Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Accidentally Downloaded ilivid and searchqu toolbar


  • This topic is locked This topic is locked
15 replies to this topic

#1 ClearFocus

ClearFocus

  • Members
  • 93 posts
  • OFFLINE
  •  
  • Local time:04:17 PM

Posted 18 January 2012 - 02:10 PM

Hello,

I believe I have accidentally downloaded the Livid app and, thus, the Searchqu toolbar and I'm being browser hijacked.

Can someone help walk me thru the removal and confirmation that I'm not further infected with malware, rootkits, etc.?

Here is a Hijackthis Log file in case it helps. This is a brand new Win7 machine that was first turned on yesterday.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:08:51 PM, on 1/18/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
C:\Program Files (x86)\Dell AIO Printer 948\dldfmon.exe
C:\Program Files (x86)\Dell AIO Printer 948\memcard.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
C:\Users\Weezie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe
C:\Users\Weezie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Weezie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Weezie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Weezie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Weezie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Weezie\Downloads\HijackThis.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll
O2 - BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\WI3C8A~1\Datamngr\BROWSE~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll
O4 - HKLM\..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
O4 - HKLM\..\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
O4 - HKLM\..\Run: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [Dell AIO Printer 948] "C:\Program Files (x86)\Dell AIO Printer 948\fm3032.exe" /s
O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~2\WI3C8A~1\Datamngr\DATAMN~1.EXE
O4 - HKCU\..\Run: [Google Update] "C:\Users\Weezie\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~2\WI3C8A~1\Datamngr\datamngr.dll C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
O23 - Service: dldfCATSCustConnectService - Unknown owner - C:\Windows\system32\spool\DRIVERS\x64\3\\dldfserv.exe
O23 - Service: dldf_device - - C:\Windows\system32\dldfcoms.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Dell DataSafe Online (NOBU) - Dell, Inc. - C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RoxMediaDB12OEM - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: BitDefender Update Server v2 (Update Server) - BitDefender - C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe
O23 - Service: BitDefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10608 bytes


Many thanks!
Brian

Edited by ClearFocus, 18 January 2012 - 02:10 PM.


BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:17 PM

Posted 21 January 2012 - 11:14 PM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • Please Do not Attach logs or put in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.


The first thing I would like you to do is run this for me - http://download.bleepingcomputer.com/grinler/unhide.exe after it is complete restart the computer and continue with these steps


Download and run OTL

Download OTL by Old Timer and save it to your Desktop.
  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Under the Custom Scan box paste this in

    %TEMP%\smtmp\*.* /s

  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened and the that I need posted back here
    • Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later
  • Please post the contents of OTListIt.txt in your next reply.


information and logs:

  • In your next post I need the following

  • .logs from OTL
  • let me know of any problems you may have had

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 ClearFocus

ClearFocus
  • Topic Starter

  • Members
  • 93 posts
  • OFFLINE
  •  
  • Local time:04:17 PM

Posted 23 January 2012 - 09:51 PM

Gringo,

Thanks for your assistance. Here is the OTL log file.

I Look forward to hearing from you with the next step.


OTL logfile created on: 1/23/2012 9:42:02 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Weezie\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.91 Gb Total Physical Memory | 3.65 Gb Available Physical Memory | 61.73% Memory free
11.83 Gb Paging File | 9.22 Gb Available in Paging File | 77.93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450.91 Gb Total Space | 343.78 Gb Free Space | 76.24% Space Free | Partition Type: NTFS
Drive G: | 465.76 Gb Total Space | 300.22 Gb Free Space | 64.46% Space Free | Partition Type: NTFS

Computer Name: WEEZIE-PC | User Name: Weezie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Weezie\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
PRC - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe (Dell Products, LP.)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe ()
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (SoftThinks SAS)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
PRC - C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe ()
PRC - C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()
PRC - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
PRC - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Dell AIO Printer 948\dldfmon.exe ()
PRC - C:\Program Files (x86)\Dell AIO Printer 948\memcard.exe ()


========== Modules (No Company Name) ==========

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\88f32d62a8df469e8b9f12a8d3093627\System.Xml.Linq.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dd56ffc9d534de278c79420dcce058a4\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\76692f411b404f1db0c95d81dd537c37\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\6294f61f25c953212b92b7e13a0fd9c1\SMDiagnostics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07cdef1a740151932dcf161f3306bd9c\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\f5659a792c1f6832d9a45c1509d03497\System.Transactions.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\70e2ca33ffa52c743285dc5b4910a229\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7c94a121334aeca7553c7f01290740f0\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll ()
MOD - C:\Users\Weezie\AppData\Local\Google\Chrome\Application\16.0.912.75\ppgooglenaclpluginchrome.dll ()
MOD - C:\Users\Weezie\AppData\Local\Google\Chrome\Application\16.0.912.75\pdf.dll ()
MOD - C:\Users\Weezie\AppData\Local\Google\Chrome\Application\16.0.912.75\avutil-51.dll ()
MOD - C:\Users\Weezie\AppData\Local\Google\Chrome\Application\16.0.912.75\avformat-53.dll ()
MOD - C:\Users\Weezie\AppData\Local\Google\Chrome\Application\16.0.912.75\avcodec-53.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe ()
MOD - C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
MOD - C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe ()
MOD - C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()
MOD - C:\Program Files (x86)\Dell Stage\Dell Stage\QtCore4.dll ()
MOD - C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll ()
MOD - C:\Program Files (x86)\Dell Stage\Dell Stage\QtGui4.dll ()
MOD - C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll ()
MOD - c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll ()
MOD - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
MOD - C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ()
MOD - C:\Program Files (x86)\Dell AIO Printer 948\dldfmon.exe ()
MOD - C:\Program Files (x86)\Dell AIO Printer 948\memcard.exe ()
MOD - C:\Program Files (x86)\Dell AIO Printer 948\dldfscw.dll ()
MOD - C:\Program Files (x86)\Dell AIO Printer 948\dldfdatr.dll ()
MOD - C:\Program Files (x86)\Dell AIO Printer 948\dldfcfg.dll ()
MOD - C:\Program Files (x86)\Dell AIO Printer 948\DLDFptp.dll ()
MOD - C:\Program Files (x86)\Dell AIO Printer 948\dldfcats.dll ()


========== Win32 Services (SafeList) ==========

SRV:64bit: - (VSSERV) -- C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe (Bitdefender)
SRV:64bit: - (UPDATESRV) -- C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe (Bitdefender)
SRV:64bit: - (Update Server) -- C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe (BitDefender)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (dldfCATSCustConnectService) -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\dldfserv.exe ()
SRV:64bit: - (dldf_device) -- C:\Windows\SysNative\dldfcoms.exe ( )
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (LMIMaint) -- C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe (LogMeIn, Inc.)
SRV - (LMIGuardianSvc) -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe (LogMeIn, Inc.)
SRV - (DellDigitalDelivery) -- c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe (Dell Products, LP.)
SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks SAS)
SRV - (LogMeIn) -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe (LogMeIn, Inc.)
SRV - (RoxWatch12) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe (Sonic Solutions)
SRV - (RoxMediaDB12OEM) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe (Sonic Solutions)
SRV - (NOBU) -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe (Dell, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (dldf_device) -- C:\Windows\SysWow64\dldfcoms.exe ( )


========== Driver Services (SafeList) ==========

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (LMIRfsClientNP) -- C:\Windows\SysNative\LMIRfsClientNP.dll (LogMeIn, Inc.)
DRV:64bit: - (avckf) -- C:\Windows\SysNative\drivers\avckf.sys (BitDefender)
DRV:64bit: - (avchv) -- C:\Windows\SysNative\drivers\avchv.sys (BitDefender)
DRV:64bit: - (avc3) -- C:\Windows\SysNative\drivers\avc3.sys (BitDefender)
DRV:64bit: - (BdfNdisf) -- c:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys (BitDefender LLC)
DRV:64bit: - (bdfwfpf) -- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys (BitDefender LLC)
DRV:64bit: - (trufos) -- C:\Windows\SysNative\drivers\trufos.sys (BitDefender S.R.L.)
DRV:64bit: - (bdsandbox) -- C:\Windows\SysNative\drivers\bdsandbox.sys (BitDefender SRL)
DRV:64bit: - (LMIRfsDriver) -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)
DRV:64bit: - (lmimirr) -- C:\Windows\SysNative\drivers\lmimirr.sys (LogMeIn, Inc.)
DRV:64bit: - (bdfsfltr) -- C:\Windows\SysNative\drivers\bdfsfltr.sys (BitDefender)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (MEIx64) Intel® -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) Intel® -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (BDVEDISK) -- C:\Windows\SysNative\drivers\bdvedisk.sys (BitDefender)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (LMIInfo) -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys (LogMeIn, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-449589144-3921348804-3012424731-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-449589144-3921348804-3012424731-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Weezie\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Weezie\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2012\BDTBEXT\ [2012/01/17 15:46:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender 2012\bdtbext\ [2012/01/17 15:46:30 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Search Results (Enabled)
CHR - default_search_provider: search_url = http://dts.search-results.com/sr?src=crb&appid=113&systemid=406&sr=0&q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Weezie\AppData\Local\Google\Chrome\Application\16.0.912.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Weezie\AppData\Local\Google\Chrome\Application\16.0.912.75\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Weezie\AppData\Local\Google\Chrome\Application\16.0.912.75\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U30 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\BrowserConnection.dll (Bandoo Media, inc)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-449589144-3921348804-3012424731-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [BDAgent] C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe (Bitdefender)
O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()
O4:64bit: - HKLM..\Run: [dldfmon.exe] C:\Program Files (x86)\Dell AIO Printer 948\dldfmon.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4:64bit: - HKLM..\Run: [MemoryCardManager] C:\Program Files (x86)\Dell AIO Printer 948\memcard.exe ()
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
O4 - HKLM..\Run: [Dell AIO Printer 948] C:\Program Files (x86)\Dell AIO Printer 948\fm3032.exe ()
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{751B25D0-A879-4F91-8B8D-CDDC443BA780}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll) - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\datamngr.dll (Bandoo Media, inc)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll) - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\IEBHO.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\datamngr.dll) -C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll) -C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\ehshell.exe: Debugger - C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O27 - HKLM IFEO\ehshell.exe: Debugger - C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/12/15 04:52:18 | 000,000,080 | ---- | M] () - G:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/23 21:00:36 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support Center
[2012/01/23 21:00:24 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Support Center
[2012/01/23 20:52:50 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/01/23 20:48:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/01/23 20:48:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/01/18 15:19:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012/01/18 15:10:45 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/01/18 15:10:45 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/01/18 15:10:45 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/01/18 15:10:45 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/01/18 15:10:45 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/01/18 15:10:45 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/01/18 15:10:44 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/01/18 15:10:44 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/01/18 15:10:44 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/01/18 15:10:44 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/01/18 15:10:43 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/01/18 14:00:58 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Roaming\PCDr
[2012/01/18 14:00:05 | 000,000,000 | ---D | C] -- C:\ProgramData\PCDr
[2012/01/18 13:35:04 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Roaming\Google
[2012/01/18 12:09:44 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012/01/18 12:09:44 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/01/18 12:09:44 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/01/18 12:09:44 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/01/18 12:09:44 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012/01/18 12:09:28 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012/01/18 12:09:28 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012/01/18 12:09:17 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012/01/18 12:09:05 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012/01/18 12:09:05 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012/01/18 12:09:04 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/01/18 12:09:04 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/01/18 11:41:00 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2012/01/17 18:18:10 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Local\Ilivid Player
[2012/01/17 18:16:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLivid
[2012/01/17 18:16:39 | 000,000,000 | ---D | C] -- C:\ProgramData\{B49A644A-1076-4A3D-B124-DAA7862F2318}
[2012/01/17 18:16:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iLivid
[2012/01/17 18:15:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows iLivid Toolbar
[2012/01/17 18:15:31 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Local\PackageAware
[2012/01/17 17:17:19 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Roaming\948 Series
[2012/01/17 16:50:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Dl_cats
[2012/01/17 16:50:48 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Local\ElevatedDiagnostics
[2012/01/17 16:50:44 | 000,000,000 | ---D | C] -- C:\logs
[2012/01/17 16:49:45 | 000,000,000 | ---D | C] -- C:\ProgramData\948 Series
[2012/01/17 16:49:42 | 000,000,000 | ---D | C] -- C:\Program Files\Dell AIO Printer 948
[2012/01/17 16:47:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Printers
[2012/01/17 16:47:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dell AIO Printer 948
[2012/01/17 16:47:10 | 001,200,128 | ---- | C] ( ) -- C:\Windows\SysWow64\dldfserv.dll
[2012/01/17 16:47:10 | 000,983,121 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dldfgf.dll
[2012/01/17 16:47:10 | 000,950,272 | ---- | C] ( ) -- C:\Windows\SysWow64\dldfusb1.dll
[2012/01/17 16:47:10 | 000,860,160 | ---- | C] ( ) -- C:\Windows\SysWow64\dldfcomc.dll
[2012/01/17 16:47:10 | 000,663,552 | ---- | C] ( ) -- C:\Windows\SysWow64\dldfhbn3.dll
[2012/01/17 16:47:10 | 000,647,168 | ---- | C] ( ) -- C:\Windows\SysWow64\dldfpmui.dll
[2012/01/17 16:47:10 | 000,598,664 | ---- | C] ( ) -- C:\Windows\SysWow64\dldfcoms.exe
[2012/01/17 16:47:10 | 000,565,248 | ---- | C] ( ) -- C:\Windows\SysWow64\dldflmpm.dll
[2012/01/17 16:47:10 | 000,365,192 | ---- | C] ( ) -- C:\Windows\SysWow64\dldfcfg.exe
[2012/01/17 16:47:10 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\dldfcomm.dll
[2012/01/17 16:47:10 | 000,356,352 | ---- | C] ( ) -- C:\Windows\SysWow64\dldfinpa.dll
[2012/01/17 16:47:10 | 000,339,968 | ---- | C] ( ) -- C:\Windows\SysWow64\dldfiesc.dll
[2012/01/17 16:47:10 | 000,320,136 | ---- | C] ( ) -- C:\Windows\SysWow64\dldfih.exe
[2012/01/17 16:47:10 | 000,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\dldfprox.dll
[2012/01/17 16:46:59 | 001,895,936 | ---- | C] ( ) -- C:\Windows\SysNative\dldfserv.dll
[2012/01/17 16:46:59 | 001,501,696 | ---- | C] ( ) -- C:\Windows\SysNative\dldfusb1.dll
[2012/01/17 16:46:59 | 000,980,992 | ---- | C] ( ) -- C:\Windows\SysNative\dldfpmui.dll
[2012/01/17 16:46:59 | 000,879,104 | ---- | C] ( ) -- C:\Windows\SysNative\dldflmpm.dll
[2012/01/17 16:46:59 | 000,668,672 | ---- | C] ( ) -- C:\Windows\SysNative\dldfhcp.dll
[2012/01/17 16:46:59 | 000,541,184 | ---- | C] ( ) -- C:\Windows\SysNative\dldfinpa.dll
[2012/01/17 16:46:59 | 000,509,440 | ---- | C] ( ) -- C:\Windows\SysNative\dldfiesc.dll
[2012/01/17 16:46:59 | 000,047,104 | ---- | C] ( ) -- C:\Windows\SysNative\dldfprox.dll
[2012/01/17 16:46:58 | 001,489,408 | ---- | C] ( ) -- C:\Windows\SysNative\dldfcomc.dll
[2012/01/17 16:46:58 | 001,066,496 | ---- | C] ( ) -- C:\Windows\SysNative\dldfhbn3.dll
[2012/01/17 16:46:58 | 001,052,808 | ---- | C] ( ) -- C:\Windows\SysNative\dldfcoms.exe
[2012/01/17 16:46:58 | 000,983,121 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dldfgf.dll
[2012/01/17 16:46:58 | 000,598,664 | ---- | C] ( ) -- C:\Windows\SysNative\dldfcfg.exe
[2012/01/17 16:46:58 | 000,563,200 | ---- | C] ( ) -- C:\Windows\SysNative\dldfcomm.dll
[2012/01/17 16:46:58 | 000,515,208 | ---- | C] ( ) -- C:\Windows\SysNative\dldfih.exe
[2012/01/17 16:46:46 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dldfg.dll
[2012/01/17 16:46:15 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Roaming\Leadertech
[2012/01/17 16:43:29 | 000,000,000 | ---D | C] -- C:\Users\Weezie\My Backup Files
[2012/01/17 16:35:18 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Roaming\Malwarebytes
[2012/01/17 16:35:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/01/17 16:34:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/01/17 16:34:55 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/01/17 16:34:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/01/17 16:30:26 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Local\LogMeIn
[2012/01/17 16:30:11 | 000,034,688 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIport.dll
[2012/01/17 16:30:05 | 000,087,456 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIRfsClientNP.dll
[2012/01/17 16:30:05 | 000,072,216 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys
[2012/01/17 16:29:17 | 000,080,768 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIinit.dll
[2012/01/17 16:29:11 | 000,000,000 | ---D | C] -- C:\ProgramData\LogMeIn
[2012/01/17 16:28:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn
[2012/01/17 16:24:45 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012/01/17 16:23:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2012/01/17 16:23:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012/01/17 16:13:32 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Roaming\Mozilla
[2012/01/17 16:09:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012/01/17 16:09:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip
[2012/01/17 16:09:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/01/17 16:09:40 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/01/17 16:09:27 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CleanUp!
[2012/01/17 16:09:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CleanUp!
[2012/01/17 16:09:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CleanUp!
[2012/01/17 16:08:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CutePDF
[2012/01/17 16:08:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acro Software
[2012/01/17 16:08:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GPLGS
[2012/01/17 16:00:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012/01/17 16:00:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2012/01/17 15:59:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012/01/17 15:56:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012/01/17 15:55:04 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Local\Microsoft Help
[2012/01/17 15:55:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012/01/17 15:53:58 | 000,000,000 | R--D | C] -- C:\MSOCache
[2012/01/17 15:46:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2012
[2012/01/17 15:46:30 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Roaming\Bitdefender
[2012/01/17 15:46:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Bitdefender
[2012/01/17 15:41:59 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Roaming\Roxio Burn
[2012/01/17 15:41:18 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
[2012/01/17 15:40:13 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Roaming\QuickScan
[2012/01/17 15:39:52 | 000,442,088 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\bdfsfltr.sys
[2012/01/17 15:39:52 | 000,329,800 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\SysNative\drivers\trufos.sys
[2012/01/17 15:39:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2012/01/17 15:39:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Bitdefender
[2012/01/17 15:37:06 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/01/17 15:36:50 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Local\Google
[2012/01/17 15:06:58 | 000,000,000 | ---D | C] -- C:\Users\Weezie\Documents\Zack's school papers
[2012/01/17 15:06:56 | 000,000,000 | ---D | C] -- C:\Users\Weezie\Documents\Yonder Mountain String Band
[2012/01/17 15:06:55 | 000,000,000 | --SD | C] -- C:\Users\Weezie\Documents\My Data Sources
[2012/01/17 15:06:55 | 000,000,000 | R-SD | C] -- C:\Users\Weezie\Documents\My Stationery
[2012/01/17 15:06:55 | 000,000,000 | ---D | C] -- C:\Users\Weezie\Documents\OneNote Notebooks
[2012/01/17 15:06:55 | 000,000,000 | ---D | C] -- C:\Users\Weezie\Documents\New Folder
[2012/01/17 15:06:55 | 000,000,000 | ---D | C] -- C:\Users\Weezie\Documents\My Snapfire Shows
[2012/01/17 15:06:55 | 000,000,000 | ---D | C] -- C:\Users\Weezie\Documents\My Google Gadgets
[2012/01/17 15:06:53 | 000,000,000 | ---D | C] -- C:\Users\Weezie\Documents\How I Got Over - The Roots - ojb
[2012/01/17 15:06:53 | 000,000,000 | ---D | C] -- C:\Users\Weezie\Documents\Downloads
[2012/01/17 15:06:53 | 000,000,000 | ---D | C] -- C:\Users\Weezie\Documents\Don's Files
[2012/01/17 15:06:53 | 000,000,000 | ---D | C] -- C:\Users\Weezie\Documents\Dell Webcam Center
[2012/01/17 15:06:53 | 000,000,000 | ---D | C] -- C:\Users\Weezie\Documents\Bluetooth Exchange Folder
[2012/01/17 15:03:27 | 000,000,000 | ---D | C] -- C:\Users\Weezie\Desktop\music stuff
[2012/01/17 15:03:26 | 000,000,000 | ---D | C] -- C:\Users\Weezie\Documents\Jan 2012 Data Backup
[2012/01/17 14:53:04 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/01/17 14:43:56 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Roaming\Adobe
[2012/01/17 14:42:42 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Local\Nero_AG
[2012/01/17 14:42:31 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Roaming\Nero
[2012/01/17 14:42:31 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Local\Nero
[2012/01/17 14:37:48 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012/01/17 14:37:48 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012/01/17 14:37:48 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012/01/17 14:28:28 | 000,000,000 | -HSD | C] -- C:\System Recovery
[2012/01/17 14:27:31 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Local\Dell
[2012/01/17 14:26:52 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Roaming\Fingertapps
[2012/01/17 14:26:52 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Roaming\Dell
[2012/01/17 14:26:46 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Roaming\Dell Touch Zone
[2012/01/17 14:26:44 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Roaming\Roxio
[2012/01/17 14:26:34 | 000,000,000 | R--D | C] -- C:\Users\Weezie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/01/17 14:26:34 | 000,000,000 | R--D | C] -- C:\Users\Weezie\Searches
[2012/01/17 14:26:34 | 000,000,000 | R--D | C] -- C:\Users\Weezie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/01/17 14:26:34 | 000,000,000 | ---D | C] -- C:\Users\Weezie\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/01/17 14:26:26 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Roaming\Identities
[2012/01/17 14:26:24 | 000,000,000 | R--D | C] -- C:\Users\Weezie\Contacts
[2012/01/17 14:26:22 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Local\VirtualStore
[2012/01/17 14:18:41 | 000,000,000 | -HSD | C] -- C:\Users\Weezie\AppData\Local\Temporary Internet Files
[2012/01/17 14:18:41 | 000,000,000 | -HSD | C] -- C:\Users\Weezie\Templates
[2012/01/17 14:18:41 | 000,000,000 | -HSD | C] -- C:\Users\Weezie\Start Menu
[2012/01/17 14:18:41 | 000,000,000 | -HSD | C] -- C:\Users\Weezie\SendTo
[2012/01/17 14:18:41 | 000,000,000 | -HSD | C] -- C:\Users\Weezie\Recent
[2012/01/17 14:18:41 | 000,000,000 | -HSD | C] -- C:\Users\Weezie\PrintHood
[2012/01/17 14:18:41 | 000,000,000 | -HSD | C] -- C:\Users\Weezie\NetHood
[2012/01/17 14:18:41 | 000,000,000 | -HSD | C] -- C:\Users\Weezie\Documents\My Videos
[2012/01/17 14:18:41 | 000,000,000 | -HSD | C] -- C:\Users\Weezie\Documents\My Pictures
[2012/01/17 14:18:41 | 000,000,000 | -HSD | C] -- C:\Users\Weezie\Documents\My Music
[2012/01/17 14:18:41 | 000,000,000 | -HSD | C] -- C:\Users\Weezie\My Documents
[2012/01/17 14:18:41 | 000,000,000 | -HSD | C] -- C:\Users\Weezie\Local Settings
[2012/01/17 14:18:41 | 000,000,000 | -HSD | C] -- C:\Users\Weezie\AppData\Local\History
[2012/01/17 14:18:41 | 000,000,000 | -HSD | C] -- C:\Users\Weezie\Cookies
[2012/01/17 14:18:41 | 000,000,000 | -HSD | C] -- C:\Users\Weezie\Application Data
[2012/01/17 14:18:41 | 000,000,000 | -HSD | C] -- C:\Users\Weezie\AppData\Local\Application Data
[2012/01/17 14:18:40 | 000,000,000 | --SD | C] -- C:\Users\Weezie\AppData\Roaming\Microsoft
[2012/01/17 14:18:40 | 000,000,000 | R--D | C] -- C:\Users\Weezie\Videos
[2012/01/17 14:18:40 | 000,000,000 | R--D | C] -- C:\Users\Weezie\Saved Games
[2012/01/17 14:18:40 | 000,000,000 | R--D | C] -- C:\Users\Weezie\Pictures
[2012/01/17 14:18:40 | 000,000,000 | R--D | C] -- C:\Users\Weezie\Music
[2012/01/17 14:18:40 | 000,000,000 | R--D | C] -- C:\Users\Weezie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/01/17 14:18:40 | 000,000,000 | R--D | C] -- C:\Users\Weezie\Links
[2012/01/17 14:18:40 | 000,000,000 | R--D | C] -- C:\Users\Weezie\Favorites
[2012/01/17 14:18:40 | 000,000,000 | R--D | C] -- C:\Users\Weezie\Downloads
[2012/01/17 14:18:40 | 000,000,000 | R--D | C] -- C:\Users\Weezie\Documents
[2012/01/17 14:18:40 | 000,000,000 | R--D | C] -- C:\Users\Weezie\Desktop
[2012/01/17 14:18:40 | 000,000,000 | R--D | C] -- C:\Users\Weezie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/01/17 14:18:40 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Local\Temp
[2012/01/17 14:18:40 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Local\SoftThinks
[2012/01/17 14:18:40 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Local\Microsoft
[2012/01/17 14:18:40 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Roaming\Media Center Programs
[2012/01/17 14:18:40 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Roaming\Macromedia
[2012/01/17 14:18:40 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData
[2012/01/10 05:17:37 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/01/10 05:17:00 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2012/01/10 05:16:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2012/01/10 05:16:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2012/01/10 05:16:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2012/01/10 05:16:32 | 000,000,000 | ---D | C] -- C:\Intel
[2012/01/10 05:14:52 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012/01/10 05:11:44 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2012/01/10 05:11:44 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2012/01/10 05:11:44 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2012/01/10 05:11:44 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2012/01/10 05:11:44 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2012/01/10 05:11:44 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2012/01/10 05:11:44 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2012/01/10 05:11:44 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2012/01/10 05:11:44 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2012/01/10 05:11:44 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2012/01/10 05:11:44 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2012/01/10 05:11:44 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2012/01/10 05:11:44 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2012/01/10 05:11:44 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2012/01/10 05:11:44 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2012/01/10 05:11:42 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2012/01/10 05:11:42 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2012/01/10 05:11:42 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2012/01/10 05:11:42 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2012/01/10 05:11:42 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012/01/10 05:11:42 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2012/01/10 05:11:42 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012/01/10 05:11:42 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2012/01/10 05:11:42 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012/01/10 05:11:42 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012/01/10 05:11:42 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2012/01/10 05:11:41 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012/01/10 05:11:41 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2012/01/10 05:11:41 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/01/10 05:11:41 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2012/01/10 05:11:41 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012/01/10 05:11:41 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012/01/10 05:11:41 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2012/01/10 05:11:41 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2012/01/10 05:11:41 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2012/01/10 05:11:41 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2012/01/10 05:11:41 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012/01/10 05:11:41 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2012/01/10 05:11:41 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012/01/10 05:11:40 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012/01/10 05:11:40 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2012/01/10 05:11:40 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2012/01/10 05:11:40 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2012/01/10 05:11:40 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2012/01/10 05:11:40 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012/01/10 05:11:40 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012/01/10 05:11:40 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012/01/10 05:11:40 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2012/01/10 05:11:40 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012/01/10 05:11:40 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012/01/10 05:11:40 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2012/01/10 05:11:40 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012/01/10 05:11:40 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012/01/10 05:11:40 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012/01/10 05:11:40 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012/01/10 05:11:40 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012/01/10 05:11:40 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012/01/10 05:11:40 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012/01/10 05:11:40 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012/01/10 05:11:40 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012/01/10 05:11:40 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012/01/10 05:11:40 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012/01/10 05:11:40 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012/01/10 05:11:39 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012/01/10 05:11:39 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012/01/10 05:11:39 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2012/01/10 05:11:39 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2012/01/10 05:11:39 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2012/01/10 05:11:39 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2012/01/10 05:11:39 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2012/01/10 05:11:39 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2012/01/10 05:11:39 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2012/01/10 05:11:39 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2012/01/10 05:11:39 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2012/01/10 05:11:38 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2012/01/10 05:11:38 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2012/01/10 05:11:38 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2012/01/10 05:11:38 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2012/01/10 05:11:38 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2012/01/10 05:11:38 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2012/01/10 05:11:38 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2012/01/10 05:11:38 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2012/01/10 05:11:38 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2012/01/10 05:11:37 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2012/01/10 05:11:37 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2012/01/10 05:11:36 | 005,561,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/01/10 05:11:36 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/01/10 05:11:36 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/01/10 05:11:36 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2012/01/10 05:11:36 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2012/01/10 05:11:36 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2012/01/10 05:11:36 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2012/01/10 05:11:36 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2012/01/10 05:11:36 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2012/01/10 05:11:36 | 000,246,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\input.dll
[2012/01/10 05:11:36 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\input.dll
[2012/01/10 05:11:36 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2012/01/10 05:11:36 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2012/01/10 05:11:36 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2012/01/10 05:11:36 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2012/01/10 05:11:36 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2012/01/10 05:11:36 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2012/01/10 05:11:35 | 000,800,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2012/01/10 05:11:35 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTAM.DLL
[2012/01/10 05:11:35 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAL.DLL
[2012/01/10 05:11:35 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINDEV.DLL
[2012/01/10 05:11:35 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBEN.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTEL.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTAM.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINPUN.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINORI.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINORI.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAR.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAR.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAL.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINKAN.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINKAN.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINHIN.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINHIN.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINGUJ.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINEN.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINDEV.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBEN.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBE2.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBE1.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINASA.DLL
[2012/01/10 05:11:35 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTEL.DLL
[2012/01/10 05:11:35 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINPUN.DLL
[2012/01/10 05:11:35 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINGUJ.DLL
[2012/01/10 05:11:35 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBE2.DLL
[2012/01/10 05:11:35 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBE1.DLL
[2012/01/10 05:11:35 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINASA.DLL
[2012/01/10 05:08:17 | 000,000,000 | ---D | C] -- C:\Program Files\ZinioReader4
[2012/01/10 05:08:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Dell
[2012/01/10 05:04:59 | 000,000,000 | ---D | C] -- C:\Apps
[2012/01/10 05:01:43 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Games Folder
[2012/01/10 04:51:08 | 001,576,576 | ---- | C] (Conexant Systems Inc.) -- C:\Windows\SysNative\drivers\CHDRT64.sys
[2012/01/10 04:51:08 | 001,548,416 | ---- | C] (Conexant Systems Inc.) -- C:\Windows\SysNative\CX64AP40.dll
[2012/01/10 04:51:08 | 000,517,760 | ---- | C] (Conexant Systems, Inc.) -- C:\Windows\SysNative\UCI64A71.dll
[2012/01/10 04:51:08 | 000,024,704 | ---- | C] (Conexant Systems, Inc.) -- C:\Windows\SysNative\CXHDMI64.dll
[2012/01/10 04:50:50 | 000,539,240 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2012/01/10 04:50:50 | 000,107,552 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll
[2012/01/10 04:50:48 | 000,317,440 | ---- | C] (Intel® Corporation) -- C:\Windows\SysNative\drivers\IntcDAud.sys
[2012/01/10 04:50:48 | 000,014,848 | ---- | C] (Intel® Corporation) -- C:\Windows\SysNative\IntcDAuC.dll
[2012/01/10 04:50:41 | 000,380,928 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxTMM.dll
[2012/01/10 04:50:41 | 000,368,640 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\iglhsip32.dll
[2012/01/10 04:50:41 | 000,364,032 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\iglhsip64.dll
[2012/01/10 04:50:41 | 000,167,960 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxtray.exe
[2012/01/10 04:50:41 | 000,095,744 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\iglhcp64.dll
[2012/01/10 04:50:41 | 000,092,672 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxCoIn_v2291.dll
[2012/01/10 04:50:41 | 000,086,528 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\iglhcp32.dll
[2012/01/10 04:50:40 | 009,014,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxress.dll
[2012/01/10 04:50:40 | 000,509,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.exe
[2012/01/10 04:50:40 | 000,287,232 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfra.lrc
[2012/01/10 04:50:40 | 000,287,232 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxresn.lrc
[2012/01/10 04:50:40 | 000,287,232 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrell.lrc
[2012/01/10 04:50:40 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsky.lrc
[2012/01/10 04:50:40 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrus.lrc
[2012/01/10 04:50:40 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrom.lrc
[2012/01/10 04:50:40 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptg.lrc
[2012/01/10 04:50:40 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrplk.lrc
[2012/01/10 04:50:40 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnld.lrc
[2012/01/10 04:50:40 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrita.lrc
[2012/01/10 04:50:40 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhrv.lrc
[2012/01/10 04:50:40 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdeu.lrc
[2012/01/10 04:50:40 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtrk.lrc
[2012/01/10 04:50:40 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsve.lrc
[2012/01/10 04:50:40 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrslv.lrc
[2012/01/10 04:50:40 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptb.lrc
[2012/01/10 04:50:40 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnor.lrc
[2012/01/10 04:50:40 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhun.lrc
[2012/01/10 04:50:40 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfin.lrc
[2012/01/10 04:50:40 | 000,285,696 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtha.lrc
[2012/01/10 04:50:40 | 000,285,696 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrenu.lrc
[2012/01/10 04:50:40 | 000,285,184 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrheb.lrc
[2012/01/10 04:50:40 | 000,283,648 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrjpn.lrc
[2012/01/10 04:50:40 | 000,283,136 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrkor.lrc
[2012/01/10 04:50:40 | 000,062,464 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.dll
[2012/01/10 04:50:39 | 007,470,080 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdumd64.dll
[2012/01/10 04:50:39 | 000,575,488 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdumdx32.dll
[2012/01/10 04:50:39 | 000,418,328 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpers.exe
[2012/01/10 04:50:39 | 000,385,024 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdev.dll
[2012/01/10 04:50:39 | 000,335,872 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpph.dll
[2012/01/10 04:50:39 | 000,288,768 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxdv32.dll
[2012/01/10 04:50:39 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcsy.lrc
[2012/01/10 04:50:39 | 000,285,696 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdan.lrc
[2012/01/10 04:50:39 | 000,285,184 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrara.lrc
[2012/01/10 04:50:39 | 000,282,624 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcht.lrc
[2012/01/10 04:50:39 | 000,282,624 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrchs.lrc
[2012/01/10 04:50:39 | 000,239,128 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxext.exe
[2012/01/10 04:50:39 | 000,142,848 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmrt32.dll
[2012/01/10 04:50:39 | 000,142,336 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdo.dll
[2012/01/10 04:50:39 | 000,126,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcpl.cpl
[2012/01/10 04:50:39 | 000,122,368 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcmrt64.dll
[2012/01/10 04:50:39 | 000,028,672 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxexps.dll
[2012/01/10 04:50:39 | 000,024,576 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxexps32.dll
[2012/01/10 04:50:39 | 000,004,096 | ---- | C] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll
[2012/01/10 04:50:38 | 012,273,408 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys
[2012/01/10 04:50:38 | 005,689,344 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdumd32.dll
[2012/01/10 04:50:37 | 007,386,112 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igd10umd64.dll
[2012/01/10 04:50:37 | 006,068,224 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igd10umd32.dll
[2012/01/10 04:50:36 | 019,591,680 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\ig4icd64.dll
[2012/01/10 04:50:36 | 014,292,992 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\ig4icd32.dll
[2012/01/10 04:50:36 | 000,391,704 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hkcmd.exe
[2012/01/10 04:50:36 | 000,109,056 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hccutils.dll
[2012/01/10 04:50:35 | 004,368,920 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\GfxUI.exe
[2012/01/10 04:50:35 | 000,144,896 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\gfxSrvc.dll
[2012/01/10 04:50:27 | 000,056,344 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys
[2012/01/10 04:50:12 | 002,374,656 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys
[2012/01/10 04:49:30 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/01/10 04:49:30 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/01/10 04:49:30 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/01/10 04:49:30 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/01/10 04:49:30 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/01/10 04:49:30 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/01/10 04:49:30 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/01/10 04:49:30 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/01/10 04:49:30 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/01/10 04:49:30 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/01/10 04:49:30 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/01/10 04:49:30 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/01/10 04:49:30 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/01/10 04:49:30 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/01/10 04:49:30 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/01/10 04:49:30 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/01/10 04:49:30 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/01/10 04:49:30 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/01/10 04:49:30 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/01/10 04:49:30 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/01/10 04:49:30 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/01/10 04:49:30 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/01/10 04:49:30 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/01/10 04:49:30 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/01/10 04:49:30 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/01/10 04:49:30 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/01/10 04:49:30 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/01/10 04:49:30 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/01/10 04:49:30 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/01/10 04:49:30 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/01/10 04:49:30 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/01/10 04:49:30 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/01/10 04:49:30 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/01/10 04:49:30 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/01/10 04:49:30 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/01/10 04:49:30 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/01/10 04:49:30 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/01/10 04:49:30 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/01/10 04:49:30 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/01/10 04:49:30 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/01/10 04:49:30 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/01/10 04:49:30 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/01/10 04:49:30 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/01/10 04:49:30 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/01/10 04:49:30 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/01/10 04:49:30 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/01/10 04:49:30 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/01/10 04:49:30 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/01/10 04:49:30 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/01/10 04:49:30 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/01/10 04:49:30 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/01/10 04:49:30 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/01/10 04:49:30 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/01/10 04:49:30 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/01/10 04:49:30 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/01/10 04:49:30 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/01/10 04:49:30 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/01/10 04:49:30 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/01/10 04:49:30 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/01/10 04:49:30 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/01/10 04:49:30 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/01/10 04:46:49 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\oem
[2012/01/10 04:46:46 | 000,000,000 | ---D | C] -- C:\Drivers
[2012/01/10 04:24:17 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Fingertapps
[2012/01/10 04:12:09 | 000,000,000 | ---D | C] -- C:\Program Files\dell stage
[2012/01/10 04:10:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2012/01/10 04:09:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2012/01/10 04:07:14 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2012/01/10 04:07:00 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2012/01/10 04:06:46 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2012/01/10 04:05:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2012/01/10 04:03:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\mcafee
[2012/01/10 04:03:13 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012/01/10 04:01:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Uninstall
[2012/01/10 03:59:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SureThing Shared
[2012/01/10 03:59:12 | 000,000,000 | ---D | C] -- C:\ProgramData\PhotoShow Shared Assets
[2012/01/10 03:59:10 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio
[2012/01/10 03:58:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator Starter
[2012/01/10 03:57:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic
[2012/01/10 03:57:11 | 000,055,856 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\PxHlpa64.sys
[2012/01/10 03:57:11 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdralw2k.sys
[2012/01/10 03:57:11 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdr4_xp.sys
[2012/01/10 03:57:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Roxio
[2012/01/10 03:56:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2012/01/10 03:56:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared
[2012/01/10 03:56:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Roxio
[2012/01/10 03:56:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrovision
[2012/01/10 03:56:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Roxio Shared
[2012/01/10 03:56:07 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2012/01/10 03:56:07 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2012/01/10 03:56:07 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2012/01/10 03:56:07 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2012/01/10 03:56:07 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2012/01/10 03:56:07 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2012/01/10 03:56:01 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2012/01/10 03:56:01 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2012/01/10 03:56:01 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2012/01/10 03:56:01 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2012/01/10 03:56:01 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2012/01/10 03:56:01 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2012/01/10 03:56:01 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2012/01/10 03:56:01 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2012/01/10 03:56:01 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2012/01/10 03:56:01 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2012/01/10 03:56:01 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2012/01/10 03:56:01 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2012/01/10 03:56:01 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2012/01/10 03:56:01 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2012/01/10 03:56:01 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2012/01/10 03:56:01 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2012/01/10 03:56:01 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2012/01/10 03:56:01 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2012/01/10 03:56:01 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2012/01/10 03:56:01 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2012/01/10 03:56:00 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2012/01/10 03:56:00 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2012/01/10 03:56:00 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2012/01/10 03:56:00 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2012/01/10 03:56:00 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2012/01/10 03:56:00 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2012/01/10 03:56:00 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2012/01/10 03:56:00 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2012/01/10 03:56:00 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2012/01/10 03:56:00 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2012/01/10 03:56:00 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2012/01/10 03:56:00 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2012/01/10 03:56:00 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2012/01/10 03:56:00 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2012/01/10 03:56:00 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2012/01/10 03:56:00 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2012/01/10 03:56:00 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2012/01/10 03:56:00 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2012/01/10 03:56:00 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2012/01/10 03:56:00 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2012/01/10 03:55:54 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2012/01/10 03:55:54 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2012/01/10 03:55:54 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2012/01/10 03:55:54 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2012/01/10 03:55:54 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2012/01/10 03:55:54 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2012/01/10 03:55:54 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2012/01/10 03:55:54 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2012/01/10 03:55:54 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2012/01/10 03:55:54 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2012/01/10 03:55:54 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2012/01/10 03:55:54 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2012/01/10 03:55:53 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2012/01/10 03:55:53 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2012/01/10 03:55:53 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2012/01/10 03:55:53 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2012/01/10 03:55:53 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2012/01/10 03:55:53 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2012/01/10 03:55:53 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2012/01/10 03:55:53 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2012/01/10 03:55:53 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2012/01/10 03:55:53 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2012/01/10 03:55:53 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2012/01/10 03:55:53 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2012/01/10 03:55:52 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2012/01/10 03:55:52 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2012/01/10 03:55:52 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2012/01/10 03:55:52 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2012/01/10 03:55:52 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2012/01/10 03:55:52 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2012/01/10 03:54:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012/01/10 03:54:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012/01/10 03:54:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012/01/10 03:53:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2012/01/10 03:53:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Jagex
[2012/01/10 03:52:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell DataSafe Online
[2012/01/10 03:51:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PlayReady
[2012/01/10 03:50:45 | 000,000,000 | ---D | C] -- C:\Windows\en
[2012/01/10 03:50:17 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2012/01/10 03:50:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2012/01/10 03:49:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2012/01/10 03:48:50 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012/01/10 03:48:35 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2012/01/10 03:48:23 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2012/01/10 03:48:23 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2012/01/10 03:48:23 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2012/01/10 03:48:23 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2012/01/10 03:47:42 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2012/01/10 03:47:42 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2012/01/10 03:47:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/01/10 03:46:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012/01/10 03:46:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2012/01/10 03:46:13 | 000,841,280 | ---- | C] (ArcSoft, Inc.) -- C:\Windows\SysNative\PhotoStageScrSaver.scr
[2012/01/10 03:46:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dell Digital Delivery
[2012/01/10 03:45:45 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Dell
[2012/01/10 03:45:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dell Stage
[2012/01/10 03:45:13 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Stage
[2012/01/10 03:45:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cyberlink
[2012/01/10 03:45:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dell
[2012/01/10 03:44:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2012/01/10 03:44:29 | 000,000,000 | ---D | C] -- C:\ProgramData\install_clap
[2012/01/10 03:44:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2012/01/10 03:43:22 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012/01/10 03:43:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/01/10 03:42:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012/01/10 03:42:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Cozi
[2012/01/10 03:40:22 | 000,000,000 | ---D | C] -- C:\Temp
[2012/01/10 03:40:20 | 000,151,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WimFltr.sys
[2012/01/10 03:40:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dell DataSafe Local Backup
[2012/01/10 03:40:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell DataSafe
[2012/01/10 03:40:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012/01/10 03:36:23 | 000,000,000 | ---D | C] -- C:\ProgramData\WildTangent
[2012/01/10 03:36:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WildTangent
[2012/01/10 03:36:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
[2012/01/10 03:35:57 | 000,525,544 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll
[2012/01/10 03:35:57 | 000,190,752 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe
[2012/01/10 03:35:57 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe
[2012/01/10 03:35:57 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe
[2012/01/10 03:35:55 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/01/10 03:35:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/01/10 03:35:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/01/10 03:35:33 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2012/01/10 03:35:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/01/10 03:22:33 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/01/10 03:22:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012/01/10 03:22:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/01/10 03:22:27 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Inc
[2012/01/10 03:20:42 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2012/01/10 03:20:42 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[5 C:\Users\Weezie\Documents\*.tmp files -> C:\Users\Weezie\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/01/23 21:36:04 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/23 21:18:30 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/23 21:18:30 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/23 21:15:33 | 000,808,606 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/01/23 21:15:33 | 000,171,182 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/01/23 21:15:33 | 000,006,194 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/01/23 21:11:37 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/23 21:11:11 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012/01/23 21:11:11 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012/01/23 21:10:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/23 21:10:49 | 468,156,415 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/23 20:49:12 | 000,361,872 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/01/18 14:49:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-449589144-3921348804-3012424731-1000UA.job
[2012/01/17 18:16:39 | 000,000,957 | ---- | M] () -- C:\Users\Public\Desktop\iLivid Download Manager.lnk
[2012/01/17 17:16:50 | 000,000,385 | ---- | M] () -- C:\Windows\SysNative\user_gensett.xml
[2012/01/17 16:50:47 | 000,023,392 | ---- | M] () -- C:\Windows\SysNative\LexFiles.ulf
[2012/01/17 16:29:13 | 000,001,024 | ---- | M] () -- C:\.rnd
[2012/01/17 16:23:08 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/01/17 15:49:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-449589144-3921348804-3012424731-1000Core.job
[2012/01/17 15:47:22 | 000,274,662 | ---- | M] () -- C:\ProgramData\1326832783.bdinstall.bin
[2012/01/17 15:46:58 | 000,000,270 | ---- | M] () -- C:\bdr-conf
[2012/01/17 15:46:41 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2012/01/17 15:46:31 | 000,002,058 | RHS- | M] () -- C:\Users\Public\Desktop\Bitdefender Internet Security 2012.lnk
[2012/01/17 14:43:46 | 000,001,439 | ---- | M] () -- C:\Users\Weezie\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/01/17 14:17:37 | 000,108,227 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012/01/17 14:17:37 | 000,108,227 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012/01/10 05:16:23 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/01/10 05:13:22 | 000,030,449 | R--- | M] () -- C:\dell.sdr
[2012/01/10 05:11:44 | 002,315,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2012/01/10 05:11:44 | 002,223,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2012/01/10 05:11:44 | 001,549,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2012/01/10 05:11:44 | 001,401,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2012/01/10 05:11:44 | 000,778,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2012/01/10 05:11:44 | 000,666,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2012/01/10 05:11:44 | 000,491,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2012/01/10 05:11:44 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2012/01/10 05:11:44 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2012/01/10 05:11:44 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2012/01/10 05:11:44 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2012/01/10 05:11:44 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2012/01/10 05:11:44 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2012/01/10 05:11:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2012/01/10 05:11:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2012/01/10 05:11:42 | 001,395,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2012/01/10 05:11:42 | 001,359,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2012/01/10 05:11:42 | 001,164,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2012/01/10 05:11:42 | 001,137,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2012/01/10 05:11:42 | 000,613,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012/01/10 05:11:42 | 000,476,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2012/01/10 05:11:42 | 000,465,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012/01/10 05:11:42 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2012/01/10 05:11:42 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012/01/10 05:11:42 | 000,075,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012/01/10 05:11:42 | 000,027,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2012/01/10 05:11:41 | 002,871,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012/01/10 05:11:41 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2012/01/10 05:11:41 | 001,544,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/01/10 05:11:41 | 000,902,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2012/01/10 05:11:41 | 000,367,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012/01/10 05:11:41 | 000,294,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012/01/10 05:11:41 | 000,252,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2012/01/10 05:11:41 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2012/01/10 05:11:41 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2012/01/10 05:11:41 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2012/01/10 05:11:41 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012/01/10 05:11:41 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2012/01/10 05:11:41 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012/01/10 05:11:40 | 001,162,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012/01/10 05:11:40 | 001,118,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2012/01/10 05:11:40 | 000,961,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2012/01/10 05:11:40 | 000,850,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2012/01/10 05:11:40 | 000,642,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2012/01/10 05:11:40 | 000,421,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012/01/10 05:11:40 | 000,362,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012/01/10 05:11:40 | 000,338,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012/01/10 05:11:40 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2012/01/10 05:11:40 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012/01/10 05:11:40 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012/01/10 05:11:40 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2012/01/10 05:11:40 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012/01/10 05:11:40 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012/01/10 05:11:40 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012/01/10 05:11:40 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012/01/10 05:11:40 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012/01/10 05:11:40 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012/01/10 05:11:40 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012/01/10 05:11:40 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012/01/10 05:11:40 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012/01/10 05:11:40 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012/01/10 05:11:40 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012/01/10 05:11:40 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012/01/10 05:11:39 | 000,861,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012/01/10 05:11:39 | 000,331,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012/01/10 05:11:39 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2012/01/10 05:11:39 | 000,212,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2012/01/10 05:11:39 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2012/01/10 05:11:39 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2012/01/10 05:11:39 | 000,122,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2012/01/10 05:11:39 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2012/01/10 05:11:39 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2012/01/10 05:11:39 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2012/01/10 05:11:39 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2012/01/10 05:11:38 | 002,565,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2012/01/10 05:11:38 | 001,699,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2012/01/10 05:11:38 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2012/01/10 05:11:38 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2012/01/10 05:11:38 | 000,189,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2012/01/10 05:11:38 | 000,107,904 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2012/01/10 05:11:38 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2012/01/10 05:11:38 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2012/01/10 05:11:38 | 000,027,008 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2012/01/10 05:11:37 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2012/01/10 05:11:37 | 000,007,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2012/01/10 05:11:36 | 005,561,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/01/10 05:11:36 | 003,967,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/01/10 05:11:36 | 003,912,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/01/10 05:11:36 | 000,642,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2012/01/10 05:11:36 | 000,605,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2012/01/10 05:11:36 | 000,566,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2012/01/10 05:11:36 | 000,518,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2012/01/10 05:11:36 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2012/01/10 05:11:36 | 000,257,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2012/01/10 05:11:36 | 000,246,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\input.dll
[2012/01/10 05:11:36 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\input.dll
[2012/01/10 05:11:36 | 000,196,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2012/01/10 05:11:36 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2012/01/10 05:11:36 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2012/01/10 05:11:36 | 000,020,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2012/01/10 05:11:36 | 000,019,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2012/01/10 05:11:36 | 000,017,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2012/01/10 05:11:35 | 000,800,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2012/01/10 05:11:35 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTAM.DLL
[2012/01/10 05:11:35 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAL.DLL
[2012/01/10 05:11:35 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINDEV.DLL
[2012/01/10 05:11:35 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBEN.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTEL.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTAM.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINPUN.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINORI.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINORI.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAR.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAR.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAL.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINKAN.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINKAN.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINHIN.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINHIN.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINGUJ.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINEN.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINDEV.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBEN.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBE2.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBE1.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINASA.DLL
[2012/01/10 05:11:35 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTEL.DLL
[2012/01/10 05:11:35 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINPUN.DLL
[2012/01/10 05:11:35 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINGUJ.DLL
[2012/01/10 05:11:35 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBE2.DLL
[2012/01/10 05:11:35 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBE1.DLL
[2012/01/10 05:11:35 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINASA.DLL
[2012/01/10 04:50:10 | 000,004,372 | ---- | M] () -- C:\Windows\SysWow64\drivers\1028_Dell_INS_620.mrk
[2012/01/10 04:50:10 | 000,004,372 | ---- | M] () -- C:\Windows\SysNative\drivers\1028_Dell_INS_620.mrk
[2012/01/10 04:49:30 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/01/10 04:49:30 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/01/10 04:49:30 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/01/10 04:49:30 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/01/10 04:49:30 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/01/10 04:49:30 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/01/10 04:49:30 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/01/10 04:49:30 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/01/10 04:49:30 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/01/10 04:49:30 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/01/10 04:49:30 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/01/10 04:49:30 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/01/10 04:49:30 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/01/10 04:49:30 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/01/10 04:49:30 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/01/10 04:49:30 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/01/10 04:49:30 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/01/10 04:49:30 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/01/10 04:49:30 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/01/10 04:49:30 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/01/10 04:49:30 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/01/10 04:49:30 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/01/10 04:49:30 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/01/10 04:49:30 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/01/10 04:49:30 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/01/10 04:49:30 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/01/10 04:49:30 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/01/10 04:49:30 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/01/10 04:49:30 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/01/10 04:49:30 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/01/10 04:49:30 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/01/10 04:49:30 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/01/10 04:49:30 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/01/10 04:49:30 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/01/10 04:49:30 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/01/10 04:49:30 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/01/10 04:49:30 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/01/10 04:49:30 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/01/10 04:49:30 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/01/10 04:49:30 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/01/10 04:49:30 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/01/10 04:49:30 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/01/10 04:49:30 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/01/10 04:49:30 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/01/10 04:49:30 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/01/10 04:49:30 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/01/10 04:49:30 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/01/10 04:49:30 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/01/10 04:49:30 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012/01/10 04:49:30 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/01/10 04:49:30 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/01/10 04:49:30 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/01/10 04:49:30 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/01/10 04:49:30 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/01/10 04:49:30 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/01/10 04:49:30 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/01/10 04:49:30 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/01/10 04:49:30 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/01/10 04:49:30 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/01/10 04:49:30 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/01/10 04:49:30 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/01/10 04:49:30 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/01/10 04:49:30 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/01/10 03:35:55 | 000,525,544 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll
[2012/01/10 03:35:55 | 000,190,752 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe
[2012/01/10 03:35:55 | 000,171,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe
[2012/01/10 03:35:55 | 000,171,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe
[2012/01/10 03:30:17 | 000,771,986 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[5 C:\Users\Weezie\Documents\*.tmp files -> C:\Users\Weezie\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/01/23 21:00:51 | 000,000,564 | ---- | C] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012/01/23 21:00:43 | 000,000,506 | ---- | C] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012/01/17 18:16:39 | 000,000,957 | ---- | C] () -- C:\Users\Public\Desktop\iLivid Download Manager.lnk
[2012/01/17 17:16:50 | 000,000,385 | ---- | C] () -- C:\Windows\SysNative\user_gensett.xml
[2012/01/17 16:50:09 | 000,045,568 | ---- | C] () -- C:\Windows\SysNative\DLDFPMON.DLL
[2012/01/17 16:50:09 | 000,014,336 | ---- | C] () -- C:\Windows\SysNative\DLDFFXPU.DLL
[2012/01/17 16:49:49 | 000,049,152 | ---- | C] () -- C:\Windows\SysNative\dldfoem.dll
[2012/01/17 16:49:49 | 000,003,584 | ---- | C] () -- C:\Windows\SysNative\DLDFPMRC.DLL
[2012/01/17 16:47:10 | 000,598,950 | ---- | C] () -- C:\Windows\SysWow64\DLDFhelp.chm
[2012/01/17 16:47:10 | 000,499,712 | ---- | C] () -- C:\Windows\SysWow64\dldfutil.dll
[2012/01/17 16:47:10 | 000,385,024 | ---- | C] () -- C:\Windows\SysWow64\dldfcomx.dll
[2012/01/17 16:47:10 | 000,348,160 | ---- | C] () -- C:\Windows\SysWow64\dldfinst.dll
[2012/01/17 16:47:10 | 000,176,128 | ---- | C] () -- C:\Windows\SysWow64\dldfinsb.dll
[2012/01/17 16:47:10 | 000,176,128 | ---- | C] () -- C:\Windows\SysWow64\dldfins.dll
[2012/01/17 16:47:10 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\dldfjswr.dll
[2012/01/17 16:47:10 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\dldfinsr.dll
[2012/01/17 16:47:10 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\dldfcub.dll
[2012/01/17 16:47:10 | 000,077,906 | ---- | C] () -- C:\Windows\SysWow64\dldfcfg.dll
[2012/01/17 16:47:10 | 000,077,824 | ---- | C] () -- C:\Windows\SysWow64\dldfcu.dll
[2012/01/17 16:47:10 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\dldfcur.dll
[2012/01/17 16:47:10 | 000,002,092 | ---- | C] () -- C:\Windows\SysWow64\dldf.loc
[2012/01/17 16:46:59 | 000,701,952 | ---- | C] () -- C:\Windows\SysNative\dldfutil.dll
[2012/01/17 16:46:59 | 000,524,288 | ---- | C] () -- C:\Windows\SysNative\dldfinst.dll
[2012/01/17 16:46:59 | 000,159,232 | ---- | C] () -- C:\Windows\SysNative\dldfinsb.dll
[2012/01/17 16:46:59 | 000,125,952 | ---- | C] () -- C:\Windows\SysNative\dldfjswr.dll
[2012/01/17 16:46:59 | 000,023,392 | ---- | C] () -- C:\Windows\SysNative\LexFiles.ulf
[2012/01/17 16:46:58 | 000,598,950 | ---- | C] () -- C:\Windows\SysNative\DLDFhelp.chm
[2012/01/17 16:46:58 | 000,298,496 | ---- | C] () -- C:\Windows\SysNative\dldfgrd.dll
[2012/01/17 16:46:58 | 000,236,544 | ---- | C] () -- C:\Windows\SysNative\dldfins.dll
[2012/01/17 16:46:58 | 000,097,280 | ---- | C] () -- C:\Windows\SysNative\dldfcu.dll
[2012/01/17 16:46:58 | 000,090,112 | ---- | C] () -- C:\Windows\SysNative\dldfinsr.dll
[2012/01/17 16:46:58 | 000,068,608 | ---- | C] () -- C:\Windows\SysNative\dldfcub.dll
[2012/01/17 16:46:58 | 000,065,024 | ---- | C] () -- C:\Windows\SysNative\dldfcfg.dll
[2012/01/17 16:46:58 | 000,022,016 | ---- | C] () -- C:\Windows\SysNative\dldfcur.dll
[2012/01/17 16:46:58 | 000,002,092 | ---- | C] () -- C:\Windows\SysNative\dldf.loc
[2012/01/17 16:46:46 | 000,420,352 | ---- | C] () -- C:\Windows\SysNative\dldfcoin.dll
[2012/01/17 16:46:45 | 000,109,056 | ---- | C] () -- C:\Windows\SysNative\dldfvs.dll
[2012/01/17 16:29:12 | 000,001,024 | ---- | C] () -- C:\.rnd
[2012/01/17 16:28:27 | 000,000,990 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn.lnk
[2012/01/17 16:24:15 | 000,000,898 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/17 16:24:10 | 000,000,894 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/17 16:08:47 | 000,085,504 | ---- | C] () -- C:\Windows\SysNative\cpwmon64.dll
[2012/01/17 15:47:22 | 000,274,662 | ---- | C] () -- C:\ProgramData\1326832783.bdinstall.bin
[2012/01/17 15:46:58 | 036,942,680 | ---- | C] () -- C:\bdrescue.gz
[2012/01/17 15:46:58 | 002,510,608 | ---- | C] () -- C:\bdrescue.vm
[2012/01/17 15:46:58 | 000,217,769 | ---- | C] () -- C:\bdrescue
[2012/01/17 15:46:58 | 000,009,216 | ---- | C] () -- C:\bdrescue.mbr
[2012/01/17 15:46:58 | 000,000,270 | ---- | C] () -- C:\bdr-conf
[2012/01/17 15:46:41 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2012/01/17 15:46:31 | 000,002,058 | RHS- | C] () -- C:\Users\Public\Desktop\Bitdefender Internet Security 2012.lnk
[2012/01/17 15:36:55 | 000,000,912 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-449589144-3921348804-3012424731-1000UA.job
[2012/01/17 15:36:52 | 000,000,860 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-449589144-3921348804-3012424731-1000Core.job
[2012/01/17 15:06:53 | 000,091,543 | ---- | C] () -- C:\Users\Weezie\Documents\selena round&round
[2012/01/17 15:06:53 | 000,060,871 | ---- | C] () -- C:\Users\Weezie\Documents\Zack and lacey.eml
[2012/01/17 15:06:52 | 000,051,596 | ---- | C] () -- C:\Users\Weezie\Documents\bo
[2012/01/17 15:06:51 | 011,776,486 | ---- | C] () -- C:\Users\Weezie\Documents\14 Wake Up Everybody (Live In Studio Performance) (feat. Black Thought) [Exclusive].m4a
[2012/01/17 15:06:51 | 009,492,362 | ---- | C] () -- C:\Users\Weezie\Documents\13 Shine (Waiting for Superman Version) [Exclusive].m4a
[2012/01/17 15:06:50 | 024,477,782 | ---- | C] () -- C:\Users\Weezie\Documents\10 I Can't Write Left Handed.m4a
[2012/01/17 15:06:50 | 010,017,543 | ---- | C] () -- C:\Users\Weezie\Documents\12 Shine.m4a
[2012/01/17 15:06:50 | 005,754,406 | ---- | C] () -- C:\Users\Weezie\Documents\11 I Wish I Knew How It Would Feel to Be Free.m4a
[2012/01/17 15:06:50 | 000,044,253 | ---- | C] () -- C:\Users\Weezie\Documents\09-10-2010 08;57;04PM.rtf
[2012/01/17 15:06:49 | 012,223,192 | ---- | C] () -- C:\Users\Weezie\Documents\09 Wholy Holy.m4a
[2012/01/17 15:06:49 | 008,205,436 | ---- | C] () -- C:\Users\Weezie\Documents\08 Humanity (Love The Way It Should Be).m4a
[2012/01/17 15:06:49 | 000,007,975 | ---- | C] () -- C:\Users\Weezie\Documents\07-18-2008 12;32;08PM.rtf
[2012/01/17 15:06:48 | 015,005,714 | ---- | C] () -- C:\Users\Weezie\Documents\07 Hang On In There.m4a
[2012/01/17 15:06:48 | 011,411,934 | ---- | C] () -- C:\Users\Weezie\Documents\06 Little Ghetto Boy (feat. Black Thought).m4a
[2012/01/17 15:06:48 | 009,397,162 | ---- | C] () -- C:\Users\Weezie\Documents\03 Wake Up Everybody (feat. Common & Melane Fiona).m4a
[2012/01/17 15:06:48 | 007,066,546 | ---- | C] () -- C:\Users\Weezie\Documents\04 Our Generation (The Hope of the World) (feat. CL Smooth).m4a
[2012/01/17 15:06:48 | 004,601,465 | ---- | C] () -- C:\Users\Weezie\Documents\05 Little Ghetto Boy (Prelude) (feat. Malik Yusef).m4a
[2012/01/17 15:06:48 | 000,048,372 | ---- | C] () -- C:\Users\Weezie\Documents\04-13-2009 04;37;36PM.rtf
[2012/01/17 15:06:48 | 000,004,285 | ---- | C] () -- C:\Users\Weezie\Documents\04-20-2009 12;27;38PM.rtf
[2012/01/17 15:06:47 | 013,448,350 | ---- | C] () -- C:\Users\Weezie\Documents\02 Compared to What.m4a
[2012/01/17 15:06:47 | 010,276,075 | ---- | C] () -- C:\Users\Weezie\Documents\01 Hard Times.m4a
[2012/01/17 15:03:27 | 000,058,698 | ---- | C] () -- C:\Users\Weezie\Desktop\Amber_Call_Log_05.31.2011.pdf
[2012/01/17 14:43:46 | 000,001,439 | ---- | C] () -- C:\Users\Weezie\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/01/17 14:26:37 | 000,001,371 | ---- | C] () -- C:\Users\Weezie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/01/17 14:26:35 | 000,001,445 | ---- | C] () -- C:\Users\Weezie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/01/17 14:19:09 | 000,001,935 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Help Documentation.lnk
[2012/01/17 14:18:40 | 000,000,290 | ---- | C] () -- C:\Users\Weezie\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/01/17 14:18:40 | 000,000,272 | ---- | C] () -- C:\Users\Weezie\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/01/10 05:16:23 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/01/10 05:14:52 | 468,156,415 | -HS- | C] () -- C:\hiberfil.sys
[2012/01/10 05:13:21 | 000,030,449 | R--- | C] () -- C:\dell.sdr
[2012/01/10 04:51:08 | 000,030,895 | ---- | C] () -- C:\Windows\SysNative\drivers\Mixer.ini
[2012/01/10 04:50:50 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2012/01/10 04:50:41 | 001,991,936 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.cpa
[2012/01/10 04:50:41 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012/01/10 04:50:41 | 000,960,940 | ---- | C] () -- C:\Windows\SysNative\igkrng600.bin
[2012/01/10 04:50:41 | 000,060,254 | ---- | C] () -- C:\Windows\SysNative\iglhxg64.vp
[2012/01/10 04:50:41 | 000,060,226 | ---- | C] () -- C:\Windows\SysNative\iglhxc64.vp
[2012/01/10 04:50:41 | 000,060,015 | ---- | C] () -- C:\Windows\SysNative\iglhxo64.vp
[2012/01/10 04:50:41 | 000,013,476 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp
[2012/01/10 04:50:41 | 000,001,090 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.vp
[2012/01/10 04:50:39 | 000,213,332 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012/01/10 04:50:39 | 000,213,332 | ---- | C] () -- C:\Windows\SysNative\igfcg600m.bin
[2012/01/10 04:50:37 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2012/01/10 04:50:37 | 000,145,804 | ---- | C] () -- C:\Windows\SysNative\igcompkrng600.bin
[2012/01/10 04:50:36 | 000,094,208 | ---- | C] () -- C:\Windows\SysNative\IccLibDll_x64.dll
[2012/01/10 04:50:36 | 000,000,151 | ---- | C] () -- C:\Windows\SysNative\GfxUI.exe.config
[2012/01/10 04:50:35 | 000,208,335 | ---- | C] () -- C:\Windows\SysNative\Gfxres.th-TH.resources
[2012/01/10 04:50:35 | 000,180,246 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources
[2012/01/10 04:50:35 | 000,135,119 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ro-RO.resources
[2012/01/10 04:50:35 | 000,133,868 | ---- | C] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources
[2012/01/10 04:50:35 | 000,133,321 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources
[2012/01/10 04:50:35 | 000,132,876 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources
[2012/01/10 04:50:35 | 000,132,422 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources
[2012/01/10 04:50:35 | 000,132,299 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources
[2012/01/10 04:50:35 | 000,131,711 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources
[2012/01/10 04:50:35 | 000,131,290 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources
[2012/01/10 04:50:35 | 000,127,599 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources
[2012/01/10 04:50:35 | 000,116,413 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources
[2012/01/10 04:50:35 | 000,115,195 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources
[2012/01/10 04:50:34 | 000,195,681 | ---- | C] () -- C:\Windows\SysNative\Gfxres.el-GR.resources
[2012/01/10 04:50:34 | 000,179,736 | ---- | C] () -- C:\Windows\SysNative\difx64.exe
[2012/01/10 04:50:34 | 000,154,366 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources
[2012/01/10 04:50:34 | 000,151,350 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources
[2012/01/10 04:50:34 | 000,147,392 | ---- | C] () -- C:\Windows\SysNative\Gfxres.he-IL.resources
[2012/01/10 04:50:34 | 000,138,635 | ---- | C] () -- C:\Windows\SysNative\Gfxres.it-IT.resources
[2012/01/10 04:50:34 | 000,137,000 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources
[2012/01/10 04:50:34 | 000,136,226 | ---- | C] () -- C:\Windows\SysNative\Gfxres.de-DE.resources
[2012/01/10 04:50:34 | 000,136,172 | ---- | C] () -- C:\Windows\SysNative\Gfxres.es-ES.resources
[2012/01/10 04:50:34 | 000,134,081 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources
[2012/01/10 04:50:34 | 000,132,861 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources
[2012/01/10 04:50:34 | 000,131,897 | ---- | C] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources
[2012/01/10 04:50:34 | 000,131,456 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources
[2012/01/10 04:50:34 | 000,130,414 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hr-HR.resources
[2012/01/10 04:50:34 | 000,127,367 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources
[2012/01/10 04:50:34 | 000,127,109 | ---- | C] () -- C:\Windows\SysNative\Gfxres.da-DK.resources
[2012/01/10 04:50:34 | 000,122,646 | ---- | C] () -- C:\Windows\SysNative\Gfxres.en-US.resources
[2012/01/10 04:50:10 | 000,004,372 | ---- | C] () -- C:\Windows\SysWow64\drivers\1028_Dell_INS_620.mrk
[2012/01/10 04:50:10 | 000,004,372 | ---- | C] () -- C:\Windows\SysNative\drivers\1028_Dell_INS_620.mrk
[2012/01/10 04:49:30 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/01/10 04:49:30 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012/01/10 03:54:27 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/01/10 03:50:13 | 000,001,307 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2012/01/10 03:50:05 | 000,001,376 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2012/01/10 03:49:48 | 000,001,460 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2012/01/10 03:49:39 | 000,002,488 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2011/02/10 11:10:51 | 000,771,986 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== Custom Scans ==========


< %temp%\smtmp\*.* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 769 bytes -> C:\Users\Weezie\Documents\Zack and lacey.eml:OECustomProperty

< End of report >

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:17 PM

Posted 23 January 2012 - 10:09 PM

Hello

Run this custom script and when it is complete I need to know how the computer is doing

Run OTL Script

  • Double-click OTL.exe to start the program.
  • Copy and Paste the following code into the Posted Image textbox. Do not include the word Code
    :OTL
    PRC - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
    O2:64bit: - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\BrowserConnection.dll (Bandoo Media, inc)
    O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
    O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
    O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
    O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O4 - HKLM..\Run: [DATAMNGR] C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
    O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll) - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\datamngr.dll (Bandoo Media, inc)
    O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll) - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\IEBHO.dll (Bandoo Media, inc)
    O20 - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\datamngr.dll) -C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
    O20 - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll) -C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
    [2012/01/17 18:18:10 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Local\Ilivid Player
    [2012/01/17 18:16:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLivid
    [2012/01/17 18:16:39 | 000,000,000 | ---D | C] -- C:\ProgramData\{B49A644A-1076-4A3D-B124-DAA7862F2318}
    [2012/01/17 18:16:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iLivid
    [2012/01/17 18:15:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows iLivid Toolbar
    [2012/01/17 18:15:31 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Local\PackageAware
    [2012/01/17 18:16:39 | 000,000,957 | ---- | M] () -- C:\Users\Public\Desktop\iLivid Download Manager.lnk
    [2012/01/17 17:16:50 | 000,000,385 | ---- | M] () -- C:\Windows\SysNative\user_gensett.xml
    :Files
    C:\Program Files (x86)\Windows iLivid Toolbar
    
    ipconfig /flushdns /c
    :Commands
    [PURITY]
    [EMPTYTEMP]
    [emptyjava]
    [EMPTYFLASH]
    [RESETHOSTS]
    
  • Then click the Run Fix button at the top.
  • Click Posted Image.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

Let me know How things are doing

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 ClearFocus

ClearFocus
  • Topic Starter

  • Members
  • 93 posts
  • OFFLINE
  •  
  • Local time:04:17 PM

Posted 24 January 2012 - 11:47 PM

Hi Gringo,

Here is the OTL log file after running the custom script:


All processes killed
========== OTL ==========
No active process named Program Files was found!
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0}\ not found.
File C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\BrowserConnection.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
File C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0}\ not found.
File C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
File C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DATAMNGR not found.
File C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll deleted successfully.
File C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\datamngr.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll deleted successfully.
File C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\IEBHO.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\WI3C8A~1\Datamngr\datamngr.dll deleted successfully.
File pInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\datamngr.dll) -C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngr.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll deleted successfully.
File pInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll) -C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\IEBHO.dll not found.
Folder C:\Users\Weezie\AppData\Local\Ilivid Player\ not found.
Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLivid\ not found.
Folder C:\ProgramData\{B49A644A-1076-4A3D-B124-DAA7862F2318}\ not found.
Folder C:\Program Files (x86)\iLivid\ not found.
Folder C:\Program Files (x86)\Windows iLivid Toolbar\ not found.
Folder C:\Users\Weezie\AppData\Local\PackageAware\ not found.
File C:\Users\Public\Desktop\iLivid Download Manager.lnk not found.
File C:\Windows\SysNative\user_gensett.xml not found.
========== FILES ==========
File\Folder C:\Program Files (x86)\Windows iLivid Toolbar not found.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Weezie\Downloads\cmd.bat deleted successfully.
C:\Users\Weezie\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56466 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: Weezie
->Temp folder emptied: 42774034 bytes
->Temporary Internet Files folder emptied: 103062891 bytes
->Java cache emptied: 26345 bytes
->Google Chrome cache emptied: 6991133 bytes
->Flash cache emptied: 60002 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 244259142 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50333 bytes
RecycleBin emptied: 784 bytes

Total Files Cleaned = 379.00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Public

User: Weezie
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0.00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: Weezie
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.31.0 log created on 01242012_225312

Files\Folders moved on Reboot...
C:\Users\Weezie\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...


What are your thoughts as to whether or not it appears we are clean of threat/infection?

Many thanks!

Brian

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:17 PM

Posted 25 January 2012 - 08:43 AM

Hello

I think for the most part it is gone

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 ClearFocus

ClearFocus
  • Topic Starter

  • Members
  • 93 posts
  • OFFLINE
  •  
  • Local time:04:17 PM

Posted 25 January 2012 - 04:39 PM

Hi Gringo,

Here is the log from running ComboFix:


ComboFix 12-01-23.02 - Weezie 01/25/2012 16:29:14.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6057.4044 [GMT -5:00]
Running from: c:\users\Weezie\Desktop\ComboFix.exe
AV: Bitdefender Antivirus *Disabled/Updated* {50909708-FF80-02AF-F814-B28405891E92}
FW: Bitdefender Firewall *Enabled* {68AB162D-B5EF-03F7-D34B-1BB1FB5A59E9}
SP: Bitdefender Antispyware *Disabled/Updated* {EBF176EC-D9BA-0D21-C2A4-89F67E0E542F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\PCDr\5907\Downloads\82c29976-999d-4c8f-bac9-590e78eef64b.dll
c:\programdata\PCDr\5907\Downloads\8d357f17-07ad-4392-ba06-fb67564c98cd.dll
c:\programdata\PCDr\5907\Downloads\d1f4dc82-bc4c-4916-b37c-3ab9c30ae468.dll
c:\users\Weezie\Documents\~WRL0001.tmp
c:\users\Weezie\Documents\~WRL0002.tmp
c:\users\Weezie\Documents\~WRL0003.tmp
c:\users\Weezie\Documents\~WRL0005.tmp
c:\users\Weezie\Documents\~WRL3727.tmp
c:\windows\system32\java.exe
G:\Autorun.inf
G:\Setup.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-12-25 to 2012-01-25 )))))))))))))))))))))))))))))))
.
.
2012-01-25 21:32 . 2012-01-25 21:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-25 02:42 . 2012-01-25 02:42 -------- d-----w- C:\_OTL
2012-01-24 02:00 . 2012-01-24 02:00 -------- d-----w- c:\program files\Dell Support Center
2012-01-24 01:48 . 2012-01-24 01:48 -------- d-----w- c:\windows\SysWow64\Wat
2012-01-24 01:48 . 2012-01-24 01:48 -------- d-----w- c:\windows\system32\Wat
2012-01-18 20:19 . 2012-01-18 20:19 -------- d-----w- c:\program files (x86)\MSXML 4.0
2012-01-18 20:15 . 2012-01-18 20:15 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2012-01-18 19:00 . 2012-01-24 02:00 -------- d-----w- c:\programdata\PCDr
2012-01-18 16:41 . 2012-01-18 16:41 -------- d-----w- c:\programdata\boost_interprocess
2012-01-17 21:50 . 2012-01-25 21:24 -------- d-----w- c:\programdata\Dl_cats
2012-01-17 21:50 . 2012-01-17 21:50 -------- d-----w- C:\logs
2012-01-17 21:50 . 2007-05-03 04:43 138240 ----a-w- c:\windows\system32\Spool\prtprocs\x64\dldfdrpp.dll
2012-01-17 21:50 . 2007-06-22 14:32 45568 ----a-w- c:\windows\system32\DLDFPMON.DLL
2012-01-17 21:50 . 2007-06-22 14:32 14336 ----a-w- c:\windows\system32\DLDFFXPU.DLL
2012-01-17 21:49 . 2007-06-22 14:32 3584 ----a-w- c:\windows\system32\DLDFPMRC.DLL
2012-01-17 21:49 . 2007-05-04 07:23 49152 ----a-w- c:\windows\system32\dldfoem.dll
2012-01-17 21:49 . 2012-01-17 21:49 -------- d-----w- c:\programdata\948 Series
2012-01-17 21:49 . 2012-01-17 21:50 -------- d-----w- c:\program files\Dell AIO Printer 948
2012-01-17 21:46 . 2007-06-07 19:33 980992 ----a-w- c:\windows\system32\dldfpmui.dll
2012-01-17 21:34 . 2012-01-17 21:34 -------- d-----w- c:\programdata\Malwarebytes
2012-01-17 21:34 . 2012-01-17 21:35 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-01-17 21:34 . 2011-12-10 20:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-17 21:30 . 2011-12-07 23:22 59776 ----a-w- c:\windows\system32\Spool\prtprocs\x64\LMIproc.dll
2012-01-17 21:30 . 2011-12-07 23:22 34688 ----a-w- c:\windows\system32\LMIport.dll
2012-01-17 21:30 . 2011-12-07 23:22 87456 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2012-01-17 21:30 . 2011-09-16 19:10 72216 ----a-w- c:\windows\system32\drivers\LMIRfsDriver.sys
2012-01-17 21:29 . 2011-12-07 23:22 80768 ----a-w- c:\windows\system32\LMIinit.dll
2012-01-17 21:29 . 2012-01-25 13:14 -------- d-----w- c:\programdata\LogMeIn
2012-01-17 21:28 . 2012-01-17 21:28 -------- d-----w- c:\program files (x86)\LogMeIn
2012-01-17 21:24 . 2012-01-17 21:24 -------- d-----w- c:\program files\Google
2012-01-17 21:23 . 2012-01-17 21:24 -------- d-----w- c:\program files (x86)\Google
2012-01-17 21:09 . 2012-01-17 21:09 -------- d-----w- c:\program files (x86)\7-Zip
2012-01-17 21:09 . 2012-01-17 21:09 -------- d-----w- c:\program files\CCleaner
2012-01-17 21:09 . 2012-01-17 21:09 -------- d-----w- c:\program files (x86)\CleanUp!
2012-01-17 21:08 . 2012-01-17 21:08 -------- d-----w- c:\program files (x86)\Acro Software
2012-01-17 21:08 . 2009-11-05 12:40 85504 ----a-w- c:\windows\system32\cpwmon64.dll
2012-01-17 21:08 . 2012-01-17 21:08 -------- d-----w- c:\program files (x86)\GPLGS
2012-01-17 21:00 . 2012-01-18 20:15 -------- d-----w- c:\program files (x86)\Microsoft Works
2012-01-17 20:55 . 2012-01-25 01:36 -------- d-----w- c:\programdata\Microsoft Help
2012-01-17 20:53 . 2012-01-17 20:53 -------- d-----r- C:\MSOCache
2012-01-17 20:47 . 2012-01-17 20:47 274662 ----a-w- c:\programdata\1326832783.bdinstall.bin
2012-01-17 20:46 . 2012-01-17 20:46 -------- d-----w- c:\programdata\Bitdefender
2012-01-17 20:41 . 2012-01-17 20:41 -------- d-----w- c:\program files\Bitdefender
2012-01-17 20:39 . 2011-10-27 19:07 329800 ----a-w- c:\windows\system32\drivers\trufos.sys
2012-01-17 20:39 . 2011-08-16 18:59 442088 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys
2012-01-17 20:39 . 2012-01-17 20:39 -------- d-----w- c:\program files\Common Files\Bitdefender
2012-01-17 20:39 . 2012-01-17 20:39 -------- d-----w- c:\program files (x86)\Common Files\Bitdefender
2012-01-17 19:18 . 2012-01-17 21:43 -------- d-----w- c:\users\Weezie
2012-01-10 10:17 . 2012-01-10 10:17 -------- d-----w- c:\program files\CONEXANT
2012-01-10 10:16 . 2012-01-10 10:16 -------- d-----w- c:\program files\Common Files\Intel
2012-01-10 10:16 . 2012-01-10 10:16 -------- d-----w- c:\program files (x86)\Intel
2012-01-10 10:16 . 2012-01-10 10:16 -------- d-----w- c:\program files (x86)\Common Files\Intel
2012-01-10 10:16 . 2012-01-10 10:16 -------- d-----w- C:\Intel
2012-01-10 10:08 . 2012-01-10 10:08 -------- d-----w- c:\program files\ZinioReader4
2012-01-10 10:08 . 2012-01-10 08:52 -------- d-----w- c:\programdata\Dell
2012-01-10 10:04 . 2012-01-10 09:03 -------- d-----w- C:\Apps
2012-01-10 10:01 . 2012-01-10 10:01 -------- d-----w- c:\program files\Dell Games Folder
2012-01-10 09:51 . 2011-03-10 23:27 1576576 ----a-w- c:\windows\system32\drivers\CHDRT64.sys
2012-01-10 09:51 . 2011-01-24 23:33 517760 ----a-w- c:\windows\system32\UCI64A71.dll
2012-01-10 09:51 . 2010-12-17 00:08 1548416 ----a-w- c:\windows\system32\CX64AP40.dll
2012-01-10 09:51 . 2010-07-13 18:08 24704 ----a-w- c:\windows\system32\CXHDMI64.dll
2012-01-10 09:49 . 2012-01-10 09:49 995328 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2012-01-10 09:46 . 2012-01-17 19:52 -------- d-----w- c:\windows\system32\oem
2012-01-10 09:46 . 2012-01-10 09:51 -------- d-----w- C:\Drivers
2012-01-10 09:12 . 2012-01-10 09:12 -------- d-----w- c:\program files\dell stage
2012-01-10 09:10 . 2012-01-17 21:15 -------- d-----w- c:\program files (x86)\Nero
2012-01-10 09:09 . 2012-01-10 09:11 -------- d-----w- c:\programdata\Nero
2012-01-10 09:09 . 2012-01-25 03:56 -------- d-----w- c:\users\Default\AppData\Local\SoftThinks
2012-01-10 09:07 . 2009-09-04 23:29 1974616 ----a-w- c:\windows\SysWow64\D3DCompiler_42.dll
2012-01-10 09:07 . 2009-09-04 23:29 1892184 ----a-w- c:\windows\SysWow64\D3DX9_42.dll
2012-01-10 09:06 . 2008-10-15 12:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll
2012-01-10 09:05 . 2012-01-10 09:05 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2012-01-10 09:03 . 2012-01-17 20:36 -------- d-----w- c:\program files (x86)\Common Files\mcafee
2012-01-10 09:03 . 2012-01-17 20:36 -------- d-----w- c:\programdata\McAfee
2012-01-10 09:01 . 2012-01-10 09:01 -------- d-----w- c:\programdata\Uninstall
2012-01-10 08:59 . 2012-01-10 08:59 -------- d-----w- c:\program files (x86)\Common Files\SureThing Shared
2012-01-10 08:59 . 2012-01-10 08:59 -------- d-----w- c:\programdata\PhotoShow Shared Assets
2012-01-10 08:59 . 2012-01-10 08:59 -------- d-----w- c:\program files\Roxio
2012-01-10 08:57 . 2012-01-10 09:03 -------- d-----w- c:\programdata\Sonic
2012-01-10 08:57 . 2010-03-19 09:00 55856 ------w- c:\windows\system32\drivers\PxHlpa64.sys
2012-01-10 08:57 . 2009-10-20 09:00 10224 ------w- c:\windows\system32\drivers\cdralw2k.sys
2012-01-10 08:57 . 2009-10-20 09:00 10224 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2012-01-10 08:57 . 2012-01-10 09:24 -------- d-----w- c:\programdata\Roxio
2012-01-10 08:55 . 2006-09-28 22:05 3977496 ----a-w- c:\windows\system32\d3dx9_31.dll
2012-01-10 08:54 . 2012-01-10 08:54 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2012-01-10 08:53 . 2012-01-17 21:13 -------- d-----w- c:\program files (x86)\Microsoft
2012-01-10 08:53 . 2012-01-10 08:53 -------- d-----w- c:\program files (x86)\Jagex
2012-01-10 08:51 . 2012-01-10 08:51 -------- d-----w- c:\program files (x86)\PlayReady
2012-01-10 08:50 . 2012-01-10 08:50 -------- d-----w- c:\windows\en
2012-01-10 08:50 . 2012-01-10 08:50 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2012-01-10 08:49 . 2012-01-10 08:50 -------- d-----w- c:\program files (x86)\Windows Live
2012-01-10 08:48 . 2012-01-10 08:48 -------- d-----w- c:\windows\PCHEALTH
2012-01-10 08:48 . 2012-01-10 08:48 -------- d-----w- c:\program files\Windows Live
2012-01-10 08:48 . 2009-09-04 23:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
2012-01-10 08:48 . 2009-09-04 23:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll
2012-01-10 08:48 . 2009-09-04 23:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2012-01-10 08:48 . 2009-09-04 23:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2012-01-10 08:47 . 2006-11-29 19:06 4398360 ----a-w- c:\windows\system32\d3dx9_32.dll
2012-01-10 08:47 . 2006-11-29 19:06 3426072 ----a-w- c:\windows\SysWow64\d3dx9_32.dll
2012-01-10 08:46 . 2012-01-24 02:10 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2012-01-10 08:46 . 2012-01-10 08:46 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2012-01-10 08:46 . 2011-04-19 04:52 841280 ----a-w- c:\windows\system32\PhotoStageScrSaver.scr
2012-01-10 08:45 . 2012-01-10 09:12 -------- d-----w- c:\program files (x86)\Dell Stage
2012-01-10 08:45 . 2012-01-10 08:45 -------- d-----w- c:\program files (x86)\Cyberlink
2012-01-10 08:45 . 2012-01-10 09:11 -------- d-----w- c:\program files (x86)\Dell
2012-01-10 08:44 . 2012-01-10 08:44 -------- d-----w- c:\programdata\install_clap
2012-01-10 08:43 . 2012-01-10 08:43 -------- d-----r- c:\program files (x86)\Skype
2012-01-10 08:42 . 2012-01-10 08:43 -------- d-----w- c:\programdata\Skype
2012-01-10 08:42 . 2012-01-17 21:14 -------- d-----w- c:\programdata\Cozi
2012-01-10 08:40 . 2006-11-01 18:51 151656 ----a-w- c:\windows\system32\drivers\WimFltr.sys
2012-01-10 08:40 . 2012-01-25 04:50 -------- d-----w- c:\program files (x86)\InstallShield Installation Information
2012-01-10 08:36 . 2012-01-17 21:16 -------- d-----w- c:\programdata\WildTangent
2012-01-10 08:36 . 2012-01-10 08:36 -------- d-----w- c:\program files (x86)\WildTangent
2012-01-10 08:35 . 2012-01-10 08:35 525544 ----a-w- c:\windows\system32\deployJava1.dll
2012-01-10 08:35 . 2012-01-10 08:35 -------- d-----w- c:\program files\Java
2012-01-10 08:35 . 2012-01-10 08:35 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-01-10 08:35 . 2011-11-10 10:54 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-01-10 08:35 . 2012-01-17 19:37 -------- d-----w- c:\program files (x86)\Java
2012-01-10 08:22 . 2012-01-17 21:23 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-10 08:22 . 2012-01-10 08:22 -------- d-----w- c:\windows\SysWow64\Macromed
2012-01-10 08:22 . 2012-01-10 08:22 -------- d-----w- c:\windows\system32\Macromed
2012-01-10 08:22 . 2012-01-10 08:22 -------- d-----w- c:\program files\Dell Inc
2012-01-10 08:20 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2012-01-10 08:20 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-10 10:11 . 2012-01-10 10:11 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-01-10 10:11 . 2012-01-10 10:11 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-01-10 10:11 . 2012-01-10 10:11 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2011-11-28 22:33 . 2011-11-28 22:33 543528 --shatr- c:\windows\system32\drivers\avckf.sys
2011-11-25 19:00 . 2011-11-25 19:00 258736 --shatr- c:\windows\system32\drivers\avchv.sys
2011-11-25 18:57 . 2011-11-25 18:57 685192 --shatr- c:\windows\system32\drivers\avc3.sys
2011-11-15 00:16 . 2011-11-15 00:16 90192 ----a-w- c:\windows\system32\drivers\BdfNdisf6.sys
2010-01-19 23:32 103944 --shatr- c:\windows\System32\drivers\bdvedisk.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-01-17 39408]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-26 1117528]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-16 932288]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544]
"AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2011-04-30 885760]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
"Dell AIO Printer 948"="c:\program files (x86)\Dell AIO Printer 948\fm3032.exe" [2007-07-03 307848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 dldfCATSCustConnectService;dldfCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\dldfserv.exe [2007-06-26 33416]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-17 136176]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys [x]
R3 bdsandbox;bdsandbox;c:\windows\system32\drivers\bdsandbox.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-17 136176]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 Update Server;BitDefender Update Server v2;c:\program files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe [2011-10-15 466736]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [2011-11-15 90192]
S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2011-11-15 103504]
S1 BDVEDISK;BDVEDISK;c:\windows\system32\DRIVERS\bdvedisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 dldf_device;dldf_device;c:\windows\system32\dldfcoms.exe [2007-06-26 1052808]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2011-12-07 375176]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2011-09-16 15928]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]
S2 UPDATESRV;BitDefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender 2012\updatesrv.exe [2011-11-17 62512]
S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2012-01-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-17 21:23]
.
2012-01-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-17 21:23]
.
2012-01-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-449589144-3921348804-3012424731-1000Core.job
- c:\users\Weezie\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-17 20:36]
.
2012-01-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-449589144-3921348804-3012424731-1000UA.job
- c:\users\Weezie\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-17 20:36]
.
2012-01-24 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2011-12-14 04:09]
.
2012-01-25 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\uaclauncher.exe [2011-12-14 04:09]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-04 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-04 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-04 418328]
"DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2011-04-30 2055016]
"BDAgent"="c:\program files\Bitdefender\Bitdefender 2012\bdagent.exe" [2011-12-17 1063136]
"LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2011-09-16 57928]
"dldfmon.exe"="c:\program files (x86)\Dell AIO Printer 948\dldfmon.exe" [2007-08-10 455336]
"MemoryCardManager"="c:\program files (x86)\Dell AIO Printer 948\memcard.exe" [2007-07-03 410248]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
AddRemove-iLivid - c:\programdata\{B49A644A-1076-4A3D-B124-DAA7862F2318}\iLividSetupV1.exe
AddRemove-Windows Searchqu Toolbar - c:\program files (x86)\Windows iLivid Toolbar\uninstall.exe
AddRemove-{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406} - c:\programdata\{B49A644A-1076-4A3D-B124-DAA7862F2318}\iLividSetupV1.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Dell Stage\Dell Stage\stage_secondary.exe
c:\program files (x86)\Common Files\Java\Java Update\jusched.exe
.
**************************************************************************
.
Completion time: 2012-01-25 16:36:36 - machine was rebooted
ComboFix-quarantined-files.txt 2012-01-25 21:36
.
Pre-Run: 368,293,711,872 bytes free
Post-Run: 367,921,553,408 bytes free
.
- - End Of File - - 2AE62E56083275D2A58EC3A5F4C71A18


Oddly enough, however, Google Chrome still opens to http://www.searchqu.com/406. I will set the Home Page manually and restart Chrome. IE opens as expected though.

Thanks,
Brian

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:17 PM

Posted 25 January 2012 - 07:02 PM

Hello

Lets get a deeper look into the system and see if something shows up.

Download and run OTL

Download OTL by Old Timer and save it to your Desktop.
  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened and the that I need posted back here
    • Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later
  • Please post the contents of OTL.txt in your next reply.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:17 PM

Posted 25 January 2012 - 07:02 PM

Hello

Lets get a deeper look into the system and see if something shows up.

Download and run OTL

Download OTL by Old Timer and save it to your Desktop.
  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened and the that I need posted back here
    • Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later
  • Please post the contents of OTL.txt in your next reply.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 ClearFocus

ClearFocus
  • Topic Starter

  • Members
  • 93 posts
  • OFFLINE
  •  
  • Local time:04:17 PM

Posted 25 January 2012 - 07:46 PM

Gringo,

Here is the OTL log file, let me know what you think. Again, many thanks!


OTL logfile created on: 1/25/2012 7:39:31 PM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Weezie\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.91 Gb Total Physical Memory | 4.20 Gb Available Physical Memory | 71.08% Memory free
11.83 Gb Paging File | 9.86 Gb Available in Paging File | 83.36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450.91 Gb Total Space | 342.48 Gb Free Space | 75.95% Space Free | Partition Type: NTFS
Drive G: | 465.76 Gb Total Space | 180.27 Gb Free Space | 38.71% Space Free | Partition Type: NTFS

Computer Name: WEEZIE-PC | User Name: Weezie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Weezie\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
PRC - C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe ()
PRC - C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()
PRC - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
PRC - C:\Program Files (x86)\Dell AIO Printer 948\dldfmon.exe ()
PRC - C:\Program Files (x86)\Dell AIO Printer 948\memcard.exe ()


========== Modules (No Company Name) ==========

MOD - C:\Users\Weezie\AppData\Local\Google\Chrome\Application\16.0.912.77\ppgooglenaclpluginchrome.dll ()
MOD - C:\Users\Weezie\AppData\Local\Google\Chrome\Application\16.0.912.77\pdf.dll ()
MOD - C:\Users\Weezie\AppData\Local\Google\Chrome\Application\16.0.912.77\avutil-51.dll ()
MOD - C:\Users\Weezie\AppData\Local\Google\Chrome\Application\16.0.912.77\avformat-53.dll ()
MOD - C:\Users\Weezie\AppData\Local\Google\Chrome\Application\16.0.912.77\avcodec-53.dll ()
MOD - C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
MOD - C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe ()
MOD - C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()
MOD - C:\Program Files (x86)\Dell Stage\Dell Stage\QtCore4.dll ()
MOD - C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll ()
MOD - C:\Program Files (x86)\Dell Stage\Dell Stage\QtGui4.dll ()
MOD - C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll ()
MOD - c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll ()
MOD - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
MOD - C:\Program Files (x86)\WildTangent\Dell Games\Plants vs. Zombies - Game of the Year\GDF.dll ()
MOD - C:\Program Files (x86)\WildTangent\Dell Games\Wedding Dash - Ready, Aim, Love!\GDF.dll ()
MOD - C:\Program Files (x86)\Dell AIO Printer 948\dldfmon.exe ()
MOD - C:\Program Files (x86)\Dell AIO Printer 948\memcard.exe ()
MOD - C:\Program Files (x86)\Dell AIO Printer 948\dldfscw.dll ()
MOD - C:\Program Files (x86)\Dell AIO Printer 948\dldfdatr.dll ()
MOD - C:\Program Files (x86)\Dell AIO Printer 948\dldfcfg.dll ()
MOD - C:\Program Files (x86)\Dell AIO Printer 948\DLDFptp.dll ()
MOD - C:\Program Files (x86)\Dell AIO Printer 948\dldfcats.dll ()


========== Win32 Services (SafeList) ==========

SRV:64bit: - (VSSERV) -- C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe (Bitdefender)
SRV:64bit: - (UPDATESRV) -- C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe (Bitdefender)
SRV:64bit: - (Update Server) -- C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe (BitDefender)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (dldfCATSCustConnectService) -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\dldfserv.exe ()
SRV:64bit: - (dldf_device) -- C:\Windows\SysNative\dldfcoms.exe ( )
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (LMIMaint) -- C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe (LogMeIn, Inc.)
SRV - (LMIGuardianSvc) -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe (LogMeIn, Inc.)
SRV - (LogMeIn) -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe (LogMeIn, Inc.)
SRV - (RoxWatch12) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe (Sonic Solutions)
SRV - (RoxMediaDB12OEM) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe (Sonic Solutions)
SRV - (NOBU) -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe (Dell, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (dldf_device) -- C:\Windows\SysWow64\dldfcoms.exe ( )


========== Driver Services (SafeList) ==========

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (LMIRfsClientNP) -- C:\Windows\SysNative\LMIRfsClientNP.dll (LogMeIn, Inc.)
DRV:64bit: - (avckf) -- C:\Windows\SysNative\drivers\avckf.sys (BitDefender)
DRV:64bit: - (avchv) -- C:\Windows\SysNative\drivers\avchv.sys (BitDefender)
DRV:64bit: - (avc3) -- C:\Windows\SysNative\drivers\avc3.sys (BitDefender)
DRV:64bit: - (BdfNdisf) -- c:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys (BitDefender LLC)
DRV:64bit: - (bdfwfpf) -- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys (BitDefender LLC)
DRV:64bit: - (trufos) -- C:\Windows\SysNative\drivers\trufos.sys (BitDefender S.R.L.)
DRV:64bit: - (bdsandbox) -- C:\Windows\SysNative\drivers\bdsandbox.sys (BitDefender SRL)
DRV:64bit: - (LMIRfsDriver) -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)
DRV:64bit: - (lmimirr) -- C:\Windows\SysNative\drivers\lmimirr.sys (LogMeIn, Inc.)
DRV:64bit: - (bdfsfltr) -- C:\Windows\SysNative\drivers\bdfsfltr.sys (BitDefender)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (MEIx64) Intel® -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) Intel® -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (BDVEDISK) -- C:\Windows\SysNative\drivers\bdvedisk.sys (BitDefender)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (LMIInfo) -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys (LogMeIn, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-449589144-3921348804-3012424731-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-449589144-3921348804-3012424731-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Weezie\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Weezie\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2012\BDTBEXT\ [2012/01/17 15:46:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender 2012\bdtbext\ [2012/01/17 15:46:30 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Search Results (Enabled)
CHR - default_search_provider: search_url = http://dts.search-results.com/sr?src=crb&appid=113&systemid=406&sr=0&q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Weezie\AppData\Local\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Weezie\AppData\Local\Google\Chrome\Application\16.0.912.77\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Weezie\AppData\Local\Google\Chrome\Application\16.0.912.77\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U30 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2012/01/25 16:33:28 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-449589144-3921348804-3012424731-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [BDAgent] C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe (Bitdefender)
O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()
O4:64bit: - HKLM..\Run: [dldfmon.exe] C:\Program Files (x86)\Dell AIO Printer 948\dldfmon.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4:64bit: - HKLM..\Run: [MemoryCardManager] C:\Program Files (x86)\Dell AIO Printer 948\memcard.exe ()
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
O4 - HKLM..\Run: [Dell AIO Printer 948] C:\Program Files (x86)\Dell AIO Printer 948\fm3032.exe ()
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-449589144-3921348804-3012424731-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-449589144-3921348804-3012424731-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{751B25D0-A879-4F91-8B8D-CDDC443BA780}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O27:64bit: - HKLM IFEO\ehshell.exe: Debugger - C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O27 - HKLM IFEO\ehshell.exe: Debugger - C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/25 16:33:38 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012/01/25 16:28:42 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/01/25 16:28:42 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/01/25 16:28:42 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/01/25 16:28:32 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/01/25 16:28:30 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/01/25 08:55:15 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Local\Adobe
[2012/01/24 21:42:44 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/01/23 21:00:36 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support Center
[2012/01/23 21:00:24 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Support Center
[2012/01/23 20:48:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/01/23 20:48:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/01/18 15:19:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012/01/18 15:10:45 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/01/18 15:10:45 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/01/18 15:10:45 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/01/18 15:10:45 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/01/18 15:10:45 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/01/18 15:10:45 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/01/18 15:10:44 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/01/18 15:10:44 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/01/18 15:10:44 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/01/18 15:10:44 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/01/18 15:10:43 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/01/18 14:00:58 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Roaming\PCDr
[2012/01/18 14:00:05 | 000,000,000 | ---D | C] -- C:\ProgramData\PCDr
[2012/01/18 13:35:04 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Roaming\Google
[2012/01/18 12:09:44 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012/01/18 12:09:44 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/01/18 12:09:44 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/01/18 12:09:44 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/01/18 12:09:44 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012/01/18 12:09:28 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012/01/18 12:09:28 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012/01/18 12:09:17 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012/01/18 12:09:05 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012/01/18 12:09:05 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012/01/18 12:09:04 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/01/18 12:09:04 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/01/18 11:41:00 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2012/01/17 17:17:19 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Roaming\948 Series
[2012/01/17 16:50:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Dl_cats
[2012/01/17 16:50:48 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Local\ElevatedDiagnostics
[2012/01/17 16:50:44 | 000,000,000 | ---D | C] -- C:\logs
[2012/01/17 16:49:45 | 000,000,000 | ---D | C] -- C:\ProgramData\948 Series
[2012/01/17 16:49:42 | 000,000,000 | ---D | C] -- C:\Program Files\Dell AIO Printer 948
[2012/01/17 16:47:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Printers
[2012/01/17 16:47:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dell AIO Printer 948
[2012/01/17 16:47:10 | 001,200,128 | ---- | C] ( ) -- C:\Windows\SysWow64\dldfserv.dll
[2012/01/17 16:47:10 | 000,983,121 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dldfgf.dll
[2012/01/17 16:47:10 | 000,950,272 | ---- | C] ( ) -- C:\Windows\SysWow64\dldfusb1.dll
[2012/01/17 16:47:10 | 000,860,160 | ---- | C] ( ) -- C:\Windows\SysWow64\dldfcomc.dll
[2012/01/17 16:47:10 | 000,663,552 | ---- | C] ( ) -- C:\Windows\SysWow64\dldfhbn3.dll
[2012/01/17 16:47:10 | 000,647,168 | ---- | C] ( ) -- C:\Windows\SysWow64\dldfpmui.dll
[2012/01/17 16:47:10 | 000,598,664 | ---- | C] ( ) -- C:\Windows\SysWow64\dldfcoms.exe
[2012/01/17 16:47:10 | 000,565,248 | ---- | C] ( ) -- C:\Windows\SysWow64\dldflmpm.dll
[2012/01/17 16:47:10 | 000,365,192 | ---- | C] ( ) -- C:\Windows\SysWow64\dldfcfg.exe
[2012/01/17 16:47:10 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\dldfcomm.dll
[2012/01/17 16:47:10 | 000,356,352 | ---- | C] ( ) -- C:\Windows\SysWow64\dldfinpa.dll
[2012/01/17 16:47:10 | 000,339,968 | ---- | C] ( ) -- C:\Windows\SysWow64\dldfiesc.dll
[2012/01/17 16:47:10 | 000,320,136 | ---- | C] ( ) -- C:\Windows\SysWow64\dldfih.exe
[2012/01/17 16:47:10 | 000,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\dldfprox.dll
[2012/01/17 16:46:59 | 001,895,936 | ---- | C] ( ) -- C:\Windows\SysNative\dldfserv.dll
[2012/01/17 16:46:59 | 001,501,696 | ---- | C] ( ) -- C:\Windows\SysNative\dldfusb1.dll
[2012/01/17 16:46:59 | 000,980,992 | ---- | C] ( ) -- C:\Windows\SysNative\dldfpmui.dll
[2012/01/17 16:46:59 | 000,879,104 | ---- | C] ( ) -- C:\Windows\SysNative\dldflmpm.dll
[2012/01/17 16:46:59 | 000,668,672 | ---- | C] ( ) -- C:\Windows\SysNative\dldfhcp.dll
[2012/01/17 16:46:59 | 000,541,184 | ---- | C] ( ) -- C:\Windows\SysNative\dldfinpa.dll
[2012/01/17 16:46:59 | 000,509,440 | ---- | C] ( ) -- C:\Windows\SysNative\dldfiesc.dll
[2012/01/17 16:46:59 | 000,047,104 | ---- | C] ( ) -- C:\Windows\SysNative\dldfprox.dll
[2012/01/17 16:46:58 | 001,489,408 | ---- | C] ( ) -- C:\Windows\SysNative\dldfcomc.dll
[2012/01/17 16:46:58 | 001,066,496 | ---- | C] ( ) -- C:\Windows\SysNative\dldfhbn3.dll
[2012/01/17 16:46:58 | 001,052,808 | ---- | C] ( ) -- C:\Windows\SysNative\dldfcoms.exe
[2012/01/17 16:46:58 | 000,983,121 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dldfgf.dll
[2012/01/17 16:46:58 | 000,598,664 | ---- | C] ( ) -- C:\Windows\SysNative\dldfcfg.exe
[2012/01/17 16:46:58 | 000,563,200 | ---- | C] ( ) -- C:\Windows\SysNative\dldfcomm.dll
[2012/01/17 16:46:58 | 000,515,208 | ---- | C] ( ) -- C:\Windows\SysNative\dldfih.exe
[2012/01/17 16:46:46 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dldfg.dll
[2012/01/17 16:46:15 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Roaming\Leadertech
[2012/01/17 16:43:29 | 000,000,000 | ---D | C] -- C:\Users\Weezie\My Backup Files
[2012/01/17 16:35:18 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Roaming\Malwarebytes
[2012/01/17 16:35:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/01/17 16:34:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/01/17 16:34:55 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/01/17 16:34:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/01/17 16:30:26 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Local\LogMeIn
[2012/01/17 16:30:11 | 000,034,688 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIport.dll
[2012/01/17 16:30:05 | 000,087,456 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIRfsClientNP.dll
[2012/01/17 16:30:05 | 000,072,216 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys
[2012/01/17 16:29:17 | 000,080,768 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIinit.dll
[2012/01/17 16:29:11 | 000,000,000 | ---D | C] -- C:\ProgramData\LogMeIn
[2012/01/17 16:28:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn
[2012/01/17 16:24:45 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012/01/17 16:23:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2012/01/17 16:23:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012/01/17 16:13:32 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Roaming\Mozilla
[2012/01/17 16:09:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012/01/17 16:09:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip
[2012/01/17 16:09:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/01/17 16:09:40 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/01/17 16:09:27 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CleanUp!
[2012/01/17 16:09:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CleanUp!
[2012/01/17 16:09:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CleanUp!
[2012/01/17 16:08:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CutePDF
[2012/01/17 16:08:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acro Software
[2012/01/17 16:08:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GPLGS
[2012/01/17 16:00:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012/01/17 16:00:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2012/01/17 15:59:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012/01/17 15:56:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012/01/17 15:55:04 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Local\Microsoft Help
[2012/01/17 15:55:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012/01/17 15:53:58 | 000,000,000 | R--D | C] -- C:\MSOCache
[2012/01/17 15:46:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2012
[2012/01/17 15:46:30 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Roaming\Bitdefender
[2012/01/17 15:46:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Bitdefender
[2012/01/17 15:41:59 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Roaming\Roxio Burn
[2012/01/17 15:41:18 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
[2012/01/17 15:40:13 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Roaming\QuickScan
[2012/01/17 15:39:52 | 000,442,088 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\bdfsfltr.sys
[2012/01/17 15:39:52 | 000,329,800 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\SysNative\drivers\trufos.sys
[2012/01/17 15:39:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2012/01/17 15:39:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Bitdefender
[2012/01/17 15:37:06 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/01/17 15:36:50 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Local\Google
[2012/01/17 15:06:58 | 000,000,000 | ---D | C] -- C:\Users\Weezie\Documents\Zack's school papers
[2012/01/17 15:06:56 | 000,000,000 | ---D | C] -- C:\Users\Weezie\Documents\Yonder Mountain String Band
[2012/01/17 15:06:55 | 000,000,000 | --SD | C] -- C:\Users\Weezie\Documents\My Data Sources
[2012/01/17 15:06:55 | 000,000,000 | R-SD | C] -- C:\Users\Weezie\Documents\My Stationery
[2012/01/17 15:06:55 | 000,000,000 | ---D | C] -- C:\Users\Weezie\Documents\OneNote Notebooks
[2012/01/17 15:06:55 | 000,000,000 | ---D | C] -- C:\Users\Weezie\Documents\New Folder
[2012/01/17 15:06:55 | 000,000,000 | ---D | C] -- C:\Users\Weezie\Documents\My Snapfire Shows
[2012/01/17 15:06:55 | 000,000,000 | ---D | C] -- C:\Users\Weezie\Documents\My Google Gadgets
[2012/01/17 15:06:53 | 000,000,000 | ---D | C] -- C:\Users\Weezie\Documents\How I Got Over - The Roots - ojb
[2012/01/17 15:06:53 | 000,000,000 | ---D | C] -- C:\Users\Weezie\Documents\Downloads
[2012/01/17 15:06:53 | 000,000,000 | ---D | C] -- C:\Users\Weezie\Documents\Don's Files
[2012/01/17 15:06:53 | 000,000,000 | ---D | C] -- C:\Users\Weezie\Documents\Dell Webcam Center
[2012/01/17 15:06:53 | 000,000,000 | ---D | C] -- C:\Users\Weezie\Documents\Bluetooth Exchange Folder
[2012/01/17 15:03:27 | 000,000,000 | ---D | C] -- C:\Users\Weezie\Documents\music stuff
[2012/01/17 15:03:26 | 000,000,000 | ---D | C] -- C:\Users\Weezie\Documents\Jan 2012 Data Backup
[2012/01/17 14:53:04 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/01/17 14:43:56 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Roaming\Adobe
[2012/01/17 14:42:42 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Local\Nero_AG
[2012/01/17 14:42:31 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Roaming\Nero
[2012/01/17 14:42:31 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Local\Nero
[2012/01/17 14:37:48 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012/01/17 14:37:48 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012/01/17 14:37:48 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012/01/17 14:27:31 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Local\Dell
[2012/01/17 14:26:52 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Roaming\Fingertapps
[2012/01/17 14:26:52 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Roaming\Dell
[2012/01/17 14:26:46 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Roaming\Dell Touch Zone
[2012/01/17 14:26:44 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Roaming\Roxio
[2012/01/17 14:26:34 | 000,000,000 | R--D | C] -- C:\Users\Weezie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/01/17 14:26:34 | 000,000,000 | R--D | C] -- C:\Users\Weezie\Searches
[2012/01/17 14:26:34 | 000,000,000 | R--D | C] -- C:\Users\Weezie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/01/17 14:26:34 | 000,000,000 | ---D | C] -- C:\Users\Weezie\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/01/17 14:26:26 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Roaming\Identities
[2012/01/17 14:26:24 | 000,000,000 | R--D | C] -- C:\Users\Weezie\Contacts
[2012/01/17 14:26:22 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Local\VirtualStore
[2012/01/17 14:18:41 | 000,000,000 | -HSD | C] -- C:\Users\Weezie\AppData\Local\Temporary Internet Files
[2012/01/17 14:18:41 | 000,000,000 | -HSD | C] -- C:\Users\Weezie\Templates
[2012/01/17 14:18:41 | 000,000,000 | -HSD | C] -- C:\Users\Weezie\Start Menu
[2012/01/17 14:18:41 | 000,000,000 | -HSD | C] -- C:\Users\Weezie\SendTo
[2012/01/17 14:18:41 | 000,000,000 | -HSD | C] -- C:\Users\Weezie\Recent
[2012/01/17 14:18:41 | 000,000,000 | -HSD | C] -- C:\Users\Weezie\PrintHood
[2012/01/17 14:18:41 | 000,000,000 | -HSD | C] -- C:\Users\Weezie\NetHood
[2012/01/17 14:18:41 | 000,000,000 | -HSD | C] -- C:\Users\Weezie\Documents\My Videos
[2012/01/17 14:18:41 | 000,000,000 | -HSD | C] -- C:\Users\Weezie\Documents\My Pictures
[2012/01/17 14:18:41 | 000,000,000 | -HSD | C] -- C:\Users\Weezie\Documents\My Music
[2012/01/17 14:18:41 | 000,000,000 | -HSD | C] -- C:\Users\Weezie\My Documents
[2012/01/17 14:18:41 | 000,000,000 | -HSD | C] -- C:\Users\Weezie\Local Settings
[2012/01/17 14:18:41 | 000,000,000 | -HSD | C] -- C:\Users\Weezie\AppData\Local\History
[2012/01/17 14:18:41 | 000,000,000 | -HSD | C] -- C:\Users\Weezie\Cookies
[2012/01/17 14:18:41 | 000,000,000 | -HSD | C] -- C:\Users\Weezie\Application Data
[2012/01/17 14:18:41 | 000,000,000 | -HSD | C] -- C:\Users\Weezie\AppData\Local\Application Data
[2012/01/17 14:18:40 | 000,000,000 | --SD | C] -- C:\Users\Weezie\AppData\Roaming\Microsoft
[2012/01/17 14:18:40 | 000,000,000 | R--D | C] -- C:\Users\Weezie\Videos
[2012/01/17 14:18:40 | 000,000,000 | R--D | C] -- C:\Users\Weezie\Saved Games
[2012/01/17 14:18:40 | 000,000,000 | R--D | C] -- C:\Users\Weezie\Pictures
[2012/01/17 14:18:40 | 000,000,000 | R--D | C] -- C:\Users\Weezie\Music
[2012/01/17 14:18:40 | 000,000,000 | R--D | C] -- C:\Users\Weezie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/01/17 14:18:40 | 000,000,000 | R--D | C] -- C:\Users\Weezie\Links
[2012/01/17 14:18:40 | 000,000,000 | R--D | C] -- C:\Users\Weezie\Favorites
[2012/01/17 14:18:40 | 000,000,000 | R--D | C] -- C:\Users\Weezie\Downloads
[2012/01/17 14:18:40 | 000,000,000 | R--D | C] -- C:\Users\Weezie\Documents
[2012/01/17 14:18:40 | 000,000,000 | R--D | C] -- C:\Users\Weezie\Desktop
[2012/01/17 14:18:40 | 000,000,000 | R--D | C] -- C:\Users\Weezie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/01/17 14:18:40 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Local\Temp
[2012/01/17 14:18:40 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Local\SoftThinks
[2012/01/17 14:18:40 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Local\Microsoft
[2012/01/17 14:18:40 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Roaming\Media Center Programs
[2012/01/17 14:18:40 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData\Roaming\Macromedia
[2012/01/17 14:18:40 | 000,000,000 | ---D | C] -- C:\Users\Weezie\AppData
[2012/01/10 05:17:37 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/01/10 05:17:00 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2012/01/10 05:16:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2012/01/10 05:16:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2012/01/10 05:16:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2012/01/10 05:16:32 | 000,000,000 | ---D | C] -- C:\Intel
[2012/01/10 05:14:52 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012/01/10 05:11:44 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2012/01/10 05:11:44 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2012/01/10 05:11:44 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2012/01/10 05:11:44 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2012/01/10 05:11:44 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2012/01/10 05:11:44 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2012/01/10 05:11:44 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2012/01/10 05:11:44 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2012/01/10 05:11:44 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2012/01/10 05:11:44 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2012/01/10 05:11:44 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2012/01/10 05:11:44 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2012/01/10 05:11:44 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2012/01/10 05:11:44 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2012/01/10 05:11:44 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2012/01/10 05:11:42 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2012/01/10 05:11:42 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2012/01/10 05:11:42 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2012/01/10 05:11:42 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2012/01/10 05:11:42 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012/01/10 05:11:42 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2012/01/10 05:11:42 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012/01/10 05:11:42 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2012/01/10 05:11:42 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012/01/10 05:11:42 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012/01/10 05:11:42 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2012/01/10 05:11:41 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012/01/10 05:11:41 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2012/01/10 05:11:41 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/01/10 05:11:41 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2012/01/10 05:11:41 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012/01/10 05:11:41 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012/01/10 05:11:41 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2012/01/10 05:11:41 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2012/01/10 05:11:41 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2012/01/10 05:11:41 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2012/01/10 05:11:41 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012/01/10 05:11:41 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2012/01/10 05:11:41 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012/01/10 05:11:40 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012/01/10 05:11:40 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2012/01/10 05:11:40 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2012/01/10 05:11:40 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2012/01/10 05:11:40 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2012/01/10 05:11:40 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012/01/10 05:11:40 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012/01/10 05:11:40 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012/01/10 05:11:40 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2012/01/10 05:11:40 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012/01/10 05:11:40 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012/01/10 05:11:40 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2012/01/10 05:11:40 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012/01/10 05:11:40 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012/01/10 05:11:40 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012/01/10 05:11:40 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012/01/10 05:11:40 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012/01/10 05:11:40 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012/01/10 05:11:40 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012/01/10 05:11:40 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012/01/10 05:11:40 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012/01/10 05:11:40 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012/01/10 05:11:40 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012/01/10 05:11:40 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012/01/10 05:11:39 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012/01/10 05:11:39 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012/01/10 05:11:39 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2012/01/10 05:11:39 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2012/01/10 05:11:39 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2012/01/10 05:11:39 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2012/01/10 05:11:39 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2012/01/10 05:11:39 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2012/01/10 05:11:39 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2012/01/10 05:11:39 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2012/01/10 05:11:39 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2012/01/10 05:11:38 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2012/01/10 05:11:38 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2012/01/10 05:11:38 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2012/01/10 05:11:38 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2012/01/10 05:11:38 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2012/01/10 05:11:38 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2012/01/10 05:11:38 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2012/01/10 05:11:38 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2012/01/10 05:11:38 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2012/01/10 05:11:37 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2012/01/10 05:11:37 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2012/01/10 05:11:36 | 005,561,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/01/10 05:11:36 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/01/10 05:11:36 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/01/10 05:11:36 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2012/01/10 05:11:36 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2012/01/10 05:11:36 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2012/01/10 05:11:36 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2012/01/10 05:11:36 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2012/01/10 05:11:36 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2012/01/10 05:11:36 | 000,246,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\input.dll
[2012/01/10 05:11:36 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\input.dll
[2012/01/10 05:11:36 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2012/01/10 05:11:36 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2012/01/10 05:11:36 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2012/01/10 05:11:36 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2012/01/10 05:11:36 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2012/01/10 05:11:36 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2012/01/10 05:11:35 | 000,800,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2012/01/10 05:11:35 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTAM.DLL
[2012/01/10 05:11:35 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAL.DLL
[2012/01/10 05:11:35 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINDEV.DLL
[2012/01/10 05:11:35 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBEN.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTEL.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTAM.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINPUN.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINORI.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINORI.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAR.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAR.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAL.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINKAN.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINKAN.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINHIN.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINHIN.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINGUJ.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINEN.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINDEV.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBEN.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBE2.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBE1.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINASA.DLL
[2012/01/10 05:11:35 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTEL.DLL
[2012/01/10 05:11:35 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINPUN.DLL
[2012/01/10 05:11:35 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINGUJ.DLL
[2012/01/10 05:11:35 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBE2.DLL
[2012/01/10 05:11:35 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBE1.DLL
[2012/01/10 05:11:35 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINASA.DLL
[2012/01/10 05:08:17 | 000,000,000 | ---D | C] -- C:\Program Files\ZinioReader4
[2012/01/10 05:08:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Dell
[2012/01/10 05:04:59 | 000,000,000 | ---D | C] -- C:\Apps
[2012/01/10 05:01:43 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Games Folder
[2012/01/10 04:51:08 | 001,576,576 | ---- | C] (Conexant Systems Inc.) -- C:\Windows\SysNative\drivers\CHDRT64.sys
[2012/01/10 04:51:08 | 001,548,416 | ---- | C] (Conexant Systems Inc.) -- C:\Windows\SysNative\CX64AP40.dll
[2012/01/10 04:51:08 | 000,517,760 | ---- | C] (Conexant Systems, Inc.) -- C:\Windows\SysNative\UCI64A71.dll
[2012/01/10 04:51:08 | 000,024,704 | ---- | C] (Conexant Systems, Inc.) -- C:\Windows\SysNative\CXHDMI64.dll
[2012/01/10 04:50:50 | 000,539,240 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2012/01/10 04:50:50 | 000,107,552 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll
[2012/01/10 04:50:48 | 000,317,440 | ---- | C] (Intel® Corporation) -- C:\Windows\SysNative\drivers\IntcDAud.sys
[2012/01/10 04:50:48 | 000,014,848 | ---- | C] (Intel® Corporation) -- C:\Windows\SysNative\IntcDAuC.dll
[2012/01/10 04:50:41 | 000,380,928 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxTMM.dll
[2012/01/10 04:50:41 | 000,368,640 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\iglhsip32.dll
[2012/01/10 04:50:41 | 000,364,032 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\iglhsip64.dll
[2012/01/10 04:50:41 | 000,167,960 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxtray.exe
[2012/01/10 04:50:41 | 000,095,744 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\iglhcp64.dll
[2012/01/10 04:50:41 | 000,092,672 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxCoIn_v2291.dll
[2012/01/10 04:50:41 | 000,086,528 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\iglhcp32.dll
[2012/01/10 04:50:40 | 009,014,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxress.dll
[2012/01/10 04:50:40 | 000,509,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.exe
[2012/01/10 04:50:40 | 000,287,232 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfra.lrc
[2012/01/10 04:50:40 | 000,287,232 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxresn.lrc
[2012/01/10 04:50:40 | 000,287,232 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrell.lrc
[2012/01/10 04:50:40 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsky.lrc
[2012/01/10 04:50:40 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrus.lrc
[2012/01/10 04:50:40 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrom.lrc
[2012/01/10 04:50:40 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptg.lrc
[2012/01/10 04:50:40 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrplk.lrc
[2012/01/10 04:50:40 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnld.lrc
[2012/01/10 04:50:40 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrita.lrc
[2012/01/10 04:50:40 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhrv.lrc
[2012/01/10 04:50:40 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdeu.lrc
[2012/01/10 04:50:40 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtrk.lrc
[2012/01/10 04:50:40 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsve.lrc
[2012/01/10 04:50:40 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrslv.lrc
[2012/01/10 04:50:40 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptb.lrc
[2012/01/10 04:50:40 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnor.lrc
[2012/01/10 04:50:40 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhun.lrc
[2012/01/10 04:50:40 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfin.lrc
[2012/01/10 04:50:40 | 000,285,696 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtha.lrc
[2012/01/10 04:50:40 | 000,285,696 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrenu.lrc
[2012/01/10 04:50:40 | 000,285,184 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrheb.lrc
[2012/01/10 04:50:40 | 000,283,648 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrjpn.lrc
[2012/01/10 04:50:40 | 000,283,136 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrkor.lrc
[2012/01/10 04:50:40 | 000,062,464 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.dll
[2012/01/10 04:50:39 | 007,470,080 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdumd64.dll
[2012/01/10 04:50:39 | 000,575,488 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdumdx32.dll
[2012/01/10 04:50:39 | 000,418,328 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpers.exe
[2012/01/10 04:50:39 | 000,385,024 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdev.dll
[2012/01/10 04:50:39 | 000,335,872 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpph.dll
[2012/01/10 04:50:39 | 000,288,768 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxdv32.dll
[2012/01/10 04:50:39 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcsy.lrc
[2012/01/10 04:50:39 | 000,285,696 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdan.lrc
[2012/01/10 04:50:39 | 000,285,184 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrara.lrc
[2012/01/10 04:50:39 | 000,282,624 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcht.lrc
[2012/01/10 04:50:39 | 000,282,624 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrchs.lrc
[2012/01/10 04:50:39 | 000,239,128 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxext.exe
[2012/01/10 04:50:39 | 000,142,848 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmrt32.dll
[2012/01/10 04:50:39 | 000,142,336 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdo.dll
[2012/01/10 04:50:39 | 000,126,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcpl.cpl
[2012/01/10 04:50:39 | 000,122,368 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcmrt64.dll
[2012/01/10 04:50:39 | 000,028,672 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxexps.dll
[2012/01/10 04:50:39 | 000,024,576 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxexps32.dll
[2012/01/10 04:50:39 | 000,004,096 | ---- | C] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll
[2012/01/10 04:50:38 | 012,273,408 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys
[2012/01/10 04:50:38 | 005,689,344 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdumd32.dll
[2012/01/10 04:50:37 | 007,386,112 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igd10umd64.dll
[2012/01/10 04:50:37 | 006,068,224 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igd10umd32.dll
[2012/01/10 04:50:36 | 019,591,680 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\ig4icd64.dll
[2012/01/10 04:50:36 | 014,292,992 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\ig4icd32.dll
[2012/01/10 04:50:36 | 000,391,704 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hkcmd.exe
[2012/01/10 04:50:36 | 000,109,056 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hccutils.dll
[2012/01/10 04:50:35 | 004,368,920 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\GfxUI.exe
[2012/01/10 04:50:35 | 000,144,896 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\gfxSrvc.dll
[2012/01/10 04:50:27 | 000,056,344 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys
[2012/01/10 04:50:12 | 002,374,656 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys
[2012/01/10 04:49:30 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/01/10 04:49:30 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/01/10 04:49:30 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/01/10 04:49:30 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/01/10 04:49:30 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/01/10 04:49:30 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/01/10 04:49:30 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/01/10 04:49:30 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/01/10 04:49:30 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/01/10 04:49:30 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/01/10 04:49:30 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/01/10 04:49:30 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/01/10 04:49:30 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/01/10 04:49:30 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/01/10 04:49:30 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/01/10 04:49:30 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/01/10 04:49:30 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/01/10 04:49:30 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/01/10 04:49:30 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/01/10 04:49:30 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/01/10 04:49:30 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/01/10 04:49:30 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/01/10 04:49:30 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/01/10 04:49:30 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/01/10 04:49:30 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/01/10 04:49:30 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/01/10 04:49:30 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/01/10 04:49:30 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/01/10 04:49:30 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/01/10 04:49:30 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/01/10 04:49:30 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/01/10 04:49:30 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/01/10 04:49:30 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/01/10 04:49:30 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/01/10 04:49:30 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/01/10 04:49:30 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/01/10 04:49:30 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/01/10 04:49:30 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/01/10 04:49:30 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/01/10 04:49:30 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/01/10 04:49:30 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/01/10 04:49:30 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/01/10 04:49:30 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/01/10 04:49:30 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/01/10 04:49:30 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/01/10 04:49:30 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/01/10 04:49:30 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/01/10 04:49:30 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/01/10 04:49:30 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/01/10 04:49:30 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/01/10 04:49:30 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/01/10 04:49:30 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/01/10 04:49:30 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/01/10 04:49:30 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/01/10 04:49:30 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/01/10 04:49:30 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/01/10 04:49:30 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/01/10 04:49:30 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/01/10 04:49:30 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/01/10 04:49:30 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/01/10 04:49:30 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/01/10 04:46:49 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\oem
[2012/01/10 04:46:46 | 000,000,000 | ---D | C] -- C:\Drivers
[2012/01/10 04:24:17 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Fingertapps
[2012/01/10 04:12:09 | 000,000,000 | ---D | C] -- C:\Program Files\dell stage
[2012/01/10 04:10:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2012/01/10 04:09:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2012/01/10 04:07:14 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2012/01/10 04:07:00 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2012/01/10 04:06:46 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2012/01/10 04:05:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2012/01/10 04:03:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\mcafee
[2012/01/10 04:03:13 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012/01/10 04:01:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Uninstall
[2012/01/10 03:59:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SureThing Shared
[2012/01/10 03:59:12 | 000,000,000 | ---D | C] -- C:\ProgramData\PhotoShow Shared Assets
[2012/01/10 03:59:10 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio
[2012/01/10 03:58:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator Starter
[2012/01/10 03:57:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic
[2012/01/10 03:57:11 | 000,055,856 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\PxHlpa64.sys
[2012/01/10 03:57:11 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdralw2k.sys
[2012/01/10 03:57:11 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdr4_xp.sys
[2012/01/10 03:57:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Roxio
[2012/01/10 03:56:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2012/01/10 03:56:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared
[2012/01/10 03:56:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Roxio
[2012/01/10 03:56:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrovision
[2012/01/10 03:56:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Roxio Shared
[2012/01/10 03:56:07 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2012/01/10 03:56:07 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2012/01/10 03:56:07 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2012/01/10 03:56:07 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2012/01/10 03:56:07 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2012/01/10 03:56:07 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2012/01/10 03:56:01 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2012/01/10 03:56:01 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2012/01/10 03:56:01 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2012/01/10 03:56:01 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2012/01/10 03:56:01 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2012/01/10 03:56:01 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2012/01/10 03:56:01 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2012/01/10 03:56:01 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2012/01/10 03:56:01 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2012/01/10 03:56:01 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2012/01/10 03:56:01 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2012/01/10 03:56:01 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2012/01/10 03:56:01 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2012/01/10 03:56:01 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2012/01/10 03:56:01 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2012/01/10 03:56:01 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2012/01/10 03:56:01 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2012/01/10 03:56:01 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2012/01/10 03:56:01 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2012/01/10 03:56:01 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2012/01/10 03:56:00 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2012/01/10 03:56:00 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2012/01/10 03:56:00 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2012/01/10 03:56:00 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2012/01/10 03:56:00 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2012/01/10 03:56:00 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2012/01/10 03:56:00 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2012/01/10 03:56:00 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2012/01/10 03:56:00 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2012/01/10 03:56:00 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2012/01/10 03:56:00 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2012/01/10 03:56:00 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2012/01/10 03:56:00 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2012/01/10 03:56:00 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2012/01/10 03:56:00 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2012/01/10 03:56:00 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2012/01/10 03:56:00 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2012/01/10 03:56:00 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2012/01/10 03:56:00 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2012/01/10 03:56:00 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2012/01/10 03:55:54 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2012/01/10 03:55:54 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2012/01/10 03:55:54 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2012/01/10 03:55:54 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2012/01/10 03:55:54 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2012/01/10 03:55:54 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2012/01/10 03:55:54 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2012/01/10 03:55:54 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2012/01/10 03:55:54 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2012/01/10 03:55:54 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2012/01/10 03:55:54 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2012/01/10 03:55:54 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2012/01/10 03:55:53 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2012/01/10 03:55:53 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2012/01/10 03:55:53 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2012/01/10 03:55:53 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2012/01/10 03:55:53 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2012/01/10 03:55:53 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2012/01/10 03:55:53 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2012/01/10 03:55:53 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2012/01/10 03:55:53 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2012/01/10 03:55:53 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2012/01/10 03:55:53 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2012/01/10 03:55:53 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2012/01/10 03:55:52 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2012/01/10 03:55:52 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2012/01/10 03:55:52 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2012/01/10 03:55:52 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2012/01/10 03:55:52 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2012/01/10 03:55:52 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2012/01/10 03:54:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012/01/10 03:54:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012/01/10 03:54:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012/01/10 03:53:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2012/01/10 03:53:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Jagex
[2012/01/10 03:52:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell DataSafe Online
[2012/01/10 03:51:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PlayReady
[2012/01/10 03:50:45 | 000,000,000 | ---D | C] -- C:\Windows\en
[2012/01/10 03:50:17 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2012/01/10 03:50:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2012/01/10 03:49:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2012/01/10 03:48:50 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012/01/10 03:48:35 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2012/01/10 03:48:23 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2012/01/10 03:48:23 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2012/01/10 03:48:23 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2012/01/10 03:48:23 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2012/01/10 03:47:42 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2012/01/10 03:47:42 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2012/01/10 03:47:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/01/10 03:46:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012/01/10 03:46:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2012/01/10 03:46:13 | 000,841,280 | ---- | C] (ArcSoft, Inc.) -- C:\Windows\SysNative\PhotoStageScrSaver.scr
[2012/01/10 03:45:45 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Dell
[2012/01/10 03:45:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dell Stage
[2012/01/10 03:45:13 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Stage
[2012/01/10 03:45:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cyberlink
[2012/01/10 03:45:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dell
[2012/01/10 03:44:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2012/01/10 03:44:29 | 000,000,000 | ---D | C] -- C:\ProgramData\install_clap
[2012/01/10 03:44:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2012/01/10 03:43:22 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012/01/10 03:43:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/01/10 03:42:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012/01/10 03:42:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Cozi
[2012/01/10 03:40:20 | 000,151,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WimFltr.sys
[2012/01/10 03:40:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012/01/10 03:36:23 | 000,000,000 | ---D | C] -- C:\ProgramData\WildTangent
[2012/01/10 03:36:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WildTangent
[2012/01/10 03:36:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
[2012/01/10 03:35:57 | 000,525,544 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll
[2012/01/10 03:35:57 | 000,190,752 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe
[2012/01/10 03:35:57 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe
[2012/01/10 03:35:55 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/01/10 03:35:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/01/10 03:35:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/01/10 03:35:33 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2012/01/10 03:35:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/01/10 03:22:33 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/01/10 03:22:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012/01/10 03:22:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/01/10 03:22:27 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Inc
[2012/01/10 03:20:42 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2012/01/10 03:20:42 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe

========== Files - Modified Within 30 Days ==========

[2012/01/25 19:36:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/25 18:49:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-449589144-3921348804-3012424731-1000UA.job
[2012/01/25 16:40:43 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/25 16:40:43 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/25 16:37:39 | 000,870,516 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/01/25 16:37:39 | 000,192,112 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/01/25 16:37:39 | 000,006,194 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/01/25 16:36:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/25 16:33:28 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/01/25 16:33:11 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012/01/25 16:33:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/25 16:33:04 | 468,156,415 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/25 15:49:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-449589144-3921348804-3012424731-1000Core.job
[2012/01/24 22:55:44 | 000,000,385 | ---- | M] () -- C:\Windows\SysNative\user_gensett.xml
[2012/01/23 21:11:11 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012/01/23 20:49:12 | 000,361,872 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/01/17 16:50:47 | 000,023,392 | ---- | M] () -- C:\Windows\SysNative\LexFiles.ulf
[2012/01/17 16:29:13 | 000,001,024 | ---- | M] () -- C:\.rnd
[2012/01/17 16:23:08 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/01/17 15:47:22 | 000,274,662 | ---- | M] () -- C:\ProgramData\1326832783.bdinstall.bin
[2012/01/17 15:46:58 | 000,000,270 | ---- | M] () -- C:\bdr-conf
[2012/01/17 15:46:41 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2012/01/17 15:46:31 | 000,002,058 | RHS- | M] () -- C:\Users\Public\Desktop\Bitdefender Internet Security 2012.lnk
[2012/01/17 14:43:46 | 000,001,439 | ---- | M] () -- C:\Users\Weezie\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/01/17 14:17:37 | 000,108,227 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012/01/17 14:17:37 | 000,108,227 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012/01/10 05:16:23 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/01/10 05:13:22 | 000,030,449 | R--- | M] () -- C:\dell.sdr
[2012/01/10 05:11:44 | 002,315,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2012/01/10 05:11:44 | 002,223,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2012/01/10 05:11:44 | 001,549,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2012/01/10 05:11:44 | 001,401,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2012/01/10 05:11:44 | 000,778,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2012/01/10 05:11:44 | 000,666,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2012/01/10 05:11:44 | 000,491,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2012/01/10 05:11:44 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2012/01/10 05:11:44 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2012/01/10 05:11:44 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2012/01/10 05:11:44 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2012/01/10 05:11:44 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2012/01/10 05:11:44 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2012/01/10 05:11:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2012/01/10 05:11:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2012/01/10 05:11:42 | 001,395,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2012/01/10 05:11:42 | 001,359,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2012/01/10 05:11:42 | 001,164,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2012/01/10 05:11:42 | 001,137,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2012/01/10 05:11:42 | 000,613,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012/01/10 05:11:42 | 000,476,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2012/01/10 05:11:42 | 000,465,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012/01/10 05:11:42 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2012/01/10 05:11:42 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012/01/10 05:11:42 | 000,075,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012/01/10 05:11:42 | 000,027,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2012/01/10 05:11:41 | 002,871,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012/01/10 05:11:41 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2012/01/10 05:11:41 | 001,544,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/01/10 05:11:41 | 000,902,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2012/01/10 05:11:41 | 000,367,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012/01/10 05:11:41 | 000,294,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012/01/10 05:11:41 | 000,252,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2012/01/10 05:11:41 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2012/01/10 05:11:41 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2012/01/10 05:11:41 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2012/01/10 05:11:41 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012/01/10 05:11:41 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2012/01/10 05:11:41 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012/01/10 05:11:40 | 001,162,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012/01/10 05:11:40 | 001,118,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2012/01/10 05:11:40 | 000,961,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2012/01/10 05:11:40 | 000,850,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2012/01/10 05:11:40 | 000,642,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2012/01/10 05:11:40 | 000,421,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012/01/10 05:11:40 | 000,362,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012/01/10 05:11:40 | 000,338,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012/01/10 05:11:40 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2012/01/10 05:11:40 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012/01/10 05:11:40 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012/01/10 05:11:40 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2012/01/10 05:11:40 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012/01/10 05:11:40 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012/01/10 05:11:40 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012/01/10 05:11:40 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012/01/10 05:11:40 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012/01/10 05:11:40 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012/01/10 05:11:40 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012/01/10 05:11:40 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012/01/10 05:11:40 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012/01/10 05:11:40 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012/01/10 05:11:40 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012/01/10 05:11:40 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012/01/10 05:11:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012/01/10 05:11:40 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012/01/10 05:11:39 | 000,861,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012/01/10 05:11:39 | 000,331,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012/01/10 05:11:39 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2012/01/10 05:11:39 | 000,212,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2012/01/10 05:11:39 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2012/01/10 05:11:39 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2012/01/10 05:11:39 | 000,122,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2012/01/10 05:11:39 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2012/01/10 05:11:39 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2012/01/10 05:11:39 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2012/01/10 05:11:39 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2012/01/10 05:11:38 | 002,565,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2012/01/10 05:11:38 | 001,699,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2012/01/10 05:11:38 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2012/01/10 05:11:38 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2012/01/10 05:11:38 | 000,189,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2012/01/10 05:11:38 | 000,107,904 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2012/01/10 05:11:38 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2012/01/10 05:11:38 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2012/01/10 05:11:38 | 000,027,008 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2012/01/10 05:11:37 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2012/01/10 05:11:37 | 000,007,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2012/01/10 05:11:36 | 005,561,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/01/10 05:11:36 | 003,967,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/01/10 05:11:36 | 003,912,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/01/10 05:11:36 | 000,642,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2012/01/10 05:11:36 | 000,605,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2012/01/10 05:11:36 | 000,566,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2012/01/10 05:11:36 | 000,518,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2012/01/10 05:11:36 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2012/01/10 05:11:36 | 000,257,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2012/01/10 05:11:36 | 000,246,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\input.dll
[2012/01/10 05:11:36 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\input.dll
[2012/01/10 05:11:36 | 000,196,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2012/01/10 05:11:36 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2012/01/10 05:11:36 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2012/01/10 05:11:36 | 000,020,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2012/01/10 05:11:36 | 000,019,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2012/01/10 05:11:36 | 000,017,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2012/01/10 05:11:35 | 000,800,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2012/01/10 05:11:35 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTAM.DLL
[2012/01/10 05:11:35 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAL.DLL
[2012/01/10 05:11:35 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINDEV.DLL
[2012/01/10 05:11:35 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBEN.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTEL.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTAM.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINPUN.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINORI.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINORI.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAR.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAR.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAL.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINKAN.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINKAN.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINHIN.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINHIN.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINGUJ.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINEN.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINDEV.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBEN.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBE2.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBE1.DLL
[2012/01/10 05:11:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINASA.DLL
[2012/01/10 05:11:35 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTEL.DLL
[2012/01/10 05:11:35 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINPUN.DLL
[2012/01/10 05:11:35 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINGUJ.DLL
[2012/01/10 05:11:35 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBE2.DLL
[2012/01/10 05:11:35 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBE1.DLL
[2012/01/10 05:11:35 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINASA.DLL
[2012/01/10 04:50:10 | 000,004,372 | ---- | M] () -- C:\Windows\SysWow64\drivers\1028_Dell_INS_620.mrk
[2012/01/10 04:50:10 | 000,004,372 | ---- | M] () -- C:\Windows\SysNative\drivers\1028_Dell_INS_620.mrk
[2012/01/10 04:49:30 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/01/10 04:49:30 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/01/10 04:49:30 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/01/10 04:49:30 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/01/10 04:49:30 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/01/10 04:49:30 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/01/10 04:49:30 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/01/10 04:49:30 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/01/10 04:49:30 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/01/10 04:49:30 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/01/10 04:49:30 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/01/10 04:49:30 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/01/10 04:49:30 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/01/10 04:49:30 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/01/10 04:49:30 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/01/10 04:49:30 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/01/10 04:49:30 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/01/10 04:49:30 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/01/10 04:49:30 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/01/10 04:49:30 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/01/10 04:49:30 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/01/10 04:49:30 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/01/10 04:49:30 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/01/10 04:49:30 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/01/10 04:49:30 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/01/10 04:49:30 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/01/10 04:49:30 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/01/10 04:49:30 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/01/10 04:49:30 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/01/10 04:49:30 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/01/10 04:49:30 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/01/10 04:49:30 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/01/10 04:49:30 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/01/10 04:49:30 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/01/10 04:49:30 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/01/10 04:49:30 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/01/10 04:49:30 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/01/10 04:49:30 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/01/10 04:49:30 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/01/10 04:49:30 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/01/10 04:49:30 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/01/10 04:49:30 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/01/10 04:49:30 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/01/10 04:49:30 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/01/10 04:49:30 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/01/10 04:49:30 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/01/10 04:49:30 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/01/10 04:49:30 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/01/10 04:49:30 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012/01/10 04:49:30 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/01/10 04:49:30 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/01/10 04:49:30 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/01/10 04:49:30 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/01/10 04:49:30 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/01/10 04:49:30 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/01/10 04:49:30 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/01/10 04:49:30 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/01/10 04:49:30 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/01/10 04:49:30 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/01/10 04:49:30 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/01/10 04:49:30 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/01/10 04:49:30 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/01/10 04:49:30 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/01/10 03:35:55 | 000,525,544 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll
[2012/01/10 03:35:55 | 000,190,752 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe
[2012/01/10 03:35:55 | 000,171,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe
[2012/01/10 03:30:17 | 000,771,986 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== Files Created - No Company Name ==========

[2012/01/25 16:28:42 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/01/25 16:28:42 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/01/25 16:28:42 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/01/25 16:28:42 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/01/25 16:28:42 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/01/24 22:55:44 | 000,000,385 | ---- | C] () -- C:\Windows\SysNative\user_gensett.xml
[2012/01/23 21:00:51 | 000,000,564 | ---- | C] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012/01/23 21:00:43 | 000,000,506 | ---- | C] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012/01/17 16:50:09 | 000,045,568 | ---- | C] () -- C:\Windows\SysNative\DLDFPMON.DLL
[2012/01/17 16:50:09 | 000,014,336 | ---- | C] () -- C:\Windows\SysNative\DLDFFXPU.DLL
[2012/01/17 16:49:49 | 000,049,152 | ---- | C] () -- C:\Windows\SysNative\dldfoem.dll
[2012/01/17 16:49:49 | 000,003,584 | ---- | C] () -- C:\Windows\SysNative\DLDFPMRC.DLL
[2012/01/17 16:47:10 | 000,598,950 | ---- | C] () -- C:\Windows\SysWow64\DLDFhelp.chm
[2012/01/17 16:47:10 | 000,499,712 | ---- | C] () -- C:\Windows\SysWow64\dldfutil.dll
[2012/01/17 16:47:10 | 000,385,024 | ---- | C] () -- C:\Windows\SysWow64\dldfcomx.dll
[2012/01/17 16:47:10 | 000,348,160 | ---- | C] () -- C:\Windows\SysWow64\dldfinst.dll
[2012/01/17 16:47:10 | 000,176,128 | ---- | C] () -- C:\Windows\SysWow64\dldfinsb.dll
[2012/01/17 16:47:10 | 000,176,128 | ---- | C] () -- C:\Windows\SysWow64\dldfins.dll
[2012/01/17 16:47:10 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\dldfjswr.dll
[2012/01/17 16:47:10 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\dldfinsr.dll
[2012/01/17 16:47:10 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\dldfcub.dll
[2012/01/17 16:47:10 | 000,077,906 | ---- | C] () -- C:\Windows\SysWow64\dldfcfg.dll
[2012/01/17 16:47:10 | 000,077,824 | ---- | C] () -- C:\Windows\SysWow64\dldfcu.dll
[2012/01/17 16:47:10 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\dldfcur.dll
[2012/01/17 16:47:10 | 000,002,092 | ---- | C] () -- C:\Windows\SysWow64\dldf.loc
[2012/01/17 16:46:59 | 000,701,952 | ---- | C] () -- C:\Windows\SysNative\dldfutil.dll
[2012/01/17 16:46:59 | 000,524,288 | ---- | C] () -- C:\Windows\SysNative\dldfinst.dll
[2012/01/17 16:46:59 | 000,159,232 | ---- | C] () -- C:\Windows\SysNative\dldfinsb.dll
[2012/01/17 16:46:59 | 000,125,952 | ---- | C] () -- C:\Windows\SysNative\dldfjswr.dll
[2012/01/17 16:46:59 | 000,023,392 | ---- | C] () -- C:\Windows\SysNative\LexFiles.ulf
[2012/01/17 16:46:58 | 000,598,950 | ---- | C] () -- C:\Windows\SysNative\DLDFhelp.chm
[2012/01/17 16:46:58 | 000,298,496 | ---- | C] () -- C:\Windows\SysNative\dldfgrd.dll
[2012/01/17 16:46:58 | 000,236,544 | ---- | C] () -- C:\Windows\SysNative\dldfins.dll
[2012/01/17 16:46:58 | 000,097,280 | ---- | C] () -- C:\Windows\SysNative\dldfcu.dll
[2012/01/17 16:46:58 | 000,090,112 | ---- | C] () -- C:\Windows\SysNative\dldfinsr.dll
[2012/01/17 16:46:58 | 000,068,608 | ---- | C] () -- C:\Windows\SysNative\dldfcub.dll
[2012/01/17 16:46:58 | 000,065,024 | ---- | C] () -- C:\Windows\SysNative\dldfcfg.dll
[2012/01/17 16:46:58 | 000,022,016 | ---- | C] () -- C:\Windows\SysNative\dldfcur.dll
[2012/01/17 16:46:58 | 000,002,092 | ---- | C] () -- C:\Windows\SysNative\dldf.loc
[2012/01/17 16:46:46 | 000,420,352 | ---- | C] () -- C:\Windows\SysNative\dldfcoin.dll
[2012/01/17 16:46:45 | 000,109,056 | ---- | C] () -- C:\Windows\SysNative\dldfvs.dll
[2012/01/17 16:29:12 | 000,001,024 | ---- | C] () -- C:\.rnd
[2012/01/17 16:28:27 | 000,000,990 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn.lnk
[2012/01/17 16:24:15 | 000,000,898 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/17 16:24:10 | 000,000,894 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/17 16:08:47 | 000,085,504 | ---- | C] () -- C:\Windows\SysNative\cpwmon64.dll
[2012/01/17 15:47:22 | 000,274,662 | ---- | C] () -- C:\ProgramData\1326832783.bdinstall.bin
[2012/01/17 15:46:58 | 036,942,680 | ---- | C] () -- C:\bdrescue.gz
[2012/01/17 15:46:58 | 002,510,608 | ---- | C] () -- C:\bdrescue.vm
[2012/01/17 15:46:58 | 000,217,769 | ---- | C] () -- C:\bdrescue
[2012/01/17 15:46:58 | 000,009,216 | ---- | C] () -- C:\bdrescue.mbr
[2012/01/17 15:46:58 | 000,000,270 | ---- | C] () -- C:\bdr-conf
[2012/01/17 15:46:41 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2012/01/17 15:46:31 | 000,002,058 | RHS- | C] () -- C:\Users\Public\Desktop\Bitdefender Internet Security 2012.lnk
[2012/01/17 15:36:55 | 000,000,912 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-449589144-3921348804-3012424731-1000UA.job
[2012/01/17 15:36:52 | 000,000,860 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-449589144-3921348804-3012424731-1000Core.job
[2012/01/17 15:06:53 | 000,091,543 | ---- | C] () -- C:\Users\Weezie\Documents\selena round&round
[2012/01/17 15:06:53 | 000,060,871 | ---- | C] () -- C:\Users\Weezie\Documents\Zack and lacey.eml
[2012/01/17 15:06:52 | 000,051,596 | ---- | C] () -- C:\Users\Weezie\Documents\bo
[2012/01/17 15:06:51 | 011,776,486 | ---- | C] () -- C:\Users\Weezie\Documents\14 Wake Up Everybody (Live In Studio Performance) (feat. Black Thought) [Exclusive].m4a
[2012/01/17 15:06:51 | 009,492,362 | ---- | C] () -- C:\Users\Weezie\Documents\13 Shine (Waiting for Superman Version) [Exclusive].m4a
[2012/01/17 15:06:50 | 024,477,782 | ---- | C] () -- C:\Users\Weezie\Documents\10 I Can't Write Left Handed.m4a
[2012/01/17 15:06:50 | 010,017,543 | ---- | C] () -- C:\Users\Weezie\Documents\12 Shine.m4a
[2012/01/17 15:06:50 | 005,754,406 | ---- | C] () -- C:\Users\Weezie\Documents\11 I Wish I Knew How It Would Feel to Be Free.m4a
[2012/01/17 15:06:50 | 000,044,253 | ---- | C] () -- C:\Users\Weezie\Documents\09-10-2010 08;57;04PM.rtf
[2012/01/17 15:06:49 | 012,223,192 | ---- | C] () -- C:\Users\Weezie\Documents\09 Wholy Holy.m4a
[2012/01/17 15:06:49 | 008,205,436 | ---- | C] () -- C:\Users\Weezie\Documents\08 Humanity (Love The Way It Should Be).m4a
[2012/01/17 15:06:49 | 000,007,975 | ---- | C] () -- C:\Users\Weezie\Documents\07-18-2008 12;32;08PM.rtf
[2012/01/17 15:06:48 | 015,005,714 | ---- | C] () -- C:\Users\Weezie\Documents\07 Hang On In There.m4a
[2012/01/17 15:06:48 | 011,411,934 | ---- | C] () -- C:\Users\Weezie\Documents\06 Little Ghetto Boy (feat. Black Thought).m4a
[2012/01/17 15:06:48 | 009,397,162 | ---- | C] () -- C:\Users\Weezie\Documents\03 Wake Up Everybody (feat. Common & Melane Fiona).m4a
[2012/01/17 15:06:48 | 007,066,546 | ---- | C] () -- C:\Users\Weezie\Documents\04 Our Generation (The Hope of the World) (feat. CL Smooth).m4a
[2012/01/17 15:06:48 | 004,601,465 | ---- | C] () -- C:\Users\Weezie\Documents\05 Little Ghetto Boy (Prelude) (feat. Malik Yusef).m4a
[2012/01/17 15:06:48 | 000,048,372 | ---- | C] () -- C:\Users\Weezie\Documents\04-13-2009 04;37;36PM.rtf
[2012/01/17 15:06:48 | 000,004,285 | ---- | C] () -- C:\Users\Weezie\Documents\04-20-2009 12;27;38PM.rtf
[2012/01/17 15:06:47 | 013,448,350 | ---- | C] () -- C:\Users\Weezie\Documents\02 Compared to What.m4a
[2012/01/17 15:06:47 | 010,276,075 | ---- | C] () -- C:\Users\Weezie\Documents\01 Hard Times.m4a
[2012/01/17 15:03:27 | 000,058,698 | ---- | C] () -- C:\Users\Weezie\Documents\Amber_Call_Log_05.31.2011.pdf
[2012/01/17 14:43:46 | 000,001,439 | ---- | C] () -- C:\Users\Weezie\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/01/17 14:26:37 | 000,001,371 | ---- | C] () -- C:\Users\Weezie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/01/17 14:26:35 | 000,001,445 | ---- | C] () -- C:\Users\Weezie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/01/17 14:19:09 | 000,001,935 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Help Documentation.lnk
[2012/01/17 14:18:40 | 000,000,290 | ---- | C] () -- C:\Users\Weezie\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/01/17 14:18:40 | 000,000,272 | ---- | C] () -- C:\Users\Weezie\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/01/10 05:16:23 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/01/10 05:14:52 | 468,156,415 | -HS- | C] () -- C:\hiberfil.sys
[2012/01/10 05:13:21 | 000,030,449 | R--- | C] () -- C:\dell.sdr
[2012/01/10 04:51:08 | 000,030,895 | ---- | C] () -- C:\Windows\SysNative\drivers\Mixer.ini
[2012/01/10 04:50:50 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2012/01/10 04:50:41 | 001,991,936 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.cpa
[2012/01/10 04:50:41 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012/01/10 04:50:41 | 000,960,940 | ---- | C] () -- C:\Windows\SysNative\igkrng600.bin
[2012/01/10 04:50:41 | 000,060,254 | ---- | C] () -- C:\Windows\SysNative\iglhxg64.vp
[2012/01/10 04:50:41 | 000,060,226 | ---- | C] () -- C:\Windows\SysNative\iglhxc64.vp
[2012/01/10 04:50:41 | 000,060,015 | ---- | C] () -- C:\Windows\SysNative\iglhxo64.vp
[2012/01/10 04:50:41 | 000,013,476 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp
[2012/01/10 04:50:41 | 000,001,090 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.vp
[2012/01/10 04:50:39 | 000,213,332 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012/01/10 04:50:39 | 000,213,332 | ---- | C] () -- C:\Windows\SysNative\igfcg600m.bin
[2012/01/10 04:50:37 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2012/01/10 04:50:37 | 000,145,804 | ---- | C] () -- C:\Windows\SysNative\igcompkrng600.bin
[2012/01/10 04:50:36 | 000,094,208 | ---- | C] () -- C:\Windows\SysNative\IccLibDll_x64.dll
[2012/01/10 04:50:36 | 000,000,151 | ---- | C] () -- C:\Windows\SysNative\GfxUI.exe.config
[2012/01/10 04:50:35 | 000,208,335 | ---- | C] () -- C:\Windows\SysNative\Gfxres.th-TH.resources
[2012/01/10 04:50:35 | 000,180,246 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources
[2012/01/10 04:50:35 | 000,135,119 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ro-RO.resources
[2012/01/10 04:50:35 | 000,133,868 | ---- | C] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources
[2012/01/10 04:50:35 | 000,133,321 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources
[2012/01/10 04:50:35 | 000,132,876 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources
[2012/01/10 04:50:35 | 000,132,422 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources
[2012/01/10 04:50:35 | 000,132,299 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources
[2012/01/10 04:50:35 | 000,131,711 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources
[2012/01/10 04:50:35 | 000,131,290 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources
[2012/01/10 04:50:35 | 000,127,599 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources
[2012/01/10 04:50:35 | 000,116,413 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources
[2012/01/10 04:50:35 | 000,115,195 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources
[2012/01/10 04:50:34 | 000,195,681 | ---- | C] () -- C:\Windows\SysNative\Gfxres.el-GR.resources
[2012/01/10 04:50:34 | 000,179,736 | ---- | C] () -- C:\Windows\SysNative\difx64.exe
[2012/01/10 04:50:34 | 000,154,366 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources
[2012/01/10 04:50:34 | 000,151,350 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources
[2012/01/10 04:50:34 | 000,147,392 | ---- | C] () -- C:\Windows\SysNative\Gfxres.he-IL.resources
[2012/01/10 04:50:34 | 000,138,635 | ---- | C] () -- C:\Windows\SysNative\Gfxres.it-IT.resources
[2012/01/10 04:50:34 | 000,137,000 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources
[2012/01/10 04:50:34 | 000,136,226 | ---- | C] () -- C:\Windows\SysNative\Gfxres.de-DE.resources
[2012/01/10 04:50:34 | 000,136,172 | ---- | C] () -- C:\Windows\SysNative\Gfxres.es-ES.resources
[2012/01/10 04:50:34 | 000,134,081 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources
[2012/01/10 04:50:34 | 000,132,861 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources
[2012/01/10 04:50:34 | 000,131,897 | ---- | C] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources
[2012/01/10 04:50:34 | 000,131,456 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources
[2012/01/10 04:50:34 | 000,130,414 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hr-HR.resources
[2012/01/10 04:50:34 | 000,127,367 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources
[2012/01/10 04:50:34 | 000,127,109 | ---- | C] () -- C:\Windows\SysNative\Gfxres.da-DK.resources
[2012/01/10 04:50:34 | 000,122,646 | ---- | C] () -- C:\Windows\SysNative\Gfxres.en-US.resources
[2012/01/10 04:50:10 | 000,004,372 | ---- | C] () -- C:\Windows\SysWow64\drivers\1028_Dell_INS_620.mrk
[2012/01/10 04:50:10 | 000,004,372 | ---- | C] () -- C:\Windows\SysNative\drivers\1028_Dell_INS_620.mrk
[2012/01/10 04:49:30 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/01/10 04:49:30 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012/01/10 03:54:27 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/01/10 03:50:13 | 000,001,307 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2012/01/10 03:50:05 | 000,001,376 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2012/01/10 03:49:48 | 000,001,460 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2012/01/10 03:49:39 | 000,002,488 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2011/02/10 11:10:51 | 000,771,986 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== Alternate Data Streams ==========

@Alternate Data Stream - 769 bytes -> C:\Users\Weezie\Documents\Zack and lacey.eml:OECustomProperty

< End of report >

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:17 PM

Posted 26 January 2012 - 08:16 AM

Hello


The first thing I would like you to do is run this for me - http://download.bleepingcomputer.com/grinler/unhide.exe after it is complete restart the computer and continue with these steps



Run this custom script and when it is complete I need to know how the computer is doing

Run OTL Script

  • Double-click OTL.exe to start the program.
  • Copy and Paste the following code into the Posted Image textbox. Do not include the word Code
    :otl
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    @Alternate Data Stream - 769 bytes -> C:\Users\Weezie\Documents\Zack and lacey.eml:OECustomProperty   
    :Files
    ipconfig /flushdns /c
    :Commands
    [PURITY]
    [EMPTYTEMP]
    [emptyjava]
    [EMPTYFLASH]
    [RESETHOSTS]
    
  • Then click the Run Fix button at the top.
  • Click Posted Image.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

Let me know How things are doing

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:17 PM

Posted 29 January 2012 - 11:44 PM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 ClearFocus

ClearFocus
  • Topic Starter

  • Members
  • 93 posts
  • OFFLINE
  •  
  • Local time:04:17 PM

Posted 31 January 2012 - 11:05 AM

Gringo,

Hello. Sorry for the long delay - been out of town. It appears there are no more problems. All three browsers open to the intended home page and not redirected any longer. So, as far as I can tell, all is well. Let me know if you agree based on the log below.

Here is the log from running the custom script in OTL:


All processes killed
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
ADS C:\Users\Weezie\Documents\Zack and lacey.eml:OECustomProperty deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Weezie\Downloads\cmd.bat deleted successfully.
C:\Users\Weezie\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Weezie
->Temp folder emptied: 6048034 bytes
->Temporary Internet Files folder emptied: 246173381 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 87492858 bytes
->Google Chrome cache emptied: 58408138 bytes
->Flash cache emptied: 2608 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 6869 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 32902 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 380.00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Public

User: Weezie
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0.00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: Weezie
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.31.0 log created on 01312012_102225

Files\Folders moved on Reboot...
C:\Users\Weezie\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

Thanks,
Brian

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:17 PM

Posted 31 January 2012 - 04:41 PM

Hello

I would ike to see a report that combofix makes.

extra combofix report

  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box
C:\Qoobox\Add-Remove Programs.txt
  • click ok

copy and paste the report into this topic for me to review

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:17 PM

Posted 03 February 2012 - 01:41 AM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users