Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Rootkit.ZeroAccess!


  • This topic is locked This topic is locked
31 replies to this topic

#1 Cody_Arc

Cody_Arc

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:27 AM

Posted 30 December 2011 - 09:52 PM

I ran combofix and when it was scanning it said "You are infected with Rootkit.ZeroAccess! It has inserted itself into the tcp/ip stack." It then says it needs to reboot because it detected rootkit activity. After it got done I couldn't get internet, so I ran combofix again and I still get no internet. My internet connection says "Wireless Network Connection" doesn't have a valid IP configuration.

I've already tried resetting the modem and turning it off and back on.

Any help on this would be really appreciated.

Here's this: DDS

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_07
Run by BBY at 21:27:22 on 2011-12-30
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2046.1169 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\PnkBstrA.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\stacsv.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\WUDFHost.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\VAIO PC Wireless LAN Wizard\AutoLaunchWLASU.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Users\BBY\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\ArcSoft\Magic-i Visual Effects\Magic-i Visual Effects.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\REGSVR32.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.facebook.com/
uInternet Settings,ProxyOverride = *.local
mURLSearchHooks: H - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~3\office14\URLREDIR.DLL
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [ehTray.exe] "c:\windows\ehome\ehTray.exe"
uRun: [Steam] "c:\program files\steam\Steam.exe" -silent
uRun: [Facebook Update] "c:\users\bby\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Skytel] Skytel.exe
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [AppMon Utility] "c:\program files\sony\appmonutil\AppMonUtility.exe" @@@Start
mRun: [HP Software Update] "c:\program files\hp\hp software update\HPWuSchd2.exe"
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [ISBMgr.exe] "c:\program files\sony\isb utility\ISBMgr.exe"
mRun: [VAIOSurvey] "c:\program files\sony\vaio survey\Vista VAIO Survey.exe"
mRun: [VWLASU] "c:\program files\sony\vaio pc wireless lan wizard\AutoLaunchWLASU.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\magic-~1.lnk - c:\program files\arcsoft\magic-i visual effects\Magic-i Visual Effects.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
Trusted Zone: corel.com
Trusted Zone: corel.com\www
Trusted Zone: intervideo.com
Trusted Zone: intervideo.com\www
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
TCP: Interfaces\{277E3FE6-F44A-473C-B5F1-0F38683D56A1}\4586560235D69647867237 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{277E3FE6-F44A-473C-B5F1-0F38683D56A1}\F4E45502355636572756 : DhcpNameServer = 140.228.10.5 140.228.10.6
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: VESWinlogon - VESWinlogon.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\bby\appdata\roaming\mozilla\firefox\profiles\45se46my.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=
FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll
FF - plugin: c:\progra~1\micros~3\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - plugin: c:\programdata\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\users\bby\appdata\local\facebook\video\skype\npFacebookVideoCalling.dll
.
============= SERVICES / DRIVERS ===============
.
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-4-18 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-11-2 29584]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-4-18 243024]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
R2 DisplayLinkService;DisplayLinkManager;c:\program files\displaylink core software\DisplayLinkManager.exe [2010-7-31 5199208]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032]
R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\sony\vcm intelligent analyzing manager\VcmIAlzMgr.exe [2007-9-4 292152]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-9-10 24652]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\drivers\ArcSoftKsUFilter.sys [2009-3-3 16640]
R3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\system32\drivers\R5U870FLx86.sys [2007-9-4 73472]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\system32\drivers\R5U870FUx86.sys [2007-9-4 43904]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2007-8-3 9344]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-9-4 812544]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-7-13 311296]
S0 dlkmdldr;dlkmdldr;c:\windows\system32\drivers\dlkmdldr.sys [2008-12-7 13424]
S2 avg9wd;AVG Free WatchDog;"c:\program files\avg\avg9\avgwdsvc.exe" --> c:\program files\avg\avg9\avgwdsvc.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-12-1 366152]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg9\toolbar\toolbarbroker.exe --> c:\program files\avg\avg9\toolbar\ToolbarBroker.exe [?]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 dlkmd;dlkmd;c:\windows\system32\drivers\dlkmd.sys [2008-12-7 287856]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024]
S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2011-3-8 15872]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-3-8 52224]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\sony\vaio media integrated server\UCLS.exe [2007-11-10 745472]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\sony\vaio media integrated server\platform\SV_Httpd.exe [2007-11-10 397312]
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\sony\vaio media integrated server\platform\UPnPFramework.exe [2007-11-10 1089536]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\common files\sony shared\vcmxml\VcmXmlIfHelper.exe [2007-9-4 79736]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-9-18 1343400]
.
=============== Created Last 30 ================
.
2011-12-31 01:54:23 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{e5b59626-7e3f-4f69-9644-05e9cc5c258c}\offreg.dll
2011-12-29 22:38:15 -------- d-sh--w- C:\$RECYCLE.BIN
2011-12-29 22:38:00 -------- d-----w- c:\users\bby\appdata\local\temp
2011-12-29 21:26:41 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-12-29 21:18:09 -------- d-----w- C:\ComboFix
2011-12-29 18:32:33 104448 ----a-w- c:\windows\system32\drivers\pacer.sys
2011-12-28 15:43:02 46080 ----a-w- c:\windows\system32\drivers\ndisuio.sys
2011-12-28 04:58:45 53760 ----a-w- c:\windows\system32\drivers\intelppm.sys
2011-12-28 04:22:58 6823496 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{e5b59626-7e3f-4f69-9644-05e9cc5c258c}\mpengine.dll
2011-12-28 03:37:56 108544 ----a-w- c:\windows\system32\drivers\cdrom.sys
2011-12-28 02:46:35 80896 ----a-w- c:\windows\system32\drivers\i8042prt.sys
2011-12-28 02:33:42 98816 ----a-w- c:\windows\sed.exe
2011-12-28 02:33:42 518144 ----a-w- c:\windows\SWREG.exe
2011-12-28 02:33:42 256000 ----a-w- c:\windows\PEV.exe
2011-12-28 02:33:42 208896 ----a-w- c:\windows\MBR.exe
2011-12-27 16:12:47 -------- d-----w- c:\program files\iPod
2011-12-27 16:06:19 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin7.dll
2011-12-27 16:06:19 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin6.dll
2011-12-27 16:06:19 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin5.dll
2011-12-27 16:06:19 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin4.dll
2011-12-27 16:06:19 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin3.dll
2011-12-27 16:06:19 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin2.dll
2011-12-27 16:06:19 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin.dll
2011-12-14 22:00:01 534528 ----a-w- c:\windows\system32\EncDec.dll
2011-12-14 21:59:55 38912 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-02 20:59:49 -------- d-----w- c:\program files\Bonjour
2011-12-02 20:43:39 6823496 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2011-12-01 18:15:07 -------- d-----w- c:\users\bby\appdata\roaming\Malwarebytes
2011-12-01 18:14:26 -------- d-----w- c:\programdata\Malwarebytes
2011-12-01 18:14:19 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-12-01 18:12:54 703824 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{38e75944-dd8c-440b-97a7-35dc3d38d3c1}\gapaengine.dll
2011-12-01 18:02:24 -------- d-----w- c:\program files\Microsoft Security Client
2011-12-01 17:12:27 1290608 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-12-01 17:12:26 708608 ----a-w- c:\program files\common files\system\wab32.dll
2011-12-01 17:12:25 2341888 ----a-w- c:\windows\system32\win32k.sys
2011-12-01 17:03:23 6668624 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
2011-12-01 17:03:20 6823496 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{d9ceeaaf-cbb4-4712-bea3-290b64e2af38}\mpengine.dll
2011-12-01 16:56:04 -------- d-----w- c:\users\bby\appdata\local\ElevatedDiagnostics
.
==================== Find3M ====================
.
2011-12-10 19:56:38 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-24 19:29:02 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 19:29:02 69632 ----a-w- c:\windows\system32\QuickTime.qts
.
============= FINISH: 21:33:46.10 ===============

BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,730 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:27 AM

Posted 06 January 2012 - 12:05 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/435447 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 Cody_Arc

Cody_Arc
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:27 AM

Posted 09 January 2012 - 05:42 PM

I still need help, also I won't have my Windows CD till Wednesday.

Here's this:
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_07
Run by BBY at 17:24:22 on 2012-01-09
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2046.971 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\PnkBstrA.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\stacsv.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\VAIO PC Wireless LAN Wizard\AutoLaunchWLASU.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Users\BBY\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Motorola Mobility\MotoCast\MotoCast.exe
C:\Windows\system32\conhost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\ArcSoft\Magic-i Visual Effects\Magic-i Visual Effects.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\WerFault.exe
C:\Windows\system32\REGSVR32.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wermgr.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.facebook.com/
uInternet Settings,ProxyOverride = *.local;192.168.*.*
mURLSearchHooks: H - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~3\office14\URLREDIR.DLL
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [ehTray.exe] "c:\windows\ehome\ehTray.exe"
uRun: [Steam] "c:\program files\steam\Steam.exe" -silent
uRun: [Facebook Update] "c:\users\bby\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [MotoCast] "c:\program files\motorola mobility\motocast\MotoLauncher.lnk"
mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Skytel] Skytel.exe
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [AppMon Utility] "c:\program files\sony\appmonutil\AppMonUtility.exe" @@@Start
mRun: [HP Software Update] "c:\program files\hp\hp software update\HPWuSchd2.exe"
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [ISBMgr.exe] "c:\program files\sony\isb utility\ISBMgr.exe"
mRun: [VAIOSurvey] "c:\program files\sony\vaio survey\Vista VAIO Survey.exe"
mRun: [VWLASU] "c:\program files\sony\vaio pc wireless lan wizard\AutoLaunchWLASU.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\magic-~1.lnk - c:\program files\arcsoft\magic-i visual effects\Magic-i Visual Effects.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
Trusted Zone: corel.com
Trusted Zone: corel.com\www
Trusted Zone: intervideo.com
Trusted Zone: intervideo.com\www
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
TCP: Interfaces\{277E3FE6-F44A-473C-B5F1-0F38683D56A1}\4586560235D69647867237 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{277E3FE6-F44A-473C-B5F1-0F38683D56A1}\F4E45502355636572756 : DhcpNameServer = 140.228.10.5 140.228.10.6
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: VESWinlogon - VESWinlogon.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\bby\appdata\roaming\mozilla\firefox\profiles\45se46my.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=
FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll
FF - plugin: c:\progra~1\micros~3\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - plugin: c:\programdata\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\users\bby\appdata\local\facebook\video\skype\npFacebookVideoCalling.dll
.
============= SERVICES / DRIVERS ===============
.
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-4-18 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-11-2 29584]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-4-18 243024]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
R1 MpKslb29fda75;MpKslb29fda75;c:\programdata\microsoft\microsoft antimalware\definition updates\{f4cbe9e2-71ff-4e23-bd2a-0bfae59f5a5a}\MpKslb29fda75.sys [2012-1-9 29904]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\intel\bluetoothhs\BTHSAmpPalService.exe [2011-8-31 948736]
R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;c:\program files\intel\bluetoothhs\BTHSSecurityMgr.exe [2011-6-3 102672]
R2 DeviceMonitorService;DeviceMonitorService;c:\program files\motorola media link\lite\NServiceEntry.exe [2011-9-19 87368]
R2 DisplayLinkService;DisplayLinkManager;c:\program files\displaylink core software\DisplayLinkManager.exe [2010-7-31 5199208]
R2 MotoHelper;MotoHelper Service;c:\program files\motorola\motohelper\MotoHelperService.exe [2011-9-14 218992]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032]
R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\sony\vcm intelligent analyzing manager\VcmIAlzMgr.exe [2007-9-4 292152]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-9-10 24652]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\drivers\AmpPal.sys [2011-8-8 243712]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\drivers\ArcSoftKsUFilter.sys [2009-3-3 16640]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]
R3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\system32\drivers\R5U870FLx86.sys [2007-9-4 73472]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\system32\drivers\R5U870FUx86.sys [2007-9-4 43904]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2007-8-3 9344]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-9-4 812544]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-7-13 311296]
S0 dlkmdldr;dlkmdldr;c:\windows\system32\drivers\dlkmdldr.sys [2008-12-7 13424]
S2 avg9wd;AVG Free WatchDog;"c:\program files\avg\avg9\avgwdsvc.exe" --> c:\program files\avg\avg9\avgwdsvc.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-12-1 366152]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\drivers\AmpPal.sys [2011-8-8 243712]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg9\toolbar\toolbarbroker.exe --> c:\program files\avg\avg9\toolbar\ToolbarBroker.exe [?]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 dlkmd;dlkmd;c:\windows\system32\drivers\dlkmd.sys [2008-12-7 287856]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2011-3-8 15872]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-3-8 52224]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\sony\vaio media integrated server\UCLS.exe [2007-11-10 745472]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\sony\vaio media integrated server\platform\SV_Httpd.exe [2007-11-10 397312]
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\sony\vaio media integrated server\platform\UPnPFramework.exe [2007-11-10 1089536]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\common files\sony shared\vcmxml\VcmXmlIfHelper.exe [2007-9-4 79736]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-9-18 1343400]
.
=============== Created Last 30 ================
.
2012-01-09 21:17:18 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{f4cbe9e2-71ff-4e23-bd2a-0bfae59f5a5a}\MpKslb29fda75.sys
2012-01-09 21:17:14 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{f4cbe9e2-71ff-4e23-bd2a-0bfae59f5a5a}\offreg.dll
2012-01-01 23:30:40 -------- d-----w- c:\users\bby\.gstreamer-0.10
2012-01-01 23:30:14 -------- d-----w- c:\users\bby\appdata\roaming\MotoCast
2012-01-01 23:29:46 -------- d-----w- c:\users\bby\appdata\local\Motorola
2012-01-01 23:29:28 -------- d-----w- c:\program files\common files\MSSoap
2012-01-01 23:29:16 -------- d-----w- c:\programdata\Nero
2012-01-01 23:29:16 -------- d-----w- c:\program files\Motorola Media Link
2012-01-01 23:29:12 -------- d-----w- c:\programdata\Motorola
2012-01-01 23:29:06 -------- d-----w- c:\program files\Motorola Mobility
2012-01-01 23:28:12 -------- d-----w- c:\program files\common files\Motorola Shared
2012-01-01 23:27:17 -------- d-----w- c:\users\bby\appdata\roaming\Motorola
2012-01-01 23:27:17 -------- d-----w- c:\program files\Motorola
2012-01-01 03:15:13 6823496 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{f4cbe9e2-71ff-4e23-bd2a-0bfae59f5a5a}\mpengine.dll
2012-01-01 02:25:09 -------- d-----w- c:\users\bby\appdata\roaming\Intel
2012-01-01 02:24:52 -------- d-----w- c:\users\bby\Roaming
2012-01-01 02:24:52 -------- d-----w- c:\programdata\Roaming
2012-01-01 02:23:20 -------- d-----w- c:\program files\Cisco
2012-01-01 02:23:17 -------- d-----w- c:\program files\common files\Intel
2011-12-29 22:38:15 -------- d-sh--w- C:\$RECYCLE.BIN
2011-12-29 22:38:00 -------- d-----w- c:\users\bby\appdata\local\temp
2011-12-29 21:26:41 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-12-29 21:18:09 -------- d-----w- C:\ComboFix
2011-12-29 18:32:33 104448 ----a-w- c:\windows\system32\drivers\pacer.sys
2011-12-28 15:43:02 46080 ----a-w- c:\windows\system32\drivers\ndisuio.sys
2011-12-28 04:58:45 53760 ----a-w- c:\windows\system32\drivers\intelppm.sys
2011-12-28 03:37:56 108544 ----a-w- c:\windows\system32\drivers\cdrom.sys
2011-12-28 02:46:35 80896 ----a-w- c:\windows\system32\drivers\i8042prt.sys
2011-12-28 02:33:42 98816 ----a-w- c:\windows\sed.exe
2011-12-28 02:33:42 518144 ----a-w- c:\windows\SWREG.exe
2011-12-28 02:33:42 256000 ----a-w- c:\windows\PEV.exe
2011-12-28 02:33:42 208896 ----a-w- c:\windows\MBR.exe
2011-12-27 16:12:47 -------- d-----w- c:\program files\iPod
2011-12-27 16:06:19 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin7.dll
2011-12-27 16:06:19 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin6.dll
2011-12-27 16:06:19 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin5.dll
2011-12-27 16:06:19 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin4.dll
2011-12-27 16:06:19 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin3.dll
2011-12-27 16:06:19 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin2.dll
2011-12-27 16:06:19 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin.dll
2011-12-14 22:00:01 534528 ----a-w- c:\windows\system32\EncDec.dll
2011-12-14 21:59:55 38912 ----a-w- c:\windows\system32\csrsrv.dll
.
==================== Find3M ====================
.
2011-12-10 19:56:38 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-24 19:29:02 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 19:29:02 69632 ----a-w- c:\windows\system32\QuickTime.qts
.
============= FINISH: 17:31:06.34 ===============

#4 ratman

ratman

    Bleepin' gnawing at it!


  • Malware Response Team
  • 1,799 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:11:27 AM

Posted 12 January 2012 - 06:34 AM

Hello Cody_Arc,

My name is ratman and and I will be helping you with your computer problems.

Before we begin, I would like to make a few things clear so that we can fix your problem as efficiently as possible:

  • Be sure to follow all my instructions carefully! If there is anything you don't understand, don't hesitate to ask.
  • Please do not do anything or perform other steps unless I have asked you to do so.
  • Please make sure you post all logs I ask you to, and make sure that the entire log gets posted.

====================================================================================

Backdoor Warning

One or more of the identified infections (ZeroAccess) is a backdoor trojan.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do. If you do decide to proceed, please continue with the fix below.

===================================================================================

I would like to have a look at the log file created when you ran ComboFix. It can be found at:

"C:\Combofix.txt"

I'd also like to see the contents of the following file:

"C:\Qoobox\Add-Remove Programs.txt".

Please copy/paste the contents of these files in your next reply.

====================================================================================

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

In your next reply, please copy/paste the contents of the following:
  • FSS.txt
  • C:\Combofix.txt
  • C:\Qoobox\Add-Remove Programs.txt


Edited by ratman, 12 January 2012 - 08:23 AM.

regards, ratman

a proud member of:
Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM

If I have helped and you would like to show your appreciation you may Posted Image to the cause.



#5 Cody_Arc

Cody_Arc
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:27 AM

Posted 12 January 2012 - 01:09 PM

Thanks for the information ratman!

I'm going to go ahead and reformat and reinstall the OS.

#6 ratman

ratman

    Bleepin' gnawing at it!


  • Malware Response Team
  • 1,799 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:11:27 AM

Posted 12 January 2012 - 07:02 PM

Hi Cody_Arc,

We can clean your machine of current malware but the decision to re-format must rest with you.

If you decide to go ahead and reformat, please note the following:

Reformatting a hard disk deletes all data. You can back up all your important documents, personal data files, photos to a CD or DVD drive, not a flash drive or external hard drive as they may become compromised in the process. The safest practice is not to backup any executable files (*.exe), screensavers (*.scr), autorun (.ini) or script files (.php, .asp, and .html) files because they may be infected by malware. Avoid backing up compressed files (.zip, .cab, .rar) that have executable files inside them as some types of malware can penetrate and infect .exe files within compressed files too. Other types of malware may even disguise itself by adding and hiding its extension to the existing extension of file(s) so be sure you look closely at the full file name. After reformatting, scan the backed up data with your anti-virus prior to to copying it back to your hard drive.

Please can you confirm if you are going to reformat so we may close this topic.
regards, ratman

a proud member of:
Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM

If I have helped and you would like to show your appreciation you may Posted Image to the cause.



#7 Cody_Arc

Cody_Arc
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:27 AM

Posted 12 January 2012 - 09:34 PM

Yes, I'm going to reformat it.

#8 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:27 AM

Posted 13 January 2012 - 10:26 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/

#9 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:27 AM

Posted 16 January 2012 - 08:39 AM

This topic has been re-opened at the request of the person who originally posted.
Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/

#10 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:27 AM

Posted 16 January 2012 - 08:40 AM

Please inform us as to what you have done and what problems you are currently experiencing.

Thanks,
thcbytes
Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/

#11 Cody_Arc

Cody_Arc
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:27 AM

Posted 16 January 2012 - 12:17 PM

Thanks for re-opening it!

I've reformatted twice now in hopes of getting rid of the virus and so far no luck. Currently the virus that I'm having to fight off is the Trojan:DOS/Alureon.E, which I've tried a whole bunch of different scanners and antiviruses like tdsskiller to malwarebytes and those things don't detect the virus. The only program that seems to be able to pick up the virus is Microsoft Security Essentials, but it can't get rid of the virus because it gets an error and tells me to restart the computer to get rid of it. Which after restarting the computer it doesn't get rid of the virus.

#12 ratman

ratman

    Bleepin' gnawing at it!


  • Malware Response Team
  • 1,799 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:11:27 AM

Posted 17 January 2012 - 11:43 AM

Hello Cody_Arc,

I would like you to run Farbar's Recovery Scan Tool to check your MBR.

For this you will need a USB flash drive.

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt[*]In the command window type in notepad and press Enter.[*]The notepad opens. Under File menu select Open.[*]Select "Computer" and find your flash drive letter and close the notepad.[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.[*]The tool will start to run.[*]When the tool opens click Yes to disclaimer.[*]Press Scan button.[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.[/list]
==================================================================================

Next, please download Listparts
Run the tool, click Scan and post the log (Result.txt) it makes

===================================================================================

In your next reply, please copy/paste the contents of the following:
  • FRST.txt
  • Result.txt


regards, ratman

a proud member of:
Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM

If I have helped and you would like to show your appreciation you may Posted Image to the cause.



#13 Cody_Arc

Cody_Arc
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:27 AM

Posted 17 January 2012 - 04:26 PM

Thanks for the help!

Heres FRST.txt log:


Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.3.2
Ran by SYSTEM at 2012-01-17 04:13:25
Running from G:\
Windows 7 Ultimate (X86) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray [460872 2011-12-24] (Malwarebytes Corporation)
HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [997920 2011-06-15] (Microsoft Corporation)
HKLM\...\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe" [2415456 2011-12-03] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" [892768 2012-01-14] ()
Tcpip\Parameters: [DhcpNameServer] 140.228.10.5 140.228.10.6

================================ Services (Whitelisted) ==================

2 AVGIDSAgent; "C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe" [4433248 2011-10-12] (AVG Technologies CZ, s.r.o.)
2 avgwd; "C:\Program Files\AVG\AVG2012\avgwdsvc.exe" [192776 2011-08-02] (AVG Technologies CZ, s.r.o.)
2 MBAMService; "C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe" [652872 2011-12-24] (Malwarebytes Corporation)
2 MsMpSvc; "C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe" [11736 2011-04-27] (Microsoft Corporation)
3 NisSrv; "C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe" [208944 2011-04-27] (Microsoft Corporation)
2 Secunia PSI Agent; "C:\Program Files\Secunia\PSI\PSIA.exe" --start-service [994360 2011-10-13] (Secunia)
2 vToolbarUpdater; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe [869216 2012-01-14] ()

========================== Drivers (Whitelisted) =============

3 AVGIDSDriver; C:\Windows\System32\DRIVERS\AVGIDSDriver.Sys [134736 2011-07-11] (AVG Technologies CZ, s.r.o. )
0 AVGIDSEH; C:\Windows\System32\DRIVERS\AVGIDSEH.Sys [23120 2011-07-11] (AVG Technologies CZ, s.r.o. )
3 AVGIDSFilter; C:\Windows\System32\DRIVERS\AVGIDSFilter.Sys [24272 2011-07-11] (AVG Technologies CZ, s.r.o. )
3 AVGIDSShim; C:\Windows\System32\DRIVERS\AVGIDSShim.Sys [16720 2011-10-04] (AVG Technologies CZ, s.r.o. )
1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [230608 2011-10-07] (AVG Technologies CZ, s.r.o.)
1 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [40016 2011-08-08] (AVG Technologies CZ, s.r.o.)
0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [32592 2011-09-13] (AVG Technologies CZ, s.r.o.)
1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [295248 2011-07-11] (AVG Technologies CZ, s.r.o.)
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [20464 2011-12-10] (Malwarebytes Corporation)
1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [165648 2011-04-18] (Microsoft Corporation)
3 MpNWMon; C:\Windows\System32\DRIVERS\MpNWMon.sys [43392 2011-04-18] (Microsoft Corporation)
3 netw5v32; C:\Windows\System32\DRIVERS\netw5v32.sys [4231168 2009-07-13] (Intel Corporation)
3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [65024 2011-04-27] (Microsoft Corporation)
3 PSI; C:\Windows\System32\DRIVERS\psi_mf.sys [15544 2010-09-01] (Secunia)
3 SFEP; C:\Windows\System32\DRIVERS\SFEP.sys [9344 2007-08-03] (Sony Corporation)
3 SrvHsfHDA; C:\Windows\System32\DRIVERS\VSTAZL3.SYS [207360 2009-07-13] (Conexant Systems, Inc.)
3 SrvHsfV92; C:\Windows\System32\DRIVERS\VSTDPV3.SYS [980992 2009-07-13] (Conexant Systems, Inc.)
3 SrvHsfWinac; C:\Windows\System32\DRIVERS\VSTCNXT3.SYS [661504 2009-07-13] (Conexant Systems, Inc.)
3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [311296 2009-07-13] (Marvell)
3 Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [x]
3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [x]
3 VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [x]

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2012-01-17 04:07 - 2012-01-17 04:07 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2012-01-17 04:05 - 2012-01-17 04:06 - 0859836 ____A C:\Users\Cody\Downloads\FRST.exe
2012-01-15 12:51 - 2012-01-15 12:51 - 0414368 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2012-01-15 12:51 - 2012-01-15 12:51 - 0000000 ____D C:\Windows\System32\Macromed
2012-01-15 12:51 - 2012-01-15 12:51 - 0000000 ____D C:\Users\Cody\AppData\Roaming\Macromedia
2012-01-15 12:51 - 2012-01-15 12:51 - 0000000 ____D C:\Users\Cody\AppData\Roaming\Adobe
2012-01-15 12:26 - 2012-01-15 12:29 - 0079388 ____A C:\TDSSKiller.2.7.1.0_15.01.2012_12.26.59_log.txt
2012-01-15 12:26 - 2012-01-15 12:26 - 1953112 ____A C:\Users\Cody\Downloads\tdsskiller.zip
2012-01-15 12:26 - 2012-01-15 12:26 - 0000000 ____D C:\Users\Cody\Downloads\tdsskiller
2012-01-15 11:51 - 2012-01-15 11:52 - 0138984 ____A C:\Windows\Minidump\011512-47034-01.dmp
2012-01-15 11:51 - 2012-01-15 01:27 - 274882138 ____A C:\Windows\MEMORY.DMP
2012-01-15 11:51 - 2012-01-15 01:27 - 0000000 ____D C:\Windows\Minidump
2012-01-15 11:50 - 2011-11-16 21:41 - 0134000 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2012-01-15 11:50 - 2011-11-16 21:41 - 0067440 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2012-01-15 11:50 - 2011-11-16 21:39 - 0369352 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2012-01-15 11:50 - 2011-11-16 21:35 - 0314880 ____A (Microsoft Corporation) C:\Windows\System32\webio.dll
2012-01-15 11:50 - 2011-11-16 21:34 - 0224768 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2012-01-15 11:50 - 2011-11-16 21:34 - 0100352 ____A (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2012-01-15 11:50 - 2011-11-16 21:34 - 0022016 ____A (Microsoft Corporation) C:\Windows\System32\secur32.dll
2012-01-15 11:50 - 2011-11-16 21:34 - 0015872 ____A (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2012-01-15 11:50 - 2011-11-16 21:32 - 1038848 ____A (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2012-01-15 11:50 - 2011-11-16 21:29 - 0022528 ____A (Microsoft Corporation) C:\Windows\System32\lsass.exe
2012-01-15 11:50 - 2011-02-18 22:30 - 1076736 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2012-01-15 11:50 - 2011-02-18 22:30 - 0805376 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2012-01-15 11:50 - 2011-02-18 22:30 - 0739840 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2012-01-15 11:47 - 2012-01-15 11:47 - 0001064 ____A C:\Users\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
2012-01-15 11:47 - 2012-01-15 11:47 - 0000000 ____D C:\Users\Cody\AppData\Local\Secunia PSI
2012-01-15 11:47 - 2012-01-15 11:47 - 0000000 ____D C:\Program Files\Secunia
2012-01-15 11:45 - 2012-01-15 11:46 - 1754456 ____A (Secunia) C:\Users\Cody\Downloads\PSISetup.exe
2012-01-15 11:34 - 2012-01-15 11:35 - 0302592 ____A C:\Users\Cody\Downloads\4ygjgb88.exe
2012-01-15 11:30 - 2012-01-15 11:30 - 0000357 ____A C:\rkill.log
2012-01-15 11:29 - 2012-01-15 11:29 - 1008141 ____A C:\Users\Cody\Downloads\rkill.exe
2012-01-15 11:07 - 2012-01-15 11:07 - 0000000 ____D C:\Program Files\Microsoft.NET
2012-01-15 11:00 - 2012-01-15 11:00 - 0004440 ____A C:\Windows\PFRO.log
2012-01-15 01:27 - 2012-01-15 01:27 - 0138840 ____A C:\Windows\Minidump\011512-38095-01.dmp
2012-01-15 01:04 - 2012-01-15 01:06 - 0214428 ____A C:\Windows\ntbtlog.txt
2012-01-15 01:03 - 2012-01-15 01:03 - 0138984 ____A C:\Windows\Minidump\011512-40529-01.dmp
2012-01-14 19:59 - 2012-01-14 19:59 - 1792000 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-01-14 19:59 - 2012-01-14 19:59 - 1127424 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-01-14 19:59 - 2012-01-14 19:59 - 1103360 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-01-14 19:59 - 2012-01-14 19:59 - 0162304 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2012-01-14 19:59 - 2012-01-14 19:59 - 0161792 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2012-01-14 19:59 - 2012-01-14 19:59 - 0110592 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2012-01-14 19:59 - 2012-01-14 19:59 - 0074752 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2012-01-14 19:59 - 2012-01-14 19:59 - 0065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-01-14 19:59 - 2012-01-14 19:59 - 0041472 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2012-01-14 19:59 - 2012-01-14 19:59 - 0010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2012-01-14 19:58 - 2012-01-14 19:58 - 9705472 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 3695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2012-01-14 19:58 - 2012-01-14 19:58 - 2382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-01-14 19:58 - 2012-01-14 19:58 - 1798144 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 1427456 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-01-14 19:58 - 2012-01-14 19:58 - 12279808 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0716800 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0580608 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0434176 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0367104 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2012-01-14 19:58 - 2012-01-14 19:58 - 0353792 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0353584 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0227840 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0223232 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0203776 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0152064 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2012-01-14 19:58 - 2012-01-14 19:58 - 0150528 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2012-01-14 19:58 - 2012-01-14 19:58 - 0142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-01-14 19:58 - 2012-01-14 19:58 - 0130560 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0123392 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0118784 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0101888 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0086528 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0078848 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0076800 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2012-01-14 19:58 - 2012-01-14 19:58 - 0074752 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0074240 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2012-01-14 19:58 - 2012-01-14 19:58 - 0072822 ____A C:\Windows\System32\ieuinit.inf
2012-01-14 19:58 - 2012-01-14 19:58 - 0072704 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0066048 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0063488 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2012-01-14 19:58 - 2012-01-14 19:58 - 0054272 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0035840 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0031744 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0023552 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0011776 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2012-01-14 19:44 - 2012-01-14 19:44 - 0000000 ____D C:\Windows\System32\SPReview
2012-01-14 19:43 - 2012-01-14 19:43 - 0000000 ____D C:\Windows\System32\EventProviders
2012-01-14 19:40 - 2010-11-20 04:32 - 5066752 ____A (Microsoft Corporation) C:\Windows\System32\AuthFWSnapin.dll
2012-01-14 19:40 - 2010-11-20 04:30 - 0233344 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys
2012-01-14 19:40 - 2010-11-20 04:29 - 0520064 ____A (Microsoft Corporation) C:\Windows\System32\mcupdate_GenuineIntel.dll
2012-01-14 19:40 - 2010-11-20 04:29 - 0014208 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hwpolicy.sys
2012-01-14 19:40 - 2010-11-20 04:21 - 12872192 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-01-14 19:40 - 2010-11-20 04:21 - 1159168 ____A (Microsoft Corporation) C:\Windows\System32\sysmain.dll
2012-01-14 19:40 - 2010-11-20 04:21 - 11410432 ____A (Microsoft Corporation) C:\Windows\System32\wmp.dll
2012-01-14 19:40 - 2010-11-20 04:21 - 1128448 ____A (Microsoft Corporation) C:\Windows\System32\vssapi.dll
2012-01-14 19:40 - 2010-11-20 04:21 - 1115136 ____A (Microsoft Corporation) C:\Windows\System32\RacEngn.dll
2012-01-14 19:40 - 2010-11-20 04:21 - 1086976 ____A (Microsoft Corporation) C:\Windows\System32\wevtsvc.dll
2012-01-14 19:40 - 2010-11-20 04:21 - 0915456 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
2012-01-14 19:40 - 2010-11-20 04:21 - 0750592 ____A (Microsoft Corporation) C:\Windows\System32\schedsvc.dll
2012-01-14 19:40 - 2010-11-20 04:21 - 0653312 ____A (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2012-01-14 19:40 - 2010-11-20 04:21 - 0646144 ____A (Microsoft Corporation) C:\Windows\System32\SearchFolder.dll
2012-01-14 19:40 - 2010-11-20 04:21 - 0521216 ____A (Microsoft Corporation) C:\Windows\System32\termsrv.dll
2012-01-14 19:40 - 2010-11-20 04:21 - 0505856 ____A (Microsoft Corporation) C:\Windows\System32\taskschd.dll
2012-01-14 19:40 - 2010-11-20 04:21 - 0423936 ____A (Microsoft Corporation) C:\Windows\System32\secproc_isv.dll
2012-01-14 19:40 - 2010-11-20 04:21 - 0381440 ____A (Microsoft Corporation) C:\Windows\System32\wer.dll
2012-01-14 19:40 - 2010-11-20 04:21 - 0253952 ____A (Microsoft Corporation) C:\Windows\System32\spwizui.dll
2012-01-14 19:40 - 2010-11-20 04:21 - 0120320 ____A (Microsoft Corporation) C:\Windows\System32\tssrvlic.dll
2012-01-14 19:40 - 2010-11-20 04:21 - 0011776 ____A (Microsoft Corporation) C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
2012-01-14 19:40 - 2010-11-20 04:20 - 1414144 ____A (Microsoft Corporation) C:\Windows\System32\ole32.dll
2012-01-14 19:40 - 2010-11-20 04:20 - 0585728 ____A (Microsoft Corporation) C:\Windows\System32\qmgr.dll
2012-01-14 19:40 - 2010-11-20 04:20 - 0428032 ____A (Microsoft Corporation) C:\Windows\System32\secproc.dll
2012-01-14 19:40 - 2010-11-20 04:19 - 3215872 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2012-01-14 19:40 - 2010-11-20 04:19 - 3207680 ____A (Microsoft Corporation) C:\Windows\System32\mf.dll
2012-01-14 19:40 - 2010-11-20 04:19 - 1493504 ____A (Microsoft Corporation) C:\Windows\System32\ExplorerFrame.dll
2012-01-14 19:40 - 2010-11-20 04:19 - 1390080 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2012-01-14 19:40 - 2010-11-20 04:19 - 0954752 ____A (Microsoft Corporation) C:\Windows\System32\mfc40.dll
2012-01-14 19:40 - 2010-11-20 04:19 - 0954288 ____A (Microsoft Corporation) C:\Windows\System32\mfc40u.dll
2012-01-14 19:40 - 2010-11-20 04:19 - 0674304 ____A (Microsoft Corporation) C:\Windows\System32\IKEEXT.DLL
2012-01-14 19:40 - 2010-11-20 04:19 - 0593408 ____A (Microsoft Corporation) C:\Windows\System32\gpsvc.dll
2012-01-14 19:40 - 2010-11-20 04:19 - 0053760 ____A (Microsoft Corporation) C:\Windows\System32\LSCSHostPolicy.dll
2012-01-14 19:40 - 2010-11-20 04:18 - 1828352 ____A (Microsoft Corporation) C:\Windows\System32\d3d9.dll
2012-01-14 19:40 - 2010-11-20 04:18 - 1371136 ____A (Microsoft Corporation) C:\Windows\System32\dwmcore.dll
2012-01-14 19:40 - 2010-11-20 04:18 - 1334272 ____A (Microsoft Corporation) C:\Windows\System32\CertEnroll.dll
2012-01-14 19:40 - 2010-11-20 04:18 - 1171456 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2012-01-14 19:40 - 2010-11-20 04:18 - 1154048 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-01-14 19:40 - 2010-11-20 04:18 - 0342016 ____A (Microsoft Corporation) C:\Windows\System32\certcli.dll
2012-01-14 19:40 - 2010-11-20 04:17 - 1049600 ____A (Microsoft Corporation) C:\Windows\System32\mstsc.exe
2012-01-14 19:40 - 2010-11-20 04:17 - 0456192 ____A (Microsoft Corporation) C:\Windows\System32\spinstall.exe
2012-01-14 19:40 - 2010-11-20 04:17 - 0327168 ____A (Microsoft Corporation) C:\Windows\System32\RMActivate_isv.exe
2012-01-14 19:40 - 2010-11-20 04:17 - 0322048 ____A (Microsoft Corporation) C:\Windows\System32\RMActivate.exe
2012-01-14 19:40 - 2010-11-20 04:17 - 0280576 ____A (Microsoft Corporation) C:\Windows\System32\spreview.exe
2012-01-14 19:40 - 2010-11-20 04:17 - 0080896 ____A C:\Windows\System32\RDVGHelper.exe
2012-01-14 19:40 - 2010-11-20 04:17 - 0051200 ____A (Microsoft Corporation) C:\Windows\System32\PushPrinterConnections.exe
2012-01-14 19:40 - 2010-11-20 02:24 - 0134656 ____A (Microsoft Corporation) C:\Windows\System32\rdpudd.dll
2012-01-14 19:40 - 2010-11-20 02:24 - 0052224 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\TsUsbFlt.sys
2012-01-14 19:40 - 2010-11-20 02:22 - 0213504 ____A (Microsoft Corporation) C:\Windows\System32\rdpdd.dll
2012-01-14 19:40 - 2010-11-19 19:52 - 0419880 ____A C:\Windows\System32\locale.nls
2012-01-14 19:40 - 2010-11-04 18:20 - 0146852 ____A C:\Windows\System32\systemsf.ebd
2012-01-14 19:40 - 2010-11-04 17:58 - 1130824 ____A (Microsoft Corporation) C:\Windows\System32\dfshim.dll
2012-01-14 19:40 - 2010-11-04 17:58 - 0297808 ____A (Microsoft Corporation) C:\Windows\System32\mscoree.dll
2012-01-14 19:40 - 2010-11-04 17:53 - 0295264 ____A (Microsoft Corporation) C:\Windows\System32\PresentationHost.exe
2012-01-14 19:40 - 2010-11-04 17:53 - 0099176 ____A (Microsoft Corporation) C:\Windows\System32\PresentationHostProxy.dll
2012-01-14 19:39 - 2010-11-20 04:36 - 1077248 ____A (Microsoft Corporation) C:\Windows\System32\Narrator.exe
2012-01-14 19:39 - 2010-11-20 04:30 - 0712576 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2012-01-14 19:39 - 2010-11-20 04:30 - 0245632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\volsnap.sys
2012-01-14 19:39 - 2010-11-20 04:30 - 0240000 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2012-01-14 19:39 - 2010-11-20 04:30 - 0175360 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\vmbus.sys
2012-01-14 19:39 - 2010-11-20 04:30 - 0173440 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdyboost.sys
2012-01-14 19:39 - 2010-11-20 04:30 - 0160128 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\vhdmp.sys
2012-01-14 19:39 - 2010-11-20 04:30 - 0153984 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\pci.sys
2012-01-14 19:39 - 2010-11-20 04:30 - 0140160 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\scsiport.sys
2012-01-14 19:39 - 2010-11-20 04:30 - 0130432 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mpio.sys
2012-01-14 19:39 - 2010-11-20 04:30 - 0116096 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msdsm.sys
2012-01-14 19:39 - 2010-11-20 04:30 - 0085376 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\sbp2port.sys
2012-01-14 19:39 - 2010-11-20 04:30 - 0078208 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mountmgr.sys
2012-01-14 19:39 - 2010-11-20 04:30 - 0056192 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2012-01-14 19:39 - 2010-11-20 04:30 - 0053120 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\volmgr.sys
2012-01-14 19:39 - 2010-11-20 04:30 - 0053120 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\termdd.sys
2012-01-14 19:39 - 2010-11-20 04:30 - 0040704 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\vmstorfl.sys
2012-01-14 19:39 - 2010-11-20 04:30 - 0028032 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\storvsc.sys
2012-01-14 19:39 - 2010-11-20 04:30 - 0028032 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msahci.sys
2012-01-14 19:39 - 2010-11-20 04:29 - 2217856 ____A (Microsoft Corporation) C:\Windows\System32\bootres.dll
2012-01-14 19:39 - 2010-11-20 04:29 - 0274304 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\acpi.sys
2012-01-14 19:39 - 2010-11-20 04:29 - 0194432 ____A (Microsoft Corporation) C:\Windows\System32\halmacpi.dll
2012-01-14 19:39 - 2010-11-20 04:29 - 0194432 ____A (Microsoft Corporation) C:\Windows\System32\hal.dll
2012-01-14 19:39 - 2010-11-20 04:29 - 0137088 ____A (Microsoft Corporation) C:\Windows\System32\halacpi.dll
2012-01-14 19:39 - 2010-11-20 04:29 - 0132992 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ataport.sys
2012-01-14 19:39 - 2010-11-20 04:29 - 0101760 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2012-01-14 19:39 - 2010-11-20 04:29 - 0043392 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\winhv.sys
2012-01-14 19:39 - 2010-11-20 04:24 - 0690680 ____A (Microsoft Corporation) C:\Windows\System32\ci.dll
2012-01-14 19:39 - 2010-11-20 04:24 - 0508904 ____A (Microsoft Corporation) C:\Windows\System32\winload.exe
2012-01-14 19:39 - 2010-11-20 04:24 - 0442720 ____A (Microsoft Corporation) C:\Windows\System32\winresume.exe
2012-01-14 19:39 - 2010-11-20 04:24 - 0271664 ____A (Microsoft Corporation) C:\Windows\System32\fveapi.dll
2012-01-14 19:39 - 2010-11-20 04:24 - 0194800 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2012-01-14 19:39 - 2010-11-20 04:23 - 0144768 ____A (Microsoft Corporation) C:\Windows\System32\basecsp.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 2983424 ____A (Microsoft Corporation) C:\Windows\System32\UIRibbon.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 2755072 ____A (Microsoft Corporation) C:\Windows\System32\themeui.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 2414080 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 2311168 ____A (Microsoft Corporation) C:\Windows\System32\wpdshext.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 2202624 ____A (Microsoft Corporation) C:\Windows\System32\SensorsCpl.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 2157568 ____A (Microsoft Corporation) C:\Windows\System32\themecpl.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 2146304 ____A (Microsoft Corporation) C:\Windows\System32\SyncCenter.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 1914368 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 1712640 ____A (Microsoft Corporation) C:\Windows\System32\xpsservices.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 1667584 ____A (Microsoft Corporation) C:\Windows\System32\setupapi.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 1624064 ____A (Microsoft Corporation) C:\Windows\System32\WMPEncEn.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 1619456 ____A (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL
2012-01-14 19:39 - 2010-11-20 04:21 - 1363456 ____A (Microsoft Corporation) C:\Windows\System32\Query.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 1326592 ____A (Microsoft Corporation) C:\Windows\System32\wlanpref.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 1227776 ____A (Microsoft Corporation) C:\Windows\System32\wdc.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 1175040 ____A (Microsoft Corporation) C:\Windows\System32\WsmSvc.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 1063936 ____A (Microsoft Corporation) C:\Windows\System32\werconcpl.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 1010688 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 1003008 ____A (Microsoft Corporation) C:\Windows\System32\WMNetMgr.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0974336 ____A (Microsoft Corporation) C:\Windows\System32\sppobjs.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0933376 ____A (Microsoft Corporation) C:\Windows\System32\Vault.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0907776 ____A (Microsoft Corporation) C:\Windows\System32\sdengin2.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0826368 ____A (Microsoft Corporation) C:\Windows\System32\rdpcore.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0811520 ____A (Microsoft Corporation) C:\Windows\System32\user32.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0782336 ____A (Microsoft Corporation) C:\Windows\System32\webservices.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0778240 ____A (Microsoft Corporation) C:\Windows\System32\sqlsrv32.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0766464 ____A (Microsoft Corporation) C:\Windows\System32\wpccpl.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0755200 ____A (Microsoft Corporation) C:\Windows\System32\sud.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0750080 ____A (Microsoft Corporation) C:\Windows\System32\sdcpl.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0738816 ____A (Microsoft Corporation) C:\Windows\System32\wmpmde.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0638976 ____A (Microsoft Corporation) C:\Windows\System32\VAN.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0626176 ____A (Microsoft Corporation) C:\Windows\System32\usp10.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0600064 ____A (Microsoft Corporation) C:\Windows\System32\usercpl.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0597504 ____A (Microsoft Corporation) C:\Windows\System32\TSWorkspace.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0577024 ____A (Microsoft Corporation) C:\Windows\System32\wpd_ci.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0560128 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0551424 ____A (Microsoft Corporation) C:\Windows\System32\samsrv.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0492032 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0464896 ____A (Microsoft Corporation) C:\Windows\System32\scrptadm.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0463360 ____A (Microsoft Corporation) C:\Windows\System32\wiaservc.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0458752 ____A (Microsoft Corporation) C:\Windows\System32\WSDApi.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0428544 ____A (Microsoft Corporation) C:\Windows\System32\shwebsvc.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0416768 ____A (Microsoft Corporation) C:\Windows\System32\wiadefui.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0412160 ____A (Microsoft Corporation) C:\Windows\System32\sppwinob.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0411648 ____A (Microsoft Corporation) C:\Windows\System32\wlangpui.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0410112 ____A (Microsoft Corporation) C:\Windows\System32\wlanui.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0400896 ____A (Microsoft Corporation) C:\Windows\System32\srcore.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0380416 ____A (Microsoft Corporation) C:\Windows\System32\sxs.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0376832 ____A (Microsoft Corporation) C:\Windows\System32\rpcss.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0372224 ____A (Microsoft Corporation) C:\Windows\System32\rastls.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0363520 ____A (Microsoft Corporation) C:\Windows\System32\StructuredQuery.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0352768 ____A (Microsoft Corporation) C:\Windows\System32\termmgr.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0352768 ____A (Microsoft Corporation) C:\Windows\System32\spwizeng.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0352256 ____A (Microsoft Corporation) C:\Windows\System32\wmpeffects.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0351232 ____A (Microsoft Corporation) C:\Windows\System32\wmicmiplugin.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0351232 ____A (Microsoft Corporation) C:\Windows\System32\winhttp.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0350208 ____A (Microsoft Corporation) C:\Windows\System32\shlwapi.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0346624 ____A (Microsoft Corporation) C:\Windows\System32\untfs.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0335872 ____A (Microsoft Corporation) C:\Windows\System32\WinSATAPI.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0328192 ____A (Microsoft Corporation) C:\Windows\System32\shsvcs.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0327680 ____A (Microsoft Corporation) C:\Windows\System32\zipfldr.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0316416 ____A (Microsoft Corporation) C:\Windows\System32\sharemediacpl.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0307712 ____A (Microsoft Corporation) C:\Windows\System32\scesrv.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0305152 ____A (Microsoft Corporation) C:\Windows\System32\taskcomp.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0301568 ____A (Microsoft Corporation) C:\Windows\System32\srchadmin.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0286208 ____A (Microsoft Corporation) C:\Windows\System32\rasmans.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0276992 ____A (Microsoft Corporation) C:\Windows\System32\wcncsvc.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0270848 ____A (Microsoft Corporation) C:\Windows\System32\tsmf.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0269824 ____A (Microsoft Corporation) C:\Windows\System32\Wldap32.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0246272 ____A (Microsoft Corporation) C:\Windows\System32\scansetting.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0242176 ____A (Microsoft Corporation) C:\Windows\System32\vpnike.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0242176 ____A (Microsoft Corporation) C:\Windows\System32\tapisrv.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0233472 ____A (Microsoft Corporation) C:\Windows\System32\taskbarcpl.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0228352 ____A (Microsoft Corporation) C:\Windows\System32\stobject.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0220160 ____A (Microsoft Corporation) C:\Windows\System32\SndVolSSO.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0206848 ____A (Microsoft Corporation) C:\Windows\System32\ws2_32.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0206848 ____A (Microsoft Corporation) C:\Windows\System32\upnp.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0204800 ____A (Microsoft Corporation) C:\Windows\System32\WebClnt.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0196096 ____A (Microsoft Corporation) C:\Windows\System32\vaultsvc.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0194048 ____A (Microsoft Corporation) C:\Windows\System32\winmm.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0193536 ____A (Microsoft Corporation) C:\Windows\System32\sppcomapi.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0181760 ____A (Microsoft Corporation) C:\Windows\System32\tcpipcfg.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0176640 ____A (Microsoft Corporation) C:\Windows\System32\rasppp.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0175616 ____A (Microsoft Corporation) C:\Windows\System32\scecli.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0172544 ____A (Microsoft Corporation) C:\Windows\System32\spp.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0172032 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0171008 ____A (Microsoft Corporation) C:\Windows\System32\umrdp.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0168960 ____A (Microsoft Corporation) C:\Windows\System32\srvsvc.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0159232 ____A (Microsoft Corporation) C:\Windows\System32\syncui.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0156672 ____A (Microsoft Corporation) C:\Windows\System32\winsta.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0154624 ____A (Microsoft Corporation) C:\Windows\System32\tscfgwmi.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0140800 ____A (Microsoft Corporation) C:\Windows\System32\rdpendp.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0139264 ____A (Microsoft Corporation) C:\Windows\System32\rpchttp.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0136704 ____A (Microsoft Corporation) C:\Windows\System32\scavengeui.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0135680 ____A (Microsoft Corporation) C:\Windows\System32\recovery.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0135168 ____A (Microsoft Corporation) C:\Windows\System32\XpsRasterService.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0134656 ____A (Microsoft Corporation) C:\Windows\System32\WinSCard.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0133632 ____A (Microsoft Corporation) C:\Windows\System32\tspubwmi.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0129536 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0119808 ____A (Microsoft Corporation) C:\Windows\System32\umpo.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0115712 ____A (Microsoft Corporation) C:\Windows\System32\sppnp.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0113664 ____A (Microsoft Corporation) C:\Windows\System32\SessEnv.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0111104 ____A (Microsoft Corporation) C:\Windows\System32\shsetup.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0109056 ____A (Microsoft Corporation) C:\Windows\System32\t2embed.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\wpdbusenum.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0084480 ____A (Microsoft Corporation) C:\Windows\System32\wkssvc.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0082944 ____A (Microsoft Corporation) C:\Windows\System32\thumbcache.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0081920 ____A (Microsoft Corporation) C:\Windows\System32\userenv.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0073216 ____A (Microsoft Corporation) C:\Windows\System32\TabSvc.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0072192 ____A (Microsoft Corporation) C:\Windows\System32\regapi.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0067584 ____A (Microsoft Corporation) C:\Windows\System32\WUDFSvc.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0058880 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0051712 ____A (Microsoft Corporation) C:\Windows\System32\wscapi.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0051200 ____A (Microsoft Corporation) C:\Windows\System32\samcli.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0046080 ____A (Microsoft Corporation) C:\Windows\System32\RpcRtRemote.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0033280 ____A (Microsoft Corporation) C:\Windows\System32\TsUsbGDCoInstaller.dll
2012-01-14 19:39 - 2010-11-20 04:21 - 0019456 ____A (Microsoft Corporation) C:\Windows\System32\sisbkup.dll
2012-01-14 19:39 - 2010-11-20 04:20 - 2504192 ____A (Microsoft Corporation) C:\Windows\System32\WMVCORE.DLL
2012-01-14 19:39 - 2010-11-20 04:20 - 2494464 ____A (Microsoft Corporation) C:\Windows\System32\netshell.dll
2012-01-14 19:39 - 2010-11-20 04:20 - 2130944 ____A (Microsoft Corporation) C:\Windows\System32\networkmap.dll
2012-01-14 19:39 - 2010-11-20 04:20 - 1750528 ____A (Microsoft Corporation) C:\Windows\System32\pnidui.dll
2012-01-14 19:39 - 2010-11-20 04:20 - 1644032 ____A (Microsoft Corporation) C:\Windows\System32\netcenter.dll
2012-01-14 19:39 - 2010-11-20 04:20 - 1508864 ____A (Microsoft Corporation) C:\Windows\System32\pla.dll
2012-01-14 19:39 - 2010-11-20 04:20 - 0988160 ____A (Microsoft Corporation) C:\Windows\System32\propsys.dll
2012-01-14 19:39 - 2010-11-20 04:20 - 0932352 ____A (Microsoft Corporation) C:\Windows\System32\printui.dll
2012-01-14 19:39 - 2010-11-20 04:20 - 0801280 ____A (Microsoft Corporation) C:\Windows\System32\NaturalLanguage6.dll
2012-01-14 19:39 - 2010-11-20 04:20 - 0600576 ____A (Microsoft Corporation) C:\Windows\System32\PerfCenterCPL.dll
2012-01-14 19:39 - 2010-11-20 04:20 - 0573440 ____A (Microsoft Corporation) C:\Windows\System32\odbc32.dll
2012-01-14 19:39 - 2010-11-20 04:20 - 0563712 ____A (Microsoft Corporation) C:\Windows\System32\netlogon.dll
2012-01-14 19:39 - 2010-11-20 04:20 - 0547840 ____A (Microsoft Corporation) C:\Windows\System32\PortableDeviceApi.dll
2012-01-14 19:39 - 2010-11-20 04:20 - 0509440 ____A (Microsoft Corporation) C:\Windows\System32\qedit.dll
2012-01-14 19:39 - 2010-11-20 04:20 - 0442880 ____A (Microsoft Corporation) C:\Windows\System32\ntshrui.dll
2012-01-14 19:39 - 2010-11-20 04:20 - 0441856 ____A (Microsoft Corporation) C:\Windows\System32\powercpl.dll
2012-01-14 19:39 - 2010-11-20 04:20 - 0406528 ____A (Microsoft Corporation) C:\Windows\System32\netcfgx.dll
2012-01-14 19:39 - 2010-11-20 04:20 - 0395264 ____A (Microsoft Corporation) C:\Windows\System32\prnfldr.dll
2012-01-14 19:39 - 2010-11-20 04:20 - 0330240 ____A (Microsoft Corporation) C:\Windows\System32\QAGENTRT.DLL
2012-01-14 19:39 - 2010-11-20 04:20 - 0324608 ____A (Microsoft Corporation) C:\Windows\System32\puiobj.dll
2012-01-14 19:39 - 2010-11-20 04:20 - 0295424 ____A (Microsoft Corporation) C:\Windows\System32\photowiz.dll
2012-01-14 19:39 - 2010-11-20 04:20 - 0242688 ____A (Microsoft Corporation) C:\Windows\System32\nlasvc.dll
2012-01-14 19:39 - 2010-11-20 04:20 - 0225792 ____A (Microsoft Corporation) C:\Windows\System32\netdiagfx.dll
2012-01-14 19:39 - 2010-11-20 04:20 - 0218112 ____A (Microsoft Corporation) C:\Windows\System32\OnLineIDCpl.dll
2012-01-14 19:39 - 2010-11-20 04:20 - 0199168 ____A (Microsoft Corporation) C:\Windows\System32\onex.dll
2012-01-14 19:39 - 2010-11-20 04:20 - 0171520 ____A (Microsoft Corporation) C:\Windows\System32\QAGENT.DLL
2012-01-14 19:39 - 2010-11-20 04:20 - 0167936 ____A (Microsoft Corporation) C:\Windows\System32\QSHVHOST.DLL
2012-01-14 19:39 - 2010-11-20 04:20 - 0166400 ____A (Microsoft Corporation) C:\Windows\System32\netiohlp.dll
2012-01-14 19:39 - 2010-11-20 04:20 - 0164352 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2012-01-14 19:39 - 2010-11-20 04:20 - 0161792 ____A (Microsoft Corporation) C:\Windows\System32\netjoin.dll
2012-01-14 19:39 - 2010-11-20 04:20 - 0152064 ____A (Microsoft Corporation) C:\Windows\System32\ncsi.dll
2012-01-14 19:39 - 2010-11-20 04:20 - 0120320 ____A (Microsoft Corporation) C:\Windows\System32\prntvpt.dll
2012-01-14 19:39 - 2010-11-20 04:20 - 0117248 ____A (Microsoft Corporation) C:\Windows\System32\netid.dll
2012-01-14 19:39 - 2010-11-20 04:20 - 0116736 ____A (Microsoft Corporation) C:\Windows\System32\prncache.dll
2012-01-14 19:39 - 2010-11-20 04:20 - 0078848 ____A (Microsoft Corporation) C:\Windows\System32\nci.dll
2012-01-14 19:39 - 2010-11-20 04:20 - 0069120 ____A (Microsoft Corporation) C:\Windows\System32\ntlanman.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 2576384 ____A (Microsoft Corporation) C:\Windows\System32\gameux.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 2341376 ____A (Microsoft Corporation) C:\Windows\System32\msi.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 2291712 ____A (Microsoft Corporation) C:\Windows\System32\MSVidCtl.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 2151936 ____A (Microsoft Corporation) C:\Windows\System32\mmcndmgr.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 1236992 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 1066496 ____A (Microsoft Corporation) C:\Windows\System32\msdtctm.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0856576 ____A (Microsoft Corporation) C:\Windows\System32\FirewallControlPanel.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0830464 ____A (Microsoft Corporation) C:\Windows\System32\MSMPEG2ENC.DLL
2012-01-14 19:39 - 2010-11-20 04:19 - 0828928 ____A (Microsoft Corporation) C:\Windows\System32\fontext.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0768512 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0732160 ____A (Microsoft Corporation) C:\Windows\System32\imapi2fs.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0727040 ____A (Microsoft Corporation) C:\Windows\System32\mcmde.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0584192 ____A (Microsoft Corporation) C:\Windows\System32\gpprefcl.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0566272 ____A (Microsoft Corporation) C:\Windows\System32\MPSSVC.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0499712 ____A (Microsoft Corporation) C:\Windows\System32\iphlpsvc.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0488448 ____A (Microsoft Corporation) C:\Windows\System32\evr.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0481792 ____A (Microsoft Corporation) C:\Windows\System32\mscms.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0429056 ____A (Microsoft Corporation) C:\Windows\System32\localsec.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0417792 ____A (Microsoft Corporation) C:\Windows\System32\msdri.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0414208 ____A (Microsoft Corporation) C:\Windows\System32\mspbda.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0400896 ____A (Microsoft Corporation) C:\Windows\System32\ipsmsnap.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0392192 ____A (Microsoft Corporation) C:\Windows\System32\imapi2.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0350208 ____A (Microsoft Corporation) C:\Windows\System32\IPSECSVC.DLL
2012-01-14 19:39 - 2010-11-20 04:19 - 0341504 ____A (Microsoft Corporation) C:\Windows\System32\msdrm.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0337408 ____A (Microsoft Corporation) C:\Windows\System32\msihnd.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0320512 ____A (Microsoft Corporation) C:\Windows\System32\mtxclu.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0320512 ____A (Microsoft Corporation) C:\Windows\System32\Faultrep.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0312832 ____A (Microsoft Corporation) C:\Windows\System32\hgcpl.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0304640 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0301568 ____A (Microsoft Corporation) C:\Windows\System32\msieftp.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0296448 ____A (Microsoft Corporation) C:\Windows\System32\mfds.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0271360 ____A (Microsoft Corporation) C:\Windows\System32\iprtrmgr.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0268800 ____A (Microsoft Corporation) C:\Windows\System32\mprddm.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0266752 ____A (Microsoft Corporation) C:\Windows\System32\MediaMetadataHandler.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0257024 ____A (Microsoft Corporation) C:\Windows\System32\msv1_0.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0232448 ____A (Microsoft Corporation) C:\Windows\System32\mswsock.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0226304 ____A (Microsoft Corporation) C:\Windows\System32\MSAC3ENC.DLL
2012-01-14 19:39 - 2010-11-20 04:19 - 0216576 ____A (Microsoft Corporation) C:\Windows\System32\FWPUCLNT.DLL
2012-01-14 19:39 - 2010-11-20 04:19 - 0213504 ____A (Microsoft Corporation) C:\Windows\System32\MMDevAPI.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0206336 ____A (Microsoft Corporation) C:\Windows\System32\framedynos.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0202752 ____A (Microsoft Corporation) C:\Windows\System32\framedyn.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0196608 ____A (Microsoft Corporation) C:\Windows\System32\mfreadwrite.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0194560 ____A (Microsoft Corporation) C:\Windows\System32\ListSvc.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0172032 ____A (Microsoft Corporation) C:\Windows\System32\iasrad.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0167936 ____A (Microsoft Corporation) C:\Windows\System32\msutb.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0155136 ____A (Microsoft Corporation) C:\Windows\System32\hgprint.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0148992 ____A (Microsoft Corporation) C:\Windows\System32\ifsutil.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0127488 ____A (Microsoft Corporation) C:\Windows\System32\logoncli.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0126464 ____A (Microsoft Corporation) C:\Windows\System32\inetpp.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0124416 ____A (Microsoft Corporation) C:\Windows\System32\fde.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0103936 ____A (Microsoft Corporation) C:\Windows\System32\IPHLPAPI.DLL
2012-01-14 19:39 - 2010-11-20 04:19 - 0078848 ____A (Microsoft Corporation) C:\Windows\System32\iasacct.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0071168 ____A (Microsoft Corporation) C:\Windows\System32\KMSVC.DLL
2012-01-14 19:39 - 2010-11-20 04:19 - 0066560 ____A (Microsoft Corporation) C:\Windows\System32\hbaapi.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0059904 ____A (Microsoft Corporation) C:\Windows\System32\fdeploy.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0042496 ____A (Microsoft Corporation) C:\Windows\System32\mimefilt.dll
2012-01-14 19:39 - 2010-11-20 04:19 - 0034304 ____A (Microsoft Corporation) C:\Windows\System32\msasn1.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 3727872 ____A (Microsoft Corporation) C:\Windows\System32\accessibilitycpl.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 2522624 ____A (Microsoft Corporation) C:\Windows\System32\dbgeng.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 1792000 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 1555456 ____A (Microsoft Corporation) C:\Windows\System32\certmgr.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 1400320 ____A (Microsoft Corporation) C:\Windows\System32\DxpTaskSync.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 1188864 ____A (Microsoft Corporation) C:\Windows\System32\DiagCpl.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 1040384 ____A (Microsoft Corporation) C:\Windows\System32\Display.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 1003520 ____A (Microsoft Corporation) C:\Windows\System32\cryptui.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0863744 ____A (Microsoft Corporation) C:\Windows\System32\diagperf.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0854016 ____A (Microsoft Corporation) C:\Windows\System32\dbghelp.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0762880 ____A (Microsoft Corporation) C:\Windows\System32\azroles.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0744448 ____A (Microsoft Corporation) C:\Windows\System32\ActionCenter.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0740864 ____A (Microsoft Corporation) C:\Windows\System32\batmeter.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0665600 ____A (Microsoft Corporation) C:\Windows\System32\AuxiliaryDisplayCpl.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0640512 ____A (Microsoft Corporation) C:\Windows\System32\advapi32.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0630784 ____A (Microsoft Corporation) C:\Windows\System32\DXPTaskRingtone.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0546304 ____A (Microsoft Corporation) C:\Windows\System32\cscsvc.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0537600 ____A (Microsoft Corporation) C:\Windows\System32\ActionCenterCPL.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0530432 ____A (Microsoft Corporation) C:\Windows\System32\comctl32.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0522752 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0508416 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0494592 ____A (Microsoft Corporation) C:\Windows\System32\BFE.DLL
2012-01-14 19:39 - 2010-11-20 04:18 - 0485888 ____A (Microsoft Corporation) C:\Windows\System32\comdlg32.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0484864 ____A (Microsoft Corporation) C:\Windows\System32\DeviceCenter.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0473600 ____A (Microsoft Corporation) C:\Windows\System32\audiosrv.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0428032 ____A (Microsoft Corporation) C:\Windows\System32\biocpl.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0418816 ____A (Microsoft Corporation) C:\Windows\System32\cscui.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0399872 ____A (Microsoft Corporation) C:\Windows\System32\DXP.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0339968 ____A (Microsoft Corporation) C:\Windows\System32\appmgr.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0323072 ____A (Microsoft Corporation) C:\Windows\System32\drvstore.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0321536 ____A (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0314368 ____A (Microsoft Corporation) C:\Windows\System32\azroleui.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0309760 ____A (Microsoft Corporation) C:\Windows\System32\actxprxy.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0295936 ____A (Microsoft Corporation) C:\Windows\System32\apphelp.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0254464 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcore.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0252928 ____A (Microsoft) C:\Windows\System32\DShowRdpFilter.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0222208 ____A (Microsoft Corporation) C:\Windows\System32\eapphost.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0220672 ____A (Microsoft Corporation) C:\Windows\System32\defaultlocationcpl.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0205312 ____A (Microsoft Corporation) C:\Windows\System32\efscore.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0195584 ____A (Microsoft Corporation) C:\Windows\System32\AudioSes.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0186880 ____A (Microsoft Corporation) C:\Windows\System32\adsldp.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0168960 ____A (Microsoft Corporation) C:\Windows\System32\credui.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0146944 ____A (Microsoft Corporation) C:\Windows\System32\autoplay.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0144384 ____A (Microsoft Corporation) C:\Windows\System32\dps.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0139264 ____A (Microsoft Corporation) C:\Windows\System32\cscobj.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0136192 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0133632 ____A (Microsoft Corporation) C:\Windows\System32\bcdsrv.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0132608 ____A (Microsoft Corporation) C:\Windows\System32\cabview.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0131584 ____A (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0109056 ____A (Microsoft Corporation) C:\Windows\System32\dnscmmc.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\dwmredir.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0091136 ____A (Microsoft Corporation) C:\Windows\System32\dot3api.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0082432 ____A (Microsoft Corporation) C:\Windows\System32\dot3cfg.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0080384 ____A (Microsoft Corporation) C:\Windows\System32\davclnt.dll
2012-01-14 19:39 - 2010-11-20 04:18 - 0017408 ____A (Microsoft Corporation) C:\Windows\System32\credssp.dll
2012-01-14 19:39 - 2010-11-20 04:17 - 3367424 ____A (Microsoft Corporation) C:\Windows\System32\WinSAT.exe
2012-01-14 19:39 - 2010-11-20 04:17 - 3179520 ____A (Microsoft Corporation) C:\Windows\System32\sppsvc.exe
2012-01-14 19:39 - 2010-11-20 04:17 - 1203200 ____A (Microsoft Corporation) C:\Windows\System32\wbengine.exe
2012-01-14 19:39 - 2010-11-20 04:17 - 1131008 ____A (Microsoft Corporation) C:\Windows\System32\sdclt.exe
2012-01-14 19:39 - 2010-11-20 04:17 - 1025536 ____A (Microsoft Corporation) C:\Windows\System32\VSSVC.exe
2012-01-14 19:39 - 2010-11-20 04:17 - 0941568 ____A (Microsoft Corporation) C:\Windows\System32\mblctr.exe
2012-01-14 19:39 - 2010-11-20 04:17 - 0523264 ____A (Microsoft Corporation) C:\Windows\System32\FXSSVC.exe
2012-01-14 19:39 - 2010-11-20 04:17 - 0477696 ____A (Microsoft Corporation) C:\Windows\System32\lpksetup.exe
2012-01-14 19:39 - 2010-11-20 04:17 - 0453632 ____A (Microsoft Corporation) C:\Windows\System32\vds.exe
2012-01-14 19:39 - 2010-11-20 04:17 - 0334336 ____A (Microsoft Corporation) C:\Windows\System32\wisptis.exe
2012-01-14 19:39 - 2010-11-20 04:17 - 0325632 ____A (Microsoft Corporation) C:\Windows\System32\slui.exe
2012-01-14 19:39 - 2010-11-20 04:17 - 0317440 ____A (Microsoft Corporation) C:\Windows\System32\spoolsv.exe
2012-01-14 19:39 - 2010-11-20 04:17 - 0314880 ____A (Microsoft Corporation) C:\Windows\System32\wusa.exe
2012-01-14 19:39 - 2010-11-20 04:17 - 0314368 ____A (Microsoft Corporation) C:\Windows\System32\SndVol.exe
2012-01-14 19:39 - 2010-11-20 04:17 - 0303104 ____A (Microsoft Corporation) C:\Windows\System32\msinfo32.exe
2012-01-14 19:39 - 2010-11-20 04:17 - 0302592 ____A (Microsoft Corporation) C:\Windows\System32\cmd.exe
2012-01-14 19:39 - 2010-11-20 04:17 - 0288256 ____A (Microsoft Corporation) C:\Windows\System32\eudcedit.exe
2012-01-14 19:39 - 2010-11-20 04:17 - 0286720 ____A (Microsoft Corporation) C:\Windows\System32\winlogon.exe
2012-01-14 19:39 - 2010-11-20 04:17 - 0267776 ____A (Microsoft Corporation) C:\Windows\System32\lsm.exe
2012-01-14 19:39 - 2010-11-20 04:17 - 0260608 ____A (Microsoft Corporation) C:\Windows\System32\rdpshell.exe
2012-01-14 19:39 - 2010-11-20 04:17 - 0233984 ____A (Microsoft Corporation) C:\Windows\System32\msconfig.exe
2012-01-14 19:39 - 2010-11-20 04:17 - 0227328 ____A (Microsoft Corporation) C:\Windows\System32\taskmgr.exe
2012-01-14 19:39 - 2010-11-20 04:17 - 0220672 ____A (Microsoft Corporation) C:\Windows\System32\mcbuilder.exe
2012-01-14 19:39 - 2010-11-20 04:17 - 0192000 ____A (Microsoft Corporation) C:\Windows\System32\taskeng.exe
2012-01-14 19:39 - 2010-11-20 04:17 - 0179712 ____A (Microsoft Corporation) C:\Windows\System32\schtasks.exe
2012-01-14 19:39 - 2010-11-20 04:17 - 0173568 ____A (Microsoft Corporation) C:\Windows\System32\rdpclip.exe
2012-01-14 19:39 - 2010-11-20 04:17 - 0161280 ____A (Microsoft Corporation) C:\Windows\System32\rdpinit.exe
2012-01-14 19:39 - 2010-11-20 04:17 - 0142336 ____A (Microsoft Corporation) C:\Windows\System32\net1.exe
2012-01-14 19:39 - 2010-11-20 04:17 - 0103936 ____A (Microsoft Corporation) C:\Windows\System32\setupcl.exe
2012-01-14 19:39 - 2010-11-20 04:17 - 0098816 ____A (Microsoft) C:\Windows\System32\Robocopy.exe
2012-01-14 19:39 - 2010-11-20 04:17 - 0066048 ____A (Microsoft Corporation) C:\Windows\System32\w32tm.exe
2012-01-14 19:39 - 2010-11-20 04:17 - 0049152 ____A (Microsoft Corporation) C:\Windows\System32\taskhost.exe
2012-01-14 19:39 - 2010-11-20 04:17 - 0042496 ____A (Microsoft Corporation) C:\Windows\System32\ftp.exe
2012-01-14 19:39 - 2010-11-20 04:17 - 0028672 ____A (Microsoft Corporation) C:\Windows\System32\proquota.exe
2012-01-14 19:39 - 2010-11-20 04:17 - 0026624 ____A (Microsoft Corporation) C:\Windows\System32\userinit.exe
2012-01-14 19:39 - 2010-11-20 04:16 - 0905216 ____A (Microsoft Corporation) C:\Windows\System32\mmsys.cpl
2012-01-14 19:39 - 2010-11-20 04:16 - 0776192 ____A (Microsoft Corporation) C:\Windows\System32\calc.exe
2012-01-14 19:39 - 2010-11-20 04:16 - 0692736 ____A (Microsoft Corporation) C:\Windows\System32\bthprops.cpl
2012-01-14 19:39 - 2010-11-20 04:16 - 0679424 ____A (Microsoft Corporation) C:\Windows\System32\autoconv.exe
2012-01-14 19:39 - 2010-11-20 04:16 - 0668160 ____A (Microsoft Corporation) C:\Windows\System32\autochk.exe
2012-01-14 19:39 - 2010-11-20 04:16 - 0658944 ____A (Microsoft Corporation) C:\Windows\System32\autofmt.exe
2012-01-14 19:39 - 2010-11-20 04:16 - 0649216 ____A (Microsoft Corporation) C:\Windows\System32\appwiz.cpl
2012-01-14 19:39 - 2010-11-20 04:16 - 0600576 ____A (Microsoft Corporation) C:\Windows\System32\TabletPC.cpl
2012-01-14 19:39 - 2010-11-20 04:16 - 0516096 ____A (Microsoft Corporation) C:\Windows\System32\main.cpl
2012-01-14 19:39 - 2010-11-20 04:16 - 0478720 ____A (Microsoft Corporation) C:\Windows\System32\timedate.cpl
2012-01-14 19:39 - 2010-11-20 04:16 - 0413696 ____A (Microsoft Corporation) C:\Windows\System32\PhotoScreensaver.scr
2012-01-14 19:39 - 2010-11-20 04:16 - 0389632 ____A (Microsoft Corporation) C:\Windows\System32\sysmon.ocx
2012-01-14 19:39 - 2010-11-20 04:16 - 0345088 ____A (Microsoft Corporation) C:\Windows\System32\intl.cpl
2012-01-14 19:39 - 2010-11-20 04:16 - 0326656 ____A (Microsoft Corporation) C:\Windows\System32\sysdm.cpl
2012-01-14 19:39 - 2010-11-20 04:16 - 0320000 ____A (Microsoft Corporation) C:\Windows\System32\winspool.drv
2012-01-14 19:39 - 2010-11-20 04:16 - 0295424 ____A (Microsoft Corporation) C:\Windows\System32\bcdedit.exe
2012-01-14 19:39 - 2010-11-20 04:16 - 0119808 ____A (Microsoft Corporation) C:\Windows\System32\aitagent.exe
2012-01-14 19:39 - 2010-11-20 04:16 - 0100864 ____A (Microsoft Corporation) C:\Windows\System32\audiodg.exe
2012-01-14 19:39 - 2010-11-20 03:54 - 0302592 ____A (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2012-01-14 19:39 - 2010-11-20 02:24 - 0133632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpdr.sys
2012-01-14 19:39 - 2010-11-20 02:22 - 0223232 ____A (Microsoft Corporation) C:\Windows\System32\wksprt.exe
2012-01-14 19:39 - 2010-11-20 02:22 - 0183808 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-01-14 19:39 - 2010-11-20 02:21 - 0015872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpvideominiport.sys
2012-01-14 19:39 - 2010-11-20 02:01 - 0164864 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\1394ohci.sys
2012-01-14 19:39 - 2010-11-20 02:00 - 0146432 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbvideo.sys
2012-01-14 19:39 - 2010-11-20 01:59 - 0055808 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2012-01-14 19:39 - 2010-11-20 01:50 - 0190976 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ks.sys
2012-01-14 19:39 - 2010-11-20 01:14 - 0215552 ____A (Microsoft Corporation) C:\Windows\System32\vmicsvc.exe
2012-01-14 19:39 - 2010-11-20 00:44 - 0388096 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\csc.sys
2012-01-14 19:39 - 2010-11-20 00:44 - 0242688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys
2012-01-14 19:39 - 2010-11-20 00:42 - 0246784 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\udfs.sys
2012-01-14 19:39 - 2010-11-20 00:42 - 0115712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxdav.sys
2012-01-14 19:39 - 2010-11-20 00:40 - 0513536 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\http.sys
2012-01-14 19:39 - 2010-11-20 00:39 - 0187904 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netbt.sys
2012-01-14 19:39 - 2010-11-04 18:11 - 0312168 ____A (Microsoft Corporation) C:\Windows\System32\MCEWMDRMNDBootstrap.dll
2012-01-14 19:39 - 2010-11-04 17:58 - 0155472 ____A (Microsoft Corporation) C:\Windows\System32\mscorier.dll
2012-01-14 19:39 - 2010-11-04 17:58 - 0080720 ____A (Microsoft Corporation) C:\Windows\System32\mscories.dll
2012-01-14 19:39 - 2010-11-04 17:58 - 0049488 ____A (Microsoft Corporation) C:\Windows\System32\netfxperf.dll
2012-01-14 19:38 - 2010-11-20 04:36 - 0107008 ____A (Microsoft Corporation) C:\Windows\System32\NAPHLPR.DLL
2012-01-14 19:38 - 2010-11-20 04:36 - 0046080 ____A (Microsoft Corporation) C:\Windows\System32\NAPCRYPT.DLL
2012-01-14 19:38 - 2010-11-20 04:21 - 0902656 ____A (Microsoft Corporation) C:\Windows\System32\WMADMOD.DLL
2012-01-14 19:38 - 2010-11-20 04:21 - 0739328 ____A (Microsoft Corporation) C:\Windows\System32\WMSPDMOD.DLL
2012-01-14 19:38 - 2010-11-20 04:21 - 0697344 ____A (Microsoft Corporation) C:\Windows\System32\SmiEngine.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0616960 ____A (Microsoft Corporation) C:\Windows\System32\wmdrmsdk.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0567808 ____A (Microsoft Corporation) C:\Windows\System32\WUDFx.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0541184 ____A (Microsoft Corporation) C:\Windows\System32\WMVSDECD.DLL
2012-01-14 19:38 - 2010-11-20 04:21 - 0507392 ____A (Microsoft Corporation) C:\Windows\System32\wmdrmdev.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0473600 ____A (Microsoft Corporation) C:\Windows\System32\riched20.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0444928 ____A (Microsoft Corporation) C:\Windows\System32\wvc.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0436736 ____A (Microsoft Corporation) C:\Windows\System32\wmdrmnet.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0428032 ____A (Microsoft Corporation) C:\Windows\System32\wlanmsm.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0410624 ____A (Microsoft Corporation) C:\Windows\System32\systemcpl.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0406528 ____A (Microsoft Corporation) C:\Windows\System32\wimgapi.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0350720 ____A (Microsoft Corporation) C:\Windows\System32\WPDSp.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0318976 ____A (Microsoft Corporation) C:\Windows\System32\raschap.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0318464 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0309760 ____A (Microsoft Corporation) C:\Windows\System32\sqlcese30.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0299520 ____A (Microsoft Corporation) C:\Windows\System32\wmpdxm.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0257024 ____A (Microsoft Corporation) C:\Windows\System32\srrstr.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ReAgent.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0222208 ____A (Microsoft Corporation) C:\Windows\System32\wavemsp.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0202240 ____A (Microsoft Corporation) C:\Windows\System32\unattend.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0198144 ____A (Microsoft Corporation) C:\Windows\System32\wpdwcn.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0198144 ____A (Microsoft Corporation) C:\Windows\System32\sysclass.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0196608 ____A (Microsoft Corporation) C:\Windows\System32\wwanconn.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0189952 ____A (Microsoft Corporation) C:\Windows\System32\wdscore.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0186368 ____A (Microsoft Corporation) C:\Windows\System32\rdpencom.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0182272 ____A (Microsoft Corporation) C:\Windows\System32\wmpsrcwp.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0179712 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0164352 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0162304 ____A (Microsoft Corporation) C:\Windows\System32\WUDFPlatform.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\vdsbas.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0152064 ____A (Microsoft Corporation) C:\Windows\System32\SmartcardCredentialProvider.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0151040 ____A (Microsoft Corporation) C:\Windows\System32\vdsutil.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0146944 ____A (Microsoft Corporation) C:\Windows\System32\remotepg.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0146432 ____A (Microsoft Corporation) C:\Windows\System32\twext.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0144384 ____A (Microsoft Corporation) C:\Windows\System32\wmpps.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0125952 ____A (Microsoft Corporation) C:\Windows\System32\sdrsvc.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0118784 ____A (Microsoft Corporation) C:\Windows\System32\uxlib.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0115712 ____A (Microsoft Corporation) C:\Windows\System32\setupcln.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0109568 ____A (Microsoft Corporation) C:\Windows\System32\wiavideo.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0108032 ____A (Microsoft Corporation) C:\Windows\System32\shacct.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0105984 ____A (Microsoft Corporation) C:\Windows\System32\WPDShServiceObj.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0105472 ____A (Microsoft Corporation) C:\Windows\System32\wmpshell.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0100864 ____A (Microsoft Corporation) C:\Windows\System32\sppinst.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0090112 ____A (Microsoft Corporation) C:\Windows\System32\srvcli.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0087552 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\secproc_ssp_isv.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\secproc_ssp.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0080896 ____A (Microsoft Corporation) C:\Windows\System32\QUTIL.DLL
2012-01-14 19:38 - 2010-11-20 04:21 - 0078848 ____A (Microsoft Corporation) C:\Windows\System32\UserAccountControlSettings.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0071168 ____A (Microsoft Corporation) C:\Windows\System32\resutils.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0069632 ____A (Microsoft Corporation) C:\Windows\System32\tlscsp.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0069632 ____A (Microsoft Corporation) C:\Windows\System32\rastapi.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0065024 ____A (Microsoft Corporation) C:\Windows\System32\TSpkg.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0061952 ____A (Microsoft Corporation) C:\Windows\System32\spbcd.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0059392 ____A (Microsoft Corporation) C:\Windows\System32\unimdmat.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0056832 ____A (Microsoft Corporation) C:\Windows\System32\vfwwdm32.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0053760 ____A (Microsoft Corporation) C:\Windows\System32\sppuinotify.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0052224 ____A (Microsoft Corporation) C:\Windows\System32\rdpd3d.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0051712 ____A (Microsoft Corporation) C:\Windows\System32\wsnmp32.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0051200 ____A (Twain Working Group) C:\Windows\twain_32.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0050688 ____A (Microsoft Corporation) C:\Windows\System32\umb.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0050176 ____A (Microsoft Corporation) C:\Windows\System32\setbcdlocale.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0047104 ____A (Microsoft Corporation) C:\Windows\System32\wkscli.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0046592 ____A (Microsoft Corporation) C:\Windows\System32\WavDest.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0040960 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0040448 ____A (Microsoft Corporation) C:\Windows\System32\wtsapi32.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0039936 ____A (Microsoft Corporation) C:\Windows\System32\WUDFCoinstaller.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0037376 ____A (Microsoft Corporation) C:\Windows\System32\rtutils.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0036864 ____A (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0036352 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0036352 ____A (Microsoft Corporation) C:\Windows\System32\wshbth.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0035840 ____A (Microsoft Corporation) C:\Windows\System32\shimgvw.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0033280 ____A (Microsoft Corporation) C:\Windows\System32\wiarpc.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0031744 ____A (Microsoft Corporation) C:\Windows\System32\wdiasqmmodule.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0031744 ____A (Microsoft Corporation) C:\Windows\System32\utildll.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0027648 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0025600 ____A (Microsoft Corporation) C:\Windows\System32\vpnikeapi.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0021504 ____A (Microsoft Corporation) C:\Windows\System32\wsdchngr.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0021504 ____A (Microsoft Corporation) C:\Windows\System32\TRAPI.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0021504 ____A (Microsoft Corporation) C:\Windows\System32\rdprefdrvapi.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0020992 ____A (Microsoft Corporation) C:\Windows\System32\shgina.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0019968 ____A (Microsoft Corporation) C:\Windows\System32\spopk.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0017408 ____A (Microsoft Corporation) C:\Windows\System32\schedcli.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0014848 ____A (Microsoft Corporation) C:\Windows\System32\syssetup.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0014336 ____A (Microsoft Corporation) C:\Windows\System32\slwga.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\tsbyuv.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0011264 ____A (Microsoft Corporation) C:\Windows\System32\wshirda.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0010752 ____A (Microsoft Corporation) C:\Windows\System32\shunimpl.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0009728 ____A (Microsoft Corporation) C:\Windows\System32\sscore.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0008704 ____A (Microsoft Corporation) C:\Windows\System32\riched32.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0008704 ____A (Microsoft Corporation) C:\Windows\System32\rdpcfgex.dll
2012-01-14 19:38 - 2010-11-20 04:21 - 0004096 ____A (Microsoft Corporation) C:\Windows\System32\msdxm.ocx
2012-01-14 19:38 - 2010-11-20 04:21 - 0004096 ____A (Microsoft Corporation) C:\Windows\System32\dxmasf.dll
2012-01-14 19:38 - 2010-11-20 04:20 - 1661440 ____A (Microsoft Corporation) C:\Windows\System32\networkexplorer.dll
2012-01-14 19:38 - 2010-11-20 04:20 - 1160192 ____A (Microsoft Corporation) C:\Windows\System32\OpcServices.dll
2012-01-14 19:38 - 2010-11-20 04:20 - 1111552 ____A (Microsoft Corporation) C:\Windows\System32\onexui.dll
2012-01-14 19:38 - 2010-11-20 04:20 - 0859648 ____A (Microsoft Corporation) C:\Windows\System32\OobeFldr.dll
2012-01-14 19:38 - 2010-11-20 04:20 - 0656384 ____A (Microsoft Corporation) C:\Windows\System32\nshwfp.dll
2012-01-14 19:38 - 2010-11-20 04:20 - 0427520 ____A (Microsoft Corporation) C:\Windows\System32\PortableDeviceStatus.dll
2012-01-14 19:38 - 2010-11-20 04:20 - 0346112 ____A (Microsoft Corporation) C:\Windows\System32\nshipsec.dll
2012-01-14 19:38 - 2010-11-20 04:20 - 0297472 ____A (Microsoft Corporation) C:\Windows\System32\ntprint.dll
2012-01-14 19:38 - 2010-11-20 04:20 - 0283136 ____A (Microsoft Corporation) C:\Windows\System32\qdv.dll
2012-01-14 19:38 - 2010-11-20 04:20 - 0236544 ____A (Microsoft Corporation) C:\Windows\System32\pdh.dll
2012-01-14 19:38 - 2010-11-20 04:20 - 0206848 ____A (Microsoft Corporation) C:\Windows\System32\qasf.dll
2012-01-14 19:38 - 2010-11-20 04:20 - 0190976 ____A (Microsoft Corporation) C:\Windows\System32\qcap.dll
2012-01-14 19:38 - 2010-11-20 04:20 - 0183296 ____A (Microsoft Corporation) C:\Windows\System32\PortableDeviceSyncProvider.dll
2012-01-14 19:38 - 2010-11-20 04:20 - 0175616 ____A (Microsoft Corporation) C:\Windows\System32\netplwiz.dll
2012-01-14 19:38 - 2010-11-20 04:20 - 0174592 ____A (Microsoft Corporation) C:\Windows\System32\ocsetapi.dll
2012-01-14 19:38 - 2010-11-20 04:20 - 0165376 ____A (Microsoft Corporation) C:\Windows\System32\provsvc.dll
2012-01-14 19:38 - 2010-11-20 04:20 - 0136192 ____A (Microsoft Corporation) C:\Windows\System32\mydocs.dll
2012-01-14 19:38 - 2010-11-20 04:20 - 0121344 ____A (Microsoft Corporation) C:\Windows\System32\sppc.dll
2012-01-14 19:38 - 2010-11-20 04:20 - 0099328 ____A (Microsoft Corporation) C:\Windows\System32\QSVRMGMT.DLL
2012-01-14 19:38 - 2010-11-20 04:20 - 0090112 ____A (Microsoft Corporation) C:\Windows\System32\olepro32.dll
2012-01-14 19:38 - 2010-11-20 04:20 - 0077824 ____A (Microsoft Corporation) C:\Windows\System32\olethk32.dll
2012-01-14 19:38 - 2010-11-20 04:20 - 0071680 ____A (Microsoft Corporation) C:\Windows\System32\QCLIPROV.DLL
2012-01-14 19:38 - 2010-11-20 04:20 - 0068096 ____A (Microsoft Corporation) C:\Windows\System32\napdsnap.dll
2012-01-14 19:38 - 2010-11-20 04:20 - 0060928 ____A (Microsoft Corporation) C:\Windows\System32\ncryptui.dll
2012-01-14 19:38 - 2010-11-20 04:20 - 0056832 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll
2012-01-14 19:38 - 2010-11-20 04:20 - 0052224 ____A (Microsoft Corporation) C:\Windows\System32\nlaapi.dll
2012-01-14 19:38 - 2010-11-20 04:20 - 0046592 ____A (Microsoft Corporation) C:\Windows\System32\pdhui.dll
2012-01-14 19:38 - 2010-11-20 04:20 - 0040960 ____A (Microsoft Corporation) C:\Windows\System32\odbcconf.dll
2012-01-14 19:38 - 2010-11-20 04:20 - 0032768 ____A (Microsoft Corporation) C:\Windows\System32\PrintIsolationProxy.dll
2012-01-14 19:38 - 2010-11-20 04:20 - 0028672 ____A (Microsoft Corporation) C:\Windows\System32\profprov.dll
2012-01-14 19:38 - 2010-11-20 04:20 - 0022528 ____A (Microsoft Corporation) C:\Windows\System32\netutils.dll
2012-01-14 19:38 - 2010-11-20 04:20 - 0017408 ____A (Microsoft Corporation) C:\Windows\System32\perfts.dll
2012-01-14 19:38 - 2010-11-20 04:20 - 0011776 ____A (Microsoft Corporation) C:\Windows\System32\nrpsrv.dll
2012-01-14 19:38 - 2010-11-20 04:20 - 0008192 ____A (Microsoft Corporation) C:\Windows\System32\spwmp.dll
2012-01-14 19:38 - 2010-11-20 04:19 - 0592384 ____A (Microsoft Corporation) C:\Windows\System32\msftedit.dll
2012-01-14 19:38 - 2010-11-20 04:19 - 0504320 ____A (Microsoft Corporation) C:\Windows\System32\msscp.dll
2012-01-14 19:38 - 2010-11-20 04:19 - 0430080 ____A (Microsoft Corporation) C:\Windows\System32\FXSTIFF.dll
2012-01-14 19:38 - 2010-11-20 04:19 - 0265216 ____A (Microsoft Corporation) C:\Windows\System32\msnetobj.dll
2012-01-14 19:38 - 2010-11-20 04:19 - 0219648 ____A (Microsoft Corporation) C:\Windows\System32\iTVData.dll
2012-01-14 19:38 - 2010-11-20 04:19 - 0209920 ____A (Microsoft Corporation) C:\Windows\System32\mstask.dll
2012-01-14 19:38 - 2010-11-20 04:19 - 0202240 ____A (Microsoft Corporation) C:\Windows\System32\input.dll
2012-01-14 19:38 - 2010-11-20 04:19 - 0176128 ____A (Microsoft Corporation) C:\Windows\System32\msorcl32.dll
2012-01-14 19:38 - 2010-11-20 04:19 - 0176128 ____A (Microsoft Corporation) C:\Windows\System32\MFPlay.dll
2012-01-14 19:38 - 2010-11-20 04:19 - 0175104 ____A (Microsoft Corporation) C:\Windows\System32\fvecpl.dll
2012-01-14 19:38 - 2010-11-20 04:19 - 0158720 ____A (Microsoft Corporation) C:\Windows\System32\mprapi.dll
2012-01-14 19:38 - 2010-11-20 04:19 - 0158720 ____A (Microsoft Corporation) C:\Windows\System32\itircl.dll
2012-01-14 19:38 - 2010-11-20 04:19 - 0155136 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2012-01-14 19:38 - 2010-11-20 04:19 - 0122880 ____A (Microsoft Corporation) C:\Windows\System32\iasrecst.dll
2012-01-14 19:38 - 2010-11-20 04:19 - 0120320 ____A (Microsoft Corporation) C:\Windows\System32\msvfw32.dll
2012-01-14 19:38 - 2010-11-20 04:19 - 0118272 ____A (Microsoft Corporation) C:\Windows\System32\imm32.dll
2012-01-14 19:38 - 2010-11-20 04:19 - 0101888 ____A (Microsoft Corporation) C:\Windows\System32\migisol.dll
2012-01-14 19:38 - 2010-11-20 04:19 - 0098304 ____A (Microsoft Corporation) C:\Windows\System32\fphc.dll
2012-01-14 19:38 - 2010-11-20 04:19 - 0093696 ____A (Windows ® Codename Longhorn DDK provider) C:\Windows\System32\fms.dll
2012-01-14 19:38 - 2010-11-20 04:19 - 0084480 ____A (Microsoft Corporation) C:\Windows\System32\mciavi32.dll
2012-01-14 19:38 - 2010-11-20 04:19 - 0082944 ____A (Radius Inc.) C:\Windows\System32\iccvid.dll
2012-01-14 19:38 - 2010-11-20 04:19 - 0076800 ____A (Microsoft Corporation) C:\Windows\System32\mapistub.dll
2012-01-14 19:38 - 2010-11-20 04:19 - 0076800 ____A (Microsoft Corporation) C:\Windows\System32\mapi32.dll
2012-01-14 19:38 - 2010-11-20 04:19 - 0068096 ____A (Microsoft Corporation) C:\Windows\System32\Mcx2Svc.dll
2012-01-14 19:38 - 2010-11-20 04:19 - 0052736 ____A (Microsoft Corporation) C:\Windows\System32\inetmib1.dll
2012-01-14 19:38 - 2010-11-20 04:19 - 0050176 ____A (Microsoft Corporation) C:\Windows\System32\iyuv_32.dll
2012-01-14 19:38 - 2010-11-20 04:19 - 0041984 ____A (Microsoft Corporation) C:\Windows\System32\luainstall.dll
2012-01-14 19:38 - 2010-11-20 04:19 - 0039424 ____A (Microsoft Corporation) C:\Windows\System32\FXSMON.dll
2012-01-14 19:38 - 2010-11-20 04:19 - 0036352 ____A (Microsoft Corporation) C:\Windows\System32\mciqtz32.dll
2012-01-14 19:38 - 2010-11-20 04:19 - 0034816 ____A (Microsoft Corporation) C:\Windows\System32\httpapi.dll
2012-01-14 19:38 - 2010-11-20 04:19 - 0031744 ____A (Microsoft Corporation) C:\Windows\System32\msvidc32.dll
2012-01-14 19:38 - 2010-11-20 04:19 - 0030720 ____A (Microsoft Corporation) C:\Windows\System32\msdmo.dll
2012-01-14 19:38 - 2010-11-20 04:19 - 0028672 ____A (Microsoft Corporation) C:\Windows\System32\iscsium.dll
2012-01-14 19:38 - 2010-11-20 04:19 - 0022528 ____A (Microsoft Corporation) C:\Windows\System32\msyuv.dll
2012-01-14 19:38 - 2010-11-20 04:19 - 0022528 ____A (Microsoft Corporation) C:\Windows\System32\HotStartUserAgent.dll
2012-01-14 19:38 - 2010-11-20 04:19 - 0021504 ____A (Microsoft Corporation) C:\Windows\System32\lsmproxy.dll
2012-01-14 19:38 - 2010-11-20 04:19 - 0015872 ____A (Microsoft Corporation) C:\Windows\System32\icaapi.dll
2012-01-14 19:38 - 2010-11-20 04:19 - 0013312 ____A (Microsoft Corporation) C:\Windows\System32\muifontsetup.dll
2012-01-14 19:38 - 2010-11-20 04:19 - 0013312 ____A (Microsoft Corporation) C:\Windows\System32\msrle32.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0805376 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0743424 ____A (Microsoft Corporation) C:\Windows\System32\blackbox.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0685056 ____A (Microsoft Corporation) C:\Windows\System32\dsuiext.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0489984 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0438272 ____A (Microsoft Corporation) C:\Windows\System32\AdmTmpl.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0402944 ____A (Microsoft Corporation) C:\Windows\System32\drmmgrtn.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0333824 ____A (Microsoft Corporation) C:\Windows\System32\dot3ui.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0257024 ____A (Microsoft Corporation) C:\Windows\System32\dpx.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0243712 ____A (Microsoft Corporation) C:\Windows\System32\audiodev.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0242176 ____A (Microsoft Corporation) C:\Windows\System32\eapp3hst.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0230912 ____A (Microsoft Corporation) C:\Windows\System32\clusapi.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0214016 ____A (Microsoft Corporation) C:\Windows\System32\dot3svc.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0211456 ____A (Microsoft Corporation) C:\Windows\System32\DevicePairingFolder.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0210432 ____A (Microsoft Corporation) C:\Windows\System32\dxdiagn.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0202752 ____A (Microsoft Corporation) C:\Windows\System32\activeds.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0196608 ____A (Microsoft Corporation) C:\Windows\System32\dskquoui.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0179200 ____A (Microsoft Corporation) C:\Windows\System32\ActionQueue.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0128512 ____A (Microsoft Corporation) C:\Windows\System32\EhStorAPI.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0115200 ____A (Microsoft Corporation) C:\Windows\System32\dot3msm.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0112128 ____A (Microsoft Corporation) C:\Windows\System32\AuxiliaryDisplayServices.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0109568 ____A (Microsoft Corporation) C:\Windows\System32\CscMig.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0102400 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0094208 ____A (Microsoft Corporation) C:\Windows\System32\eappgnui.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0091648 ____A (Microsoft Corporation) C:\Windows\System32\avifil32.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0088064 ____A (Microsoft Corporation) C:\Windows\System32\AxInstSv.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0073216 ____A (Microsoft Corporation) C:\Windows\System32\cabinet.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0070656 ____A (Microsoft Corporation) C:\Windows\System32\amstream.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0067584 ____A (Microsoft Corporation) C:\Windows\System32\certprop.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0067584 ____A (Microsoft Corporation) C:\Windows\System32\asycfilt.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0066560 ____A (Microsoft Corporation) C:\Windows\System32\cca.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0065024 ____A (Microsoft Corporation) C:\Windows\System32\CertPolEng.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0047104 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0045568 ____A (Microsoft Corporation) C:\Windows\System32\acppage.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0044032 ____A (Microsoft Corporation) C:\Windows\System32\basesrv.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0041984 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0034816 ____A (Microsoft Corporation) C:\Windows\System32\cscapi.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0030208 ____A (Microsoft Corporation) C:\Windows\System32\dsauth.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0028160 ____A (Microsoft Corporation) C:\Windows\System32\AzSqlExt.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0023040 ____A (Microsoft Corporation) C:\Windows\System32\cscdll.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0022528 ____A (Microsoft Corporation) C:\Windows\System32\elsTrans.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0019456 ____A (Microsoft Corporation) C:\Windows\System32\bitsperf.dll
2012-01-14 19:38 - 2010-11-20 04:18 - 0011264 ____A (Microsoft Corporation) C:\Windows\System32\C_ISCII.DLL
2012-01-14 19:38 - 2010-11-20 04:18 - 0010752 ____A (Microsoft Corporation) C:\Windows\System32\browseui.dll
2012-01-14 19:38 - 2010-11-20 04:17 - 0586752 ____A (Microsoft Corporation) C:\Windows\System32\dfrgui.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0327680 ____A (Microsoft Corporation) C:\Windows\System32\wimserv.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0327168 ____A (Microsoft Corporation) C:\Windows\System32\nltest.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0292864 ____A (Microsoft Corporation) C:\Windows\System32\WindowsAnytimeUpgradeResults.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0280064 ____A (Microsoft Corporation) C:\Windows\System32\RMActivate_ssp.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0278016 ____A (Microsoft Corporation) C:\Windows\System32\RMActivate_ssp_isv.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0276480 ____A (Microsoft Corporation) C:\Windows\System32\diskraid.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0270336 ____A (Microsoft Corporation) C:\Windows\System32\sethc.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0262656 ____A (Microsoft Corporation) C:\Windows\System32\rstrui.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0254976 ____A (Microsoft Corporation) C:\Windows\System32\wsqmcons.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0210432 ____A (Microsoft Corporation) C:\Windows\System32\recdisc.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0209920 ____A (Microsoft Corporation) C:\Windows\System32\PkgMgr.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0197632 ____A (Microsoft Corporation) C:\Windows\System32\ocsetup.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0195584 ____A (Microsoft Corporation) C:\Windows\System32\WUDFHost.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0182784 ____A (Microsoft Corporation) C:\Windows\System32\RelPost.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0170496 ____A (Microsoft Corporation) C:\Windows\System32\PresentationSettings.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0157184 ____A (Microsoft Corporation) C:\Windows\System32\perfmon.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0144896 ____A (Microsoft Corporation) C:\Windows\System32\iscsicli.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0133632 ____A (Microsoft Corporation) C:\Windows\System32\diskpart.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0132608 ____A (Microsoft Corporation) C:\Windows\System32\MdSched.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0113152 ____A (Microsoft Corporation) C:\Windows\System32\setupugc.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0101376 ____A (Microsoft Corporation) C:\Windows\System32\mobsync.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0098304 ____A (Microsoft Corporation) C:\Windows\System32\nslookup.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0095232 ____A (Microsoft Corporation) C:\Windows\System32\logagent.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0086528 ____A (Microsoft Corporation) C:\Windows\System32\isoburn.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0084992 ____A (Microsoft Corporation) C:\Windows\System32\cmstp.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0082944 ____A (Microsoft Corporation) C:\Windows\System32\logman.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0074240 ____A (Microsoft Corporation) C:\Windows\System32\tabcal.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0073216 ____A (Microsoft Corporation) C:\Windows\System32\msiexec.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0070656 ____A (Microsoft Corporation) C:\Windows\System32\MuiUnattend.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0066048 ____A C:\Windows\System32\PrintBrmUi.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0062976 ____A (Microsoft Corporation) C:\Windows\System32\findstr.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0061952 ____A (Microsoft Corporation) C:\Windows\System32\manage-bde.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0061952 ____A (Microsoft Corporation) C:\Windows\System32\lpremove.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0061440 ____A (Microsoft Corporation) C:\Windows\System32\PnPUnattend.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0059904 ____A (Microsoft Corporation) C:\Windows\System32\djoin.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0057344 ____A (Microsoft Corporation) C:\Windows\System32\repair-bde.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0057344 ____A (Microsoft Corporation) C:\Windows\System32\rdpsign.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0053248 ____A (Microsoft Corporation) C:\Windows\System32\MultiDigiMon.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0051200 ____A (Microsoft Corporation) C:\Windows\System32\takeown.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0050688 ____A (Microsoft Corporation) C:\Windows\System32\runonce.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0047616 ____A (Microsoft Corporation) C:\Windows\System32\tzutil.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0047104 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0037888 ____A (Microsoft Corporation) C:\Windows\System32\relog.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0034304 ____A (Microsoft Corporation) C:\Windows\System32\unlodctr.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0033792 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0028672 ____A (Microsoft Corporation) C:\Windows\System32\WerFaultSecure.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0026624 ____A (Microsoft Corporation) C:\Windows\System32\qwinsta.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0025600 ____A (Microsoft Corporation) C:\Windows\System32\netiougc.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0025600 ____A (Microsoft Corporation) C:\Windows\System32\netcfg.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0025088 ____A (Microsoft Corporation) C:\Windows\System32\qprocess.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0024576 ____A (Microsoft Corporation) C:\Windows\System32\msg.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0024064 ____A (Microsoft Corporation) C:\Windows\System32\netbtugc.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0023040 ____A (Microsoft Corporation) C:\Windows\System32\quser.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0022528 ____A (Microsoft Corporation) C:\Windows\System32\tskill.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0022016 ____A (Microsoft Corporation) C:\Windows\System32\tsdiscon.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0022016 ____A (Microsoft Corporation) C:\Windows\System32\ReAgentc.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0021504 ____A (Microsoft Corporation) C:\Windows\System32\tscon.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0021504 ____A (Microsoft Corporation) C:\Windows\System32\qappsrv.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0021504 ____A (Microsoft Corporation) C:\Windows\System32\logoff.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0020992 ____A (Microsoft Corporation) C:\Windows\System32\shadow.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0020992 ____A (Microsoft Corporation) C:\Windows\System32\rwinsta.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0015360 ____A (Microsoft Corporation) C:\Windows\System32\reset.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0014848 ____A (Microsoft Corporation) C:\Windows\System32\query.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0010752 ____A (Microsoft Corporation) C:\Windows\System32\LogonUI.exe
2012-01-14 19:38 - 2010-11-20 04:17 - 0007680 ____A (Microsoft Corporation) C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
2012-01-14 19:38 - 2010-11-20 04:16 - 0878592 ____A (Microsoft Corporation) C:\Windows\System32\Bubbles.scr
2012-01-14 19:38 - 2010-11-20 04:16 - 0293888 ____A (Microsoft Corporation) C:\Windows\System32\ssText3d.scr
2012-01-14 19:38 - 2010-11-20 04:16 - 0281088 ____A (Microsoft Corporation) C:\Windows\System32\unimdm.tsp
2012-01-14 19:38 - 2010-11-20 04:16 - 0221184 ____A (Microsoft Corporation) C:\Windows\System32\Mystify.scr
2012-01-14 19:38 - 2010-11-20 04:16 - 0220672 ____A (Microsoft Corporation) C:\Windows\System32\Ribbons.scr
2012-01-14 19:38 - 2010-11-20 04:16 - 0193536 ____A (Microsoft Corporation) C:\Windows\System32\ksproxy.ax
2012-01-14 19:38 - 2010-11-20 04:16 - 0186368 ____A (Microsoft Corporation) C:\Windows\System32\bitsadmin.exe
2012-01-14 19:38 - 2010-11-20 04:16 - 0172032 ____A (Microsoft Corporation) C:\Windows\System32\wdmaud.drv
2012-01-14 19:38 - 2010-11-20 04:16 - 0153600 ____A (Microsoft Corporation) C:\Windows\System32\VBICodec.ax
2012-01-14 19:38 - 2010-11-20 04:16 - 0146944 ____A (Microsoft Corporation) C:\Windows\System32\bcdboot.exe
2012-01-14 19:38 - 2010-11-20 04:16 - 0142336 ____A (Microsoft Corporation) C:\Windows\System32\powercfg.cpl
2012-01-14 19:38 - 2010-11-20 04:16 - 0128000 ____A (Microsoft Corporation) C:\Windows\System32\desk.cpl
2012-01-14 19:38 - 2010-11-20 04:16 - 0126464 ____A (Microsoft Corporation) C:\Windows\System32\BdeHdCfg.exe
2012-01-14 19:38 - 2010-11-20 04:16 - 0107008 ____A (Microsoft Corporation) C:\Windows\System32\Kswdmcap.ax
2012-01-14 19:38 - 2010-11-20 04:16 - 0084480 ____A (Microsoft Corporation) C:\Windows\System32\kstvtune.ax
2012-01-14 19:38 - 2010-11-20 04:16 - 0068608 ____A (Microsoft Corporation) C:\Windows\System32\WSTPager.ax
2012-01-14 19:38 - 2010-11-20 04:16 - 0065024 ____A (Microsoft Corporation) C:\Windows\bfsvc.exe
2012-01-14 19:38 - 2010-11-20 04:16 - 0048640 ____A (Microsoft Corporation) C:\Windows\System32\ksxbar.ax
2012-01-14 19:38 - 2010-11-20 04:16 - 0045568 ____A (Microsoft Corporation) C:\Windows\System32\g711codc.ax
2012-01-14 19:38 - 2010-11-20 04:16 - 0033792 ____A (Microsoft Corporation) C:\Windows\System32\vbisurf.ax
2012-01-14 19:38 - 2010-11-20 04:16 - 0022528 ____A (Microsoft Corporation) C:\Windows\System32\chgport.exe
2012-01-14 19:38 - 2010-11-20 04:16 - 0022016 ____A (Microsoft Corporation) C:\Windows\System32\chglogon.exe
2012-01-14 19:38 - 2010-11-20 04:16 - 0020992 ____A (Microsoft Corporation) C:\Windows\System32\chgusr.exe
2012-01-14 19:38 - 2010-11-20 04:16 - 0015360 ____A (Microsoft Corporation) C:\Windows\System32\change.exe
2012-01-14 19:38 - 2010-11-20 04:08 - 12625408 ____A (Microsoft Corporation) C:\Windows\System32\wmploc.DLL
2012-01-14 19:38 - 2010-11-20 04:07 - 1164800 ____A (Microsoft Corporation) C:\Windows\System32\UIRibbonRes.dll
2012-01-14 19:38 - 2010-11-20 04:07 - 0007680 ____A (Microsoft Corporation) C:\Windows\System32\spwizres.dll
2012-01-14 19:38 - 2010-11-20 04:06 - 0069120 ____A (Microsoft Corporation) C:\Windows\System32\nlsbres.dll
2012-01-14 19:38 - 2010-11-20 04:05 - 0121856 ____A (Microsoft Corporation) C:\Windows\System32\RDPENCDD.dll
2012-01-14 19:38 - 2010-11-20 04:05 - 0035328 ____A (Microsoft Corporation) C:\Windows\System32\pifmgr.dll
2012-01-14 19:38 - 2010-11-20 04:03 - 0053760 ____A (Microsoft Corporation) C:\Windows\System32\vmicres.dll
2012-01-14 19:38 - 2010-11-20 04:03 - 0044544 ____A (Microsoft Corporation) C:\Windows\System32\vmbusres.dll
2012-01-14 19:38 - 2010-11-20 04:03 - 0038400 ____A (Microsoft Corporation) C:\Windows\System32\vmstorfltres.dll
2012-01-14 19:38 - 2010-11-20 04:00 - 1027584 ____A (Microsoft Corporation) C:\Windows\System32\IMJP10.IME
2012-01-14 19:38 - 2010-11-20 04:00 - 0430080 ____A (Microsoft Corporation) C:\Windows\System32\imkr80.ime
2012-01-14 19:38 - 2010-11-20 04:00 - 0007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDSG.DLL
2012-01-14 19:38 - 2010-11-20 04:00 - 0007168 ____A (Microsoft Corporation) C:\Windows\System32\kbdlk41a.dll
2012-01-14 19:38 - 2010-11-20 04:00 - 0007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDCZ1.DLL
2012-01-14 19:38 - 2010-11-20 04:00 - 0006656 ____A (Microsoft Corporation) C:\Windows\System32\KBDTUQ.DLL
2012-01-14 19:38 - 2010-11-20 04:00 - 0006656 ____A (Microsoft Corporation) C:\Windows\System32\KBDTUF.DLL
2012-01-14 19:38 - 2010-11-20 04:00 - 0006656 ____A (Microsoft Corporation) C:\Windows\System32\KBDSF.DLL
2012-01-14 19:38 - 2010-11-20 04:00 - 0006656 ____A (Microsoft Corporation) C:\Windows\System32\KBDPO.DLL
2012-01-14 19:38 - 2010-11-20 04:00 - 0006656 ____A (Microsoft Corporation) C:\Windows\System32\KBDNEPR.DLL
2012-01-14 19:38 - 2010-11-20 04:00 - 0006656 ____A (Microsoft Corporation) C:\Windows\System32\KBDINBEN.DLL
2012-01-14 19:38 - 2010-11-20 04:00 - 0006656 ____A (Microsoft Corporation) C:\Windows\System32\KBDGR1.DLL
2012-01-14 19:38 - 2010-11-20 04:00 - 0006656 ____A (Microsoft Corporation) C:\Windows\System32\KBDGKL.DLL
2012-01-14 19:38 - 2010-11-20 04:00 - 0006144 ____A (Microsoft Corporation) C:\Windows\System32\KBDUS.DLL
2012-01-14 19:38 - 2010-11-20 04:00 - 0006144 ____A (Microsoft Corporation) C:\Windows\System32\KBDUGHR1.DLL
2012-01-14 19:38 - 2010-11-20 04:00 - 0006144 ____A (Microsoft Corporation) C:\Windows\System32\KBDTURME.DLL
2012-01-14 19:38 - 2010-11-20 04:00 - 0006144 ____A (Microsoft Corporation) C:\Windows\System32\KBDTAJIK.DLL
2012-01-14 19:38 - 2010-11-20 04:00 - 0006144 ____A (Microsoft Corporation) C:\Windows\System32\KBDMON.DLL
2012-01-14 19:38 - 2010-11-20 04:00 - 0006144 ____A (Microsoft Corporation) C:\Windows\System32\KBDMAORI.DLL
2012-01-14 19:38 - 2010-11-20 04:00 - 0006144 ____A (Microsoft Corporation) C:\Windows\System32\KBDLT1.DLL
2012-01-14 19:38 - 2010-11-20 04:00 - 0006144 ____A (Microsoft Corporation) C:\Windows\System32\KBDINTEL.DLL
2012-01-14 19:38 - 2010-11-20 04:00 - 0006144 ____A (Microsoft Corporation) C:\Windows\System32\KBDINTAM.DLL
2012-01-14 19:38 - 2010-11-20 04:00 - 0006144 ____A (Microsoft Corporation) C:\Windows\System32\KBDINORI.DLL
2012-01-14 19:38 - 2010-11-20 04:00 - 0006144 ____A (Microsoft Corporation) C:\Windows\System32\KBDINMAR.DLL
2012-01-14 19:38 - 2010-11-20 04:00 - 0006144 ____A (Microsoft Corporation) C:\Windows\System32\KBDINKAN.DLL
2012-01-14 19:38 - 2010-11-20 04:00 - 0006144 ____A (Microsoft Corporation) C:\Windows\System32\KBDINHIN.DLL
2012-01-14 19:38 - 2010-11-20 04:00 - 0006144 ____A (Microsoft Corporation) C:\Windows\System32\KBDBULG.DLL
2012-01-14 19:38 - 2010-11-20 04:00 - 0006144 ____A (Microsoft Corporation) C:\Windows\System32\KBDBLR.DLL
2012-01-14 19:38 - 2010-11-20 04:00 - 0006144 ____A (Microsoft Corporation) C:\Windows\System32\KBDBASH.DLL
2012-01-14 19:38 - 2010-11-20 04:00 - 0005632 ____A (Microsoft Corporation) C:\Windows\System32\KBDGEO.DLL
2012-01-14 19:38 - 2010-11-20 03:57 - 0002560 ____A (Microsoft Corporation) C:\Windows\System32\dpnaddr.dll
2012-01-14 19:38 - 2010-11-20 03:56 - 0052736 ____A (Microsoft Corporation) C:\Windows\System32\BlbEvents.dll
2012-01-14 19:38 - 2010-11-20 02:52 - 0026112 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbrpm.sys
2012-01-14 19:38 - 2010-11-20 02:22 - 0031232 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tssecsrv.sys
2012-01-14 19:38 - 2010-11-20 02:22 - 0006656 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\RDPCDD.sys
2012-01-14 19:38 - 2010-11-20 02:21 - 0026624 ____A (Microsoft Corporation) C:\Windows\System32\RDPREFDD.dll
2012-01-14 19:38 - 2010-11-20 02:21 - 0024576 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
2012-01-14 19:38 - 2010-11-20 02:21 - 0018432 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdpipe.sys
2012-01-14 19:38 - 2010-11-20 02:07 - 0118784 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndiswan.sys
2012-01-14 19:38 - 2010-11-20 02:07 - 0063488 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\wanarp.sys
2012-01-14 19:38 - 2010-11-20 02:07 - 0048640 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndproxy.sys
2012-01-14 19:38 - 2010-11-20 02:07 - 0035328 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpipreg.sys
2012-01-14 19:38 - 2010-11-20 02:06 - 0117760 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rmcast.sys
2012-01-14 19:38 - 2010-11-20 02:06 - 0108544 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tunnel.sys
2012-01-14 19:38 - 2010-11-20 02:06 - 0046080 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndisuio.sys
2012-01-14 19:38 - 2010-11-20 02:00 - 0304128 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\HdAudio.sys
2012-01-14 19:38 - 2010-11-20 02:00 - 0039936 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\umbus.sys
2012-01-14 19:38 - 2010-11-20 02:00 - 0025856 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBCAMD2.sys
2012-01-14 19:38 - 2010-11-20 02:00 - 0025856 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBCAMD.sys
2012-01-14 19:38 - 2010-11-20 01:59 - 0132224 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFRd.sys
2012-01-14 19:38 - 2010-11-20 01:59 - 0108544 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hdaudbus.sys
2012-01-14 19:38 - 2010-11-20 01:59 - 0024064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys
2012-01-14 19:38 - 2010-11-20 01:58 - 0092672 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFPf.sys
2012-01-14 19:38 - 2010-11-20 01:50 - 0031232 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\CompositeBus.sys
2012-01-14 19:38 - 2010-11-20 01:50 - 0028160 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\kbdhid.sys
2012-01-14 19:38 - 2010-11-20 01:50 - 0012800 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\sffp_sd.sys
2012-01-14 19:38 - 2010-11-20 01:29 - 0050176 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\appid.sys
2012-01-14 19:38 - 2010-11-20 01:24 - 0026624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\scfilter.sys
2012-01-14 19:38 - 2010-11-20 01:19 - 0065536 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\IPMIDrv.sys
2012-01-14 19:38 - 2010-11-20 01:14 - 0116224 ____A (Microsoft Corporation) C:\Windows\System32\VmbusCoinstaller.dll
2012-01-14 19:38 - 2010-11-20 01:14 - 0113664 ____A (Microsoft Corporation) C:\Windows\System32\VmdCoinstall.dll
2012-01-14 19:38 - 2010-11-20 01:14 - 0113664 ____A (Microsoft Corporation) C:\Windows\System32\IcCoinstall.dll
2012-01-14 19:38 - 2010-11-20 01:14 - 0047616 ____A (Microsoft Corporation) C:\Windows\System32\vmictimeprovider.dll
2012-01-14 19:38 - 2010-11-20 01:14 - 0017920 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\VMBusHID.sys
2012-01-14 19:38 - 2010-11-20 01:14 - 0014336 ____A (Microsoft Corporation) C:\Windows\System32\vmbuspipe.dll
2012-01-14 19:38 - 2010-11-20 01:14 - 0005632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\vms3cap.sys
2012-01-14 19:38 - 2010-11-20 00:47 - 0010240 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\acpipmi.sys
2012-01-14 19:38 - 2010-11-20 00:42 - 0078336 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2012-01-14 19:38 - 2010-11-20 00:39 - 0074752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdx.sys
2012-01-14 19:38 - 2010-11-20 00:39 - 0021504 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdi.sys
2012-01-14 19:38 - 2010-11-20 00:38 - 0108544 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cdrom.sys
2012-01-14 19:38 - 2010-11-19 21:23 - 0053600 ____A C:\Windows\System32\dosx.exe
2012-01-14 19:38 - 2010-11-09 17:45 - 0010429 ____A C:\Windows\System32\ScavengeSpace.xml
2012-01-14 19:38 - 2010-11-04 18:20 - 0105559 ____A C:\Windows\System32\RacRules.xml
2012-01-14 19:37 - 2010-11-20 04:21 - 0363008 ____A (Microsoft Corporation) C:\Windows\System32\wbemcomn.dll
2012-01-14 19:37 - 2010-11-20 04:21 - 0189952 ____A (Microsoft Corporation) C:\Windows\System32\sqmapi.dll
2012-01-14 16:21 - 2011-03-24 18:58 - 0284672 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys
2012-01-14 16:21 - 2011-03-24 18:58 - 0258560 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
2012-01-14 16:21 - 2011-03-24 18:58 - 0075776 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys
2012-01-14 16:21 - 2011-03-24 18:57 - 0043008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys
2012-01-14 16:21 - 2011-03-24 18:57 - 0024064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys
2012-01-14 16:21 - 2011-03-24 18:57 - 0020480 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys
2012-01-14 16:21 - 2011-03-24 18:57 - 0005888 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys
2012-01-14 16:21 - 2011-03-10 21:39 - 1211264 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2012-01-14 16:21 - 2011-03-10 21:39 - 0143744 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvstor.sys
2012-01-14 16:21 - 2011-03-10 21:33 - 1699328 ____A (Microsoft Corporation) C:\Windows\System32\esent.dll
2012-01-14 16:20 - 2011-03-10 21:39 - 0148864 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2012-01-14 16:20 - 2011-03-10 21:39 - 0117120 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvraid.sys
2012-01-14 16:20 - 2011-03-10 21:38 - 0332160 ____A (Intel Corporation) C:\Windows\System32\Drivers\iaStorV.sys
2012-01-14 16:20 - 2011-03-10 21:38 - 0080256 ____A (Advanced Micro Devices) C:\Windows\System32\Drivers\amdsata.sys
2012-01-14 16:20 - 2011-03-10 21:38 - 0022400 ____A (Advanced Micro Devices) C:\Windows\System32\Drivers\amdxata.sys
2012-01-14 16:20 - 2011-03-10 21:31 - 0074240 ____A (Microsoft Corporation) C:\Windows\System32\fsutil.exe
2012-01-14 16:20 - 2011-03-10 20:01 - 0076288 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBSTOR.SYS
2012-01-14 16:11 - 2012-01-14 16:11 - 0000000 ___HD C:\$AVG
2012-01-14 15:36 - 2012-01-14 15:36 - 0000000 ____D C:\Users\Cody\AppData\Roaming\AVG2012
2012-01-14 15:35 - 2012-01-14 15:35 - 0000935 ____A C:\Users\Public\Desktop\AVG 2012.lnk
2012-01-14 15:35 - 2012-01-14 15:35 - 0000000 ____D C:\Users\All Users\AVG Secure Search
2012-01-14 15:35 - 2012-01-14 15:35 - 0000000 ____D C:\ProgramData\AVG Secure Search
2012-01-14 15:35 - 2012-01-14 15:35 - 0000000 ____D C:\Program Files\Common Files\AVG Secure Search
2012-01-14 15:35 - 2012-01-14 15:35 - 0000000 ____D C:\Program Files\AVG Secure Search
2012-01-14 15:33 - 2012-01-17 04:05 - 0000000 ____D C:\Windows\System32\Drivers\AVG
2012-01-14 15:33 - 2012-01-14 15:41 - 0000000 ____D C:\Users\All Users\AVG2012
2012-01-14 15:33 - 2012-01-14 15:41 - 0000000 ____D C:\ProgramData\AVG2012
2012-01-14 15:32 - 2012-01-14 15:32 - 0000000 ____D C:\Program Files\AVG
2012-01-14 15:17 - 2012-01-14 19:59 - 0006175 ____A C:\Windows\IE9_main.log
2012-01-14 15:11 - 2012-01-14 15:11 - 0000129 ____A C:\Windows\System32\MRT.INI
2012-01-14 15:09 - 2012-01-04 17:15 - 52128560 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-01-14 15:00 - 2012-01-17 04:05 - 0000000 ____D C:\Users\All Users\MFAData
2012-01-14 15:00 - 2012-01-17 04:05 - 0000000 ____D C:\ProgramData\MFAData
2012-01-14 14:59 - 2012-01-14 15:00 - 3968544 ____A (AVG Technologies) C:\Users\Cody\Downloads\avg_free_stb_all_2012_1901_cnet.exe
2012-01-14 14:58 - 2012-01-14 14:58 - 0000000 ____D C:\Users\Cody\AppData\Roaming\Mozilla
2012-01-14 14:58 - 2012-01-14 14:58 - 0000000 ____D C:\Users\Cody\AppData\Local\Mozilla
2012-01-14 14:57 - 2012-01-14 14:57 - 0001096 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2012-01-14 14:57 - 2012-01-14 14:57 - 0000000 ____D C:\Program Files\Mozilla Firefox
2012-01-14 14:51 - 2011-02-17 21:39 - 0031232 ____A (Microsoft Corporation) C:\Windows\System32\prevhost.exe
2012-01-14 14:39 - 2011-11-16 21:38 - 1288472 ____A (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2012-01-14 14:39 - 2011-09-29 08:03 - 1290608 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2012-01-14 14:39 - 2011-08-26 20:26 - 0571904 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2012-01-14 14:39 - 2011-08-26 20:26 - 0233472 ____A (Microsoft Corporation) C:\Windows\System32\oleacc.dll
2012-01-14 14:39 - 2011-08-16 20:24 - 0465408 ____A (Microsoft Corporation) C:\Windows\System32\psisdecd.dll
2012-01-14 14:39 - 2011-08-16 20:19 - 0075776 ____A (Microsoft Corporation) C:\Windows\System32\psisrndr.ax
2012-01-14 14:39 - 2011-07-08 18:30 - 0223744 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2012-01-14 14:39 - 2011-05-03 20:34 - 1549312 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll
2012-01-14 14:39 - 2011-05-03 20:32 - 1401344 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2012-01-14 14:39 - 2011-05-03 20:32 - 0666624 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2012-01-14 14:39 - 2011-05-03 20:32 - 0337408 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll
2012-01-14 14:39 - 2011-05-03 20:32 - 0197120 ____A (Microsoft Corporation) C:\Windows\System32\mssphtb.dll
2012-01-14 14:39 - 2011-05-03 20:32 - 0059392 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
2012-01-14 14:39 - 2011-05-03 20:28 - 0427520 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2012-01-14 14:39 - 2011-05-03 20:28 - 0164352 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
2012-01-14 14:39 - 2011-05-03 20:28 - 0086528 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
2012-01-14 14:39 - 2011-05-02 20:30 - 0741376 ____A (Microsoft Corporation) C:\Windows\System32\inetcomm.dll
2012-01-14 14:39 - 2011-04-28 18:46 - 0311808 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2012-01-14 14:39 - 2011-04-28 18:46 - 0310272 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2012-01-14 14:39 - 2011-04-28 18:46 - 0114688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2012-01-14 14:39 - 2011-04-26 18:17 - 0123904 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2012-01-14 14:39 - 2011-04-26 18:17 - 0096768 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2012-01-14 14:39 - 2011-04-24 18:18 - 0338944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2012-01-14 14:39 - 2011-02-18 22:30 - 0034304 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2012-01-14 14:39 - 2011-02-18 20:34 - 0294912 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2012-01-14 14:39 - 2010-11-20 04:29 - 0187776 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2012-01-14 14:39 - 2010-11-20 04:16 - 0204288 ____A (Microsoft Corporation) C:\Windows\System32\MSNP.ax
2012-01-14 14:39 - 2010-11-20 04:16 - 0072704 ____A (Microsoft Corporation) C:\Windows\System32\Mpeg2Data.ax
2012-01-14 14:39 - 2010-11-20 04:16 - 0059904 ____A (Microsoft Corporation) C:\Windows\System32\MSDvbNP.ax
2012-01-14 14:39 - 2010-09-29 22:47 - 0070656 ____A (Microsoft Corporation) C:\Windows\System32\fontsub.dll
2012-01-14 14:38 - 2011-11-23 20:25 - 2342912 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-01-14 14:38 - 2011-11-19 06:01 - 0067072 ____A (Microsoft Corporation) C:\Windows\System32\packager.dll
2012-01-14 14:38 - 2011-11-04 20:26 - 0002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2012-01-14 14:38 - 2011-10-14 21:38 - 0534528 ____A (Microsoft Corporation) C:\Windows\System32\EncDec.dll
2012-01-14 14:38 - 2011-06-15 20:33 - 0180224 ____A (Microsoft Corporation) C:\Windows\System32\xmllite.dll
2012-01-14 14:38 - 2011-05-24 02:44 - 0293376 ____A (Microsoft Corporation) C:\Windows\System32\umpnpmgr.dll
2012-01-14 14:38 - 2011-03-12 03:23 - 0870912 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2012-01-14 14:38 - 2011-03-02 21:38 - 0270336 ____A (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2012-01-14 14:38 - 2011-03-02 21:38 - 0132608 ____A (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2012-01-14 14:38 - 2011-03-02 21:36 - 0028672 ____A (Microsoft Corporation) C:\Windows\System32\dnscacheugc.exe
2012-01-14 14:38 - 2011-02-23 21:38 - 0288256 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2012-01-14 14:38 - 2011-02-11 21:35 - 0191488 ____A (Microsoft Corporation) C:\Windows\System32\FXSCOVER.exe
2012-01-14 14:38 - 2010-12-16 23:07 - 0542208 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2012-01-14 14:38 - 2010-11-20 04:18 - 0145920 ____A (Microsoft Corporation) C:\Windows\System32\cfgmgr32.dll
2012-01-14 14:38 - 2010-11-20 04:17 - 0802304 ____A (Microsoft Corporation) C:\Windows\System32\WFS.exe
2012-01-14 14:37 - 2011-10-25 20:32 - 1328128 ____A (Microsoft Corporation) C:\Windows\System32\quartz.dll
2012-01-14 14:37 - 2011-10-25 20:32 - 0514560 ____A (Microsoft Corporation) C:\Windows\System32\qdvd.dll
2012-01-14 14:37 - 2010-12-22 21:54 - 0850944 ____A (Microsoft Corporation) C:\Windows\System32\sbe.dll
2012-01-14 14:37 - 2010-12-22 21:54 - 0642048 ____A (Microsoft Corporation) C:\Windows\System32\CPFilters.dll
2012-01-14 14:37 - 2010-12-22 21:50 - 0199680 ____A (Microsoft Corporation) C:\Windows\System32\mpg2splt.ax
2012-01-14 14:36 - 2011-10-25 20:47 - 3967856 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2012-01-14 14:36 - 2011-10-25 20:47 - 3912560 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-01-14 14:36 - 2011-10-25 20:28 - 0038912 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2012-01-14 14:36 - 2011-07-15 20:27 - 0868352 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2012-01-14 14:36 - 2011-07-15 20:27 - 0290816 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2012-01-14 14:36 - 2011-07-15 20:15 - 0005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2012-01-14 14:36 - 2011-07-15 20:15 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2012-01-14 14:36 - 2011-07-15 20:15 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-01-14 14:36 - 2011-07-15 20:15 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2012-01-14 14:36 - 2011-07-15 20:15 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2012-01-14 14:36 - 2011-07-15 20:15 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2012-01-14 14:36 - 2011-07-15 20:15 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2012-01-14 14:36 - 2011-07-15 20:15 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-01-14 14:36 - 2011-07-15 20:15 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-01-14 14:36 - 2011-07-15 20:15 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2012-01-14 14:36 - 2011-07-15 20:15 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-01-14 14:36 - 2011-07-15 20:15 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2012-01-14 14:36 - 2011-07-15 20:15 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2012-01-14 14:36 - 2011-07-15 20:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2012-01-14 14:36 - 2011-07-15 20:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-01-14 14:36 - 2011-07-15 20:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2012-01-14 14:36 - 2011-07-15 20:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2012-01-14 14:36 - 2011-07-15 20:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2012-01-14 14:36 - 2011-07-15 20:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2012-01-14 14:36 - 2011-07-15 20:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-01-14 14:36 - 2011-07-15 20:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2012-01-14 14:36 - 2011-07-15 20:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2012-01-14 14:36 - 2011-07-15 20:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2012-01-14 14:36 - 2011-07-15 20:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2012-01-14 14:36 - 2011-07-15 18:17 - 0006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2012-01-14 14:36 - 2011-07-15 18:17 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2012-01-14 14:36 - 2011-07-15 18:17 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2012-01-14 14:36 - 2011-07-15 18:17 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2012-01-14 14:36 - 2011-06-23 20:27 - 0169984 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2012-01-14 14:36 - 2011-06-23 20:22 - 0271360 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2012-01-14 14:36 - 2011-06-15 00:55 - 0319488 ____A (Microsoft Corporation) C:\Windows\System32\odbcjt32.dll
2012-01-14 14:36 - 2011-06-15 00:55 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\odbctrac.dll
2012-01-14 14:36 - 2011-06-15 00:55 - 0122880 ____A (Microsoft Corporation) C:\Windows\System32\odbccp32.dll
2012-01-14 14:36 - 2011-06-15 00:55 - 0086016 ____A (Microsoft Corporation) C:\Windows\System32\odbccu32.dll
2012-01-14 14:36 - 2011-06-15 00:55 - 0081920 ____A (Microsoft Corporation) C:\Windows\System32\odbccr32.dll
2012-01-14 14:36 - 2011-02-24 21:30 - 2616320 ____A (Microsoft Corporation) C:\Windows\explorer.exe
2012-01-14 14:36 - 2011-01-16 21:47 - 0161792 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2012-01-14 14:36 - 2010-11-20 04:18 - 0219136 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2012-01-14 14:36 - 2010-10-19 12:51 - 0222080 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2012-01-14 14:32 - 2012-01-14 14:32 - 0057560 ____A C:\Users\Cody\AppData\Local\GDIPFONTCACHEV1.DAT
2012-01-14 14:32 - 2012-01-14 14:32 - 0002154 ____A C:\Windows\epplauncher.mif
2012-01-14 14:31 - 2012-01-14 14:32 - 0000000 ____D C:\Program Files\Microsoft Security Client
2012-01-14 14:28 - 2011-03-10 21:33 - 1164288 ____A (Microsoft Corporation) C:\Windows\System32\mfc42u.dll
2012-01-14 14:28 - 2011-03-10 21:33 - 1137664 ____A (Microsoft Corporation) C:\Windows\System32\mfc42.dll
2012-01-14 14:27 - 2011-02-22 20:47 - 0069632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2012-01-14 14:26 - 2012-01-17 04:09 - 0729688 ____A C:\Windows\System32\PerfStringBackup.INI
2012-01-14 14:26 - 2012-01-14 14:26 - 0001067 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-01-14 14:26 - 2012-01-14 14:26 - 0000000 ____D C:\Users\Cody\AppData\Roaming\Malwarebytes
2012-01-14 14:26 - 2012-01-14 14:26 - 0000000 ____D C:\Users\All Users\Malwarebytes
2012-01-14 14:26 - 2012-01-14 14:26 - 0000000 ____D C:\ProgramData\Malwarebytes
2012-01-14 14:26 - 2012-01-14 14:26 - 0000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2012-01-14 14:26 - 2011-12-10 15:24 - 0020464 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-01-14 14:25 - 2011-04-22 11:14 - 0027008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2012-01-14 14:25 - 2011-04-08 21:56 - 0123904 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2012-01-14 14:25 - 2011-02-02 21:54 - 0219008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2012-01-14 14:25 - 2010-11-20 04:29 - 0728448 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2012-01-14 14:25 - 2010-11-20 03:56 - 0107520 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
2012-01-14 14:20 - 2012-01-15 11:01 - 0000174 ___SH C:\Users\Cody\Start Menu\Programs\Startup\desktop.ini
2012-01-14 14:20 - 2012-01-15 11:01 - 0000174 ___SH C:\Users\Cody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
2012-01-14 14:20 - 2012-01-14 15:35 - 0000000 ____D C:\Users\Cody\AppData\LocalLow
2012-01-14 14:20 - 2012-01-14 14:20 - 0000020 ___SH C:\Users\Cody\ntuser.ini
2012-01-14 14:20 - 2012-01-14 14:20 - 0000000 __SHD C:\Users\Cody\Templates
2012-01-14 14:20 - 2012-01-14 14:20 - 0000000 __SHD C:\Users\Cody\Start Menu
2012-01-14 14:20 - 2012-01-14 14:20 - 0000000 __SHD C:\Users\Cody\PrintHood
2012-01-14 14:20 - 2012-01-14 14:20 - 0000000 __SHD C:\Users\Cody\NetHood
2012-01-14 14:20 - 2012-01-14 14:20 - 0000000 __SHD C:\Users\Cody\My Documents
2012-01-14 14:20 - 2012-01-14 14:20 - 0000000 __SHD C:\Users\Cody\Documents\My Videos
2012-01-14 14:20 - 2012-01-14 14:20 - 0000000 __SHD C:\Users\Cody\Documents\My Pictures
2012-01-14 14:20 - 2012-01-14 14:20 - 0000000 __SHD C:\Users\Cody\Documents\My Music
2012-01-14 14:20 - 2012-01-14 14:20 - 0000000 __SHD C:\Users\Cody\AppData\Local\Temporary Internet Files
2012-01-14 14:20 - 2012-01-14 14:20 - 0000000 __SHD C:\Users\Cody\AppData\Local\History
2012-01-14 14:20 - 2012-01-14 14:20 - 0000000 __SHD C:\Recovery
2012-01-14 14:20 - 2012-01-14 14:20 - 0000000 ____D C:\Users\Cody\AppData\Local\VirtualStore
2012-01-14 14:20 - 2012-01-14 14:20 - 0000000 ____D C:\users\Cody
2012-01-14 14:20 - 2009-07-13 23:48 - 0000000 ____D C:\Users\Cody\AppData\Roaming\Media Center Programs
2012-01-14 14:16 - 2012-01-17 04:08 - 1591468 ____A C:\Windows\WindowsUpdate.log
2012-01-14 14:13 - 2012-01-15 01:27 - 1609375744 __ASH C:\hiberfil.sys
2012-01-14 14:13 - 2012-01-14 14:16 - 0001313 ____A C:\Windows\TSSysprep.log
2012-01-14 14:12 - 2012-01-14 14:20 - 0000000 ____D C:\Windows\Panther
2012-01-14 14:12 - 2012-01-14 14:12 - 0008192 _RASH C:\BOOTSECT.BAK
2012-01-14 14:12 - 2010-11-20 04:40 - 0383786 _RASH C:\bootmgr


============ 3 Months Modified Files and Folders ===============

2012-01-17 04:13 - 2012-01-17 04:13 - 0000000 ____D C:\FRST
2012-01-17 04:09 - 2012-01-14 14:26 - 0729688 ____A C:\Windows\System32\PerfStringBackup.INI
2012-01-17 04:09 - 2009-07-13 20:34 - 0012528 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-01-17 04:09 - 2009-07-13 20:34 - 0012528 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-01-17 04:08 - 2012-01-14 14:16 - 1591468 ____A C:\Windows\WindowsUpdate.log
2012-01-17 04:07 - 2012-01-17 04:07 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2012-01-17 04:07 - 2009-07-13 20:39 - 0017429 ____A C:\Windows\setupact.log
2012-01-17 04:06 - 2012-01-17 04:05 - 0859836 ____A C:\Users\Cody\Downloads\FRST.exe
2012-01-17 04:05 - 2012-01-14 15:33 - 0000000 ____D C:\Windows\System32\Drivers\AVG
2012-01-17 04:05 - 2012-01-14 15:00 - 0000000 ____D C:\Users\All Users\MFAData
2012-01-17 04:05 - 2012-01-14 15:00 - 0000000 ____D C:\ProgramData\MFAData
2012-01-15 12:51 - 2012-01-15 12:51 - 0414368 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2012-01-15 12:51 - 2012-01-15 12:51 - 0000000 ____D C:\Windows\System32\Macromed
2012-01-15 12:51 - 2012-01-15 12:51 - 0000000 ____D C:\Users\Cody\AppData\Roaming\Macromedia
2012-01-15 12:51 - 2012-01-15 12:51 - 0000000 ____D C:\Users\Cody\AppData\Roaming\Adobe
2012-01-15 12:29 - 2012-01-15 12:26 - 0079388 ____A C:\TDSSKiller.2.7.1.0_15.01.2012_12.26.59_log.txt
2012-01-15 12:26 - 2012-01-15 12:26 - 1953112 ____A C:\Users\Cody\Downloads\tdsskiller.zip
2012-01-15 12:26 - 2012-01-15 12:26 - 0000000 ____D C:\Users\Cody\Downloads\tdsskiller
2012-01-15 12:01 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\Microsoft.NET
2012-01-15 11:52 - 2012-01-15 11:51 - 0138984 ____A C:\Windows\Minidump\011512-47034-01.dmp
2012-01-15 11:47 - 2012-01-15 11:47 - 0001064 ____A C:\Users\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
2012-01-15 11:47 - 2012-01-15 11:47 - 0000000 ____D C:\Users\Cody\AppData\Local\Secunia PSI
2012-01-15 11:47 - 2012-01-15 11:47 - 0000000 ____D C:\Program Files\Secunia
2012-01-15 11:46 - 2012-01-15 11:45 - 1754456 ____A (Secunia) C:\Users\Cody\Downloads\PSISetup.exe
2012-01-15 11:35 - 2012-01-15 11:34 - 0302592 ____A C:\Users\Cody\Downloads\4ygjgb88.exe
2012-01-15 11:30 - 2012-01-15 11:30 - 0000357 ____A C:\rkill.log
2012-01-15 11:29 - 2012-01-15 11:29 - 1008141 ____A C:\Users\Cody\Downloads\rkill.exe
2012-01-15 11:07 - 2012-01-15 11:07 - 0000000 ____D C:\Program Files\Microsoft.NET
2012-01-15 11:01 - 2012-01-14 14:20 - 0000174 ___SH C:\Users\Cody\Start Menu\Programs\Startup\desktop.ini
2012-01-15 11:01 - 2012-01-14 14:20 - 0000174 ___SH C:\Users\Cody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
2012-01-15 11:00 - 2012-01-15 11:00 - 0004440 ____A C:\Windows\PFRO.log
2012-01-15 09:04 - 2009-07-13 20:33 - 0266808 ____A C:\Windows\System32\FNTCACHE.DAT
2012-01-15 01:27 - 2012-01-15 11:51 - 274882138 ____A C:\Windows\MEMORY.DMP
2012-01-15 01:27 - 2012-01-15 11:51 - 0000000 ____D C:\Windows\Minidump
2012-01-15 01:27 - 2012-01-15 01:27 - 0138840 ____A C:\Windows\Minidump\011512-38095-01.dmp
2012-01-15 01:27 - 2012-01-14 14:13 - 1609375744 __ASH C:\hiberfil.sys
2012-01-15 01:27 - 2009-07-13 20:53 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2012-01-15 01:06 - 2012-01-15 01:04 - 0214428 ____A C:\Windows\ntbtlog.txt
2012-01-15 01:03 - 2012-01-15 01:03 - 0138984 ____A C:\Windows\Minidump\011512-40529-01.dmp
2012-01-14 20:28 - 2009-07-13 18:37 - 0000000 ____D C:\Program Files\Common Files\microsoft shared
2012-01-14 20:24 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\DriverStore
2012-01-14 20:19 - 2009-07-13 23:50 - 0000000 ____D C:\Program Files\Windows Journal
2012-01-14 20:19 - 2009-07-13 23:49 - 0000000 __SHD C:\Windows\BitLockerDiscoveryVolumeContents
2012-01-14 20:19 - 2009-07-13 20:52 - 0000000 ____D C:\Program Files\Windows Sidebar
2012-01-14 20:19 - 2009-07-13 20:52 - 0000000 ____D C:\Program Files\Windows Portable Devices
2012-01-14 20:19 - 2009-07-13 20:52 - 0000000 ____D C:\Program Files\Windows Photo Viewer
2012-01-14 20:19 - 2009-07-13 20:52 - 0000000 ____D C:\Program Files\Windows Defender
2012-01-14 20:19 - 2009-07-13 20:52 - 0000000 ____D C:\Program Files\DVD Maker
2012-01-14 20:19 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\AdvancedInstallers
2012-01-14 20:19 - 2009-07-13 18:37 - 0000000 ____D C:\Program Files\Common Files\System
2012-01-14 20:13 - 2009-07-13 18:05 - 0152576 ____A (Microsoft Corporation) C:\Windows\System32\msclmd.dll
2012-01-14 19:59 - 2012-01-14 19:59 - 1792000 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-01-14 19:59 - 2012-01-14 19:59 - 1127424 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-01-14 19:59 - 2012-01-14 19:59 - 1103360 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-01-14 19:59 - 2012-01-14 19:59 - 0162304 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2012-01-14 19:59 - 2012-01-14 19:59 - 0161792 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2012-01-14 19:59 - 2012-01-14 19:59 - 0110592 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2012-01-14 19:59 - 2012-01-14 19:59 - 0074752 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2012-01-14 19:59 - 2012-01-14 19:59 - 0065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-01-14 19:59 - 2012-01-14 19:59 - 0041472 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2012-01-14 19:59 - 2012-01-14 19:59 - 0010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2012-01-14 19:59 - 2012-01-14 15:17 - 0006175 ____A C:\Windows\IE9_main.log
2012-01-14 19:58 - 2012-01-14 19:58 - 9705472 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 3695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2012-01-14 19:58 - 2012-01-14 19:58 - 2382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-01-14 19:58 - 2012-01-14 19:58 - 1798144 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 1427456 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-01-14 19:58 - 2012-01-14 19:58 - 12279808 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0716800 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0580608 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0434176 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0367104 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2012-01-14 19:58 - 2012-01-14 19:58 - 0353792 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0353584 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0227840 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0223232 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0203776 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0152064 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2012-01-14 19:58 - 2012-01-14 19:58 - 0150528 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2012-01-14 19:58 - 2012-01-14 19:58 - 0142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-01-14 19:58 - 2012-01-14 19:58 - 0130560 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0123392 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0118784 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0101888 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0086528 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0078848 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0076800 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2012-01-14 19:58 - 2012-01-14 19:58 - 0074752 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0074240 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2012-01-14 19:58 - 2012-01-14 19:58 - 0072822 ____A C:\Windows\System32\ieuinit.inf
2012-01-14 19:58 - 2012-01-14 19:58 - 0072704 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0066048 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0063488 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2012-01-14 19:58 - 2012-01-14 19:58 - 0054272 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0035840 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0031744 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0023552 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2012-01-14 19:58 - 2012-01-14 19:58 - 0011776 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2012-01-14 19:44 - 2012-01-14 19:44 - 0000000 ____D C:\Windows\System32\SPReview
2012-01-14 19:43 - 2012-01-14 19:43 - 0000000 ____D C:\Windows\System32\EventProviders
2012-01-14 16:11 - 2012-01-14 16:11 - 0000000 ___HD C:\$AVG
2012-01-14 15:41 - 2012-01-14 15:33 - 0000000 ____D C:\Users\All Users\AVG2012
2012-01-14 15:41 - 2012-01-14 15:33 - 0000000 ____D C:\ProgramData\AVG2012
2012-01-14 15:36 - 2012-01-14 15:36 - 0000000 ____D C:\Users\Cody\AppData\Roaming\AVG2012
2012-01-14 15:35 - 2012-01-14 15:35 - 0000935 ____A C:\Users\Public\Desktop\AVG 2012.lnk
2012-01-14 15:35 - 2012-01-14 15:35 - 0000000 ____D C:\Users\All Users\AVG Secure Search
2012-01-14 15:35 - 2012-01-14 15:35 - 0000000 ____D C:\ProgramData\AVG Secure Search
2012-01-14 15:35 - 2012-01-14 15:35 - 0000000 ____D C:\Program Files\Common Files\AVG Secure Search
2012-01-14 15:35 - 2012-01-14 15:35 - 0000000 ____D C:\Program Files\AVG Secure Search
2012-01-14 15:35 - 2012-01-14 14:20 - 0000000 ____D C:\Users\Cody\AppData\LocalLow
2012-01-14 15:32 - 2012-01-14 15:32 - 0000000 ____D C:\Program Files\AVG
2012-01-14 15:11 - 2012-01-14 15:11 - 0000129 ____A C:\Windows\System32\MRT.INI
2012-01-14 15:00 - 2012-01-14 14:59 - 3968544 ____A (AVG Technologies) C:\Users\Cody\Downloads\avg_free_stb_all_2012_1901_cnet.exe
2012-01-14 14:58 - 2012-01-14 14:58 - 0000000 ____D C:\Users\Cody\AppData\Roaming\Mozilla
2012-01-14 14:58 - 2012-01-14 14:58 - 0000000 ____D C:\Users\Cody\AppData\Local\Mozilla
2012-01-14 14:57 - 2012-01-14 14:57 - 0001096 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2012-01-14 14:57 - 2012-01-14 14:57 - 0000000 ____D C:\Program Files\Mozilla Firefox
2012-01-14 14:32 - 2012-01-14 14:32 - 0057560 ____A C:\Users\Cody\AppData\Local\GDIPFONTCACHEV1.DAT
2012-01-14 14:32 - 2012-01-14 14:32 - 0002154 ____A C:\Windows\epplauncher.mif
2012-01-14 14:32 - 2012-01-14 14:31 - 0000000 ____D C:\Program Files\Microsoft Security Client
2012-01-14 14:30 - 2009-07-13 20:52 - 0000000 ____D C:\Windows\System32\restore
2012-01-14 14:26 - 2012-01-14 14:26 - 0001067 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-01-14 14:26 - 2012-01-14 14:26 - 0000000 ____D C:\Users\Cody\AppData\Roaming\Malwarebytes
2012-01-14 14:26 - 2012-01-14 14:26 - 0000000 ____D C:\Users\All Users\Malwarebytes
2012-01-14 14:26 - 2012-01-14 14:26 - 0000000 ____D C:\ProgramData\Malwarebytes
2012-01-14 14:26 - 2012-01-14 14:26 - 0000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2012-01-14 14:20 - 2012-01-14 14:20 - 0000020 ___SH C:\Users\Cody\ntuser.ini
2012-01-14 14:20 - 2012-01-14 14:20 - 0000000 __SHD C:\Users\Cody\Templates
2012-01-14 14:20 - 2012-01-14 14:20 - 0000000 __SHD C:\Users\Cody\Start Menu
2012-01-14 14:20 - 2012-01-14 14:20 - 0000000 __SHD C:\Users\Cody\PrintHood
2012-01-14 14:20 - 2012-01-14 14:20 - 0000000 __SHD C:\Users\Cody\NetHood
2012-01-14 14:20 - 2012-01-14 14:20 - 0000000 __SHD C:\Users\Cody\My Documents
2012-01-14 14:20 - 2012-01-14 14:20 - 0000000 __SHD C:\Users\Cody\Documents\My Videos
2012-01-14 14:20 - 2012-01-14 14:20 - 0000000 __SHD C:\Users\Cody\Documents\My Pictures
2012-01-14 14:20 - 2012-01-14 14:20 - 0000000 __SHD C:\Users\Cody\Documents\My Music
2012-01-14 14:20 - 2012-01-14 14:20 - 0000000 __SHD C:\Users\Cody\AppData\Local\Temporary Internet Files
2012-01-14 14:20 - 2012-01-14 14:20 - 0000000 __SHD C:\Users\Cody\AppData\Local\History
2012-01-14 14:20 - 2012-01-14 14:20 - 0000000 __SHD C:\Recovery
2012-01-14 14:20 - 2012-01-14 14:20 - 0000000 ____D C:\Users\Cody\AppData\Local\VirtualStore
2012-01-14 14:20 - 2012-01-14 14:20 - 0000000 ____D C:\users\Cody
2012-01-14 14:20 - 2012-01-14 14:12 - 0000000 ____D C:\Windows\Panther
2012-01-14 14:20 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\Recovery
2012-01-14 14:20 - 2009-07-13 18:36 - 0000000 __SHD C:\$Recycle.Bin
2012-01-14 14:19 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\rescache
2012-01-14 14:16 - 2012-01-14 14:13 - 0001313 ____A C:\Windows\TSSysprep.log
2012-01-14 14:16 - 2009-07-13 20:46 - 0042045 ____A C:\Windows\System32\license.rtf
2012-01-14 14:16 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\config\TxR
2012-01-14 14:14 - 2009-07-13 23:49 - 0000000 ____D C:\Windows\CSC
2012-01-14 14:13 - 2009-07-13 20:34 - 0001774 ____A C:\Windows\DtcInstall.log
2012-01-14 14:12 - 2012-01-14 14:12 - 0008192 _RASH C:\BOOTSECT.BAK
2012-01-14 14:12 - 2009-07-13 20:57 - 0025600 __ASH C:\Windows\System32\config\BCD-Template.LOG
2012-01-14 14:12 - 2009-07-13 20:52 - 0028672 ____A C:\Windows\System32\config\BCD-Template
2012-01-04 17:15 - 2012-01-14 15:09 - 52128560 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2011-12-10 15:24 - 2012-01-14 14:26 - 0020464 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2011-11-23 20:25 - 2012-01-14 14:38 - 2342912 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-11-19 06:01 - 2012-01-14 14:38 - 0067072 ____A (Microsoft Corporation) C:\Windows\System32\packager.dll
2011-11-16 21:41 - 2012-01-15 11:50 - 0134000 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2011-11-16 21:41 - 2012-01-15 11:50 - 0067440 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2011-11-16 21:39 - 2012-01-15 11:50 - 0369352 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2011-11-16 21:38 - 2012-01-14 14:39 - 1288472 ____A (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2011-11-16 21:35 - 2012-01-15 11:50 - 0314880 ____A (Microsoft Corporation) C:\Windows\System32\webio.dll
2011-11-16 21:34 - 2012-01-15 11:50 - 0224768 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2011-11-16 21:34 - 2012-01-15 11:50 - 0100352 ____A (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2011-11-16 21:34 - 2012-01-15 11:50 - 0022016 ____A (Microsoft Corporation) C:\Windows\System32\secur32.dll
2011-11-16 21:34 - 2012-01-15 11:50 - 0015872 ____A (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2011-11-16 21:32 - 2012-01-15 11:50 - 1038848 ____A (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2011-11-16 21:29 - 2012-01-15 11:50 - 0022528 ____A (Microsoft Corporation) C:\Windows\System32\lsass.exe
2011-11-04 20:26 - 2012-01-14 14:38 - 0002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2011-10-25 20:47 - 2012-01-14 14:36 - 3967856 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2011-10-25 20:47 - 2012-01-14 14:36 - 3912560 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2011-10-25 20:32 - 2012-01-14 14:37 - 1328128 ____A (Microsoft Corporation) C:\Windows\System32\quartz.dll
2011-10-25 20:32 - 2012-01-14 14:37 - 0514560 ____A (Microsoft Corporation) C:\Windows\System32\qdvd.dll
2011-10-25 20:28 - 2012-01-14 14:36 - 0038912 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

========================= Memory info ======================

Percentage of memory in use: 18%
Total physical RAM: 2046.43 MB
Available physical RAM: 1671.55 MB
Total Pagefile: 2046.43 MB
Available Pagefile: 1672.31 MB
Total Virtual: 2047.88 MB
Available Virtual: 1962.31 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:141.49 GB) (Free:123.6 GB) NTFS ==>[Drive with boot components (obtanied from BCD)]
2 Drive d: () (Fixed) (Total:149.04 GB) (Free:148.94 GB) NTFS
3 Drive e: () (Fixed) (Total:7.56 GB) (Free:7.48 GB) NTFS
5 Drive g: () (Removable) (Total:1.89 GB) (Free:1.8 GB) FAT32
6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 149 GB 0 B
Disk 1 Online 149 GB 6144 KB
Disk 2 Online 1937 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Recovery 7737 MB 1024 KB
Partition 2 Primary 141 GB 7738 MB
Partition 3 Primary 1872 KB 149 GB

Disk: 0
Partition 1
Type : 27
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 E NTFS Partition 7737 MB Healthy Hidden

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C NTFS Partition 141 GB Healthy

Disk: 0
Partition 3
Type : 17 (Suspicious Type)
Hidden: Yes
Active: No

There is no volume associated with this partition.

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 0 Extended 149 GB 8032 KB
Partition 1 Logical 149 GB 8064 KB

Disk: 1
Partition 1
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 D NTFS Partition 149 GB Healthy

Partitions of Disk 2:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
* Partition 1 Primary 1937 MB 0 B

Disk: 2
There is no partition selected.

There is no partition selected.
Please select a partition and try again.


==========================================================

Last Boot: 2012-01-14 14:13

======================= End Of Log ==========================



Also here's the Result.txt log:


ListParts by Farbar
Ran by Cody on 17-01-2012 at 04:19:35
Windows 7 (X86)
Running From: C:\Users\Cody\Downloads
************************************************************

========================= Memory info ======================

Percentage of memory in use: 40%
Total physical RAM: 2046.43 MB
Available physical RAM: 1210.53 MB
Total Pagefile: 4092.86 MB
Available Pagefile: 3146.91 MB
Total Virtual: 2047.88 MB
Available Virtual: 1964.8 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:141.49 GB) (Free:123.58 GB) NTFS ==>[Drive with boot components (obtanied from BCD)]
2 Drive d: () (Fixed) (Total:149.04 GB) (Free:148.94 GB) NTFS
4 Drive f: () (Removable) (Total:1.89 GB) (Free:1.8 GB) FAT32

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 149 GB 0 B
Disk 1 Online 149 GB 6144 KB
Disk 2 Online 1937 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Recovery 7737 MB 1024 KB
Partition 2 Primary 141 GB 7738 MB
Partition 3 Primary 1872 KB 149 GB

Disk: 0
Partition 1
Type : 27
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 NTFS Partition 7737 MB Healthy Hidden

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C NTFS Partition 141 GB Healthy System (partition with boot components)

Disk: 0
Partition 3
Type : 17 (Suspicious Type)
Hidden: Yes
Active: No

There is no volume associated with this partition.

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 0 Extended 149 GB 8032 KB
Partition 1 Logical 149 GB 8064 KB

Disk: 1
Partition 1
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 D NTFS Partition 149 GB Healthy

Partitions of Disk 2:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
* Partition 1 Primary 1937 MB 0 B

Disk: 2
There is no partition selected.

There is no partition selected.
Please select a partition and try again.


****** End Of Log ******

#14 ratman

ratman

    Bleepin' gnawing at it!


  • Malware Response Team
  • 1,799 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:11:27 AM

Posted 18 January 2012 - 07:13 AM

Hello Cody_Arc,

What we need now is a copy of your MBR so we can adjust it. Please do the following:

Download http://unetbootin.sourceforge.net/unetbootin-xpud-windows-latest.exe & http://noahdfear.net/downloads/bootable/xPUD/xpud-0.9.2.iso to the your desktop.
  • Insert your USB drive
  • Double click the unetbootin-xpud-windows-387.exe that you just downloaded
  • Press Run then OK
  • Select the DiskImage option then click the browse button located on the right side of the textbox field.
  • Browse to and select the xpud-0.9.2.iso file you downloaded
  • Verify the correct drive letter G: is selected for your USB device then click OK
  • It will install a little bootable OS on your USB device
  • Once the files have been written to the device you will be prompted to reboot ~ do not reboot and instead just Exit the UNetbootin interface
  • After it has completed do not choose to reboot the clean computer simply close the installer
  • Next download dumpit to your USB
  • Boot the your computer
  • Press F12 and choose to boot from the USB
  • Follow the prompts
  • A Welcome to xPUD screen will appear
  • Press File
  • Expand mnt
  • Click on sdb1 (sdb1 represents the USB drive).
  • Double click on the dumpit file.
  • A black window will pop-up and it will dump and zip the MBR to your USB drive.
  • Press Enter to exit the black window.
  • Click on HOME tab and choose Power Off to turn off xPUD.
  • Reboot your machine
  • Locate the mbr.zip file in your USB drive and attach it when you reply.

regards, ratman

a proud member of:
Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM

If I have helped and you would like to show your appreciation you may Posted Image to the cause.



#15 Cody_Arc

Cody_Arc
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:27 AM

Posted 18 January 2012 - 10:52 AM

I've done all the steps up till the Boot your computer step, is there something that's suppose to show up that you hit F12 for or do you hit F12 during the boot up screen? In either case nothing happened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users