip.sys
0x01A1F000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01A69000 \SystemRoot\system32\drivers\volsnap.sys
0x01AB5000 \SystemRoot\System32\Drivers\spldr.sys
0x01ABD000 \SystemRoot\System32\drivers\rdyboost.sys
0x01AF7000 \SystemRoot\System32\Drivers\mup.sys
0x01B09000 \SystemRoot\System32\drivers\hwpolicy.sys
0x01B12000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x01B4C000 \SystemRoot\system32\DRIVERS\disk.sys
0x01B62000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x044C3000 \SystemRoot\system32\drivers\cdrom.sys
0x044ED000 \SystemRoot\System32\Drivers\Null.SYS
0x044F6000 \SystemRoot\System32\Drivers\Beep.SYS
0x044FD000 \SystemRoot\System32\drivers\vga.sys
0x0450B000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x04530000 \SystemRoot\System32\drivers\watchdog.sys
0x04540000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x04549000 \SystemRoot\system32\drivers\rdpencdd.sys
0x04552000 \SystemRoot\system32\drivers\rdprefmp.sys
0x0455B000 \SystemRoot\System32\Drivers\Msfs.SYS
0x04566000 \SystemRoot\System32\Drivers\Npfs.SYS
0x04577000 \SystemRoot\system32\DRIVERS\tdx.sys
0x04599000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x045A6000 \SystemRoot\System32\DRIVERS\netbt.sys
0x04200000 \SystemRoot\system32\drivers\afd.sys
0x04289000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x01BA0000 \SystemRoot\system32\DRIVERS\pacer.sys
0x01BC6000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x04292000 \SystemRoot\system32\DRIVERS\netbios.sys
0x01600000 \SystemRoot\system32\DRIVERS\dtsoftbus01.sys
0x01BDC000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x017CF000 \SystemRoot\system32\DRIVERS\tmtdi.sys
0x045EB000 \SystemRoot\system32\drivers\termdd.sys
0x013A3000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x01800000 \SystemRoot\system32\drivers\nsiproxy.sys
0x0180C000 \SystemRoot\system32\drivers\mssmbios.sys
0x017EB000 \SystemRoot\System32\drivers\discache.sys
0x00C00000 \SystemRoot\System32\Drivers\dfsc.sys
0x01436000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x00C1E000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x0749F000 \SystemRoot\system32\DRIVERS\igdkmd64.sys
0x07EC2000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x07FB6000 \SystemRoot\System32\drivers\dxgmms1.sys
0x07400000 \SystemRoot\system32\DRIVERS\HECIx64.sys
0x07411000 \SystemRoot\system32\drivers\usbehci.sys
0x07422000 \SystemRoot\system32\drivers\USBPORT.SYS
0x07478000 \SystemRoot\system32\drivers\HDAudBus.sys
0x08232000 \SystemRoot\system32\DRIVERS\NETw5s64.sys
0x08994000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x08200000 \SystemRoot\system32\drivers\i8042prt.sys
0x070FB000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x0714A000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x0714C000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x0715B000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x0716A000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x07177000 \SystemRoot\system32\DRIVERS\Impcd.sys
0x0719E000 \SystemRoot\system32\drivers\wmiacpi.sys
0x071A7000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x071AC000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x071C2000 \SystemRoot\system32\drivers\CompositeBus.sys
0x071D2000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x07000000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x07024000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x07030000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x0705F000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x0707A000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x0709B000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x070B5000 \SystemRoot\system32\drivers\swenum.sys
0x070B7000 \SystemRoot\system32\drivers\ks.sys
0x071E8000 \SystemRoot\system32\drivers\umbus.sys
0x08A8C000 \SystemRoot\system32\DRIVERS\bpenum.sys
0x08AC3000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x08B1D000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x08B32000 \SystemRoot\system32\DRIVERS\stwrt64.sys
0x08BB4000 \SystemRoot\system32\DRIVERS\portcls.sys
0x08A00000 \SystemRoot\system32\DRIVERS\drmk.sys
0x08A22000 \SystemRoot\system32\drivers\ksthunk.sys
0x08A28000 \SystemRoot\system32\DRIVERS\IntcDAud.sys
0x00000000 \SystemRoot\System32\win32k.sys
0x08A73000 \SystemRoot\System32\drivers\Dxapi.sys
0x08BF1000 \SystemRoot\System32\Drivers\crashdmp.sys
0x042A1000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x0821E000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x044AB000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x00C44000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x08A7F000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x01B92000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x00460000 \SystemRoot\System32\TSDDD.dll
0x007B0000 \SystemRoot\System32\cdd.dll
0x0229D000 \SystemRoot\System32\Drivers\bpusb.sys
0x022B7000 \SystemRoot\system32\DRIVERS\bpmp.sys
0x022E9000 \SystemRoot\system32\drivers\luafv.sys
0x0230C000 \SystemRoot\system32\DRIVERS\Sftvollh.sys
0x02317000 \SystemRoot\system32\drivers\WudfPf.sys
0x02338000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x02355000 \SystemRoot\System32\Drivers\usbvideo.sys
0x02383000 \SystemRoot\system32\DRIVERS\CtClsFlt.sys
0x023AE000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x023BC000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x02200000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x02253000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x02266000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x0227E000 \SystemRoot\system32\DRIVERS\TurboB.sys
0x02883000 \SystemRoot\system32\drivers\HTTP.sys
0x0294C000 \SystemRoot\system32\DRIVERS\bowser.sys
0x0296A000 \SystemRoot\System32\drivers\mpsdrv.sys
0x02982000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x029AF000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x02800000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x02824000 \SystemRoot\system32\DRIVERS\tmcomm.sys
0x0284B000 \SystemRoot\system32\DRIVERS\tmevtmgr.sys
0x02861000 \SystemRoot\system32\DRIVERS\tmactmon.sys
0x02C6F000 \SystemRoot\system32\drivers\peauth.sys
0x02D15000 \SystemRoot\System32\Drivers\secdrv.SYS
0x02D20000 \SystemRoot\system32\DRIVERS\Sftfslh.sys
0x02C00000 \SystemRoot\system32\DRIVERS\Sftplaylh.sys
0x089A1000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x02C4D000 \SystemRoot\System32\drivers\tcpipreg.sys
0x048B4000 \??\C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl
0x08099000 \SystemRoot\System32\DRIVERS\srv2.sys
0x08102000 \SystemRoot\System32\DRIVERS\srv.sys
0x0819A000 \SystemRoot\system32\DRIVERS\vwifimp.sys
0x081A4000 \SystemRoot\system32\DRIVERS\Sftredirlh.sys
0x081AF000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x049B6000 \SystemRoot\System32\Drivers\fastfat.SYS
0x081CC000 \??\C:\Windows\system32\drivers\mbam.sys
0x0D631000 \SystemRoot\system32\DRIVERS\Rt64win7.sys
0x0D682000 \SystemRoot\system32\drivers\btusbflt.sys
0x0D692000 \SystemRoot\System32\Drivers\BTHUSB.sys
0x0D6AA000 \SystemRoot\System32\Drivers\bthport.sys
0x0D736000 \SystemRoot\system32\DRIVERS\rfcomm.sys
0x0D762000 \SystemRoot\system32\drivers\BthEnum.sys
0x0D772000 \SystemRoot\system32\DRIVERS\bthpan.sys
0x08000000 \SystemRoot\system32\DRIVERS\btwavdt.sys
0x04800000 \SystemRoot\system32\drivers\btwaudio.sys
0x0D792000 \SystemRoot\system32\DRIVERS\btwl2cap.sys
0x0D79E000 \SystemRoot\system32\DRIVERS\btwrchid.sys
0x0D7A2000 \SystemRoot\system32\DRIVERS\monitor.sys
0x77770000 \Windows\System32\ntdll.dll
0x48470000 \Windows\System32\smss.exe
0xFFA90000 \Windows\System32\apisetschema.dll
0xFF880000 \Windows\System32\autochk.exe
0xFF820000 \Windows\System32\iertutil.dll
0xFF780000 \Windows\System32\msvcrt.dll
0xFF720000 \Windows\System32\Wldap32.dll
0xFF6F0000 \Windows\System32\imm32.dll
0xFF650000 \Windows\System32\comdlg32.dll
0x77940000 \Windows\System32\psapi.dll
0xFF540000 \Windows\System32\msctf.dll
0xFF4C0000 \Windows\System32\shlwapi.dll
0xFF4A0000 \Windows\System32\imagehlp.dll
0x77650000 \Windows\System32\kernel32.dll
0x77550000 \Windows\System32\user32.dll
0xFF450000 \Windows\System32\ws2_32.dll
0xFF370000 \Windows\System32\advapi32.dll
0xFF1F0000 \Windows\System32\urlmon.dll
0x77930000 \Windows\System32\normaliz.dll
0xFF120000 \Windows\System32\usp10.dll
0xFEF10000 \Windows\System32\ole32.dll
0xFEE90000 \Windows\System32\difxapi.dll
0xFEDF0000 \Windows\System32\clbcatq.dll
0xFED80000 \Windows\System32\gdi32.dll
0xFDFF0000 \Windows\System32\shell32.dll
0xFDEC0000 \Windows\System32\rpcrt4.dll
0xFDDE0000 \Windows\System32\oleaut32.dll
0xFDC00000 \Windows\System32\setupapi.dll
0xFDBF0000 \Windows\System32\lpk.dll
0xFDBD0000 \Windows\System32\sechost.dll
0xFDBC0000 \Windows\System32\nsi.dll
0xFDA90000 \Windows\System32\wininet.dll
0xFDA20000 \Windows\System32\KernelBase.dll
0xFD8B0000 \Windows\System32\crypt32.dll
0xFD870000 \Windows\System32\wintrust.dll
0xFD850000 \Windows\System32\devobj.dll
0xFD810000 \Windows\System32\cfgmgr32.dll
0xFD770000 \Windows\System32\comctl32.dll
0xFD760000 \Windows\System32\msasn1.dll

Processes (total 97):
0 System Idle Process
4 System
312 C:\Windows\System32\smss.exe
416 csrss.exe
480 C:\Windows\System32\wininit.exe
500 csrss.exe
540 C:\Windows\System32\services.exe
556 C:\Windows\System32\lsass.exe
568 C:\Windows\System32\lsm.exe
672 C:\Windows\System32\svchost.exe
772 C:\Windows\System32\svchost.exe
828 C:\Windows\System32\svchost.exe
864 C:\Windows\System32\svchost.exe
904 C:\Windows\System32\svchost.exe
928 C:\Program Files\IDT\WDM\stacsv64.exe
940 C:\Windows\System32\winlogon.exe
528 C:\Windows\System32\svchost.exe
1092 C:\Windows\System32\svchost.exe
1240 C:\Windows\System32\wlanext.exe
1248 C:\Windows\System32\conhost.exe
1320 C:\Windows\System32\spoolsv.exe
1368 C:\Windows\System32\svchost.exe
1472 C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
1500 C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
1584 C:\Windows\System32\conhost.exe
1636 C:\Program Files\IDT\WDM\AESTSr64.exe
1664 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1676 C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
1684 C:\Windows\System32\conhost.exe
1876 C:\Program Files (x86)\Bonjour\mDNSResponder.exe
1896 C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
1948 C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
1992 C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgent.exe
2044 C:\Windows\SysWOW64\PnkBstrA.exe
1052 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
2164 C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
2188 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
2240 C:\Windows\System32\svchost.exe
2272 C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
2320 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
2480 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
2612 C:\Windows\System32\taskhost.exe
2700 C:\Windows\System32\dwm.exe
2732 C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
2776 C:\Program Files\Intel\WiFi\bin\EvtEng.exe
2816 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
2944 C:\Windows\explorer.exe
2952 C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
2540 unsecapp.exe
3140 WmiPrvSE.exe
3412 C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
3868 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
4012 C:\Windows\System32\svchost.exe
3508 C:\Windows\System32\svchost.exe
3624 C:\Windows\System32\svchost.exe
3804 C:\Windows\System32\rundll32.exe
2684 C:\Program Files\Dell\QuickSet\quickset.exe
364 C:\Program Files\IDT\WDM\sttray64.exe
4100 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
4112 C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
4148 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
4160 C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
4208 C:\Windows\System32\igfxtray.exe
4220 C:\Windows\System32\hkcmd.exe
4256 C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
4284 C:\Windows\System32\igfxpers.exe
4300 C:\Program Files (x86)\Steam\Steam.exe
4364 C:\Windows\System32\StikyNot.exe
4580 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
4592 C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
4616 C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
4664 C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
4688 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
4916 C:\Windows\System32\SearchIndexer.exe
4600 C:\Windows\System32\wbem\unsecapp.exe
4928 C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
4684 C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe
1604 C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
4804 C:\Program Files (x86)\iTunes\iTunesHelper.exe
3280 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
5624 C:\Windows\System32\svchost.exe
5964 C:\Program Files\Windows Media Player\wmpnetwk.exe
6044 C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
3528 C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
4816 dllhost.exe
5980 C:\Program Files\iPod\bin\iPodService.exe
6432 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
4204 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
6984 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
7936 C:\Windows\System32\taskeng.exe
3456 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
5996 C:\Windows\System32\SearchProtocolHost.exe
1804 C:\Windows\System32\SearchFilterHost.exe
8152 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
2456 C:\Users\Wesley\Downloads\MBRCheck.exe
5336 C:\Windows\System32\conhost.exe
844 C:\Windows\System32\dllhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000003`afd00000 (NTFS)
\\.\Q: --> error 5

PhysicalDrive0 Model Number: ST9750420AS, Rev: 0001DEM1

Size Device Name MBR Status
--------------------------------------------
698 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: FDDCA5E0C8B6CE20A905CF4F023347B822E0808A


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Done!

#13 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,708 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:02:28 PM

Posted 03 September 2011 - 06:03 PM

The log confirmed it once more. We will fix the infection the next round. Before that I would like to see a log.

Yours is x64 bit system:

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.[/list]

#14 smuckers

smuckers
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:28 AM

Posted 04 September 2011 - 04:24 PM

Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.2.1
Ran by SYSTEM at 2011-09-04 15:19:08
Running from F:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe [3179288 2010-01-06] (Dell Inc.)
HKLM\...\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-06-18] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [1890088 2010-03-17] (Synaptics Incorporated)
HKLM\...\Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray [1928976 2010-03-05] (Intel® Corporation)
HKLM\...\Run: [IntelWirelessWiMAX] "C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe" /tasktray /nosplash [1449984 2010-10-03] (Intel® Corporation)
HKLM\...\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe -set Silent "1" SplashURL "" [1111568 2011-02-16] (Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [197152 2011-02-10] (Trend Micro Inc.)
HKLM\...\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe [162328 2011-02-11] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [386584 2011-02-11] (Intel Corporation)
HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe [417304 2011-02-11] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2010-06-08] (Intel Corporation)
HKLM-x32\...\Run: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [140520 2009-12-29] (CyberLink Corp.)
HKLM-x32\...\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 [409744 2009-06-24] (Creative Technology Ltd)
HKLM-x32\...\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [498160 2009-10-15] ()
HKLM-x32\...\Run: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot [3926528 2010-08-23] (Dell, Inc.)
HKLM-x32\...\Run: [NACAgentUI] C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe [524512 2011-01-06] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [1230704 2011-03-21] ()
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2010-11-29] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421160 2011-06-07] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [37296 2011-06-07] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [937920 2011-03-29] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray [449584 2011-07-06] (Malwarebytes Corporation)
HKU\Wesley\...\Run: [Best Buy pc app] C:\Users\Wesley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms [x]
HKU\Wesley\...\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent [1242448 2011-08-01] (Valve Corporation)
HKU\Wesley\...\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3077528 2011-07-16] ()
HKU\Wesley\...\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
HKU\Wesley\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [1305408 2011-01-20] (DT Soft Ltd)
HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [560128 2011-04-14] (Dell)
HKLM-x32\...\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe [165184 2011-01-13] (Softthinks)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.11.1

==================== Services (Whitelisted) ======

2 DMAgent; "C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe" [606720 2010-09-28] (Red Bend Ltd.)
2 IAStorDataMgrSvc; "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe" [13336 2010-06-08] (Intel Corporation)
2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [366640 2011-07-06] (Malwarebytes Corporation)
3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-03-05] ()
2 NACAgent; "C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgent.exe" [1104608 2011-01-06] (Cisco Systems, Inc.)
2 WiMAXAppSrv; "C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe" [911872 2010-09-28] (Intel® Corporation)
2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 [x]
4 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [x]
4 NetMsmqActivator; "c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator [x]
4 NetPipeActivator; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [x]
4 NetTcpActivator; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [x]
4 NetTcpPortSharing; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [x]
2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [x]

========================== Drivers (Whitelisted) =============

3 bpenum; C:\Windows\System32\DRIVERS\bpenum.sys [71168 2010-09-19] (Intel Corporation)
3 bpmp; C:\Windows\System32\DRIVERS\bpmp.sys [175104 2010-09-19] (Intel Corporation)
3 bpusb; C:\Windows\System32\Drivers\bpusb.sys [81920 2010-09-19] (Intel Corporation)
1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-06-12] (DT Soft Ltd)
3 Gun; \??\C:\Game\SoftnyxGame\GunBoundIS\Gun64.sys [45176 2011-07-03] ()
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [25912 2011-07-06] (Malwarebytes Corporation)
2 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [90704 2010-09-17] (Trend Micro Inc.)
2 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [144464 2010-09-17] (Trend Micro Inc.)
2 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [67664 2010-09-17] (Trend Micro Inc.)
1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105552 2010-09-17] (Trend Micro Inc.)
2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
2 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7}; \??\C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl [146928 2009-12-29] (CyberLink Corp.)
3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
4 PNRPAutoReg32; [x]
2 TMAgent; [x]

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2011-09-04 15:19 - 2011-09-04 15:19 - 0000000 ____D C:\FRST
2011-09-04 06:56 - 2011-09-04 06:56 - 44038409 ____A C:\Users\Wesley\My Documents\jimmyhigh3.wma
2011-09-04 06:56 - 2011-09-04 06:56 - 44038409 ____A C:\Users\Wesley\Documents\jimmyhigh3.wma
2011-09-04 03:48 - 2011-09-04 04:06 - 1072690000 ____A C:\Users\Wesley\Downloads\0913_re5_0913.part3.rar
2011-09-04 03:32 - 2011-09-04 03:48 - 1072690000 ____A C:\Users\Wesley\Downloads\0913_re5_0913.part5.rar
2011-09-04 03:15 - 2011-09-04 03:31 - 1072690000 ____A C:\Users\Wesley\Downloads\0913_re5_0913.part4.rar
2011-09-04 02:54 - 2011-09-04 03:14 - 1072690000 ____A C:\Users\Wesley\Downloads\0913_re5_0913.part1.rar
2011-09-04 02:47 - 2011-09-04 02:49 - 0000000 ____D C:\Users\Wesley\Downloads\Tekken.pc
2011-09-04 01:31 - 2011-09-04 02:53 - 1072690000 ____A C:\Users\Wesley\Downloads\0913_re5_0913.part6.rar
2011-09-04 01:25 - 2011-09-04 01:30 - 350100530 ____A C:\Users\Wesley\Downloads\0913_re5_0913.part8.rar
2011-09-04 01:03 - 2011-09-04 01:22 - 373451429 ____A C:\Users\Wesley\Downloads\Tkn.5.AhmadLight.part10.rar
2011-09-04 00:34 - 2011-09-04 00:34 - 1203167 ____A C:\Users\Wesley\Desktop\FRST64.exe
2011-09-03 17:55 - 2011-09-03 17:56 - 0017436 ____A C:\Users\Wesley\Desktop\MBRCheck_09.03.11_15.55.48.txt
2011-09-03 17:55 - 2011-09-03 17:55 - 0080384 ____A C:\Users\Wesley\Downloads\MBRCheck.exe
2011-09-03 17:28 - 2011-09-03 17:28 - 112717449 ____A C:\Users\Wesley\My Documents\jimmy high 2.wma
2011-09-03 17:28 - 2011-09-03 17:28 - 112717449 ____A C:\Users\Wesley\Documents\jimmy high 2.wma
2011-09-03 00:52 - 2011-09-04 01:24 - 1072690000 ____A C:\Users\Wesley\Downloads\0913_re5_0913.part7.rar
2011-09-03 00:50 - 2011-09-04 02:47 - 472907776 ____A C:\Users\Wesley\Downloads\Tkn.5.AhmadLight.part09.rar
2011-09-03 00:35 - 2011-09-03 00:52 - 1072690000 ____A C:\Users\Wesley\Downloads\0913_re5_0913.part2.rar
2011-09-03 00:30 - 2011-09-03 00:34 - 172990506 ____A C:\Users\Wesley\Downloads\66279_proto_rzr_66279.part9.rar
2011-09-03 00:10 - 2011-09-03 00:34 - 472907776 ____A C:\Users\Wesley\Downloads\Tkn.5.AhmadLight.part07.rar
2011-09-03 00:08 - 2011-09-03 00:30 - 1072690000 ____A C:\Users\Wesley\Downloads\66279_proto_rzr_66279.part8.rar
2011-09-02 23:51 - 2011-09-03 00:07 - 1072690000 ____A C:\Users\Wesley\Downloads\66279_proto_rzr_66279.part7.rar
2011-09-02 23:27 - 2011-09-02 23:50 - 472907776 ____A C:\Users\Wesley\Downloads\Tkn.5.AhmadLight.part08.rar
2011-09-02 23:27 - 2011-09-02 23:50 - 1072690000 ____A C:\Users\Wesley\Downloads\66279_proto_rzr_66279.part6.rar
2011-09-02 22:05 - 2011-09-02 22:21 - 1072690000 ____A C:\Users\Wesley\Downloads\66279_proto_rzr_66279.part5.rar
2011-09-02 21:54 - 2007-08-14 15:23 - 2265448448 ____A C:\Users\Wesley\Downloads\Madden NFL 08.iso
2011-09-02 21:41 - 2011-09-02 22:04 - 1072690000 ____A C:\Users\Wesley\Downloads\66279_proto_rzr_66279.part4.rar
2011-09-02 21:07 - 2011-09-02 21:34 - 472907776 ____A C:\Users\Wesley\Downloads\Tkn.5.AhmadLight.part06.rar
2011-09-02 20:58 - 2011-09-02 21:40 - 1072690000 ____A C:\Users\Wesley\Downloads\66279_proto_rzr_66279.part3.rar
2011-09-02 20:37 - 2011-09-02 20:40 - 0001390 ____A C:\cst
2011-09-02 20:33 - 2011-09-02 20:57 - 1072690000 ____A C:\Users\Wesley\Downloads\66279_proto_rzr_66279.part2.rar
2011-09-02 20:27 - 2011-09-02 20:50 - 472907776 ____A C:\Users\Wesley\Downloads\Tkn.5.AhmadLight.part05.rar
2011-09-02 20:13 - 2011-09-02 20:32 - 1072690000 ____A C:\Users\Wesley\Downloads\66279_proto_rzr_66279.part1.rar
2011-09-02 19:48 - 2011-09-02 20:10 - 472907776 ____A C:\Users\Wesley\Downloads\Tkn.5.AhmadLight.part04.rar
2011-09-02 19:09 - 2011-09-02 19:32 - 472907776 ____A C:\Users\Wesley\Downloads\Tkn.5.AhmadLight.part02.rar
2011-09-02 18:47 - 2011-09-02 18:47 - 0002470 ____A C:\Users\Wesley\Desktop\GooredFix.txt
2011-09-02 18:47 - 2011-09-02 18:47 - 0000000 ____D C:\Users\Wesley\Desktop\GooredFix Backups
2011-09-02 18:45 - 2011-09-02 18:45 - 0071398 ____A (jpshortstuff) C:\Users\Wesley\Downloads\GooredFix.exe
2011-09-02 18:44 - 2011-09-02 18:46 - 0070736 ____A C:\TDSSKiller.2.5.17.0_02.09.2011_16.44.24_log.txt
2011-09-02 18:44 - 2011-01-01 03:14 - 0002254 ____A C:\Users\Wesley\Downloads\eula.txt
2011-09-02 18:35 - 2009-12-18 00:35 - 0000000 __RAD C:\Users\Wesley\Downloads\MyegY.cOm_Mortal.Kombat.Deception.PC_By.UNDERCOVER
2011-09-02 18:26 - 2011-09-02 18:48 - 472907776 ____A C:\Users\Wesley\Downloads\Tkn.5.AhmadLight.part03.rar
2011-09-02 17:44 - 2011-09-02 18:09 - 472907776 ____A C:\Users\Wesley\Downloads\Tkn.5.AhmadLight.part01.rar
2011-09-02 02:59 - 2011-09-02 02:59 - 0000000 ____D C:\_OTL
2011-09-02 01:35 - 2011-09-02 01:50 - 366137344 ____A C:\Users\Wesley\Downloads\Friday.Night.Lights.S02E15.DVDRip.XviD-FoV.avi
2011-09-02 00:56 - 2011-09-02 01:11 - 367846264 ____A C:\Users\Wesley\Downloads\Friday.Night.Lights.S02E05.DVDRip.XviD-FoV.avi
2011-09-02 00:40 - 2011-09-02 00:55 - 366739456 ____A C:\Users\Wesley\Downloads\Friday.Night.Lights.S02E12.DVDRip.XviD-FoV.avi
2011-09-02 00:12 - 2011-09-02 00:27 - 365303808 ____A C:\Users\Wesley\Downloads\Friday.Night.Lights.S02E14.DVDRip.XviD-FoV.avi
2011-09-01 23:40 - 2011-09-01 23:54 - 366372864 ____A C:\Users\Wesley\Downloads\Friday.Night.Lights.S02E10.DVDRip.XviD-FoV.avi
2011-09-01 23:24 - 2011-09-01 23:38 - 366229504 ____A C:\Users\Wesley\Downloads\Friday.Night.Lights.S02E11.DVDRip.XviD-FoV.avi
2011-09-01 18:58 - 2011-09-01 19:13 - 365529088 ____A C:\Users\Wesley\Downloads\Friday.Night.Lights.S02E06.DVDRip.XviD-FoV.avi
2011-09-01 18:42 - 2011-09-01 18:57 - 365398016 ____A C:\Users\Wesley\Downloads\Friday.Night.Lights.S02E08.DVDRip.XviD-FoV.avi
2011-09-01 18:26 - 2011-09-01 18:41 - 365926400 ____A C:\Users\Wesley\Downloads\Friday.Night.Lights.S02E13.DVDRip.XviD-FoV.avi
2011-09-01 18:10 - 2011-09-01 18:25 - 365932544 ____A C:\Users\Wesley\Downloads\Friday.Night.Lights.S02E07.DVDRip.XviD-FoV.avi
2011-09-01 17:13 - 2011-09-01 17:28 - 366366720 ____A C:\Users\Wesley\Downloads\Friday.Night.Lights.S02E04.DVDRip.XviD-FoV.avi
2011-09-01 16:56 - 2011-09-01 17:11 - 364345604 ____A C:\Users\Wesley\Downloads\Friday.Night.Lights.S02E09.DVDRip.XviD-FoV.avi
2011-09-01 01:26 - 2011-09-02 18:55 - 0073208 ____A C:\Users\Wesley\Desktop\Extras.Txt
2011-09-01 01:26 - 2011-09-02 18:54 - 0377876 ____A C:\Users\Wesley\Desktop\OTL.Txt
2011-09-01 01:19 - 2011-09-01 01:19 - 0581120 ____A (OldTimer Tools) C:\Users\Wesley\Desktop\OTL.exe
2011-08-31 01:12 - 2011-08-31 01:55 - 540415028 ____A C:\Users\Wesley\Downloads\0624.mp4
2011-08-30 04:30 - 2011-08-30 04:30 - 13636619 ____A C:\Users\Wesley\My Documents\jimmysfirsthighsessions.wma
2011-08-30 04:30 - 2011-08-30 04:30 - 13636619 ____A C:\Users\Wesley\Documents\jimmysfirsthighsessions.wma
2011-08-28 04:05 - 2011-08-28 04:05 - 0000000 ____D C:\Users\Wesley\My Documents\Dell WebCam Central
2011-08-28 04:05 - 2011-08-28 04:05 - 0000000 ____D C:\Users\Wesley\Documents\Dell WebCam Central
2011-08-28 04:05 - 2011-08-28 04:05 - 0000000 ____D C:\Users\Wesley\Application Data\Creative
2011-08-28 04:05 - 2011-08-28 04:05 - 0000000 ____D C:\Users\Wesley\AppData\Roaming\Creative
2011-08-28 04:05 - 2011-08-28 04:05 - 0000000 ____D C:\Users\All Users\Creative
2011-08-28 04:05 - 2011-08-28 04:05 - 0000000 ____D C:\Users\All Users\Application Data\Creative
2011-08-28 04:05 - 2011-08-28 04:05 - 0000000 ____D C:\ProgramData\Creative
2011-08-26 06:20 - 2011-08-26 06:20 - 0000407 ____A C:\Users\Wesley\Desktop\Ark.log
2011-08-26 04:43 - 2011-08-26 04:43 - 0005244 ____A C:\Users\Wesley\Desktop\Attach.txt
2011-08-26 04:32 - 2011-08-26 04:32 - 0294216 ____A C:\Users\Wesley\Downloads\gmer.zip
2011-08-26 04:26 - 2011-08-26 04:26 - 0607260 ____R (Swearware) C:\Users\Wesley\Downloads\dds.scr
2011-08-26 04:21 - 2011-08-26 04:21 - 0050477 ____A C:\Users\Wesley\Downloads\Defogger.exe
2011-08-24 18:35 - 2011-07-09 00:26 - 0002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2011-08-24 18:35 - 2011-07-08 23:29 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2011-08-24 18:32 - 2011-09-04 00:43 - 0524288 __ASH C:\Windows\System32\config\components{b6ceca9e-cea8-11e0-b920-c0cb38c87515}.TMContainer00000000000000000001.regtrans-ms
2011-08-24 18:32 - 2011-09-04 00:43 - 0065536 __ASH C:\Windows\System32\config\components{b6ceca9e-cea8-11e0-b920-c0cb38c87515}.TM.blf
2011-08-24 18:32 - 2011-08-24 18:43 - 0524288 __ASH C:\Windows\System32\config\components{b6ceca9e-cea8-11e0-b920-c0cb38c87515}.TMContainer00000000000000000002.regtrans-ms
2011-08-24 03:09 - 2011-08-24 03:10 - 0071304 ____A C:\TDSSKiller.2.5.17.0_24.08.2011_01.09.35_log.txt
2011-08-14 01:06 - 2011-08-17 02:26 - 0000641 __ASH C:\Windows\SysWOW64\7c4e86d41406P.manifest
2011-08-14 01:06 - 2011-08-17 02:26 - 0000013 __ASH C:\Windows\SysWOW64\7c4e86d41406C.manifest
2011-08-14 01:06 - 2011-08-17 02:26 - 0000011 __ASH C:\Windows\SysWOW64\7c4e86d41406S.manifest
2011-08-14 01:06 - 2011-08-17 02:26 - 0000011 __ASH C:\Windows\SysWOW64\7c4e86d41406O.manifest
2011-08-09 20:24 - 2011-06-16 00:49 - 0199680 ____A (Microsoft Corporation) C:\Windows\System32\xmllite.dll
2011-08-09 20:24 - 2011-06-15 23:33 - 0180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2011-08-09 20:24 - 2011-06-15 05:02 - 0212992 ____A (Microsoft Corporation) C:\Windows\System32\odbctrac.dll
2011-08-09 20:24 - 2011-06-15 05:02 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\odbccp32.dll
2011-08-09 20:24 - 2011-06-15 05:02 - 0106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccu32.dll
2011-08-09 20:24 - 2011-06-15 05:02 - 0106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccr32.dll
2011-08-09 20:24 - 2011-06-15 03:55 - 0319488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2011-08-09 20:24 - 2011-06-15 03:55 - 0163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2011-08-09 20:24 - 2011-06-15 03:55 - 0122880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2011-08-09 20:24 - 2011-06-15 03:55 - 0086016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2011-08-09 20:24 - 2011-06-15 03:55 - 0081920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2011-08-09 20:23 - 2011-07-22 02:31 - 9007104 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-08-09 20:23 - 2011-07-22 01:33 - 5988864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-08-09 20:23 - 2011-07-22 00:22 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-08-09 20:23 - 2011-07-21 23:54 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-08-09 20:23 - 2011-07-16 00:41 - 0362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2011-08-09 20:23 - 2011-07-16 00:41 - 0243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2011-08-09 20:23 - 2011-07-16 00:41 - 0013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2011-08-09 20:23 - 2011-07-16 00:39 - 0016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2011-08-09 20:23 - 2011-07-16 00:37 - 1162752 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2011-08-09 20:23 - 2011-07-16 00:37 - 0421888 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2011-08-09 20:23 - 2011-07-16 00:21 - 0006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2011-08-09 20:23 - 2011-07-16 00:21 - 0005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2011-08-09 20:23 - 2011-07-16 00:21 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2011-08-09 20:23 - 2011-07-16 00:21 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2011-08-09 20:23 - 2011-07-16 00:21 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-08-09 20:23 - 2011-07-16 00:21 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2011-08-09 20:23 - 2011-07-16 00:21 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2011-08-09 20:23 - 2011-07-16 00:21 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2011-08-09 20:23 - 2011-07-16 00:21 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-08-09 20:23 - 2011-07-16 00:21 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-08-09 20:23 - 2011-07-16 00:21 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-08-09 20:23 - 2011-07-16 00:21 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2011-08-09 20:23 - 2011-07-16 00:21 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2011-08-09 20:23 - 2011-07-16 00:21 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-08-09 20:23 - 2011-07-16 00:21 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2011-08-09 20:23 - 2011-07-16 00:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2011-08-09 20:23 - 2011-07-16 00:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2011-08-09 20:23 - 2011-07-16 00:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2011-08-09 20:23 - 2011-07-16 00:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2011-08-09 20:23 - 2011-07-16 00:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2011-08-09 20:23 - 2011-07-16 00:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2011-08-09 20:23 - 2011-07-16 00:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2011-08-09 20:23 - 2011-07-16 00:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2011-08-09 20:23 - 2011-07-16 00:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-08-09 20:23 - 2011-07-16 00:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2011-08-09 20:23 - 2011-07-16 00:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2011-08-09 20:23 - 2011-07-16 00:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2011-08-09 20:23 - 2011-07-16 00:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2011-08-09 20:23 - 2011-07-15 23:29 - 0014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2011-08-09 20:23 - 2011-07-15 23:25 - 0025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2011-08-09 20:23 - 2011-07-15 23:24 - 1114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2011-08-09 20:23 - 2011-07-15 23:24 - 0272384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2011-08-09 20:23 - 2011-07-15 23:24 - 0005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2011-08-09 20:23 - 2011-07-15 23:15 - 0005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2011-08-09 20:23 - 2011-07-15 23:15 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-08-09 20:23 - 2011-07-15 23:15 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-08-09 20:23 - 2011-07-15 23:15 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-08-09 20:23 - 2011-07-15 23:15 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-08-09 20:23 - 2011-07-15 23:15 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-08-09 20:23 - 2011-07-15 23:15 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-08-09 20:23 - 2011-07-15 23:15 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-08-09 20:23 - 2011-07-15 23:15 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-08-09 20:23 - 2011-07-15 23:15 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-08-09 20:23 - 2011-07-15 23:15 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-08-09 20:23 - 2011-07-15 23:15 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-08-09 20:23 - 2011-07-15 23:15 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-08-09 20:23 - 2011-07-15 23:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2011-08-09 20:23 - 2011-07-15 23:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-08-09 20:23 - 2011-07-15 23:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-08-09 20:23 - 2011-07-15 23:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2011-08-09 20:23 - 2011-07-15 23:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-08-09 20:23 - 2011-07-15 23:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-08-09 20:23 - 2011-07-15 23:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-08-09 20:23 - 2011-07-15 23:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-08-09 20:23 - 2011-07-15 23:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-08-09 20:23 - 2011-07-15 23:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-08-09 20:23 - 2011-07-15 23:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2011-08-09 20:23 - 2011-07-15 21:21 - 0007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2011-08-09 20:23 - 2011-07-15 21:21 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2011-08-09 20:23 - 2011-07-15 21:17 - 0006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2011-08-09 20:23 - 2011-07-15 21:17 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-08-09 20:23 - 2011-07-15 21:17 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-08-09 20:23 - 2011-07-15 21:17 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2011-08-09 20:23 - 2011-07-08 21:46 - 0288768 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2011-08-09 20:23 - 2011-06-24 00:34 - 0214528 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2011-08-09 20:23 - 2011-06-24 00:25 - 0338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2011-08-09 20:23 - 2011-06-23 00:43 - 5561216 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2011-08-09 20:23 - 2011-06-22 23:33 - 3967872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2011-08-09 20:23 - 2011-06-22 23:33 - 3912576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2011-08-09 20:23 - 2011-06-21 01:34 - 1923968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2011-08-09 20:23 - 2011-06-21 01:20 - 1492992 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-08-09 20:23 - 2011-06-21 01:20 - 1188864 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-08-09 20:23 - 2011-06-21 01:20 - 0134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2011-08-09 20:23 - 2011-06-21 01:19 - 0702464 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-08-09 20:23 - 2011-06-21 01:19 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-08-09 20:23 - 2011-06-21 01:18 - 2454528 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-08-09 20:23 - 2011-06-21 01:18 - 12262400 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-08-09 20:23 - 2011-06-21 01:18 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-08-09 20:23 - 2011-06-21 01:18 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-08-09 20:23 - 2011-06-21 00:28 - 1231360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-08-09 20:23 - 2011-06-21 00:28 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-08-09 20:23 - 2011-06-21 00:28 - 0132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2011-08-09 20:23 - 2011-06-21 00:26 - 2073600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-08-09 20:23 - 2011-06-21 00:26 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-08-09 20:23 - 2011-06-21 00:26 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-08-09 20:23 - 2011-06-21 00:26 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-08-09 20:23 - 2011-06-21 00:26 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-08-09 20:23 - 2011-06-21 00:25 - 10991104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-08-05 19:28 - 2011-08-24 03:16 - 0000000 ____D C:\Users\Wesley\My Documents\DragonNest
2011-08-05 19:28 - 2011-08-24 03:16 - 0000000 ____D C:\Users\Wesley\Documents\DragonNest
2011-08-05 02:47 - 2011-08-05 02:47 - 0000000 ___AH C:\Users\Wesley\Desktop\zdopihgyjv.tmp
2011-08-05 02:44 - 2011-08-05 02:44 - 0000000 ____D C:\Users\Wesley\My Documents\Games
2011-08-05 02:44 - 2011-08-05 02:44 - 0000000 ____D C:\Users\Wesley\Documents\Games

============ 3 Months Modified Files and Folders =============

2011-09-04 16:15 - 2011-07-16 04:34 - 0000000 ____D C:\Users\Wesley\Local Settings\PMB Files
2011-09-04 16:15 - 2011-07-16 04:34 - 0000000 ____D C:\Users\Wesley\Local Settings\Application Data\PMB Files
2011-09-04 16:15 - 2011-07-16 04:34 - 0000000 ____D C:\Users\Wesley\AppData\Local\PMB Files
2011-09-04 16:15 - 2011-01-08 20:21 - 2085823 ____A C:\Windows\WindowsUpdate.log
2011-09-04 16:14 - 2009-07-13 23:45 - 0013872 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2011-09-04 16:14 - 2009-07-13 23:45 - 0013872 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2011-09-04 16:12 - 2009-07-14 00:13 - 0795716 ____A C:\Windows\System32\PerfStringBackup.INI
2011-09-04 16:07 - 2011-06-16 17:54 - 0000000 ____D C:\Program Files (x86)\Steam
2011-09-04 16:07 - 2011-01-08 21:47 - 0000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2011-09-04 16:06 - 2011-07-15 18:09 - 0003966 ____A C:\Windows\setupact.log
2011-09-04 16:06 - 2011-06-12 04:35 - 0000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2011-09-04 16:06 - 2011-04-10 16:55 - 0000000 ____D C:\Users\Wesley\Local Settings\SoftThinks
2011-09-04 16:06 - 2011-04-10 16:55 - 0000000 ____D C:\Users\Wesley\Local Settings\Application Data\SoftThinks
2011-09-04 16:06 - 2011-04-10 16:55 - 0000000 ____D C:\Users\Wesley\AppData\Local\SoftThinks
2011-09-04 16:06 - 2011-01-08 21:38 - 0000050 ____A C:\Windows\System32\SupplicantTest.log
2011-09-04 16:06 - 2011-01-08 20:16 - 1989160960 __ASH C:\hiberfil.sys
2011-09-04 16:06 - 2009-07-14 00:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2011-09-04 15:19 - 2011-09-04 15:19 - 0000000 ____D C:\FRST
2011-09-04 07:50 - 2011-06-12 04:35 - 0000898 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2011-09-04 06:56 - 2011-09-04 06:56 - 44038409 ____A C:\Users\Wesley\My Documents\jimmyhigh3.wma
2011-09-04 06:56 - 2011-09-04 06:56 - 44038409 ____A C:\Users\Wesley\Documents\jimmyhigh3.wma
2011-09-04 04:06 - 2011-09-04 03:48 - 1072690000 ____A C:\Users\Wesley\Downloads\0913_re5_0913.part3.rar
2011-09-04 03:48 - 2011-09-04 03:32 - 1072690000 ____A C:\Users\Wesley\Downloads\0913_re5_0913.part5.rar
2011-09-04 03:31 - 2011-09-04 03:15 - 1072690000 ____A C:\Users\Wesley\Downloads\0913_re5_0913.part4.rar
2011-09-04 03:14 - 2011-09-04 02:54 - 1072690000 ____A C:\Users\Wesley\Downloads\0913_re5_0913.part1.rar
2011-09-04 02:53 - 2011-09-04 01:31 - 1072690000 ____A C:\Users\Wesley\Downloads\0913_re5_0913.part6.rar
2011-09-04 02:49 - 2011-09-04 02:47 - 0000000 ____D C:\Users\Wesley\Downloads\Tekken.pc
2011-09-04 02:47 - 2011-09-03 00:50 - 472907776 ____A C:\Users\Wesley\Downloads\Tkn.5.AhmadLight.part09.rar
2011-09-04 01:30 - 2011-09-04 01:25 - 350100530 ____A C:\Users\Wesley\Downloads\0913_re5_0913.part8.rar
2011-09-04 01:24 - 2011-09-03 00:52 - 1072690000 ____A C:\Users\Wesley\Downloads\0913_re5_0913.part7.rar
2011-09-04 01:22 - 2011-09-04 01:03 - 373451429 ____A C:\Users\Wesley\Downloads\Tkn.5.AhmadLight.part10.rar
2011-09-04 01:02 - 2011-06-12 02:18 - 0000000 ____D C:\Program Files (x86)\JDownloader
2011-09-04 00:43 - 2011-08-24 18:32 - 0524288 __ASH C:\Windows\System32\config\components{b6ceca9e-cea8-11e0-b920-c0cb38c87515}.TMContainer00000000000000000001.regtrans-ms
2011-09-04 00:43 - 2011-08-24 18:32 - 0065536 __ASH C:\Windows\System32\config\components{b6ceca9e-cea8-11e0-b920-c0cb38c87515}.TM.blf
2011-09-04 00:34 - 2011-09-04 00:34 - 1203167 ____A C:\Users\Wesley\Desktop\FRST64.exe
2011-09-04 00:29 - 2011-01-08 21:23 - 0539548 ____A C:\Windows\PFRO.log
2011-09-03 17:56 - 2011-09-03 17:55 - 0017436 ____A C:\Users\Wesley\Desktop\MBRCheck_09.03.11_15.55.48.txt
2011-09-03 17:55 - 2011-09-03 17:55 - 0080384 ____A C:\Users\Wesley\Downloads\MBRCheck.exe
2011-09-03 17:28 - 2011-09-03 17:28 - 112717449 ____A C:\Users\Wesley\My Documents\jimmy high 2.wma
2011-09-03 17:28 - 2011-09-03 17:28 - 112717449 ____A C:\Users\Wesley\Documents\jimmy high 2.wma
2011-09-03 17:28 - 2011-06-12 04:36 - 0002346 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2011-09-03 17:28 - 2011-06-12 04:36 - 0002346 ____A C:\Users\All Users\Desktop\Google Chrome.lnk
2011-09-03 00:52 - 2011-09-03 00:35 - 1072690000 ____A C:\Users\Wesley\Downloads\0913_re5_0913.part2.rar
2011-09-03 00:34 - 2011-09-03 00:30 - 172990506 ____A C:\Users\Wesley\Downloads\66279_proto_rzr_66279.part9.rar
2011-09-03 00:34 - 2011-09-03 00:10 - 472907776 ____A C:\Users\Wesley\Downloads\Tkn.5.AhmadLight.part07.rar
2011-09-03 00:30 - 2011-09-03 00:08 - 1072690000 ____A C:\Users\Wesley\Downloads\66279_proto_rzr_66279.part8.rar
2011-09-03 00:07 - 2011-09-02 23:51 - 1072690000 ____A C:\Users\Wesley\Downloads\66279_proto_rzr_66279.part7.rar
2011-09-02 23:50 - 2011-09-02 23:27 - 472907776 ____A C:\Users\Wesley\Downloads\Tkn.5.AhmadLight.part08.rar
2011-09-02 23:50 - 2011-09-02 23:27 - 1072690000 ____A C:\Users\Wesley\Downloads\66279_proto_rzr_66279.part6.rar
2011-09-02 22:21 - 2011-09-02 22:05 - 1072690000 ____A C:\Users\Wesley\Downloads\66279_proto_rzr_66279.part5.rar
2011-09-02 22:04 - 2011-09-02 21:41 - 1072690000 ____A C:\Users\Wesley\Downloads\66279_proto_rzr_66279.part4.rar
2011-09-02 21:40 - 2011-09-02 20:58 - 1072690000 ____A C:\Users\Wesley\Downloads\66279_proto_rzr_66279.part3.rar
2011-09-02 21:34 - 2011-09-02 21:07 - 472907776 ____A C:\Users\Wesley\Downloads\Tkn.5.AhmadLight.part06.rar
2011-09-02 20:57 - 2011-09-02 20:33 - 1072690000 ____A C:\Users\Wesley\Downloads\66279_proto_rzr_66279.part2.rar
2011-09-02 20:50 - 2011-09-02 20:27 - 472907776 ____A C:\Users\Wesley\Downloads\Tkn.5.AhmadLight.part05.rar
2011-09-02 20:40 - 2011-09-02 20:37 - 0001390 ____A C:\cst
2011-09-02 20:32 - 2011-09-02 20:13 - 1072690000 ____A C:\Users\Wesley\Downloads\66279_proto_rzr_66279.part1.rar
2011-09-02 20:10 - 2011-09-02 19:48 - 472907776 ____A C:\Users\Wesley\Downloads\Tkn.5.AhmadLight.part04.rar
2011-09-02 19:32 - 2011-09-02 19:09 - 472907776 ____A C:\Users\Wesley\Downloads\Tkn.5.AhmadLight.part02.rar
2011-09-02 18:55 - 2011-09-01 01:26 - 0073208 ____A C:\Users\Wesley\Desktop\Extras.Txt
2011-09-02 18:54 - 2011-09-01 01:26 - 0377876 ____A C:\Users\Wesley\Desktop\OTL.Txt
2011-09-02 18:48 - 2011-09-02 18:26 - 472907776 ____A C:\Users\Wesley\Downloads\Tkn.5.AhmadLight.part03.rar
2011-09-02 18:47 - 2011-09-02 18:47 - 0002470 ____A C:\Users\Wesley\Desktop\GooredFix.txt
2011-09-02 18:47 - 2011-09-02 18:47 - 0000000 ____D C:\Users\Wesley\Desktop\GooredFix Backups
2011-09-02 18:46 - 2011-09-02 18:44 - 0070736 ____A C:\TDSSKiller.2.5.17.0_02.09.2011_16.44.24_log.txt
2011-09-02 18:45 - 2011-09-02 18:45 - 0071398 ____A (jpshortstuff) C:\Users\Wesley\Downloads\GooredFix.exe
2011-09-02 18:09 - 2011-09-02 17:44 - 472907776 ____A C:\Users\Wesley\Downloads\Tkn.5.AhmadLight.part01.rar
2011-09-02 14:52 - 2011-04-10 16:31 - 0000000 ____D C:\Program Files (x86)\Heroes of Newerth
2011-09-02 14:18 - 2011-04-10 16:53 - 0057560 ____A C:\Users\Wesley\Local Settings\GDIPFONTCACHEV1.DAT
2011-09-02 14:18 - 2011-04-10 16:53 - 0057560 ____A C:\Users\Wesley\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2011-09-02 14:18 - 2011-04-10 16:53 - 0057560 ____A C:\Users\Wesley\AppData\Local\GDIPFONTCACHEV1.DAT
2011-09-02 14:15 - 2009-07-13 23:45 - 0274320 ____A C:\Windows\System32\FNTCACHE.DAT
2011-09-02 02:59 - 2011-09-02 02:59 - 0000000 ____D C:\_OTL
2011-09-02 01:50 - 2011-09-02 01:35 - 366137344 ____A C:\Users\Wesley\Downloads\Friday.Night.Lights.S02E15.DVDRip.XviD-FoV.avi
2011-09-02 01:11 - 2011-09-02 00:56 - 367846264 ____A C:\Users\Wesley\Downloads\Friday.Night.Lights.S02E05.DVDRip.XviD-FoV.avi
2011-09-02 00:55 - 2011-09-02 00:40 - 366739456 ____A C:\Users\Wesley\Downloads\Friday.Night.Lights.S02E12.DVDRip.XviD-FoV.avi
2011-09-02 00:27 - 2011-09-02 00:12 - 365303808 ____A C:\Users\Wesley\Downloads\Friday.Night.Lights.S02E14.DVDRip.XviD-FoV.avi
2011-09-01 23:54 - 2011-09-01 23:40 - 366372864 ____A C:\Users\Wesley\Downloads\Friday.Night.Lights.S02E10.DVDRip.XviD-FoV.avi
2011-09-01 23:38 - 2011-09-01 23:24 - 366229504 ____A C:\Users\Wesley\Downloads\Friday.Night.Lights.S02E11.DVDRip.XviD-FoV.avi
2011-09-01 19:13 - 2011-09-01 18:58 - 365529088 ____A C:\Users\Wesley\Downloads\Friday.Night.Lights.S02E06.DVDRip.XviD-FoV.avi
2011-09-01 18:57 - 2011-09-01 18:42 - 365398016 ____A C:\Users\Wesley\Downloads\Friday.Night.Lights.S02E08.DVDRip.XviD-FoV.avi
2011-09-01 18:41 - 2011-09-01 18:26 - 365926400 ____A C:\Users\Wesley\Downloads\Friday.Night.Lights.S02E13.DVDRip.XviD-FoV.avi
2011-09-01 18:25 - 2011-09-01 18:10 - 365932544 ____A C:\Users\Wesley\Downloads\Friday.Night.Lights.S02E07.DVDRip.XviD-FoV.avi
2011-09-01 17:28 - 2011-09-01 17:13 - 366366720 ____A C:\Users\Wesley\Downloads\Friday.Night.Lights.S02E04.DVDRip.XviD-FoV.avi
2011-09-01 17:11 - 2011-09-01 16:56 - 364345604 ____A C:\Users\Wesley\Downloads\Friday.Night.Lights.S02E09.DVDRip.XviD-FoV.avi
2011-09-01 04:39 - 2011-04-10 15:49 - 0000000 ____D C:\Program Files (x86)\Mozilla Firefox
2011-09-01 01:19 - 2011-09-01 01:19 - 0581120 ____A (OldTimer Tools) C:\Users\Wesley\Desktop\OTL.exe
2011-09-01 01:15 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\System32\NDF
2011-08-31 01:55 - 2011-08-31 01:12 - 540415028 ____A C:\Users\Wesley\Downloads\0624.mp4
2011-08-30 04:30 - 2011-08-30 04:30 - 13636619 ____A C:\Users\Wesley\My Documents\jimmysfirsthighsessions.wma
2011-08-30 04:30 - 2011-08-30 04:30 - 13636619 ____A C:\Users\Wesley\Documents\jimmysfirsthighsessions.wma
2011-08-28 04:05 - 2011-08-28 04:05 - 0000000 ____D C:\Users\Wesley\My Documents\Dell WebCam Central
2011-08-28 04:05 - 2011-08-28 04:05 - 0000000 ____D C:\Users\Wesley\Documents\Dell WebCam Central
2011-08-28 04:05 - 2011-08-28 04:05 - 0000000 ____D C:\Users\Wesley\Application Data\Creative
2011-08-28 04:05 - 2011-08-28 04:05 - 0000000 ____D C:\Users\Wesley\AppData\Roaming\Creative
2011-08-28 04:05 - 2011-08-28 04:05 - 0000000 ____D C:\Users\All Users\Creative
2011-08-28 04:05 - 2011-08-28 04:05 - 0000000 ____D C:\Users\All Users\Application Data\Creative
2011-08-28 04:05 - 2011-08-28 04:05 - 0000000 ____D C:\ProgramData\Creative
2011-08-26 06:40 - 2011-04-10 16:52 - 0000000 ____D C:\users\Wesley
2011-08-26 06:20 - 2011-08-26 06:20 - 0000407 ____A C:\Users\Wesley\Desktop\Ark.log
2011-08-26 04:43 - 2011-08-26 04:43 - 0005244 ____A C:\Users\Wesley\Desktop\Attach.txt
2011-08-26 04:32 - 2011-08-26 04:32 - 0294216 ____A C:\Users\Wesley\Downloads\gmer.zip
2011-08-26 04:26 - 2011-08-26 04:26 - 0607260 ____R (Swearware) C:\Users\Wesley\Downloads\dds.scr
2011-08-26 04:21 - 2011-08-26 04:21 - 0050477 ____A C:\Users\Wesley\Downloads\Defogger.exe
2011-08-25 23:15 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\rescache
2011-08-24 18:43 - 2011-08-24 18:32 - 0524288 __ASH C:\Windows\System32\config\components{b6ceca9e-cea8-11e0-b920-c0cb38c87515}.TMContainer00000000000000000002.regtrans-ms
2011-08-24 18:32 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\System32\config\TxR
2011-08-24 07:22 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\servicing
2011-08-24 07:21 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\registration
2011-08-24 05:11 - 2009-07-13 23:54 - 0524288 __ASH C:\Windows\System32\config\COMPONENTS{016888b9-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
2011-08-24 05:11 - 2009-07-13 23:54 - 0065536 __ASH C:\Windows\System32\config\COMPONENTS{016888b9-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
2011-08-24 03:17 - 2011-07-03 09:08 - 0000000 ____D C:\Users\Wesley\Desktop\Digital Guitar Tuner
2011-08-24 03:16 - 2011-08-05 19:28 - 0000000 ____D C:\Users\Wesley\My Documents\DragonNest
2011-08-24 03:16 - 2011-08-05 19:28 - 0000000 ____D C:\Users\Wesley\Documents\DragonNest
2011-08-24 03:16 - 2011-07-16 04:34 - 0000000 ____D C:\Users\All Users\PMB Files
2011-08-24 03:16 - 2011-07-16 04:34 - 0000000 ____D C:\Users\All Users\Application Data\PMB Files
2011-08-24 03:16 - 2011-07-16 04:34 - 0000000 ____D C:\ProgramData\PMB Files
2011-08-24 03:16 - 2011-04-10 17:13 - 0000000 ____D C:\Users\All Users\Trend Micro
2011-08-24 03:16 - 2011-04-10 17:13 - 0000000 ____D C:\Users\All Users\Application Data\Trend Micro
2011-08-24 03:16 - 2011-04-10 17:13 - 0000000 ____D C:\ProgramData\Trend Micro
2011-08-24 03:16 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\AppCompat
2011-08-24 03:10 - 2011-08-24 03:09 - 0071304 ____A C:\TDSSKiller.2.5.17.0_24.08.2011_01.09.35_log.txt
2011-08-21 01:47 - 2009-07-13 23:54 - 0524288 __ASH C:\Windows\System32\config\COMPONENTS{016888b9-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
2011-08-17 02:26 - 2011-08-14 01:06 - 0000641 __ASH C:\Windows\SysWOW64\7c4e86d41406P.manifest
2011-08-17 02:26 - 2011-08-14 01:06 - 0000013 __ASH C:\Windows\SysWOW64\7c4e86d41406C.manifest
2011-08-17 02:26 - 2011-08-14 01:06 - 0000011 __ASH C:\Windows\SysWOW64\7c4e86d41406S.manifest
2011-08-17 02:26 - 2011-08-14 01:06 - 0000011 __ASH C:\Windows\SysWOW64\7c4e86d41406O.manifest
2011-08-17 02:26 - 2011-06-07 12:16 - 0000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-08-15 07:30 - 2011-04-11 17:31 - 0000000 ____D C:\Users\Wesley\Local Settings\ElevatedDiagnostics
2011-08-15 07:30 - 2011-04-11 17:31 - 0000000 ____D C:\Users\Wesley\Local Settings\Application Data\ElevatedDiagnostics
2011-08-15 07:30 - 2011-04-11 17:31 - 0000000 ____D C:\Users\Wesley\AppData\Local\ElevatedDiagnostics
2011-08-10 05:09 - 2011-07-13 05:04 - 0000118 ____A C:\Windows\System32\MRT.INI
2011-08-10 05:06 - 2011-04-11 14:51 - 0789932 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2011-08-10 05:06 - 2011-04-10 17:33 - 54065608 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2011-08-09 20:48 - 2011-07-23 18:56 - 0128512 ____A C:\Windows\RegBootClean64.exe
2011-08-05 19:26 - 2011-06-13 19:55 - 0000000 ____D C:\Nexon
2011-08-05 02:47 - 2011-08-05 02:47 - 0000000 ___AH C:\Users\Wesley\Desktop\zdopihgyjv.tmp
2011-08-05 02:44 - 2011-08-05 02:44 - 0000000 ____D C:\Users\Wesley\My Documents\Games
2011-08-05 02:44 - 2011-08-05 02:44 - 0000000 ____D C:\Users\Wesley\Documents\Games
2011-08-04 22:43 - 2011-04-29 19:05 - 0000000 ____D C:\Users\Wesley\Application Data\Skype
2011-08-04 22:43 - 2011-04-29 19:05 - 0000000 ____D C:\Users\Wesley\AppData\Roaming\Skype
2011-08-04 22:21 - 2011-04-29 19:06 - 0000000 ____D C:\Users\All Users\Skype Extras
2011-08-04 22:21 - 2011-04-29 19:06 - 0000000 ____D C:\Users\All Users\Application Data\Skype Extras
2011-08-04 22:21 - 2011-04-29 19:06 - 0000000 ____D C:\ProgramData\Skype Extras
2011-08-04 22:11 - 2011-04-29 19:06 - 0000000 ____D C:\Users\Wesley\Application Data\skypePM
2011-08-04 22:11 - 2011-04-29 19:06 - 0000000 ____D C:\Users\Wesley\AppData\Roaming\skypePM
2011-07-31 16:18 - 2011-05-28 17:42 - 0000000 ____D C:\Program Files (x86)\StarCraft II
2011-07-30 23:44 - 2011-01-08 21:15 - 0000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2011-07-27 01:55 - 2011-07-27 01:51 - 0000000 ____D C:\Program Files (x86)\Sengoku Rance English
2011-07-27 01:51 - 2011-07-27 01:51 - 0000198 ____A C:\Windows\DXError.log
2011-07-27 01:51 - 2011-07-27 01:51 - 0000000 ____D C:\AliceSoft
2011-07-27 01:51 - 2011-01-08 21:46 - 0190658 ____A C:\Windows\DirectX.log
2011-07-25 05:21 - 2011-04-10 16:33 - 0000000 ____D C:\Users\Wesley\My Documents\Heroes of Newerth
2011-07-25 05:21 - 2011-04-10 16:33 - 0000000 ____D C:\Users\Wesley\Documents\Heroes of Newerth
2011-07-24 04:45 - 2011-07-24 04:45 - 0000000 ____A C:\Windows\DCEBOOT.LOG
2011-07-23 18:57 - 2011-07-23 18:57 - 0012800 ____A C:\Windows\DCEBoot64.exe
2011-07-23 18:57 - 2011-07-23 18:57 - 0002388 ____A C:\Windows\DCEBOOT.CFG
2011-07-22 20:12 - 2011-07-22 20:12 - 0000000 ____D C:\Users\Wesley\My Documents\DFO
2011-07-22 20:12 - 2011-07-22 20:12 - 0000000 ____D C:\Users\Wesley\Documents\DFO
2011-07-22 02:31 - 2011-08-09 20:23 - 9007104 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-07-22 01:33 - 2011-08-09 20:23 - 5988864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-07-22 00:22 - 2011-08-09 20:23 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-07-21 23:54 - 2011-08-09 20:23 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-07-20 17:49 - 2009-07-14 00:08 - 0032568 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2011-07-17 02:25 - 2011-07-17 02:25 - 0000056 ____A C:\Windows\kgt2k.INI
2011-07-17 00:03 - 2011-07-17 00:03 - 0000000 ____D C:\Users\Wesley\My Documents\AIMLogger
2011-07-17 00:03 - 2011-07-17 00:03 - 0000000 ____D C:\Users\Wesley\Documents\AIMLogger
2011-07-16 20:40 - 2011-07-16 20:18 - 0000000 ____D C:\Users\Wesley\Application Data\NeopleLauncherDFO
2011-07-16 20:40 - 2011-07-16 20:18 - 0000000 ____D C:\Users\Wesley\AppData\Roaming\NeopleLauncherDFO
2011-07-16 20:40 - 2011-04-10 16:52 - 0000000 ____D C:\Users\Wesley\AppData\LocalLow
2011-07-16 07:47 - 2011-06-13 19:53 - 0000000 ____D C:\Users\All Users\NexonUS
2011-07-16 07:47 - 2011-06-13 19:53 - 0000000 ____D C:\Users\All Users\Application Data\NexonUS
2011-07-16 07:47 - 2011-06-13 19:53 - 0000000 ____D C:\ProgramData\NexonUS
2011-07-16 04:32 - 2011-07-16 04:32 - 0001931 ____A C:\Users\Wesley\Desktop\Heroes of Newerth.lnk
2011-07-16 01:35 - 2011-07-16 01:35 - 0000000 ____D C:\Program Files (x86)\Three Rings Design
2011-07-16 00:41 - 2011-08-09 20:23 - 0362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2011-07-16 00:41 - 2011-08-09 20:23 - 0243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2011-07-16 00:41 - 2011-08-09 20:23 - 0013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2011-07-16 00:39 - 2011-08-09 20:23 - 0016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2011-07-16 00:37 - 2011-08-09 20:23 - 1162752 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2011-07-16 00:37 - 2011-08-09 20:23 - 0421888 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2011-07-16 00:21 - 2011-08-09 20:23 - 0006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2011-07-16 00:21 - 2011-08-09 20:23 - 0005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2011-07-16 00:21 - 2011-08-09 20:23 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 00:21 - 2011-08-09 20:23 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-16 00:21 - 2011-08-09 20:23 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-16 00:21 - 2011-08-09 20:23 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2011-07-16 00:21 - 2011-08-09 20:23 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-16 00:21 - 2011-08-09 20:23 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2011-07-16 00:21 - 2011-08-09 20:23 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-16 00:21 - 2011-08-09 20:23 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-16 00:21 - 2011-08-09 20:23 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-16 00:21 - 2011-08-09 20:23 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2011-07-16 00:21 - 2011-08-09 20:23 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2011-07-16 00:21 - 2011-08-09 20:23 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-16 00:21 - 2011-08-09 20:23 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2011-07-16 00:21 - 2011-08-09 20:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 00:21 - 2011-08-09 20:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2011-07-16 00:21 - 2011-08-09 20:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2011-07-16 00:21 - 2011-08-09 20:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2011-07-16 00:21 - 2011-08-09 20:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2011-07-16 00:21 - 2011-08-09 20:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-16 00:21 - 2011-08-09 20:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2011-07-16 00:21 - 2011-08-09 20:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2011-07-16 00:21 - 2011-08-09 20:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-16 00:21 - 2011-08-09 20:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2011-07-16 00:21 - 2011-08-09 20:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2011-07-16 00:21 - 2011-08-09 20:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2011-07-16 00:21 - 2011-08-09 20:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2011-07-15 23:29 - 2011-08-09 20:23 - 0014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2011-07-15 23:25 - 2011-08-09 20:23 - 0025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2011-07-15 23:24 - 2011-08-09 20:23 - 1114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2011-07-15 23:24 - 2011-08-09 20:23 - 0272384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2011-07-15 23:24 - 2011-08-09 20:23 - 0005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2011-07-15 23:15 - 2011-08-09 20:23 - 0005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2011-07-15 23:15 - 2011-08-09 20:23 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-15 23:15 - 2011-08-09 20:23 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-15 23:15 - 2011-08-09 20:23 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-07-15 23:15 - 2011-08-09 20:23 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-07-15 23:15 - 2011-08-09 20:23 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-15 23:15 - 2011-08-09 20:23 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-07-15 23:15 - 2011-08-09 20:23 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-15 23:15 - 2011-08-09 20:23 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-15 23:15 - 2011-08-09 20:23 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-07-15 23:15 - 2011-08-09 20:23 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-15 23:15 - 2011-08-09 20:23 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-15 23:15 - 2011-08-09 20:23 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-07-15 23:15 - 2011-08-09 20:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2011-07-15 23:15 - 2011-08-09 20:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-15 23:15 - 2011-08-09 20:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-07-15 23:15 - 2011-08-09 20:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2011-07-15 23:15 - 2011-08-09 20:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-07-15 23:15 - 2011-08-09 20:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-07-15 23:15 - 2011-08-09 20:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-15 23:15 - 2011-08-09 20:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-07-15 23:15 - 2011-08-09 20:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-07-15 23:15 - 2011-08-09 20:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-07-15 23:15 - 2011-08-09 20:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2011-07-15 21:21 - 2011-08-09 20:23 - 0007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2011-07-15 21:21 - 2011-08-09 20:23 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2011-07-15 21:17 - 2011-08-09 20:23 - 0006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2011-07-15 21:17 - 2011-08-09 20:23 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-15 21:17 - 2011-08-09 20:23 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-07-15 21:17 - 2011-08-09 20:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2011-07-15 20:39 - 2011-07-14 03:43 - 0000000 ____D C:\Program Files (x86)\Project64 1.6
2011-07-15 20:38 - 2011-04-10 16:55 - 0000402 __ASH C:\Users\Wesley\My Documents\desktop.ini
2011-07-15 20:38 - 2011-04-10 16:55 - 0000174 ___SH C:\Users\Wesley\Start Menu\Programs\Startup\desktop.ini
2011-07-15 20:38 - 2011-04-10 16:55 - 0000174 ___SH C:\Users\Wesley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
2011-07-15 20:32 - 2011-01-08 22:14 - 0000000 ____D C:\Program Files\Windows Journal
2011-07-15 20:32 - 2009-07-14 00:32 - 0000000 ____D C:\Program Files\Windows Sidebar
2011-07-15 20:32 - 2009-07-14 00:32 - 0000000 ____D C:\Program Files\Windows Portable Devices
2011-07-15 20:32 - 2009-07-14 00:32 - 0000000 ____D C:\Program Files\Windows Photo Viewer
2011-07-15 20:32 - 2009-07-14 00:32 - 0000000 ____D C:\Program Files\Windows Defender
2011-07-15 20:32 - 2009-07-14 00:32 - 0000000 ____D C:\Program Files\DVD Maker
2011-07-15 20:32 - 2009-07-14 00:32 - 0000000 ____D C:\Program Files (x86)\Windows Sidebar
2011-07-15 20:32 - 2009-07-14 00:32 - 0000000 ____D C:\Program Files (x86)\Windows Portable Devices
2011-07-15 20:32 - 2009-07-14 00:32 - 0000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2011-07-15 20:32 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\SysWOW64\sppui
2011-07-15 20:32 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\SysWOW64\Setup
2011-07-15 20:32 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\SysWOW64\oobe
2011-07-15 20:32 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\SysWOW64\migwiz
2011-07-15 20:32 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\SysWOW64\manifeststore
2011-07-15 20:32 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\SysWOW64\es-ES
2011-07-15 20:32 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\SysWOW64\Dism
2011-07-15 20:32 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\SysWOW64\da-DK
2011-07-15 20:32 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\SysWOW64\cs-CZ
2011-07-15 20:32 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2011-07-15 20:31 - 2009-07-13 22:20 - 0000000 ___AD C:\Windows\System32\oobe
2011-07-15 20:31 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\System32\sppui
2011-07-15 20:31 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\System32\Setup
2011-07-15 20:31 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\System32\migwiz
2011-07-15 20:31 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\System32\manifeststore
2011-07-15 20:31 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\System32\es-ES
2011-07-15 20:31 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\System32\Dism
2011-07-15 20:31 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\System32\da-DK
2011-07-15 20:31 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\System32\cs-CZ
2011-07-15 20:31 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\System32\AdvancedInstallers
2011-07-15 20:31 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\PolicyDefinitions
2011-07-15 18:19 - 2011-07-12 15:46 - 0004651 ____A C:\Windows\IE9_main.log
2011-07-15 18:14 - 2009-07-13 21:36 - 0175616 ____A (Microsoft Corporation) C:\Windows\System32\msclmd.dll
2011-07-15 18:14 - 2009-07-13 21:36 - 0152576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2011-07-15 18:09 - 2011-07-15 18:09 - 0000000 ____A C:\Windows\setuperr.log
2011-07-15 18:05 - 2011-07-15 18:05 - 0000000 ____D C:\Windows\System32\SPReview
2011-07-14 23:39 - 2011-07-14 23:39 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2011-07-14 23:38 - 2011-07-14 23:38 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_xusb21_01007.Wdf
2011-07-13 02:50 - 2011-06-27 03:02 - 0002941 __ASH C:\Windows\SysWOW64\7c4e86d41356P.manifest
2011-07-13 02:50 - 2011-06-27 03:02 - 0000013 __ASH C:\Windows\SysWOW64\7c4e86d41356C.manifest
2011-07-13 02:50 - 2011-06-27 03:02 - 0000011 __ASH C:\Windows\SysWOW64\7c4e86d41356S.manifest
2011-07-13 02:50 - 2011-06-27 03:02 - 0000011 __ASH C:\Windows\SysWOW64\7c4e86d41356O.manifest
2011-07-13 02:47 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\TAPI
2011-07-13 02:47 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\SysWOW64\Speech
2011-07-13 02:47 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\SysWOW64\MUI
2011-07-13 02:47 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\System32\sysprep
2011-07-13 02:47 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\System32\spp
2011-07-13 02:47 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\System32\Speech
2011-07-13 02:47 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\System32\MUI
2011-07-13 02:47 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\security
2011-07-13 02:46 - 2011-07-12 15:37 - 0000000 ____D C:\Windows\System32\EventProviders
2011-07-13 02:46 - 2011-07-10 12:33 - 0000000 ____D C:\Users\Wesley\My Documents\GTA San Andreas User Files
2011-07-13 02:46 - 2011-07-10 12:33 - 0000000 ____D C:\Users\Wesley\Documents\GTA San Andreas User Files
2011-07-13 02:46 - 2009-07-13 22:20 - 0000000 ____D C:\Program Files\Common Files\Microsoft Shared
2011-07-12 15:31 - 2011-07-10 04:21 - 0020263 ____A C:\Users\Wesley\Application Data\6262.1EA
2011-07-12 15:31 - 2011-07-10 04:21 - 0020263 ____A C:\Users\Wesley\AppData\Roaming\6262.1EA
2011-07-09 00:26 - 2011-08-24 18:35 - 0002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2011-07-08 23:29 - 2011-08-24 18:35 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2011-07-08 21:46 - 2011-08-09 20:23 - 0288768 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2011-07-06 21:52 - 2011-06-07 12:16 - 0041272 ____A (Malwarebytes Corporation) C:\Windows\SysWOW64\Drivers\mbamswissarmy.sys
2011-07-06 21:52 - 2011-06-07 12:16 - 0025912 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2011-07-06 19:00 - 2011-07-06 18:55 - 0000000 ____D C:\Users\Wesley\Application Data\BoneTown
2011-07-06 19:00 - 2011-07-06 18:55 - 0000000 ____D C:\Users\Wesley\AppData\Roaming\BoneTown
2011-07-06 15:54 - 2011-07-06 15:53 - 0002016 ____A C:\Users\Public\Desktop\Adobe Reader 9.lnk
2011-07-06 15:54 - 2011-07-06 15:53 - 0002016 ____A C:\Users\All Users\Desktop\Adobe Reader 9.lnk
2011-07-06 15:53 - 2011-04-11 01:16 - 0000000 ____D C:\Users\Wesley\Local Settings\Application Data\Adobe
2011-07-06 15:53 - 2011-04-11 01:16 - 0000000 ____D C:\Users\Wesley\Local Settings\Adobe
2011-07-06 15:53 - 2011-04-11 01:16 - 0000000 ____D C:\Users\Wesley\AppData\Local\Adobe
2011-07-06 15:53 - 2011-01-08 21:25 - 0000000 ____D C:\Users\All Users\Application Data\Adobe
2011-07-06 15:53 - 2011-01-08 21:25 - 0000000 ____D C:\Users\All Users\Adobe
2011-07-06 15:53 - 2011-01-08 21:25 - 0000000 ____D C:\ProgramData\Adobe
2011-07-06 07:41 - 2011-07-06 07:38 - 0000000 ____D C:\Program Files (x86)\BoneTown
2011-07-06 05:21 - 2011-07-03 08:35 - 0000040 ____A C:\Users\All Users\Application Data\2cce81d3
2011-07-06 05:21 - 2011-07-03 08:35 - 0000040 ____A C:\Users\All Users\2cce81d3
2011-07-06 05:21 - 2011-07-03 08:35 - 0000040 ____A C:\ProgramData\2cce81d3
2011-07-05 22:05 - 2011-07-05 22:05 - 0000000 __SHD C:\Users\All Users\DSS
2011-07-05 22:05 - 2011-07-05 22:05 - 0000000 __SHD C:\Users\All Users\Application Data\DSS
2011-07-05 22:05 - 2011-07-05 22:05 - 0000000 __SHD C:\ProgramData\DSS
2011-07-05 21:38 - 2011-07-05 21:38 - 0000000 ____D C:\Users\Wesley\Application Data\Lionhead Studios
2011-07-05 21:38 - 2011-07-05 21:38 - 0000000 ____D C:\Users\Wesley\AppData\Roaming\Lionhead Studios
2011-07-05 05:14 - 2009-07-13 22:18 - 0000000 __SHD C:\$Recycle.Bin
2011-07-03 09:43 - 2011-07-03 09:42 - 0000000 ____D C:\Users\Wesley\Application Data\Apple Computer
2011-07-03 09:43 - 2011-07-03 09:42 - 0000000 ____D C:\Users\Wesley\AppData\Roaming\Apple Computer
2011-07-03 09:42 - 2011-07-03 09:42 - 0001785 ____A C:\Users\Wesley\Downloads\iTunes.lnk
2011-07-03 09:42 - 2011-07-03 09:42 - 0000000 ____D C:\Users\Wesley\Local Settings\Application Data\Apple Computer
2011-07-03 09:42 - 2011-07-03 09:42 - 0000000 ____D C:\Users\Wesley\Local Settings\Apple Computer
2011-07-03 09:42 - 2011-07-03 09:42 - 0000000 ____D C:\Users\Wesley\AppData\Local\Apple Computer
2011-07-03 09:42 - 2011-07-03 09:42 - 0000000 ____D C:\Users\All Users\Application Data\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2011-07-03 09:42 - 2011-07-03 09:42 - 0000000 ____D C:\Users\All Users\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2011-07-03 09:42 - 2011-07-03 09:42 - 0000000 ____D C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2011-07-03 09:42 - 2011-07-03 09:42 - 0000000 ____D C:\Program Files\iTunes
2011-07-03 09:42 - 2011-07-03 09:42 - 0000000 ____D C:\Program Files\iPod
2011-07-03 09:42 - 2011-07-03 09:42 - 0000000 ____D C:\Program Files (x86)\iTunes
2011-07-03 09:42 - 2011-07-03 09:41 - 0000000 ____D C:\Users\All Users\Application Data\Apple Computer
2011-07-03 09:42 - 2011-07-03 09:41 - 0000000 ____D C:\Users\All Users\Apple Computer
2011-07-03 09:42 - 2011-07-03 09:41 - 0000000 ____D C:\ProgramData\Apple Computer
2011-07-03 09:41 - 2011-07-03 09:41 - 0001847 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2011-07-03 09:41 - 2011-07-03 09:41 - 0001847 ____A C:\Users\All Users\Desktop\QuickTime Player.lnk
2011-07-03 09:41 - 2011-07-03 09:41 - 0000000 ____D C:\Users\Wesley\Local Settings\Application Data\Apple
2011-07-03 09:41 - 2011-07-03 09:41 - 0000000 ____D C:\Users\Wesley\Local Settings\Apple
2011-07-03 09:41 - 2011-07-03 09:41 - 0000000 ____D C:\Users\Wesley\AppData\Local\Apple
2011-07-03 09:41 - 2011-07-03 09:41 - 0000000 ____D C:\Program Files\Common Files\Apple
2011-07-03 09:41 - 2011-07-03 09:41 - 0000000 ____D C:\Program Files (x86)\QuickTime
2011-07-03 09:41 - 2011-07-03 09:41 - 0000000 ____D C:\Program Files (x86)\Apple Software Update
2011-07-03 09:40 - 2011-07-03 09:40 - 0000000 ____D C:\Users\All Users\Application Data\Apple
2011-07-03 09:40 - 2011-07-03 09:40 - 0000000 ____D C:\Users\All Users\Apple
2011-07-03 09:40 - 2011-07-03 09:40 - 0000000 ____D C:\ProgramData\Apple
2011-07-03 09:40 - 2011-07-03 09:40 - 0000000 ____D C:\Program Files\Bonjour
2011-07-03 09:40 - 2011-07-03 09:40 - 0000000 ____D C:\Program Files (x86)\Bonjour
2011-07-03 09:10 - 2011-07-03 09:08 - 0000000 ____D C:\Program Files (x86)\Digital Guitar Tuner
2011-07-03 02:40 - 2011-07-03 02:40 - 0000000 ____D C:\Game
2011-06-28 00:35 - 2011-06-28 00:35 - 0000000 ____D C:\Users\Wesley\My Documents\Rockstar Games
2011-06-28 00:35 - 2011-06-28 00:35 - 0000000 ____D C:\Users\Wesley\Documents\Rockstar Games
2011-06-27 23:17 - 2011-06-27 23:17 - 0000000 ____D C:\Users\Wesley\My Documents\Games for Windows - LIVE Demos
2011-06-27 23:17 - 2011-06-27 23:17 - 0000000 ____D C:\Users\Wesley\Documents\Games for Windows - LIVE Demos
2011-06-27 23:02 - 2011-06-27 23:02 - 0000000 __SHD C:\Users\All Users\SecuROM
2011-06-27 23:02 - 2011-06-27 23:02 - 0000000 __SHD C:\Users\All Users\Application Data\SecuROM
2011-06-27 23:02 - 2011-06-27 23:02 - 0000000 __SHD C:\ProgramData\SecuROM
2011-06-27 23:02 - 2011-06-26 04:24 - 0000000 ____D C:\Users\Wesley\Local Settings\Rockstar Games
2011-06-27 23:02 - 2011-06-26 04:24 - 0000000 ____D C:\Users\Wesley\Local Settings\Application Data\Rockstar Games
2011-06-27 23:02 - 2011-06-26 04:24 - 0000000 ____D C:\Users\Wesley\AppData\Local\Rockstar Games
2011-06-27 05:01 - 2011-06-26 04:23 - 0000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2011-06-26 04:24 - 2011-06-26 04:24 - 0178800 ____A (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll
2011-06-26 04:24 - 2011-06-26 04:24 - 0000000 __RHD C:\Users\Wesley\Application Data\SecuROM
2011-06-26 04:24 - 2011-06-26 04:24 - 0000000 __RHD C:\Users\Wesley\AppData\Roaming\SecuROM
2011-06-26 04:23 - 2011-06-26 04:23 - 0000000 ____D C:\Windows\SysWOW64\xlive
2011-06-25 04:58 - 2011-06-25 04:13 - 0281656 ____A C:\Windows\SysWOW64\PnkBstrB.xtr
2011-06-25 04:58 - 2011-06-25 03:31 - 0281656 ____A C:\Windows\SysWOW64\PnkBstrB.exe
2011-06-25 04:57 - 2011-06-25 03:31 - 0281200 ____A C:\Windows\SysWOW64\PnkBstrB.ex0
2011-06-25 04:13 - 2011-06-25 04:13 - 0000000 ____D C:\Users\Wesley\Local Settings\PunkBuster
2011-06-25 04:13 - 2011-06-25 04:13 - 0000000 ____D C:\Users\Wesley\Local Settings\Application Data\PunkBuster
2011-06-25 04:13 - 2011-06-25 04:13 - 0000000 ____D C:\Users\Wesley\AppData\Local\PunkBuster
2011-06-25 03:31 - 2011-06-25 03:31 - 0075136 ____A C:\Windows\SysWOW64\PnkBstrA.exe
2011-06-25 03:30 - 2011-06-25 03:30 - 0000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2011-06-25 02:58 - 2011-06-25 00:29 - 0000000 ____D C:\Program Files (x86)\GamersFirst
2011-06-25 02:51 - 2011-06-25 00:33 - 77683512 ____A (K2 Network, Inc.) C:\Users\Wesley\APB_Reloaded_Installer.exe
2011-06-25 02:51 - 2011-06-25 00:33 - 3805508496 ____A C:\Users\Wesley\Client1.5.0.562750.7z
2011-06-24 00:34 - 2011-08-09 20:23 - 0214528 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2011-06-24 00:25 - 2011-08-09 20:23 - 0338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2011-06-23 00:43 - 2011-08-09 20:23 - 5561216 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2011-06-22 23:33 - 2011-08-09 20:23 - 3967872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2011-06-22 23:33 - 2011-08-09 20:23 - 3912576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2011-06-21 01:34 - 2011-08-09 20:23 - 1923968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2011-06-21 01:20 - 2011-08-09 20:23 - 1492992 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-06-21 01:20 - 2011-08-09 20:23 - 1188864 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-06-21 01:20 - 2011-08-09 20:23 - 0134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2011-06-21 01:19 - 2011-08-09 20:23 - 0702464 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-06-21 01:19 - 2011-08-09 20:23 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-06-21 01:18 - 2011-08-09 20:23 - 2454528 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-06-21 01:18 - 2011-08-09 20:23 - 12262400 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-06-21 01:18 - 2011-08-09 20:23 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-06-21 01:18 - 2011-08-09 20:23 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-06-21 00:28 - 2011-08-09 20:23 - 1231360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-06-21 00:28 - 2011-08-09 20:23 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-06-21 00:28 - 2011-08-09 20:23 - 0132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2011-06-21 00:26 - 2011-08-09 20:23 - 2073600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-06-21 00:26 - 2011-08-09 20:23 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-06-21 00:26 - 2011-08-09 20:23 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-06-21 00:26 - 2011-08-09 20:23 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-06-21 00:26 - 2011-08-09 20:23 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-06-21 00:25 - 2011-08-09 20:23 - 10991104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-06-17 05:39 - 2011-06-17 03:23 - 0000000 ____D C:\Users\Wesley\Application Data\vlc
2011-06-17 05:39 - 2011-06-17 03:23 - 0000000 ____D C:\Users\Wesley\AppData\Roaming\vlc
2011-06-17 03:23 - 2011-06-17 03:23 - 0001072 ____A C:\Users\Public\Desktop\VLC media player.lnk
2011-06-17 03:23 - 2011-06-17 03:23 - 0001072 ____A C:\Users\All Users\Desktop\VLC media player.lnk
2011-06-17 03:23 - 2011-06-17 03:23 - 0000000 ____D C:\Program Files (x86)\VideoLAN
2011-06-16 17:54 - 2011-06-16 17:54 - 0000919 ____A C:\Users\Public\Desktop\Steam.lnk
2011-06-16 17:54 - 2011-06-16 17:54 - 0000919 ____A C:\Users\All Users\Desktop\Steam.lnk
2011-06-16 17:28 - 2011-01-08 21:45 - 0000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2011-06-16 00:49 - 2011-08-09 20:24 - 0199680 ____A (Microsoft Corporation) C:\Windows\System32\xmllite.dll
2011-06-15 23:33 - 2011-08-09 20:24 - 0180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2011-06-15 23:11 - 2011-06-12 04:38 - 0000000 ____D C:\Users\Wesley\Application Data\DivX
2011-06-15 23:11 - 2011-06-12 04:38 - 0000000 ____D C:\Users\Wesley\AppData\Roaming\DivX
2011-06-15 05:02 - 2011-08-09 20:24 - 0212992 ____A (Microsoft Corporation) C:\Windows\System32\odbctrac.dll
2011-06-15 05:02 - 2011-08-09 20:24 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\odbccp32.dll
2011-06-15 05:02 - 2011-08-09 20:24 - 0106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccu32.dll
2011-06-15 05:02 - 2011-08-09 20:24 - 0106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccr32.dll
2011-06-15 03:55 - 2011-08-09 20:24 - 0319488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2011-06-15 03:55 - 2011-08-09 20:24 - 0163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2011-06-15 03:55 - 2011-08-09 20:24 - 0122880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2011-06-15 03:55 - 2011-08-09 20:24 - 0086016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2011-06-15 03:55 - 2011-08-09 20:24 - 0081920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2011-06-14 01:17 - 2011-06-14 01:15 - 2334757 ____A () C:\Users\Wesley\Desktop\unitRoll.exe
2011-06-13 22:03 - 2011-04-27 14:07 - 0001070 ____A C:\Users\Public\Desktop\World of Warcraft.lnk
2011-06-13 22:03 - 2011-04-27 14:07 - 0001070 ____A C:\Users\All Users\Desktop\World of Warcraft.lnk
2011-06-13 22:03 - 2011-04-27 14:07 - 0000000 ____D C:\Program Files (x86)\World of Warcraft
2011-06-13 20:29 - 2011-06-13 20:29 - 0000000 ____D C:\Users\All Users\Nexon
2011-06-13 20:29 - 2011-06-13 20:29 - 0000000 ____D C:\Users\All Users\Application Data\Nexon
2011-06-13 20:29 - 2011-06-13 20:29 - 0000000 ____D C:\ProgramData\Nexon
2011-06-13 20:10 - 2011-06-13 20:10 - 0000000 ____D C:\Users\Wesley\My Documents\Vindictus
2011-06-13 20:10 - 2011-06-13 20:10 - 0000000 ____D C:\Users\Wesley\Documents\Vindictus
2011-06-13 19:56 - 2011-06-13 19:56 - 0000000 ____D C:\Program Files (x86)\BandiMPEG1
2011-06-13 03:00 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\LiveKernelReports
2011-06-13 02:13 - 2011-06-13 02:13 - 0000000 ____D C:\Program Files (x86)\Enterbrain
2011-06-13 02:08 - 2011-06-13 02:08 - 0000000 ____D C:\Users\All Users\Electronic Arts
2011-06-13 02:08 - 2011-06-13 02:08 - 0000000 ____D C:\Users\All Users\EA Core
2011-06-13 02:08 - 2011-06-13 02:08 - 0000000 ____D C:\Users\All Users\Application Data\Electronic Arts
2011-06-13 02:08 - 2011-06-13 02:08 - 0000000 ____D C:\Users\All Users\Application Data\EA Core
2011-06-13 02:08 - 2011-06-13 02:08 - 0000000 ____D C:\ProgramData\Electronic Arts
2011-06-13 02:08 - 2011-06-13 02:08 - 0000000 ____D C:\ProgramData\EA Core
2011-06-12 20:03 - 2011-06-12 20:03 - 0000000 ____D C:\Users\Wesley\Application Data\LolClient
2011-06-12 20:03 - 2011-06-12 20:03 - 0000000 ____D C:\Users\Wesley\AppData\Roaming\LolClient
2011-06-12 18:23 - 2011-06-12 18:23 - 0000000 ____D C:\Windows\Riot Games
2011-06-12 18:03 - 2011-06-12 18:03 - 0000000 ____D C:\Users\Wesley\My Documents\SIMS 3 ORGINIAL
2011-06-12 18:03 - 2011-06-12 18:03 - 0000000 ____D C:\Users\Wesley\Documents\SIMS 3 ORGINIAL
2011-06-12 17:55 - 2011-06-12 17:55 - 0000000 ____D C:\Program Files (x86)\Pando Networks
2011-06-12 06:21 - 2011-06-12 06:21 - 0000000 ____D C:\Program Files (x86)\Microsoft WSE
2011-06-12 06:15 - 2011-06-12 06:14 - 0000000 ____D C:\Users\Wesley\Application Data\DAEMON Tools Lite
2011-06-12 06:15 - 2011-06-12 06:14 - 0000000 ____D C:\Users\Wesley\AppData\Roaming\DAEMON Tools Lite
2011-06-12 06:15 - 2011-06-12 06:14 - 0000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2011-06-12 06:14 - 2011-06-12 06:14 - 0254528 ____A (DT Soft Ltd) C:\Windows\System32\Drivers\dtsoftbus01.sys
2011-06-12 06:14 - 2011-06-12 06:14 - 0000000 ____D C:\Users\All Users\DAEMON Tools Lite
2011-06-12 06:14 - 2011-06-12 06:14 - 0000000 ____D C:\Users\All Users\Application Data\DAEMON Tools Lite
2011-06-12 06:14 - 2011-06-12 06:14 - 0000000 ____D C:\ProgramData\DAEMON Tools Lite
2011-06-12 06:14 - 2011-06-12 06:14 - 0000000 ____D C:\Program Files (x86)\DAEMON Tools Toolbar
2011-06-12 04:39 - 2011-06-12 04:39 - 0000000 ____D C:\Users\Wesley\Local Settings\DDMSettings
2011-06-12 04:39 - 2011-06-12 04:39 - 0000000 ____D C:\Users\Wesley\Local Settings\Application Data\DDMSettings
2011-06-12 04:39 - 2011-06-12 04:39 - 0000000 ____D C:\Users\Wesley\AppData\Local\DDMSettings
2011-06-12 04:39 - 2011-06-12 04:35 - 0000000 ____D C:\Users\Wesley\Local Settings\Google
2011-06-12 04:39 - 2011-06-12 04:35 - 0000000 ____D C:\Users\Wesley\Local Settings\Application Data\Google
2011-06-12 04:39 - 2011-06-12 04:35 - 0000000 ____D C:\Users\Wesley\AppData\Local\Google
2011-06-12 04:38 - 2011-06-12 04:35 - 0000000 ____D C:\Program Files (x86)\DivX
2011-06-12 04:38 - 2011-06-12 04:30 - 0000000 ____D C:\Users\All Users\DivX
2011-06-12 04:38 - 2011-06-12 04:30 - 0000000 ____D C:\Users\All Users\Application Data\DivX
2011-06-12 04:38 - 2011-06-12 04:30 - 0000000 ____D C:\ProgramData\DivX
2011-06-12 04:37 - 2011-06-12 04:37 - 0000000 ____D C:\Program Files\DivX
2011-06-12 04:36 - 2011-06-12 04:35 - 0000000 ____D C:\Program Files (x86)\Google
2011-06-10 22:07 - 2011-07-13 02:56 - 3137536 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-06-09 19:02 - 2011-04-11 14:52 - 0000000 ____D C:\Users\Wesley\Application Data\SoftGrid Client
2011-06-09 19:02 - 2011-04-11 14:52 - 0000000 ____D C:\Users\Wesley\AppData\Roaming\SoftGrid Client
2011-06-07 12:16 - 2011-06-07 12:16 - 0000000 ____D C:\Users\Wesley\Application Data\Malwarebytes
2011-06-07 12:16 - 2011-06-07 12:16 - 0000000 ____D C:\Users\Wesley\AppData\Roaming\Malwarebytes
2011-06-07 12:16 - 2011-06-07 12:16 - 0000000 ____D C:\Users\All Users\Malwarebytes
2011-06-07 12:16 - 2011-06-07 12:16 - 0000000 ____D C:\Users\All Users\Application Data\Malwarebytes
2011-06-07 12:16 - 2011-06-07 12:16 - 0000000 ____D C:\ProgramData\Malwarebytes
2011-06-07 12:05 - 2011-01-08 21:24 - 0000000 ____D C:\Windows\SysWOW64\Macromed
2011-06-07 12:04 - 2011-04-12 01:53 - 0000000 __RHD C:\MSOCache
2011-06-07 11:59 - 2011-06-07 11:48 - 0011728 __ASH C:\Users\Wesley\Local Settings\qf7j006i307x31d2eq0db61ygjdt21e46428472a
2011-06-07 11:59 - 2011-06-07 11:48 - 0011728 __ASH C:\Users\Wesley\Local Settings\Application Data\qf7j006i307x31d2eq0db61ygjdt21e46428472a
2011-06-07 11:59 - 2011-06-07 11:48 - 0011728 __ASH C:\Users\Wesley\AppData\Local\qf7j006i307x31d2eq0db61ygjdt21e46428472a
2011-06-07 11:59 - 2011-06-07 11:48 - 0011728 __ASH C:\Users\All Users\qf7j006i307x31d2eq0db61ygjdt21e46428472a
2011-06-07 11:59 - 2011-06-07 11:48 - 0011728 __ASH C:\Users\All Users\Application Data\qf7j006i307x31d2eq0db61ygjdt21e46428472a
2011-06-07 11:59 - 2011-06-07 11:48 - 0011728 __ASH C:\ProgramData\qf7j006i307x31d2eq0db61ygjdt21e46428472a
2011-06-07 11:47 - 2011-06-07 11:47 - 0000000 ____D C:\Windows\Sun

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

========================= Memory info ======================

Percentage of memory in use: 10%
Total physical RAM: 7990.68 MB
Available physical RAM: 7117.45 MB
Total Pagefile: 7988.83 MB
Available Pagefile: 7106.27 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: (OS) (Fixed) (Total:683.89 GB) (Free:440.99 GB) NTFS
2 Drive d: (Recovery) (Fixed) (Total:14.65 GB) (Free:8.72 GB) NTFS
3 Drive f: (SANDISK) (Removable) (Total:7.46 GB) (Free:5.76 GB) FAT32
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==========================================================

Last Boot: 2011-09-03 07:41

======================= End Of Log ==========================

#15 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,708 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:02:28 PM

Posted 04 September 2011 - 04:46 PM

Are you using any p2p software. If yes please uninstall it until we are done.

  • Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it on the flashdrive as fixlist.txt

    start
    cmd: bootrec /FixMbr
    Control: 
    end
    

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    On Vista or Windows 7: Now please enter System Recovery Options.
    On Windows XP: Now please boot into the BartPE CD.
    Run FRST and press the Fix button just once and wait.
    The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.
  • Open your Malwarebytes' Anti-Malware.
    • First update it, to do that under the Update tab press "Check for Updates".
    • Under Scanner tab select "Perform Quick Scan", then click Scan.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked, and click Remove Selected.
    • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    • Copy&Paste the MBAM log.
    Extra Note:
    If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

  • Please update me on the current condition of your computer.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users