Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Looks Like I have Happili


  • This topic is locked This topic is locked
21 replies to this topic

#1 rocknrob

rocknrob

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:51 AM

Posted 26 April 2012 - 12:49 AM

So it looks like I have the Happili virus. I thought I managed to get rid of it a couple days ago but today Google results started redirecting again. That and Firefox seems to be running a bit sluggish.

Can I follow the directions in one of the many threads around here or do I have to wait and follow what one of you virus gurus posts for me to do. I'm frustrated and pissed off. I have a ton of work to do and clients who are not good with patience.

Your help is greatly appreciated.

Thanks.

R.

BC AdBot (Login to Remove)

 


#2 rocknrob

rocknrob
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:51 AM

Posted 26 April 2012 - 12:53 AM

By the way I forgot to ,mention my specs:

Windows 7 x64 Ultimate fully updated
The Happili redirect I think only happens in Firefox (Version 11)
Other than the redirect I haven't seen any other odd behavior

That's all I can think of at the moment.

#3 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:51 AM

Posted 26 April 2012 - 09:13 AM

Hello and welcome to BC forums.

No, please do not use other threads as a template. I will do my best to guide you. Please start with the following.

Step 1
1. Go >> Here << and download ERUNT
(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)
2. Install ERUNT by following the prompts
(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)
3. Start ERUNT
(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)
4. Choose a location for the backup
(the default location is C:\WINDOWS\ERDNT which is acceptable).
5. Make sure that at least the first two check boxes are ticked
6. Press OK
7. Press YES to create the folder.

Step 2
To show all files:
  • Go to your Desktop
  • Double-Click the Computer icon.
  • From the menu options, Select Tools, then Folder Options.
  • Next click the View tab.
  • Locate and uncheck Hide file extensions for known file types.
  • Locate and uncheck Hide protected operating system files (Recommended).
  • Locate and click Show hidden files and folders and drives.
  • Click Apply > OK.
Step 3
Download Random's System Information Tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

Step 4
Download Security Check by screen317 and save it to your Desktop: here or here
  • Run Security Check
  • Follow the onscreen instructions inside of the command window.
  • A Notepad document should open automatically called checkup.txt; close Notepad. We will need this log, too, so remember where you've saved it!

Step 5
Close all open browsers at this point.

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
Do NOT turn off the firewall

Start Internet Explorer
Using Internet Explorer browser only, go to BitDefender Quickscan website:
http://quickscan.bitdefender.com

and click "Start Scan".
Observe your browser in case it shows a notice/message bar to allow download and installation of a tool.
Allow the download and install of qsax.cab from BitDefender. Right-click the IE info bar and select Install to install the BitDefender quick scan module.
If prompted, reply yes to allow it to run.
Press the Allow button and follow prompts.

Press the "Start Scan" once more.
You'll see the EULA in a pop-up window. Click the I accept & then the OK button

Note: The FAQ is here --> http://quickscan.bitdefender.com/faq/
and that QuickScan has no removal capability.

The site boasts a 60-second scan. Do have patience as it likely will take longer.
It may seem to stall at moments, but have patience; it will move on.
You'll see a progress bar at top right of window.

Hopefully you will see a No infections found in the bar-winddow. Press the View Log button.
The log report will show in your text editor. Save the log.
Do a Select ALL, Copy. Then paste contents into your next reply.

RE-Enable your antivirus program.

Copy & Paste contents of Log.txt & Info.txt & Checkup.txt & log from Bitdefender.
Use separate replies as needed if logs do not fit into one reply box.
~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#4 rocknrob

rocknrob
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:51 AM

Posted 26 April 2012 - 10:48 AM

I have to attach the .txt files you asked for. The board is not letting me post it all as it's telling me the post is too long.

Results of screen317's Security Check version 0.99.32
Windows 7 x64 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Disabled!
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Adobe Reader 9 Adobe Reader out of date!
Mozilla Firefox (12.0.)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Virus Removal SecurityCheck.exe
Bitdefender Bitdefender 2012 vsserv.exe
Bitdefender Bitdefender 2012 updatesrv.exe
Bitdefender Bitdefender 2012 bdagent.exe
``````````End of Log````````````


This is the quickscan. It's not too long so I don't think it'll be a problem.

QuickScan 32-bit v0.9.9.114
---------------------------
Scan date: Thu Apr 26 10:45:55 2012
Machine ID: 303C4ED0



No infection found.
-------------------



Processes
---------
hpwuSchd Application 6220 C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
Bing Bar 11924 C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE
Bing Desktop 11136 C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe
Bing Desktop 8180 C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
Dropbox 4992 C:\Users\Bob\AppData\Roaming\Dropbox\bin\Dropbox.exe
Find&Run Robot 10852 C:\Program Files (x86)\FindAndRunRobot\FindAndRunRobot.exe
HP Digital Imaging 5896 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
HP Smart Web Printing 10932 C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
IntelCpHeciSvc Executable 2696 C:\Windows\SysWOW64\IntelCpHeciSvc.exe
Microsoft® Windows® Operating System 7288 C:\Windows\SysWOW64\notepad.exe
MOG 4624 C:\Users\Bob\AppData\Local\Apps\2.0\T9GR6RXB.RVM\YKL00EJA.3TQ\mog...tion_1bbce2e889a5ea88_0001.0003_421887a67eb9219f\MOG.exe
Notepad++ 11640 C:\Program Files (x86)\Notepad++\notepad++.exe
Postbox 8176 D:\Program Files\Postbox\postbox.exe
Spotify 4912 C:\Users\Bob\AppData\Roaming\Spotify\spotify.exe
Steam 11468 D:\Program Files\Steam\Steam.exe
THXAudioNB 3764 C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe
Windows® Internet Explorer 4552 C:\Program Files (x86)\Internet Explorer\iexplore.exe
Windows® Internet Explorer 9252 C:\Program Files (x86)\Internet Explorer\iexplore.exe
Wsftp Client COM Helper 4556 C:\Program Files (x86)\Ipswitch\WS_FTP 12\WsftpCOMHelper.exe
(unsigned) Click.to 3524 C:\Program Files (x86)\Axonic\click.to\clicktoapp.exe
(unsigned) Launchy.exe 6056 C:\Program Files (x86)\Launchy\Launchy.exe
(unsigned) Simple Google Calendar client 5360 D:\Downloads\GoogleCal_v2.1\GoogleCal.exe
(unsigned) VMware Workstation 3360 D:\Program Files\VMWare\vmware-authd.exe
(unsigned) vmware-hostd.exe 3492 D:\Program Files\VMWare\vmware-hostd.exe
(unsigned) XFastUsb.exe 4740 C:\Program Files (x86)\XFastUsb\XFastUsb.exe

(verified) 1Password 6064 C:\Program Files (x86)\1Password\1Password.exe
(verified) 1Password 4980 C:\Program Files (x86)\1Password\Agile1pAgent.exe
(verified) 1Password 2500 C:\Program Files (x86)\1Password\Agile1pService.exe
(verified) AppHook x86 6564 C:\Program Files (x86)\DisplayFusion\AppHookx86.exe
(verified) Apple Push 5020 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(verified) CiscoAdapterSvc 2980 C:\Program Files (x86)\Cisco Systems\Cisco Valet Connector\CiscoAdapterSvc.exe
(verified) Google Update 11844 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(verified) IAStorDataSvc 7860 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(verified) IAStorIcon 1928 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(verified) iCloud 5416 C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(verified) iCloud 5468 C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(verified) Intel® Active Management Technology L 7944 C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(verified) Intel® Management and Security Applic 2156 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(verified) Microsoft® Windows® Operating System 2752 C:\Windows\SysWOW64\svchost.exe
(verified) MobileDeviceService 2560 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(verified) NVIDIA Update Components 7424 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(verified) PnkBstrA.exe 2908 C:\Windows\SysWOW64\PnkBstrA.exe
(verified) PnkBstrB.exe 2952 C:\Windows\SysWOW64\PnkBstrB.exe
(verified) StarWind Alcohol Edition 2264 C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(verified) Steam Client Service 8232 C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(verified) Stereo Vision Control Panel API Server 1380 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(verified) SugarSync Manager 5772 C:\Program Files (x86)\SugarSync\SugarSyncManager.exe
(verified) UTSCSI Application 2632 C:\Windows\SysWOW64\UTSCSI.EXE
(verified) VMware Workstation 3184 C:\Windows\SysWOW64\vmnat.exe
(verified) VMware Workstation 3420 C:\Windows\SysWOW64\vmnetdhcp.exe
(verified) VMware Workstation 5388 D:\Program Files\VMWare\vmware-tray.exe


Network activity
----------------
Process iexplore.exe (4552) connected on port 80 (HTTP) --> 64.94.107.30
Process iexplore.exe (4552) connected on port 80 (HTTP) --> 184.50.255.139
Process iexplore.exe (4552) connected on port 80 (HTTP) --> 184.50.255.139
Process iexplore.exe (4552) connected on port 80 (HTTP) --> 23.15.9.16
Process iexplore.exe (4552) connected on port 80 (HTTP) --> 23.15.9.16
Process iexplore.exe (4552) connected on port 80 (HTTP) --> 66.235.143.118
Process iexplore.exe (4552) connected on port 80 (HTTP) --> 66.235.143.118
Process iexplore.exe (4552) connected on port 80 (HTTP) --> 173.194.43.6
Process iexplore.exe (4552) connected on port 80 (HTTP) --> 173.194.43.6
Process iexplore.exe (4552) connected on port 80 (HTTP) --> 64.94.107.36
Process iexplore.exe (4552) connected on port 80 (HTTP) --> 37.59.67.149
Process iexplore.exe (4552) connected on port 80 (HTTP) --> 37.59.67.149
Process iexplore.exe (4552) connected on port 80 (HTTP) --> 37.59.67.149
Process iexplore.exe (4552) connected on port 80 (HTTP) --> 37.59.67.149
Process iexplore.exe (4552) connected on port 80 (HTTP) --> 37.59.67.149
Process iexplore.exe (4552) connected on port 80 (HTTP) --> 37.59.67.149
Process MOG.exe (4624) connected on port 80 (HTTP) --> 208.111.128.7
Process spotify.exe (4912) connected on port 4070 --> 193.182.8.72
Process Dropbox.exe (4992) connected on port 80 (HTTP) --> 199.47.217.146
Process APSDaemon.exe (5020) connected on port 5223 (XMPP/Jabber) --> 17.172.232.85
Process SugarSyncManager.exe (5772) connected on port 443 (HTTP over SSL) --> 74.201.86.29
Process postbox.exe (8176) connected on port 993 (IMAP4 over SSL) --> 74.125.45.16
Process postbox.exe (8176) connected on port 993 (IMAP4 over SSL) --> 74.125.45.16
Process postbox.exe (8176) connected on port 993 (IMAP4 over SSL) --> 74.125.45.16
Process postbox.exe (8176) connected on port 993 (IMAP4 over SSL) --> 74.125.45.16
Process postbox.exe (8176) connected on port 993 (IMAP4 over SSL) --> 74.125.45.16
Process postbox.exe (8176) connected on port 993 (IMAP4 over SSL) --> 74.125.45.16
Process postbox.exe (8176) connected on port 993 (IMAP4 over SSL) --> 74.125.45.16
Process postbox.exe (8176) connected on port 993 (IMAP4 over SSL) --> 74.125.45.16
Process postbox.exe (8176) connected on port 993 (IMAP4 over SSL) --> 74.125.45.16
Process postbox.exe (8176) connected on port 993 (IMAP4 over SSL) --> 74.125.45.16
Process postbox.exe (8176) connected on port 993 (IMAP4 over SSL) --> 74.125.45.16
Process postbox.exe (8176) connected on port 993 (IMAP4 over SSL) --> 74.125.45.16
Process postbox.exe (8176) connected on port 993 (IMAP4 over SSL) --> 74.125.45.16
Process postbox.exe (8176) connected on port 993 (IMAP4 over SSL) --> 74.125.45.16
Process postbox.exe (8176) connected on port 993 (IMAP4 over SSL) --> 74.125.45.16
Process postbox.exe (8176) connected on port 993 (IMAP4 over SSL) --> 74.125.45.16
Process postbox.exe (8176) connected on port 993 (IMAP4 over SSL) --> 74.125.45.16
Process postbox.exe (8176) connected on port 993 (IMAP4 over SSL) --> 74.125.45.16
Process postbox.exe (8176) connected on port 993 (IMAP4 over SSL) --> 74.125.45.16
Process postbox.exe (8176) connected on port 993 (IMAP4 over SSL) --> 74.125.45.16
Process postbox.exe (8176) connected on port 993 (IMAP4 over SSL) --> 157.56.240.86
Process postbox.exe (8176) connected on port 993 (IMAP4 over SSL) --> 157.56.234.86

Process StarWindServiceAE.exe (2264) listens on ports: 3260 (iSCSI Target), 3261
Process Agile1pService.exe (2500) listens on ports: 50173
Process vmware-authd.exe (3360) listens on ports: 902 (VMware Server), 912
Process vmware-hostd.exe (3492) listens on ports: 8080 (HTTP Proxy)
Process spotify.exe (4912) listens on ports: 31976, 57621
Process Dropbox.exe (4992) listens on ports: 17500


Autoruns and critical files
---------------------------
hpwuSchd Application C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
Bing Desktop C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe
Bitdefender 2012 C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe
Dropbox C:\Users\Bob\AppData\Roaming\Dropbox\bin\Dropbox.exe
HP Digital Imaging C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
Microsoft® Windows® Operating System C:\Windows\system32\ssText3d.scr
Microsoft® Windows® Operating System c:\windows\system32\userinit.exe
QuickTime C:\Program Files (x86)\QuickTime\QTTask.exe
(unsigned) Click.to C:\Program Files (x86)\Axonic\click.to\clicktoapp.exe
(unsigned) Ditto C:\Program Files\Ditto\Ditto.exe
(unsigned) Launchy.exe C:\Program Files (x86)\Launchy\Launchy.exe
(unsigned) Simple Google Calendar client D:\Downloads\GoogleCal_v2.1\GoogleCal.exe
(unsigned) XFastUsb.exe C:\Program Files (x86)\XFastUsb\XFastUsb.exe

(verified) 1Password C:\Program Files (x86)\1Password\Agile1pAgent.exe
(verified) Alcohol Virtual Drive Auto-mount Servic C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
(verified) Apple Push C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(verified) DisplayFusion C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
(verified) IAStorIcon C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(verified) iCloud C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(verified) iCloud C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(verified) Lucidlogix appinit_dll. C:\Program Files\Lucidlogix Technologies\VIRTU\x86\appinit_dll.dll
(verified) Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
(verified) Realtek HD Audio Manager C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(verified) ScrollApp C:\Program Files\Logitech\FlowScroll\KhalScroll.exe
(verified) SugarSync Manager C:\Program Files (x86)\SugarSync\SugarSyncManager.exe
(verified) VMware Workstation D:\Program Files\VMWare\vmware-tray.exe


Browser plugins
---------------
1Password C:\Program Files (x86)\1Password\Agile1pIE.dll
AcroIEHelperShim Library C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
Adobe Acrobat C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
Adobe Contribute CS5.1 c:\program files (x86)\adobe\adobe contribute cs5.1\plugins\ieplugin\contributeieplugin.dll
Adobe PDF Toolbar for IE c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll
Bing Bar C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
BitCometAgent C:\Program Files (x86)\Mozilla Firefox\plugins\npBitCometAgent.dll
Bitdefender QuickScan C:\Windows\Downloaded Program Files\qsax.dll
Google Update C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
Google Update C:\Users\Bob\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
HP Smart Web Printing C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
HP Smart Web Printing C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL
Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL
Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
Microsoft® Windows Live ID C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
npitunes.dll D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
NPSWF32_11_2_202_233.dll C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll
NVIDIA 3D Vision C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
NVIDIA 3D VISION C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
ScrollApp C:\Program Files\Logitech\FlowScroll\32-bit\LogiSmooth.dll
Silverlight Plug-In C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
Snagit C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll
Snagit C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll
VLC Web Plugin C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
VMware Tools C:\Windows\system32\vsocklib.dll
WS_FTP Pro/LE c:\program files (x86)\ipswitch\ws_ftp 12\wsbho2k0.dll
(verified) Bonjour C:\Program Files (x86)\Bonjour\mdnsNSP.dll
(verified) Bonjour C:\Program Files\Bonjour\mdnsNSP.dll
(verified) Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
(verified) Microsoft® Windows Live ID C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
(verified) Microsoft® Windows Live ID C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
(verified) Microsoft® Windows® Operating System C:\Windows\System32\mswsock.dll
(verified) Microsoft® Windows® Operating System C:\Windows\system32\napinsp.dll
(verified) Microsoft® Windows® Operating System C:\Windows\system32\NLAapi.dll
(verified) Microsoft® Windows® Operating System C:\Windows\system32\pnrpnsp.dll
(verified) Microsoft® Windows® Operating System C:\Windows\System32\winrnr.dll
(verified) QuickTime Plug-in 7.6.2 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin.dll
(verified) QuickTime Plug-in 7.6.2 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin2.dll
(verified) QuickTime Plug-in 7.6.2 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin3.dll
(verified) QuickTime Plug-in 7.6.2 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin4.dll
(verified) QuickTime Plug-in 7.6.2 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin5.dll
(verified) QuickTime Plug-in 7.6.2 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin6.dll
(verified) QuickTime Plug-in 7.6.2 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin7.dll
(verified) QuickTime Plug-in 7.6.2 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
(verified) QuickTime Plug-in 7.6.2 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
(verified) QuickTime Plug-in 7.6.2 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
(verified) QuickTime Plug-in 7.6.2 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
(verified) QuickTime Plug-in 7.6.2 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
(verified) QuickTime Plug-in 7.6.2 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
(verified) QuickTime Plug-in 7.6.2 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
(verified) Windows® Internet Explorer C:\Windows\SysWOW64\ieframe.dll


Missing files
-------------
File not found: "c:\program files (x86)\microsoft\bingbar\7.1.361.0\bingext.dll"
--> HKLM\Software\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}\InprocServer32\"(default)"


Scan
----
MD5: b76e3733c2a66ede46329fe26ebb2721 C:\Program Files (x86)\1Password\Agile1pIE.dll
MD5: e16a6bc771cb72e443c15751aab5311a C:\Program Files (x86)\1Password\LIBEAY32.dll
MD5: cfa4c200f811975766014853eb478d2a C:\Program Files (x86)\1Password\ssleay32.dll
MD5: 7ec56424e3e77ebf4bf5e0798175e4e5 C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
MD5: 129f6fe61699f44e8a46c67a2f6d0bad c:\program files (x86)\adobe\adobe contribute cs5.1\plugins\ieplugin\contributeieplugin.dll
MD5: faaac4fd7c1867f1adbd0c2de4db7b00 C:\Program Files (x86)\Axonic\click.to\click.to.bing.speech.dll
MD5: ff29229992e82c63626979511690e7ea C:\Program Files (x86)\Axonic\click.to\click.to.pdf.dll
MD5: 90779ba07ea0fdf3f9b27f243d5bfe3d C:\Program Files (x86)\Axonic\click.to\clicktoapp.exe
MD5: 396685436247f2267834b04714719cd3 C:\Program Files (x86)\Axonic\click.to\clicktoframework.dll
MD5: a97ecc8fedcc42cc31fb63969c8c1eaf c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll
MD5: 76f6365f5417c5e0fd1edc16542e588c C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
MD5: 60e5af8b7b4140c711b050fae5a3ab70 C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
MD5: ab81d212ed6ba95a42b09f58e768624e C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\CTAudEp.dll
MD5: 9ff26eee720b38bcee6f66972523b50f C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\CTLoadRs.dll
MD5: d719e529ad0f044af95bf4b82cb6a8f9 C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\CTSetAPO.dll
MD5: 39d5953dc7be13705878e35ed093f88e C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\CTSUSDKu.dll
MD5: 55b720e1ba0f1ca95ad762171a10c7cd C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\en-US\THXAudNB.resources.dll
MD5: d29c3f2bea792cc2196af7b2beb9e899 C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe
MD5: 5278e5cdd2535fdbc010f0f695bc4215 C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXLgcy.dll
MD5: 66aa43f07dee7fe8f22d955e06a1fb0b C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MD5: a0a04b8ba1310c207caf1a81e8a8e5ec C:\Program Files (x86)\FindAndRunRobot\FindAndRunRobot.exe
MD5: 59448f6b68454ba3dc14b2f974877a49 C:\Program Files (x86)\Google\Update\1.3.21.111\goopdate.dll
MD5: 1e6b52abdf4082374de9d43cbd2f7e08 C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
MD5: ab95b8d0cd21a2c6fc72a080a3041cdb C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.dll
MD5: adc00cf609c55d1de505819dd41d9293 C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc
MD5: 13360c00e5d2e61d55bd33971b520558 C:\Program Files (x86)\HP\Digital Imaging\bin\hpotradd.dll
MD5: 97aac45a375168c6a2297beeb9692e31 c:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll
MD5: dc7e73583cec3f95bfa0f0c7b318e286 c:\program files (x86)\hp\digital imaging\bin\hpqddcmn.dll
MD5: 19a4fb67b1c97ea18edff44340973cd9 c:\program files (x86)\hp\digital imaging\bin\hpqddsvc.dll
MD5: 6cf198c73ea80ee19faa6555844fc204 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddusr.dll
MD5: bb203fab5831576abf4df4333b6e3eb3 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqmif08.dll
MD5: 0009e469a1afb61bc7bd7120ad0b796a C:\Program Files (x86)\HP\Digital Imaging\bin\hpqrif08.dll
MD5: b766b210b3dfcda3abdf5521d35ce604 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtao08.dll
MD5: 341fd9d4258c8bbb28f7002a74220b78 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
MD5: 4ebe4f1b9edd701cd4512879b2813901 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc
MD5: 193690eb639d6c7221fb2abb148555fd C:\Program Files (x86)\HP\Digital Imaging\bin\hpquio08.dll
MD5: 703783aa32ca9838fecb2b6dd8095e3b C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusg.dll
MD5: 1be48b0542c91487bb8a94bf2278f55d C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
MD5: b07b569af5665fcb388ea4b6a0756a10 C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\ClipBookDBComponent.dll
MD5: a9956c8ec5d16acef896f043a80a9fb6 C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_Operation.dll
MD5: 6f8a654af50f13b0abdda731527f65ad C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBookDB.dll
MD5: ac592074ac7d67ea52b9426ebee09c96 C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpNeoLogger.dll
MD5: d749e8b62d7c2f6844f4995bb71b172a C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSWPOperation.dll
MD5: dd0343e035d76940c52fc0c65e0e3ef0 C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPLogging.dll
MD5: fa979bd1b2fbd8d7d409532461c846d6 C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTC.dll
MD5: 2151d95bba7d8766ba8b5bd1f595fb3a C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTL.dll
MD5: 2c9983d248c2c4d56ea275bfaffffdb1 C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\hpNeoLogging.dll
MD5: dba01e33b18fd8592da0f47b99edb2d4 C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\hpXRE.dll
MD5: 6966f7c128106c942f6787e78388a210 C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\js3250.dll
MD5: 34ef8080d4591a495f94e95d37c04b09 C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\MOZCRT19.dll
MD5: 63d5682fe31278f4eab4bf93db523886 C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\nspr4.dll
MD5: 350d6d825023a4a58cf2691e2f7ca848 C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\nss3.dll
MD5: 15dd623207d99f6e33d8e1b656c59e75 C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\nssutil3.dll
MD5: f86062027e3e27652978cf2ac2dcf99d C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\plc4.dll
MD5: 3071da2e0aa382df856fa5eaf2f0c716 C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\plds4.dll
MD5: a1474e9488527c9aed975725d6ff3449 C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\smime3.dll
MD5: 0a6152534ea55f45bc29c4d17ecbeb49 C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\sqlite3.dll
MD5: cad799dd070c782d02686d06dc980ac1 C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\ssl3.dll
MD5: 2fbe5087b17225f035150e2f2bf7d6d0 C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\xpcom.dll
MD5: 72596213ebdecb7ef1ee933df071a32b C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\xul.dll
MD5: 10cbadbb78ceee801e07f70910acc2a9 C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\RsrcLoaderLib.dll
MD5: f36fa84c7c1f4107433b76bd38a4389f C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\SatelliteENU.dll
MD5: c6157a1233be84d05a194f46022ef619 C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\UtilityLib.dll
MD5: eade68c6f9875614568a5d1ca32b892b C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUIHelper.dll
MD5: 19adef26d3d4efdd2e5e2759a43ec5ee C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll
MD5: 16136783dd2c6d210bf8514379678f70 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\ISDI.dll
MD5: e008cb84d5c9c130316b9fe0ae33f1d8 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
MD5: 92cb47a8dc9427d8f406aaf84384adf2 C:\Program Files (x86)\Internet Explorer\IEShims.dll
MD5: 904e13ba41af2e353a32cf351ca53639 C:\Program Files (x86)\Internet Explorer\iexplore.exe
MD5: 07000c246b3b307a57acd072bd34784c C:\Program Files (x86)\Ipswitch\WS_FTP 12\ipspgp.dll
MD5: cdd5f35360d20ff5d25e1c06be724cbc C:\Program Files (x86)\Ipswitch\WS_FTP 12\LIBEAY32.dll
MD5: 7013b847dfd69e5190e392442a90452e C:\Program Files (x86)\Ipswitch\WS_FTP 12\res0409.dll
MD5: 79c1a8415229ed8d1831b4d486194634 C:\Program Files (x86)\Ipswitch\WS_FTP 12\SSLEAY32.dll
MD5: b3f9f71975cb112fcab0d9a7b878c1c6 C:\Program Files (x86)\Ipswitch\WS_FTP 12\sslsvc.dll
MD5: 4484701ab94d1a5e2d9a697dca5fca47 c:\program files (x86)\ipswitch\ws_ftp 12\wsbho2k0.dll
MD5: e57065133c68a59eadbe8c3f8940ebe0 C:\Program Files (x86)\Ipswitch\WS_FTP 12\wsfirscr.dll
MD5: dfa8894f796e4e2de79ba42fc0ffb8ab C:\Program Files (x86)\Ipswitch\WS_FTP 12\WsftpCOMHelper.exe
MD5: 367f79cba2c6350a1c042f76459f491b C:\Program Files (x86)\Ipswitch\WS_FTP 12\wsftpext.dll
MD5: 6a62e2859f08fe7fb0ea401584721dba C:\Program Files (x86)\Ipswitch\WS_FTP 12\wsftplib.dll
MD5: 7016e54d7a4083ad4aea6bc64251ebea C:\Program Files (x86)\Ipswitch\WS_FTP 12\wshosts.dll
MD5: ce4b32b15a2a49c5b0aed9651cfaecb8 C:\Program Files (x86)\Launchy\Launchy.exe
MD5: 32964671e391e7a88fa4733a5f6e5a88 C:\Program Files (x86)\Launchy\plugins\calcy.dll
MD5: 4f418458a34d2f82420f5e25572ed68a C:\Program Files (x86)\Launchy\plugins\controly.dll
MD5: 849254953e0505938a34f0c80ebaeb09 C:\Program Files (x86)\Launchy\plugins\gcalc.dll
MD5: eb0d43bdbba6e21fa61a3bbac02073ef C:\Program Files (x86)\Launchy\plugins\runner.dll
MD5: 6474e37648836dc3357176147655eadc C:\Program Files (x86)\Launchy\plugins\verby.dll
MD5: 1d21bbb6c85d87e199156b83c534a0d8 C:\Program Files (x86)\Launchy\plugins\weby.dll
MD5: 68f07453f8aabfd28db1e1b22dfcdc5d C:\Program Files (x86)\Launchy\QtCore4.dll
MD5: bf783889ffd30dcd089565750e00acf4 C:\Program Files (x86)\Launchy\QtGui4.dll
MD5: 47fc5a4a45e883a36aff884b3e6073b1 C:\Program Files (x86)\Microsoft Office\Office14\MSOHEV.DLL
MD5: a5d08b86e8a437aa6deaf7a187bf6ca5 C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
MD5: ed327201724ea05d509b7939abe49e98 C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
MD5: a2494901e7226b356b8c1005c45f1c5f C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
MD5: 809263143a1622f9768a4f68431bd45d C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
MD5: aa58c1b197d443f3d0e92bd5c13566a2 C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\DefMgr.DLL
MD5: 63b1cbbae4790b5bac98f01bf9449722 C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE
MD5: 48b1ff4bc51c3489129cafb511a92e0b C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe
MD5: 806ff91453ec42a5e66b4c4f6c5af270 C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop_Res.dll
MD5: 1b63f2b7ca6b5290cc124cdd07520bc9 C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
MD5: 0383a25d0433516ca14918d3779acfd8 C:\Program Files (x86)\Mozilla Firefox\plugins\npBitCometAgent.dll
MD5: 96aa8ba23142cc8e2b30f3cae0c80254 C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
MD5: 4e200ec308df451bdd9ab9f71032ef2a C:\Program Files (x86)\Notepad++\notepad++.exe
MD5: f33da98ba7ed91975b3118e27a288fcc C:\Program Files (x86)\Notepad++\plugins\NppConverter.dll
MD5: ad32f0f59e70823de864387f65debcea C:\Program Files (x86)\Notepad++\plugins\NppExport.dll
MD5: f4e85e9c35deeab1556cf1b9ee97f9fd C:\Program Files (x86)\Notepad++\plugins\NppFTP.dll
MD5: f2f9ca2bff780585c22b9e012caab2d4 C:\Program Files (x86)\Notepad++\plugins\PluginManager.dll
MD5: 93ea4f670261331b47ab5ba7ffb8b9a4 C:\Program Files (x86)\Notepad++\plugins\SpellChecker.dll
MD5: b96882a73a5a06cd591ddfce6c8e9a00 C:\Program Files (x86)\Notepad++\SciLexer.dll
MD5: 052db5027eae1ae6fbf02e347aaf1cd7 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
MD5: 5373b9ac92779ce4b6ff9051c3516989 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
MD5: fabad2bfd44661d8cc627e5485bfafaf C:\Program Files (x86)\QuickTime\QTTask.exe
MD5: e226a9bc9899312ed5cd188c67a7f92b C:\Program Files (x86)\SugarSync\imageformats\qgif4.dll
MD5: fb14611a17352f054019008c1581e659 C:\Program Files (x86)\SugarSync\imageformats\qico4.dll
MD5: 39210a5b86ef470e99211bcc4b0490af C:\Program Files (x86)\SugarSync\imageformats\qjpeg4.dll
MD5: 2e7ff3a3a57e615d25cf27da3ed9fc76 C:\Program Files (x86)\SugarSync\QtCore4.dll
MD5: f2dc85790ce7645d9b35281ffe31686d C:\Program Files (x86)\SugarSync\QtGui4.dll
MD5: a4e0a55874bd1f7fbb55c1b951345d82 C:\Program Files (x86)\SugarSync\QtNetwork4.dll
MD5: 55dee8edae216c2192e00dec165400da C:\Program Files (x86)\SugarSync\QtWebKit4.dll
MD5: 9627ea018103aa1e068efa90e0a7242d C:\Program Files (x86)\SugarSync\QtXml4.dll
MD5: 59d4207e76ed648d1aec8f0b97fce013 C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll
MD5: 6d7c6a0a885b54b18ae2009cf21cbbab C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll
MD5: 87de2a1a211a8b9c7f2d093660cbf563 C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddinRes.dll
MD5: 1f8ffde82c52353906244afdc6baf2ab C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
MD5: 1248d3c920bfc59fe8b9d1c0808167d7 C:\Program Files (x86)\XFastUsb\XFastUsb.exe
MD5: c55c398402682506490ab8afa63d3f64 C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe
MD5: 6fa5ffc3765c9c444d82faf1d46c1cae C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe
MD5: ecf9465d622d74de137169534cc38138 C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe
MD5: 7de3f30967cf77bd1fc440c2b847629a C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe
MD5: 707ac68f86f97c17c30498aaf3c7e27e c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys
MD5: 4ce4b0098fc315c237fa8867f07886c4 C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
MD5: 4bd50d5bb9b6347165bc78419533fcfd C:\Program Files\Ditto\Ditto.exe
MD5: bf0410b24e6751b5e83a89130f1aed55 C:\Program Files\Logitech\FlowScroll\32-bit\LogiSmooth.dll
MD5: 1602bd8e182255b70844169f538578c4 C:\Users\Bob\AppData\Local\Apps\2.0\T9GR6RXB.RVM\YKL00EJA.3TQ\mog...tion_1bbce2e889a5ea88_0001.0003_421887a67eb9219f\BltPlayerManaged.dll
MD5: da18fecc021fc9f8efd15a75a8e6fbb0 C:\Users\Bob\AppData\Local\Apps\2.0\T9GR6RXB.RVM\YKL00EJA.3TQ\mog...tion_1bbce2e889a5ea88_0001.0003_421887a67eb9219f\CefSharp.dll
MD5: 066a45353bd148036e3cf13cf5bc6448 C:\Users\Bob\AppData\Local\Apps\2.0\T9GR6RXB.RVM\YKL00EJA.3TQ\mog...tion_1bbce2e889a5ea88_0001.0003_421887a67eb9219f\icudt.dll
MD5: 2a63e5e81905e19ef547362b95085f71 C:\Users\Bob\AppData\Local\Apps\2.0\T9GR6RXB.RVM\YKL00EJA.3TQ\mog...tion_1bbce2e889a5ea88_0001.0003_421887a67eb9219f\libcef.dll
MD5: 64f677b221c9025a91f7e9c7b986baa0 C:\Users\Bob\AppData\Local\Apps\2.0\T9GR6RXB.RVM\YKL00EJA.3TQ\mog...tion_1bbce2e889a5ea88_0001.0003_421887a67eb9219f\MOG.exe
MD5: 1e6b52abdf4082374de9d43cbd2f7e08 C:\Users\Bob\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
MD5: eb4fe5f47505797c9416d464e2c2f1e0 C:\Users\Bob\AppData\Local\Microsoft\SkyDrive\16.4.3347.0416\logging.dll
MD5: ca8caf812a9c267599f1ce883f16550f C:\Users\Bob\AppData\Local\Microsoft\SkyDrive\16.4.3347.0416\MSVCP110.dll
MD5: 3b271a85ee735442eb34a0526862acdb C:\Users\Bob\AppData\Local\Microsoft\SkyDrive\16.4.3347.0416\MSVCR110.dll
MD5: 99ff3c53fb9a03cafe1027efb789ce3f C:\Users\Bob\AppData\Local\Microsoft\SkyDrive\16.4.3347.0416\SkyDriveShell.dll
MD5: 6793e271b396690dfc0cd2b6588cb3dd C:\Users\Bob\AppData\Local\Microsoft\SkyDrive\16.4.3347.0416\Telemetry.dll
MD5: 25c4151aae5302b4e33ac34456b067fe C:\Users\Bob\AppData\Roaming\Dropbox\bin\Dropbox.exe
MD5: 066a45353bd148036e3cf13cf5bc6448 C:\Users\Bob\AppData\Roaming\Spotify\Data\icudt.dll
MD5: 5f40bd1167e67c532eb3b7c198f2e561 C:\Users\Bob\AppData\Roaming\Spotify\Data\libcef.dll
MD5: dee1122afa29474ee2981e0d32213057 C:\Users\Bob\AppData\Roaming\Spotify\spotify.exe
MD5: 1f5d828a26060985f26f34ec1f5918d6 C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\31fce331fded94dd06627603f6fe4562\Accessibility.ni.dll
MD5: 159f311f9a2ca32f8838e2f92ae46798 C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\91fa5cc7230b88e3e42b3bccd198f681\IAStorCommon.ni.dll
MD5: af76a02883b12897e8ec141609448c5a C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\0a04aac9dbd984b90adc784963cc5def\IAStorDataMgr.ni.dll
MD5: d232e2d37867ffd648c8e6353485c503 C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgrSvc\84c14f82f3c2bb4c79e08c1808a15038\IAStorDataMgrSvc.ni.exe
MD5: e3b355703555e32a4caa9954cc80de44 C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\0642b0c04fa10e6986baf58cf1580879\IAStorUtil.ni.dll
MD5: 97050cd26260a19c7ea80ca8c2ee8215 C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1f4651d8dc5f9ce21849d32a8402c554\IsdiInterop.ni.dll
MD5: 253d3534b810d059557001bf1f926935 C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\3ce70b84dbb9970e1893672c5d430c80\Microsoft.VisualBasic.ni.dll
MD5: 638f45c6397c911828d2a478729b23aa C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MD5: cfe8db550cb32d0a0ceee24c28edac42 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\74d980e52c1791f1b8608d767a393144\PresentationCore.ni.dll
MD5: e7186cbffd60ecefe125385e55aa2eb6 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\43e23da6683962ea1168aaf007bbc35d\PresentationFramework.ni.dll
MD5: dfd0283dd8506e8506d4621717fbecf9 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\74fcc0f56435d0396f9524cd4293d3e5\PresentationFramework.Aero.ni.dll
MD5: 95e8d9c0e865ead5a440c91d933b7d60 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll
MD5: e17421c2f8b91d75ad7dd607bb090135 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\f01c5c76d0a19516a37b7bd191a02cda\System.Core.ni.dll
MD5: 25fa0fa10f45c2dddec81acd83ff3fed C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\e45611cad86870a7011bb18b9e993861\System.Deployment.ni.dll
MD5: 9368bac6d09b20ca367b13c5ce02730e C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8177623eac8f15cf95b587625439eac7\System.Drawing.ni.dll
MD5: 98783e8c36399c5c2fad62a8f4539547 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\cb5bd98ffa4c82327b0e4db02bb58d2d\System.Management.ni.dll
MD5: a2c3f8e5ac37dbee96c563606f710fe3 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a1c4a635721f85bef0ea4194b888b871\System.Runtime.Remoting.ni.dll
MD5: 960e6974343d0903de3b5607e200c94c C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\c2c7f68605a42caef1b7a19c51de58b4\System.ServiceProcess.ni.dll
MD5: 746d8a021ebb45b2602d33c2fe2c0420 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\507b4ca18da9d2fde2e51a1f04593443\System.Web.ni.dll
MD5: 673c39ec95b3623f198e8eed3f97f80c C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\262285b3d0afafc5059f3fe9be69bff5\System.Windows.Forms.ni.dll
MD5: dcc1ac29aa8d2ce725cc86a626cec360 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll
MD5: 3d725c257ea3952158fffbb5874896da C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll
MD5: ad84b6aaa0b2ab61dcb06a340d4f2d34 C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\bb1d36ae26e7cadf563061596682e747\UIAutomationProvider.ni.dll
MD5: d3ba339de4c1c7082e815ad49a41cd38 C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\47b9e7f070271ff50f988f75ea68fa3e\WindowsBase.ni.dll
MD5: 2a8c7ca8b40ca320bf88d0ff92da7cf8 C:\Windows\Downloaded Program Files\qsax.dll
MD5: 6058809bbd4515a5eaf22336af245150 C:\Windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
MD5: 972dcc74d4cdcb64086e7cfacbdb74cb C:\Windows\Microsoft.NET\Framework\v2.0.50727\wminet_utils.dll
MD5: 189ef45eb56724a888159c084588155d C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
MD5: cdaf3e1a99f938153701bbe7375af1d7 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
MD5: ab6d0a4eba0b43a83a21f698f3e1bcc8 C:\Windows\Microsoft.NET\Framework\v4.0.30319\dfdll.dll
MD5: 37ce7a79d901235504f9add99a7ac177 C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
MD5: 7a044b0746d957bfd7aae18cfd8422c5 C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
MD5: 0a12d948b2cc7fbb01e28daa5e7c01ea C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
MD5: cb4863f2bd46aa02d954b86b56a149da C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
MD5: 2cae4ed96aa903578452b85e5383940c C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
MD5: e96170a923a69711b4d08e885f05d889 C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
MD5: 44ca750001f0db8c308d1ca4abd0f8e5 C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
MD5: 15df9eb8daba744e4d0e9b117f760f49 C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
MD5: a2385b02cb492131af6f79959a42a93f C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
MD5: 3ad0832e8e29fbe9bd722e3354dd4f57 C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
MD5: 88dc1714e38d4eb41a4378aab98e753b C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
MD5: a1d4deb5176c96b1a80715f6a1fdfb4f C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
MD5: b302a1630e5aea2d830b76bbcd761d72 C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
MD5: 22f767bb3b704f79363999bd4a49e68e C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
MD5: 00b83152f99e846fefb139c574cd4a96 C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
MD5: 50035c36acee069d0c209288208626d9 C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
MD5: cdf677ad479fa99f2e4d9766b83ef53c C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
MD5: 12c34c7325b74e8347e8db75279a8f3f C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
MD5: 96324ed3218133a13fff82055afac733 C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
MD5: a7bdf88a46bcc218b73e383e6547ba5f C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
MD5: 573c70d7076f2f101752a727db7c2280 C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
MD5: 29b01d02e9ff3d8a63f8747b50a5a1a3 C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
MD5: 0cc90316b34118e3b8af760d92c262a4 C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
MD5: 6f399c3e562c4e69df96039743a7aa26 C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
MD5: f3b94e04053c2483a6fecf953d6661d6 C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
MD5: c6942a18444bfffc3cceca69a7e1879c C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
MD5: f47e08b025ae376ef1342fc9ecfecdf1 C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
MD5: 8a13e14b68e00ac2cb67420396d8a1c5 C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
MD5: 4634b0ee4098f0f2b972bdac19a802e7 C:\Windows\system32\audiodev.dll
MD5: ad7b9c14083b52bc532fba5948342b98 C:\Windows\system32\cmd.exe
MD5: a585bebf7d054bd9618eda0922d5484a C:\Windows\system32\cryptsvc.dll
MD5: 1c9b45e87528b8bb8cfa884ea0099a85 C:\Windows\system32\d3dcompiler_43.dll
MD5: 86e39e9161c3d930d93822f1563c280d C:\Windows\system32\d3dx9_43.dll
MD5: 284b59d7b56fc76c80e622ab856b1fab C:\Windows\System32\davclnt.dll
MD5: 518318a103c888001054efa1236e5033 C:\Windows\system32\dfshim.dll
MD5: e9e01eb683c132f7fa27cd607b8a2b63 C:\Windows\system32\dhcpcore.dll
MD5: 1060d60cca69a8136a87dbe3c8f4a467 C:\Windows\system32\EhStorAPI.dll
MD5: 8b88ebbb05a0e56b7dcc708498c02b3e C:\Windows\system32\Explorer.exe
MD5: 1e8d06aae74fed674c1156b3fea911c2 C:\Windows\system32\faultrep.dll
MD5: cf316fa04d6bd6168223a0e029c6c874 C:\Windows\system32\IEUI.dll
MD5: 7f8678c59f188528d60104e697c2361e C:\Windows\system32\mscms.dll
MD5: 45fb05f743e626d9e239e52602cea041 C:\Windows\system32\msctfui.dll
MD5: eee470f2a771fc0b543bdeef74fceca0 C:\Windows\system32\msiexec.exe
MD5: c5a99a4c0dc9f0f5a95ba0c83d30a549 C:\Windows\System32\mstask.dll
MD5: 269d867585cda04d3972a39f3694e7df C:\Windows\System32\msxml6.dll
MD5: 8b57a1ad493653bb57f281fe75dd175b C:\Windows\System32\NaturalLanguage6.dll
MD5: 3d57ffbad3ed16b63de3879bab0fb56f C:\Windows\system32\NetworkExplorer.dll
MD5: d7b7159bc8374e87d8c45a30377a3440 C:\Windows\System32\ntlanman.dll
MD5: 7e9b1c0eff510cdf93a4cfecf9f2b86e C:\Windows\system32\nvwgf2um.dll
MD5: 414bba67a3ded1d28437eb66aeb8a720 C:\Windows\system32\pla.dll
MD5: dbc02d918fff1cad628acbe0c0eaa8e8 C:\Windows\system32\provsvc.dll
MD5: b5506b451bfe7148eca7056bda2970bd C:\Windows\system32\RICHED32.DLL
MD5: 6581b52e133cc6d00661c58968c7e212 C:\Windows\system32\SearchFolder.dll
MD5: 236f286e103fd44bd85fdd93097fd5dd C:\Windows\system32\SearchIndexer.exe
MD5: 4ae380f39a0032eab7dd953030b26d28 C:\Windows\system32\sessenv.dll
MD5: 414da952a35bf5d50192e28263b40577 C:\Windows\System32\shsvcs.dll
MD5: 8e4b58e12b3fa65ed1462846906e0b59 C:\Windows\system32\SPPC.DLL
MD5: ad6db3f85d329aba90eaf7b2d8a2eea9 C:\Windows\system32\ssText3d.scr
MD5: 6a1e8deb746912df47cf651e138401d7 C:\Windows\System32\StructuredQuery.dll
MD5: 6b140b1382f1fe04ba57b196aeb19725 C:\Windows\system32\t2embed.dll
MD5: 613bf4820361543956909043a265c6ac C:\Windows\System32\tapisrv.dll
MD5: 61ac3efdfacfdd3f0f11dd4fd4044223 c:\windows\system32\userinit.exe
MD5: d74e4f55bdb195da6de67f99a9e04352 C:\Windows\system32\vsocklib.dll
MD5: 34eee0dfaadb4f691d6d5308a51315dc C:\Windows\System32\wcncsvc.dll
MD5: a9d880f97530d5b8fee278923349929d C:\Windows\System32\webclnt.dll
MD5: 1957d49a9613faad1c73b508cce02aa5 C:\Windows\system32\wmp.dll
MD5: 0fbc74aa20fe0ae6884279f893169c60 C:\Windows\system32\wmploc.dll
MD5: 0f416e23dd2eb4debe70608020cfd283 C:\Windows\system32\WMVCore.DLL
MD5: 181f69bc9c406b7fb5c0ade8031630ac C:\Windows\system32\wpdshext.dll
MD5: 1b91cd34ea3a90ab6a4ef0550174f4cc C:\Windows\system32\WsmSvc.dll
MD5: d2958325c1ae1ae37a83334c6229e3bc C:\Windows\SysWOW64\actxprxy.dll
MD5: cc5a358d0fb50d43407917bb902a63cf C:\Windows\SysWOW64\APOMngr.DLL
MD5: d0fd4e99345a38ca69ef3e8dfcb2037e C:\Windows\SysWow64\ChilkatCrypt2.dll
MD5: f90c138015da09044c6e2bf1d8239626 C:\Windows\SysWow64\ChilkatZip2.dll
MD5: 518318a103c888001054efa1236e5033 C:\Windows\SysWOW64\dfshim.dll
MD5: 111f48831c088d047644b307ce0e5888 C:\Windows\SysWOW64\dnssdX.dll
MD5: 4312debdacbe338f0b90e7f08e7672be C:\Windows\SysWOW64\Dxtmsft.dll
MD5: ca493a92da9880b6f1a89c3dbd54ba5b C:\Windows\SysWOW64\Dxtrans.dll
MD5: ee9d715af1b928982f417238b9914484 C:\Windows\SysWOW64\ieapfltr.dll
MD5: f08c6020e57f5e5bf2fd034db10bedfb C:\Windows\SysWOW64\IntelCpHeciSvc.exe
MD5: d764f2ec1bf42499d5f40bc4f043dc61 C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_2_202_233.ocx
MD5: 62059985af996f4ffe5451cb0d5924bf C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll
MD5: d701abd1d72a87d2f5295000df5dc312 C:\Windows\SysWow64\MBAPO32.DLL
MD5: f9fa39ff84562af4e6593c2a5a5cbdb4 C:\Windows\SysWow64\MBTHX32.dll
MD5: d378bffb70923139d6a4f546864aa61c C:\Windows\SysWOW64\notepad.exe
MD5: 672d7c5080acb003343006405da2e621 C:\Windows\SysWOW64\thumbcache.dll
MD5: 3f2b83695e5bf11930c16af50e991f96 C:\Windows\SysWOW64\wmpps.dll
MD5: a9e67668f380009c48e03adc1f90fd97 C:\Windows\Temp\~5B82.tmp
MD5: d5e459bed3db9cf7fc6cc1455f177d2d C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL
MD5: d34a527493f39af4491b3e909dc697ca C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
MD5: 5963633010616b25503ee126f55e8de4 C:\Windows\WinSxS\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90.dll
MD5: fbfca1a574d47ee575448b719cbbf2e4 C:\Windows\WinSxS\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL
MD5: af5f26fc8ca8ee1241cad7ab04d593c0 D:\Downloads\GoogleCal_v2.1\GoogleCal.exe
MD5: 8d43de6f1385057b8ad2857547b7b828 D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
MD5: eda484763ce97cf729c9ac38adfcbf4e D:\Program Files\Postbox\freebl3.dll
MD5: cf231a0209217e1493d29fdee3c087e5 D:\Program Files\Postbox\mozalloc.dll
MD5: 9ac225405d31fe0433339a4a79db44b0 D:\Program Files\Postbox\MOZCPP19.dll
MD5: 748dc3bf7f42c7f627de288e0265f13e D:\Program Files\Postbox\MOZCRT19.dll
MD5: 3b8e832abb9217c4e18dbfc258551b2d D:\Program Files\Postbox\mozjs.dll
MD5: 87f4c0e0d1174f5ca1e84d225d88c999 D:\Program Files\Postbox\mozsqlite3.dll
MD5: 73240b60329dde7eaddcf6f2cf298f75 D:\Program Files\Postbox\NSLDAP32V60.dll
MD5: 3e208ed4bcff84b95872dad0a437851d D:\Program Files\Postbox\NSLDAPPR32V60.dll
MD5: 6c9b5e8899fdc9e409120a5bd5d9367f D:\Program Files\Postbox\nspr4.dll
MD5: 81a0ec4937edb17c279a4968383e8cc0 D:\Program Files\Postbox\nss3.dll
MD5: 9eef10324fc50b548859b6fe38af587d D:\Program Files\Postbox\nssckbi.dll
MD5: 0e9970c4e484e9766a3defdbc603e383 D:\Program Files\Postbox\nssdbm3.dll
MD5: 587549479c27cb570484e5ddf279a5db D:\Program Files\Postbox\nssutil3.dll
MD5: 102a6684d0efe9b5623191fac3353de6 D:\Program Files\Postbox\plc4.dll
MD5: bd2a326ac4dddeedbf46c28d9ba9f5f3 D:\Program Files\Postbox\plds4.dll
MD5: 7f8dbf9f3ddbfe0eeca959b711e9fba1 D:\Program Files\Postbox\postbox.exe
MD5: 1654c25fc1663d38a168fd056f20c357 D:\Program Files\Postbox\smime3.dll
MD5: 9aaa08be111a157f98cadc63cfc4ff66 D:\Program Files\Postbox\softokn3.dll
MD5: 96592f0275f27a5c49c30e5e7fd10d67 D:\Program Files\Postbox\ssl3.dll
MD5: e9f07650b1904c48e4633e4a54a10a56 D:\Program Files\Postbox\xpcom.dll
MD5: ba578bfc6e0d680b6abf43277f42dae0 D:\Program Files\Postbox\xul.dll
MD5: bdf49ffa85893781d157cbc220d8d367 D:\Program Files\Steam\bin\avcodec-53.dll
MD5: 60416afcf5f662abc32c5ffc25f45667 D:\Program Files\Steam\bin\avformat-53.dll
MD5: b9af1267ee3407299c8019fae811d263 D:\Program Files\Steam\bin\avutil-51.dll
MD5: 2fd37bb1f332fcae0bcb9e79cdd90dc6 D:\Program Files\Steam\bin\chromehtml.DLL
MD5: f74122b63734d87dac1fd41f2fbf544e D:\Program Files\Steam\bin\filesystem_steam.DLL
MD5: 7922a34b442ee675b177026ecdb51f0b d:\program files\steam\bin\friendsui.dll
MD5: 045d0f4f41ca53d4cb22bdc814a22b64 D:\Program Files\Steam\bin\icudt.dll
MD5: 713468cdea4b7a1cfbce20130341d333 D:\Program Files\Steam\bin\libcef.dll
MD5: 63447dac2c1673e42047bd8c0e8182dd d:\program files\steam\bin\serverbrowser.dll
MD5: 2fecfbc47c363eaf18d0e10d0c98c97b D:\Program Files\Steam\bin\SteamService.dll
MD5: 9b1fe23a737a2478757105248ffe3500 D:\Program Files\Steam\bin\vgui2_s.DLL
MD5: 00223c772820ee8e6f38786f68bedbe2 D:\Program Files\Steam\crashhandler.dll
MD5: 173c217e677c4b0c4f8a6d54ba13bf9b D:\Program Files\Steam\CSERHelper.dll
MD5: a7532e66ea2f168a0970e829d8986423 D:\Program Files\Steam\dbghelp.dll
MD5: 49d1b85104bf4d3b3abd76d34cdf262c D:\Program Files\Steam\Steam.dll
MD5: 67384147dd005e54d2c0a20408e28579 D:\Program Files\Steam\Steam.exe
MD5: 008f82fa47e31d95169b0e7dd70dc8a8 D:\Program Files\Steam\steamclient.dll
MD5: f1366b22aaf123822b210d4986095dfb D:\Program Files\Steam\SteamUI.dll
MD5: 2837cfda55d47f8379e3e8a522a6c612 D:\Program Files\Steam\tier0_s.dll
MD5: 0e70364a8f8511ceb3664dc30a6c5604 D:\Program Files\Steam\vstdlib_s.dll
MD5: 314453d3a532a4bddb6c2470bd675dc9 D:\Program Files\VMWare\libxml2.dll
MD5: 2746d3b0cc6890af4dcf2bbf2c185b47 D:\Program Files\VMWare\types.dll
MD5: abb3aa643990e9639eb902d1926b6756 D:\Program Files\VMWare\vmacore.dll
MD5: af1bdbabedeb36fa3115c7d0cff92aa3 D:\Program Files\VMWare\vmomi.dll
MD5: 3accf0c817a2bb34efbfb72b57b00252 D:\Program Files\VMWare\vmware-authd.exe
MD5: f95c4defcc06a1c9e3e1699c845980f1 D:\Program Files\VMWare\vmware-hostd.exe

The following file(s) must be uploaded for server-side scanning:
C:\Users\Bob\AppData\Local\Apps\2.0\T9GR6RXB.RVM\YKL00EJA.3TQ\mog...tion_1bbce2e889a5ea88_0001.0003_421887a67eb9219f\MOG.exe
C:\Windows\Temp\~5B82.tmp

Upload started - 2 file(s)
MOG.exe (621056)
~5B82.tmp (86016)
Upload speed - 118 KB/s
Upload finished - 2 uploaded, 0 failed

The uploaded file(s) were found clean.

Scan finished - communication took 6 sec
Total traffic - 0.69 MB sent, 0.95 KB recvd
Scanned 712 files and modules - 147 seconds

==============================================================================

Attached Files



#5 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:51 AM

Posted 26 April 2012 - 01:05 PM

Do not attach reports, or put them in Code or Quote s. Just always Copy & Paste contents into main body of reply.

If Windows 7 is not running natively off the C drive, please stop and let me know.
Please turn off VMWare so that it is out of the way.

Disable CD-ROM Emulation Software:
Please download the following tool DeFogger to your desktop.
◦Double click DeFogger to run the tool.
◦The application window will appear
◦Click the Disable button to disable your CD Emulation drivers.
◦Click Yes to continue
◦A 'Finished!' message will appear
◦Click OK
◦DeFogger will now ask to reboot the machine - click OK
◦IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.
◦Do not re-enable these drivers until otherwise instructed.

Step 2
Turn off your antivirus program, otherwise it may interfere.
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Download aswMBR.exe ( 511KB ) to your desktop.
On Windows 7 or Vista, RIGHT click on aswMBR.exe and select Run As Administrator to start.
On Windows XP, double click the exe to start.

change the a-v scan to None.

uncheck trace disk IO calls


Click the "Scan" button to start scan
On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply

Step 3
Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Double-Click on TDSSKiller.exe to run the application, then on Start Scan.
    If running Vista or Windows 7, do a RIGHT-Click and select Run as Administrator to start TDSSKILLER.exe.

  • If an infected file is detected, the default action will be Cure, click on Continue.


    Posted Image

  • If a suspicious file is detected, the default action will be Skip, click on Continue.

  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.


    Posted Image

  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Step 4
  • Download & SAVE to your Desktop >> Tigzy's RogueKillerfrom here << or
    >> from here <<
  • Quit all programs that you may have started.
  • For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
    For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on Scan button at upper right of screen.
  • Wait until the Status box shows "Scan Finished"
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop

Step 5
Please download Listparts64
Run the tool, click Scan and post the log (Result.txt) it makes.

Step 6
Re-enable your antivirus app.

Reply with copy of contents of aswMBR
TDSSKILLER log
RKreport
Result.txt
~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#6 rocknrob

rocknrob
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:51 AM

Posted 26 April 2012 - 05:08 PM

Results.txt

ListParts by Farbar Version: 12-03-2012 03
Ran by Bob (administrator) on 26-04-2012 at 18:03:45
Windows 7 (X64)
Running From: D:\Downloads\Virus Removal
Language: 0409
************************************************************

========================= Memory info ======================

Percentage of memory in use: 20%
Total physical RAM: 16292.13 MB
Available physical RAM: 13003.85 MB
Total Pagefile: 32582.44 MB
Available Pagefile: 29182.4 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:223.47 GB) (Free:114.2 GB) NTFS
2 Drive d: (2TB Storage) (Fixed) (Total:1863.01 GB) (Free:685.67 GB) NTFS
3 Drive e: (2TB Storage 2) (Fixed) (Total:1863.01 GB) (Free:1185.67 GB) NTFS
4 Drive f: (WD 1TB) (Fixed) (Total:931.51 GB) (Free:457.5 GB) NTFS
5 Drive g: (WD 1TB X1) (Fixed) (Total:931.41 GB) (Free:714.95 GB) NTFS
6 Drive h: (11-068-99-1) (CDROM) (Total:1.91 GB) (Free:0 GB) CDFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 223 GB 0 B
Disk 1 Online 931 GB 1024 KB
Disk 2 Online 931 GB 101 MB
Disk 3 Online 1863 GB 0 B
Disk 4 Online 1863 GB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 100 MB 1024 KB
Partition 2 Primary 223 GB 101 MB

======================================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 System Rese NTFS Partition 100 MB Healthy System (partition with boot components)

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C NTFS Partition 223 GB Healthy Boot

======================================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 931 GB 1024 KB

======================================================================================================

Disk: 1
Partition 1
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 F WD 1TB NTFS Partition 931 GB Healthy

======================================================================================================

Partitions of Disk 2:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 931 GB 101 MB

======================================================================================================

Disk: 2
Partition 1
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 G WD 1TB X1 NTFS Partition 931 GB Healthy

======================================================================================================

Partitions of Disk 3:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 1863 GB 1024 KB

======================================================================================================

Disk: 3
Partition 1
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 E 2TB Storage NTFS Partition 1863 GB Healthy

======================================================================================================

Partitions of Disk 4:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 1863 GB 1024 KB

======================================================================================================

Disk: 4
Partition 1
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 6 D 2TB Storage NTFS Partition 1863 GB Healthy

======================================================================================================

****** End Of Log ******

TDSSkiller.lpg

17:24:23.0964 5640 TDSS rootkit removing tool 2.7.33.0 Apr 24 2012 18:43:43
17:24:24.0183 5640 ============================================================
17:24:24.0183 5640 Current date / time: 2012/04/26 17:24:24.0183
17:24:24.0183 5640 SystemInfo:
17:24:24.0183 5640
17:24:24.0183 5640 OS Version: 6.1.7601 ServicePack: 1.0
17:24:24.0183 5640 Product type: Workstation
17:24:24.0183 5640 ComputerName: HOME-OFFICE-PC
17:24:24.0183 5640 UserName: Bob
17:24:24.0183 5640 Windows directory: C:\Windows
17:24:24.0183 5640 System windows directory: C:\Windows
17:24:24.0183 5640 Running under WOW64
17:24:24.0183 5640 Processor architecture: Intel x64
17:24:24.0183 5640 Number of processors: 8
17:24:24.0183 5640 Page size: 0x1000
17:24:24.0183 5640 Boot type: Normal boot
17:24:24.0183 5640 ============================================================
17:24:24.0298 5640 Drive \Device\Harddisk3\DR3 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:24:24.0321 5640 Drive \Device\Harddisk4\DR4 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:24:24.0331 5640 Drive \Device\Harddisk0\DR0 - Size: 0x37E4896000 (223.57 Gb), SectorSize: 0x200, Cylinders: 0x7201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:24:24.0341 5640 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:24:24.0354 5640 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1F8B1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
17:24:24.0358 5640 ============================================================
17:24:24.0358 5640 \Device\Harddisk3\DR3:
17:24:24.0359 5640 MBR partitions:
17:24:24.0359 5640 \Device\Harddisk3\DR3\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
17:24:24.0359 5640 \Device\Harddisk4\DR4:
17:24:24.0359 5640 MBR partitions:
17:24:24.0359 5640 \Device\Harddisk4\DR4\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
17:24:24.0359 5640 \Device\Harddisk0\DR0:
17:24:24.0359 5640 MBR partitions:
17:24:24.0359 5640 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:24:24.0359 5640 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1BEF1000
17:24:24.0359 5640 \Device\Harddisk1\DR1:
17:24:24.0359 5640 MBR partitions:
17:24:24.0359 5640 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705000
17:24:24.0359 5640 \Device\Harddisk2\DR2:
17:24:24.0359 5640 MBR partitions:
17:24:24.0359 5640 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3000
17:24:24.0359 5640 ============================================================
17:24:24.0361 5640 C: <-> \Device\Harddisk0\DR0\Partition1
17:24:24.0384 5640 D: <-> \Device\Harddisk4\DR4\Partition0
17:24:24.0428 5640 E: <-> \Device\Harddisk3\DR3\Partition0
17:24:24.0446 5640 F: <-> \Device\Harddisk1\DR1\Partition0
17:24:24.0456 5640 G: <-> \Device\Harddisk2\DR2\Partition0
17:24:24.0456 5640 ============================================================
17:24:24.0456 5640 Initialize success
17:24:24.0456 5640 ============================================================
17:24:50.0959 1884 ============================================================
17:24:50.0959 1884 Scan started
17:24:50.0959 1884 Mode: Manual;
17:24:50.0959 1884 ============================================================
17:24:51.0087 1884 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
17:24:51.0088 1884 1394ohci - ok
17:24:51.0095 1884 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
17:24:51.0097 1884 ACPI - ok
17:24:51.0099 1884 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
17:24:51.0099 1884 AcpiPmi - ok
17:24:51.0121 1884 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:24:51.0122 1884 AdobeFlashPlayerUpdateSvc - ok
17:24:51.0132 1884 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
17:24:51.0135 1884 adp94xx - ok
17:24:51.0143 1884 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
17:24:51.0145 1884 adpahci - ok
17:24:51.0149 1884 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
17:24:51.0151 1884 adpu320 - ok
17:24:51.0154 1884 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
17:24:51.0154 1884 AeLookupSvc - ok
17:24:51.0164 1884 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
17:24:51.0166 1884 AFD - ok
17:24:51.0184 1884 Agile1Password (75bf4de73912594146b52c750f9b4467) C:\Program Files (x86)\1Password\Agile1pService.exe
17:24:51.0187 1884 Agile1Password - ok
17:24:51.0190 1884 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
17:24:51.0191 1884 agp440 - ok
17:24:51.0193 1884 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
17:24:51.0194 1884 ALG - ok
17:24:51.0195 1884 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
17:24:51.0196 1884 aliide - ok
17:24:51.0203 1884 ALSysIO - ok
17:24:51.0225 1884 AM10 (e005682ae8f8ec4eb05f2a70a16ea1c5) C:\Windows\system32\DRIVERS\am10w7.sys
17:24:51.0230 1884 AM10 - ok
17:24:51.0232 1884 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
17:24:51.0233 1884 amdide - ok
17:24:51.0235 1884 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
17:24:51.0236 1884 AmdK8 - ok
17:24:51.0238 1884 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
17:24:51.0238 1884 AmdPPM - ok
17:24:51.0242 1884 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
17:24:51.0243 1884 amdsata - ok
17:24:51.0247 1884 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
17:24:51.0249 1884 amdsbs - ok
17:24:51.0250 1884 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
17:24:51.0250 1884 amdxata - ok
17:24:51.0253 1884 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
17:24:51.0253 1884 AppID - ok
17:24:51.0255 1884 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
17:24:51.0255 1884 AppIDSvc - ok
17:24:51.0258 1884 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
17:24:51.0259 1884 Appinfo - ok
17:24:51.0264 1884 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:24:51.0265 1884 Apple Mobile Device - ok
17:24:51.0270 1884 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
17:24:51.0271 1884 AppMgmt - ok
17:24:51.0274 1884 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
17:24:51.0275 1884 arc - ok
17:24:51.0277 1884 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
17:24:51.0278 1884 arcsas - ok
17:24:51.0280 1884 AsrAppCharger (912a215ce180a6e7c923c662d7ec777d) C:\Windows\system32\DRIVERS\AsrAppCharger.sys
17:24:51.0280 1884 AsrAppCharger - ok
17:24:51.0282 1884 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:24:51.0283 1884 AsyncMac - ok
17:24:51.0285 1884 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
17:24:51.0285 1884 atapi - ok
17:24:51.0299 1884 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:24:51.0303 1884 AudioEndpointBuilder - ok
17:24:51.0306 1884 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:24:51.0308 1884 AudioSrv - ok
17:24:51.0323 1884 avc3 (f57de310bf3bd9df0f7d301c1d7f5432) C:\Windows\system32\DRIVERS\avc3.sys
17:24:51.0326 1884 avc3 - ok
17:24:51.0331 1884 avchv (4c6bcc638798abe1f70afca70d889c3f) C:\Windows\system32\DRIVERS\avchv.sys
17:24:51.0332 1884 avchv - ok
17:24:51.0344 1884 avckf (6dc4cca415bbf2fc629beb532aa0e6cd) C:\Windows\system32\DRIVERS\avckf.sys
17:24:51.0346 1884 avckf - ok
17:24:51.0350 1884 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
17:24:51.0351 1884 AxInstSV - ok
17:24:51.0368 1884 AxtuDrv - ok
17:24:51.0379 1884 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
17:24:51.0381 1884 b06bdrv - ok
17:24:51.0387 1884 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:24:51.0389 1884 b57nd60a - ok
17:24:51.0397 1884 BBSvc (a2494901e7226b356b8c1005c45f1c5f) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
17:24:51.0397 1884 BBSvc - ok
17:24:51.0403 1884 BBUpdate (63b1cbbae4790b5bac98f01bf9449722) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
17:24:51.0404 1884 BBUpdate - ok
17:24:51.0408 1884 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
17:24:51.0409 1884 BDESVC - ok
17:24:51.0413 1884 BdfNdisf (707ac68f86f97c17c30498aaf3c7e27e) c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys
17:24:51.0413 1884 BdfNdisf - ok
17:24:51.0423 1884 bdfsfltr (ea195950fa5dd4a8f7bc00822213a363) C:\Windows\system32\DRIVERS\bdfsfltr.sys
17:24:51.0424 1884 bdfsfltr - ok
17:24:51.0427 1884 bdfwfpf (4ce4b0098fc315c237fa8867f07886c4) C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
17:24:51.0427 1884 bdfwfpf - ok
17:24:51.0430 1884 bdsandbox (31571d77c6186ad228f52ee4ebdf8ee9) C:\Windows\system32\drivers\bdsandbox.sys
17:24:51.0431 1884 bdsandbox - ok
17:24:51.0434 1884 BDVEDISK (b89deff4817b4cc6fc2bcd8f83b4e75d) C:\Windows\system32\DRIVERS\bdvedisk.sys
17:24:51.0434 1884 BDVEDISK - ok
17:24:51.0435 1884 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:24:51.0436 1884 Beep - ok
17:24:51.0451 1884 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
17:24:51.0455 1884 BFE - ok
17:24:51.0460 1884 BingDesktopUpdate (1b63f2b7ca6b5290cc124cdd07520bc9) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
17:24:51.0461 1884 BingDesktopUpdate - ok
17:24:51.0479 1884 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
17:24:51.0484 1884 BITS - ok
17:24:51.0488 1884 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
17:24:51.0489 1884 blbdrive - ok
17:24:51.0498 1884 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
17:24:51.0501 1884 Bonjour Service - ok
17:24:51.0504 1884 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
17:24:51.0505 1884 bowser - ok
17:24:51.0506 1884 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:24:51.0507 1884 BrFiltLo - ok
17:24:51.0508 1884 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:24:51.0509 1884 BrFiltUp - ok
17:24:51.0514 1884 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
17:24:51.0515 1884 Browser - ok
17:24:51.0521 1884 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:24:51.0522 1884 Brserid - ok
17:24:51.0524 1884 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:24:51.0525 1884 BrSerWdm - ok
17:24:51.0526 1884 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:24:51.0526 1884 BrUsbMdm - ok
17:24:51.0527 1884 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:24:51.0528 1884 BrUsbSer - ok
17:24:51.0531 1884 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
17:24:51.0531 1884 BTHMODEM - ok
17:24:51.0535 1884 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
17:24:51.0536 1884 bthserv - ok
17:24:51.0541 1884 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:24:51.0541 1884 cdfs - ok
17:24:51.0545 1884 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
17:24:51.0546 1884 cdrom - ok
17:24:51.0549 1884 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:24:51.0550 1884 CertPropSvc - ok
17:24:51.0552 1884 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
17:24:51.0553 1884 circlass - ok
17:24:51.0560 1884 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:24:51.0562 1884 CLFS - ok
17:24:51.0568 1884 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:24:51.0571 1884 clr_optimization_v2.0.50727_32 - ok
17:24:51.0575 1884 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:24:51.0577 1884 clr_optimization_v2.0.50727_64 - ok
17:24:51.0583 1884 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:24:51.0586 1884 clr_optimization_v4.0.30319_32 - ok
17:24:51.0591 1884 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:24:51.0592 1884 clr_optimization_v4.0.30319_64 - ok
17:24:51.0594 1884 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
17:24:51.0594 1884 CmBatt - ok
17:24:51.0596 1884 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
17:24:51.0596 1884 cmdide - ok
17:24:51.0606 1884 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
17:24:51.0609 1884 CNG - ok
17:24:51.0611 1884 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
17:24:51.0611 1884 Compbatt - ok
17:24:51.0613 1884 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
17:24:51.0613 1884 CompositeBus - ok
17:24:51.0615 1884 COMSysApp - ok
17:24:51.0637 1884 cphs (f08c6020e57f5e5bf2fd034db10bedfb) C:\Windows\SysWow64\IntelCpHeciSvc.exe
17:24:51.0653 1884 cphs - ok
17:24:51.0655 1884 cpuz135 (c08063f052308b6f5882482615387f30) C:\Windows\system32\drivers\cpuz135_x64.sys
17:24:51.0656 1884 cpuz135 - ok
17:24:51.0658 1884 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
17:24:51.0658 1884 crcdisk - ok
17:24:51.0664 1884 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
17:24:51.0665 1884 CryptSvc - ok
17:24:51.0676 1884 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
17:24:51.0678 1884 CSC - ok
17:24:51.0692 1884 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
17:24:51.0696 1884 CscService - ok
17:24:51.0706 1884 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:24:51.0709 1884 DcomLaunch - ok
17:24:51.0716 1884 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
17:24:51.0718 1884 defragsvc - ok
17:24:51.0723 1884 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
17:24:51.0723 1884 DfsC - ok
17:24:51.0731 1884 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
17:24:51.0733 1884 Dhcp - ok
17:24:51.0735 1884 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:24:51.0735 1884 discache - ok
17:24:51.0738 1884 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
17:24:51.0739 1884 Disk - ok
17:24:51.0743 1884 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
17:24:51.0744 1884 Dnscache - ok
17:24:51.0750 1884 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
17:24:51.0752 1884 dot3svc - ok
17:24:51.0756 1884 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
17:24:51.0757 1884 DPS - ok
17:24:51.0759 1884 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:24:51.0759 1884 drmkaud - ok
17:24:51.0779 1884 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
17:24:51.0782 1884 DXGKrnl - ok
17:24:51.0786 1884 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
17:24:51.0787 1884 EapHost - ok
17:24:51.0849 1884 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
17:24:51.0864 1884 ebdrv - ok
17:24:51.0883 1884 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
17:24:51.0884 1884 EFS - ok
17:24:51.0899 1884 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
17:24:51.0902 1884 ehRecvr - ok
17:24:51.0906 1884 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
17:24:51.0907 1884 ehSched - ok
17:24:51.0921 1884 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
17:24:51.0924 1884 elxstor - ok
17:24:51.0926 1884 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
17:24:51.0926 1884 ErrDev - ok
17:24:51.0929 1884 EtronHub3 (df2f6c1e55f6e81cfc7f688380d85816) C:\Windows\system32\Drivers\EtronHub3.sys
17:24:51.0929 1884 EtronHub3 - ok
17:24:51.0932 1884 EtronXHCI (e093abfb67a4b9d94f80611a7d0a8bb9) C:\Windows\system32\Drivers\EtronXHCI.sys
17:24:51.0932 1884 EtronXHCI - ok
17:24:51.0941 1884 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
17:24:51.0943 1884 EventSystem - ok
17:24:51.0949 1884 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:24:51.0950 1884 exfat - ok
17:24:51.0955 1884 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:24:51.0957 1884 fastfat - ok
17:24:51.0972 1884 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
17:24:51.0975 1884 Fax - ok
17:24:51.0978 1884 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
17:24:51.0978 1884 fdc - ok
17:24:51.0980 1884 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
17:24:51.0980 1884 fdPHost - ok
17:24:51.0982 1884 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
17:24:51.0983 1884 FDResPub - ok
17:24:51.0985 1884 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:24:51.0986 1884 FileInfo - ok
17:24:51.0987 1884 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:24:51.0988 1884 Filetrace - ok
17:24:51.0989 1884 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
17:24:51.0990 1884 flpydisk - ok
17:24:51.0996 1884 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
17:24:51.0998 1884 FltMgr - ok
17:24:52.0000 1884 FNETTBOH_305 (fe95ae537b41a7e2f4cfe353064dc4af) C:\Windows\system32\drivers\FNETTBOH_305.SYS
17:24:52.0000 1884 FNETTBOH_305 - ok
17:24:52.0002 1884 FNETURPX (7c3c4b4c951ec1bdfd4f769d05e2cc68) C:\Windows\system32\drivers\FNETURPX.SYS
17:24:52.0003 1884 FNETURPX - ok
17:24:52.0026 1884 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
17:24:52.0032 1884 FontCache - ok
17:24:52.0036 1884 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:24:52.0036 1884 FontCache3.0.0.0 - ok
17:24:52.0039 1884 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:24:52.0039 1884 FsDepends - ok
17:24:52.0041 1884 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
17:24:52.0041 1884 Fs_Rec - ok
17:24:52.0046 1884 Futuremark SystemInfo Service (0d015d3584704ec814a58276232f143b) C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
17:24:52.0047 1884 Futuremark SystemInfo Service - ok
17:24:52.0053 1884 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:24:52.0054 1884 fvevol - ok
17:24:52.0057 1884 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
17:24:52.0057 1884 gagp30kx - ok
17:24:52.0059 1884 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:24:52.0059 1884 GEARAspiWDM - ok
17:24:52.0075 1884 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
17:24:52.0079 1884 gpsvc - ok
17:24:52.0083 1884 gupdate (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:24:52.0084 1884 gupdate - ok
17:24:52.0085 1884 gupdatem (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:24:52.0086 1884 gupdatem - ok
17:24:52.0088 1884 hcmon (adb4348da1345877b04e22203afc8993) C:\Windows\system32\drivers\hcmon.sys
17:24:52.0088 1884 hcmon - ok
17:24:52.0089 1884 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:24:52.0090 1884 hcw85cir - ok
17:24:52.0097 1884 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
17:24:52.0099 1884 HdAudAddService - ok
17:24:52.0103 1884 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
17:24:52.0104 1884 HDAudBus - ok
17:24:52.0105 1884 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
17:24:52.0106 1884 HidBatt - ok
17:24:52.0108 1884 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
17:24:52.0109 1884 HidBth - ok
17:24:52.0111 1884 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
17:24:52.0112 1884 HidIr - ok
17:24:52.0113 1884 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
17:24:52.0114 1884 hidserv - ok
17:24:52.0116 1884 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
17:24:52.0117 1884 HidUsb - ok
17:24:52.0120 1884 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
17:24:52.0122 1884 hkmsvc - ok
17:24:52.0128 1884 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
17:24:52.0130 1884 HomeGroupListener - ok
17:24:52.0134 1884 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
17:24:52.0136 1884 HomeGroupProvider - ok
17:24:52.0146 1884 hpqcxs08 (97aac45a375168c6a2297beeb9692e31) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
17:24:52.0148 1884 hpqcxs08 - ok
17:24:52.0151 1884 hpqddsvc (19a4fb67b1c97ea18edff44340973cd9) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
17:24:52.0152 1884 hpqddsvc - ok
17:24:52.0155 1884 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
17:24:52.0155 1884 HpSAMD - ok
17:24:52.0176 1884 HPSLPSVC (1be48b0542c91487bb8a94bf2278f55d) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
17:24:52.0181 1884 HPSLPSVC - ok
17:24:52.0197 1884 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
17:24:52.0201 1884 HTTP - ok
17:24:52.0203 1884 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
17:24:52.0203 1884 hwpolicy - ok
17:24:52.0207 1884 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
17:24:52.0208 1884 i8042prt - ok
17:24:52.0220 1884 iaStor (2fdaec4b02729c48c0fd1b0b4695995b) C:\Windows\system32\DRIVERS\iaStor.sys
17:24:52.0222 1884 iaStor - ok
17:24:52.0226 1884 IAStorDataMgrSvc (d41861e56e7552c13674d7f147a02464) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
17:24:52.0226 1884 IAStorDataMgrSvc - ok
17:24:52.0235 1884 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
17:24:52.0237 1884 iaStorV - ok
17:24:52.0256 1884 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:24:52.0260 1884 idsvc - ok
17:24:52.0522 1884 igfx (371d7f91c0d2314eb984a4a6cbeabc92) C:\Windows\system32\DRIVERS\igdkmd64.sys
17:24:52.0588 1884 igfx - ok
17:24:52.0608 1884 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
17:24:52.0608 1884 iirsp - ok
17:24:52.0622 1884 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
17:24:52.0626 1884 IKEEXT - ok
17:24:52.0681 1884 IntcAzAudAddService (718a4008ee5da174400396b27509ef82) C:\Windows\system32\drivers\RTKVHD64.sys
17:24:52.0689 1884 IntcAzAudAddService - ok
17:24:52.0708 1884 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
17:24:52.0709 1884 intelide - ok
17:24:52.0711 1884 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
17:24:52.0712 1884 intelppm - ok
17:24:52.0715 1884 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
17:24:52.0716 1884 IPBusEnum - ok
17:24:52.0719 1884 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:24:52.0719 1884 IpFilterDriver - ok
17:24:52.0730 1884 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
17:24:52.0733 1884 iphlpsvc - ok
17:24:52.0737 1884 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
17:24:52.0737 1884 IPMIDRV - ok
17:24:52.0740 1884 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:24:52.0741 1884 IPNAT - ok
17:24:52.0760 1884 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
17:24:52.0764 1884 iPod Service - ok
17:24:52.0767 1884 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:24:52.0768 1884 IRENUM - ok
17:24:52.0769 1884 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
17:24:52.0770 1884 isapnp - ok
17:24:52.0776 1884 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
17:24:52.0777 1884 iScsiPrt - ok
17:24:52.0786 1884 k57nd60a (1d7aab58f4e21697af8f46eaa81823dd) C:\Windows\system32\DRIVERS\k57nd60a.sys
17:24:52.0787 1884 k57nd60a - ok
17:24:52.0790 1884 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
17:24:52.0791 1884 kbdclass - ok
17:24:52.0792 1884 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
17:24:52.0793 1884 kbdhid - ok
17:24:52.0795 1884 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:24:52.0796 1884 KeyIso - ok
17:24:52.0798 1884 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
17:24:52.0799 1884 KSecDD - ok
17:24:52.0803 1884 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
17:24:52.0804 1884 KSecPkg - ok
17:24:52.0805 1884 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:24:52.0806 1884 ksthunk - ok
17:24:52.0814 1884 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
17:24:52.0817 1884 KtmRm - ok
17:24:52.0824 1884 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
17:24:52.0826 1884 LanmanServer - ok
17:24:52.0830 1884 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
17:24:52.0832 1884 LanmanWorkstation - ok
17:24:52.0840 1884 LBTServ (7772dfab22611050b79504e671b06e6e) C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
17:24:52.0842 1884 LBTServ - ok
17:24:52.0846 1884 LHidFilt (241f2648adf090e2a10095bd6d6f5dcb) C:\Windows\system32\DRIVERS\LHidFilt.Sys
17:24:52.0847 1884 LHidFilt - ok
17:24:52.0849 1884 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:24:52.0850 1884 lltdio - ok
17:24:52.0856 1884 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
17:24:52.0859 1884 lltdsvc - ok
17:24:52.0860 1884 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
17:24:52.0861 1884 lmhosts - ok
17:24:52.0863 1884 LMouFilt (342ed5a4b3326014438f36d22d803737) C:\Windows\system32\DRIVERS\LMouFilt.Sys
17:24:52.0864 1884 LMouFilt - ok
17:24:52.0872 1884 LMS (9ad4bee2fe76d4ca39ac969b617e94fb) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
17:24:52.0873 1884 LMS - ok
17:24:52.0877 1884 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
17:24:52.0878 1884 LSI_FC - ok
17:24:52.0881 1884 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
17:24:52.0882 1884 LSI_SAS - ok
17:24:52.0884 1884 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:24:52.0884 1884 LSI_SAS2 - ok
17:24:52.0887 1884 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:24:52.0888 1884 LSI_SCSI - ok
17:24:52.0891 1884 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:24:52.0892 1884 luafv - ok
17:24:52.0894 1884 MBfilt (8ff2d95cba49b405c5de27039ff0bf35) C:\Windows\system32\drivers\MBfilt64.sys
17:24:52.0894 1884 MBfilt - ok
17:24:52.0897 1884 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
17:24:52.0899 1884 Mcx2Svc - ok
17:24:52.0901 1884 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
17:24:52.0901 1884 megasas - ok
17:24:52.0907 1884 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
17:24:52.0909 1884 MegaSR - ok
17:24:52.0911 1884 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
17:24:52.0911 1884 MEIx64 - ok
17:24:52.0916 1884 Microsoft SharePoint Workspace Audit Service - ok
17:24:52.0918 1884 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:24:52.0919 1884 MMCSS - ok
17:24:52.0921 1884 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:24:52.0922 1884 Modem - ok
17:24:52.0924 1884 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:24:52.0924 1884 monitor - ok
17:24:52.0926 1884 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
17:24:52.0926 1884 mouclass - ok
17:24:52.0928 1884 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:24:52.0929 1884 mouhid - ok
17:24:52.0932 1884 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
17:24:52.0932 1884 mountmgr - ok
17:24:52.0937 1884 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:24:52.0945 1884 MozillaMaintenance - ok
17:24:52.0949 1884 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
17:24:52.0950 1884 mpio - ok
17:24:52.0953 1884 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:24:52.0953 1884 mpsdrv - ok
17:24:52.0970 1884 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
17:24:52.0974 1884 MpsSvc - ok
17:24:52.0980 1884 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
17:24:52.0980 1884 MRxDAV - ok
17:24:52.0985 1884 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:24:52.0985 1884 mrxsmb - ok
17:24:52.0991 1884 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:24:52.0993 1884 mrxsmb10 - ok
17:24:52.0997 1884 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:24:52.0998 1884 mrxsmb20 - ok
17:24:53.0000 1884 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
17:24:53.0000 1884 msahci - ok
17:24:53.0004 1884 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
17:24:53.0005 1884 msdsm - ok
17:24:53.0008 1884 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
17:24:53.0010 1884 MSDTC - ok
17:24:53.0013 1884 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:24:53.0013 1884 Msfs - ok
17:24:53.0015 1884 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:24:53.0015 1884 mshidkmdf - ok
17:24:53.0017 1884 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
17:24:53.0017 1884 msisadrv - ok
17:24:53.0022 1884 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
17:24:53.0025 1884 MSiSCSI - ok
17:24:53.0026 1884 msiserver - ok
17:24:53.0028 1884 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:24:53.0028 1884 MSKSSRV - ok
17:24:53.0030 1884 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:24:53.0030 1884 MSPCLOCK - ok
17:24:53.0032 1884 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:24:53.0032 1884 MSPQM - ok
17:24:53.0040 1884 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
17:24:53.0042 1884 MsRPC - ok
17:24:53.0045 1884 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
17:24:53.0046 1884 mssmbios - ok
17:24:53.0047 1884 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:24:53.0047 1884 MSTEE - ok
17:24:53.0049 1884 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
17:24:53.0049 1884 MTConfig - ok
17:24:53.0051 1884 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:24:53.0052 1884 Mup - ok
17:24:53.0059 1884 mvs91xx (2e6a752e8bb8ff39b5dfccadd31f6c00) C:\Windows\system32\DRIVERS\mvs91xx.sys
17:24:53.0060 1884 mvs91xx - ok
17:24:53.0070 1884 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
17:24:53.0073 1884 napagent - ok
17:24:53.0081 1884 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:24:53.0083 1884 NativeWifiP - ok
17:24:53.0103 1884 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
17:24:53.0108 1884 NDIS - ok
17:24:53.0111 1884 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:24:53.0111 1884 NdisCap - ok
17:24:53.0113 1884 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:24:53.0114 1884 NdisTapi - ok
17:24:53.0116 1884 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
17:24:53.0117 1884 Ndisuio - ok
17:24:53.0121 1884 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
17:24:53.0122 1884 NdisWan - ok
17:24:53.0124 1884 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
17:24:53.0125 1884 NDProxy - ok
17:24:53.0128 1884 Net Driver HPZ12 (dc6530a291d4bdf6df399f1f128e7f8f) C:\Windows\system32\HPZinw12.dll
17:24:53.0129 1884 Net Driver HPZ12 - ok
17:24:53.0131 1884 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:24:53.0131 1884 NetBIOS - ok
17:24:53.0137 1884 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
17:24:53.0139 1884 NetBT - ok
17:24:53.0141 1884 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:24:53.0141 1884 Netlogon - ok
17:24:53.0149 1884 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
17:24:53.0152 1884 Netman - ok
17:24:53.0163 1884 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
17:24:53.0165 1884 netprofm - ok
17:24:53.0170 1884 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:24:53.0171 1884 NetTcpPortSharing - ok
17:24:53.0174 1884 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
17:24:53.0174 1884 nfrd960 - ok
17:24:53.0182 1884 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
17:24:53.0184 1884 NlaSvc - ok
17:24:53.0186 1884 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:24:53.0187 1884 Npfs - ok
17:24:53.0188 1884 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
17:24:53.0189 1884 nsi - ok
17:24:53.0191 1884 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:24:53.0191 1884 nsiproxy - ok
17:24:53.0224 1884 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
17:24:53.0232 1884 Ntfs - ok
17:24:53.0253 1884 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:24:53.0254 1884 Null - ok
17:24:53.0259 1884 NVHDA (8d4aac74b571fc356560e5b308955e93) C:\Windows\system32\drivers\nvhda64v.sys
17:24:53.0259 1884 NVHDA - ok
17:24:53.0521 1884 nvlddmkm (0eb204639119370f5f8f2871fbf4e14b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:24:53.0557 1884 nvlddmkm - ok
17:24:53.0579 1884 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
17:24:53.0580 1884 nvraid - ok
17:24:53.0583 1884 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
17:24:53.0584 1884 nvstor - ok
17:24:53.0599 1884 nvsvc (32ff8ee6dcee5c0cb91ff892fb1ca364) C:\Windows\system32\nvvsvc.exe
17:24:53.0603 1884 nvsvc - ok
17:24:53.0650 1884 nvUpdatusService (bd012dc22c78be1071bc21eb125d782f) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:24:53.0658 1884 nvUpdatusService - ok
17:24:53.0679 1884 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
17:24:53.0680 1884 nv_agp - ok
17:24:53.0683 1884 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
17:24:53.0684 1884 ohci1394 - ok
17:24:53.0688 1884 ose64 (4965b005492cba7719e82b71e3245495) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:24:53.0690 1884 ose64 - ok
17:24:53.0781 1884 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:24:53.0803 1884 osppsvc - ok
17:24:53.0828 1884 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:24:53.0831 1884 p2pimsvc - ok
17:24:53.0841 1884 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
17:24:53.0843 1884 p2psvc - ok
17:24:53.0848 1884 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
17:24:53.0849 1884 Parport - ok
17:24:53.0852 1884 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
17:24:53.0852 1884 partmgr - ok
17:24:53.0856 1884 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
17:24:53.0858 1884 PcaSvc - ok
17:24:53.0863 1884 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
17:24:53.0864 1884 pci - ok
17:24:53.0866 1884 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
17:24:53.0866 1884 pciide - ok
17:24:53.0871 1884 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
17:24:53.0872 1884 pcmcia - ok
17:24:53.0875 1884 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:24:53.0876 1884 pcw - ok
17:24:53.0889 1884 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:24:53.0892 1884 PEAUTH - ok
17:24:53.0920 1884 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
17:24:53.0927 1884 PeerDistSvc - ok
17:24:53.0945 1884 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
17:24:53.0949 1884 PerfHost - ok
17:24:53.0993 1884 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
17:24:54.0002 1884 pla - ok
17:24:54.0012 1884 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
17:24:54.0015 1884 PlugPlay - ok
17:24:54.0020 1884 Pml Driver HPZ12 (71f62c51dfdfbc04c83c5c64b2b8058e) C:\Windows\system32\HPZipm12.dll
17:24:54.0020 1884 Pml Driver HPZ12 - ok
17:24:54.0022 1884 PnkBstrA - ok
17:24:54.0024 1884 PnkBstrB - ok
17:24:54.0026 1884 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
17:24:54.0027 1884 PNRPAutoReg - ok
17:24:54.0035 1884 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:24:54.0036 1884 PNRPsvc - ok
17:24:54.0048 1884 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
17:24:54.0051 1884 PolicyAgent - ok
17:24:54.0056 1884 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
17:24:54.0058 1884 Power - ok
17:24:54.0063 1884 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
17:24:54.0063 1884 PptpMiniport - ok
17:24:54.0066 1884 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
17:24:54.0066 1884 Processor - ok
17:24:54.0072 1884 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
17:24:54.0074 1884 ProfSvc - ok
17:24:54.0076 1884 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:24:54.0077 1884 ProtectedStorage - ok
17:24:54.0081 1884 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
17:24:54.0082 1884 Psched - ok
17:24:54.0084 1884 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
17:24:54.0084 1884 PxHlpa64 - ok
17:24:54.0114 1884 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
17:24:54.0121 1884 ql2300 - ok
17:24:54.0143 1884 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
17:24:54.0144 1884 ql40xx - ok
17:24:54.0150 1884 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
17:24:54.0152 1884 QWAVE - ok
17:24:54.0154 1884 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:24:54.0154 1884 QWAVEdrv - ok
17:24:54.0166 1884 RaAutoInstSrv_AM10 (1e32f1d3364ff10fb958fbcdd2ae8487) C:\Program Files (x86)\Cisco Systems\Cisco Valet Connector\CiscoAdapterSvc.exe
17:24:54.0169 1884 RaAutoInstSrv_AM10 - ok
17:24:54.0171 1884 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:24:54.0171 1884 RasAcd - ok
17:24:54.0174 1884 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:24:54.0175 1884 RasAgileVpn - ok
17:24:54.0178 1884 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
17:24:54.0179 1884 RasAuto - ok
17:24:54.0183 1884 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:24:54.0184 1884 Rasl2tp - ok
17:24:54.0191 1884 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
17:24:54.0194 1884 RasMan - ok
17:24:54.0198 1884 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:24:54.0198 1884 RasPppoe - ok
17:24:54.0201 1884 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:24:54.0202 1884 RasSstp - ok
17:24:54.0209 1884 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
17:24:54.0210 1884 rdbss - ok
17:24:54.0212 1884 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
17:24:54.0213 1884 rdpbus - ok
17:24:54.0214 1884 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:24:54.0215 1884 RDPCDD - ok
17:24:54.0220 1884 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
17:24:54.0221 1884 RDPDR - ok
17:24:54.0223 1884 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:24:54.0223 1884 RDPENCDD - ok
17:24:54.0225 1884 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:24:54.0226 1884 RDPREFMP - ok
17:24:54.0229 1884 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
17:24:54.0230 1884 RdpVideoMiniport - ok
17:24:54.0235 1884 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
17:24:54.0236 1884 RDPWD - ok
17:24:54.0242 1884 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
17:24:54.0243 1884 rdyboost - ok
17:24:54.0246 1884 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
17:24:54.0247 1884 RemoteAccess - ok
17:24:54.0252 1884 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
17:24:54.0253 1884 RemoteRegistry - ok
17:24:54.0256 1884 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
17:24:54.0257 1884 RpcEptMapper - ok
17:24:54.0259 1884 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
17:24:54.0260 1884 RpcLocator - ok
17:24:54.0271 1884 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:24:54.0273 1884 RpcSs - ok
17:24:54.0276 1884 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:24:54.0276 1884 rspndr - ok
17:24:54.0278 1884 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
17:24:54.0278 1884 s3cap - ok
17:24:54.0280 1884 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:24:54.0281 1884 SamSs - ok
17:24:54.0353 1884 SbieDrv (0fe05dd9bbf0782e2bbf0977f2034616) D:\Program Files\Sandboxie\SbieDrv.sys
17:24:54.0353 1884 SbieDrv - ok
17:24:54.0369 1884 SbieSvc (c970c7b2fd2e811525d4578d50b535f5) D:\Program Files\Sandboxie\SbieSvc.exe
17:24:54.0369 1884 SbieSvc - ok
17:24:54.0373 1884 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
17:24:54.0374 1884 sbp2port - ok
17:24:54.0379 1884 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
17:24:54.0380 1884 SCardSvr - ok
17:24:54.0383 1884 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
17:24:54.0383 1884 scfilter - ok
17:24:54.0405 1884 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
17:24:54.0411 1884 Schedule - ok
17:24:54.0415 1884 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:24:54.0415 1884 SCPolicySvc - ok
17:24:54.0420 1884 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
17:24:54.0422 1884 SDRSVC - ok
17:24:54.0425 1884 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:24:54.0426 1884 secdrv - ok
17:24:54.0428 1884 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
17:24:54.0429 1884 seclogon - ok
17:24:54.0431 1884 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
17:24:54.0432 1884 SENS - ok
17:24:54.0434 1884 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
17:24:54.0435 1884 SensrSvc - ok
17:24:54.0437 1884 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
17:24:54.0437 1884 Serenum - ok
17:24:54.0440 1884 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
17:24:54.0441 1884 Serial - ok
17:24:54.0443 1884 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
17:24:54.0443 1884 sermouse - ok
17:24:54.0449 1884 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
17:24:54.0452 1884 SessionEnv - ok
17:24:54.0453 1884 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
17:24:54.0453 1884 sffdisk - ok
17:24:54.0455 1884 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
17:24:54.0455 1884 sffp_mmc - ok
17:24:54.0457 1884 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
17:24:54.0457 1884 sffp_sd - ok
17:24:54.0459 1884 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
17:24:54.0459 1884 sfloppy - ok
17:24:54.0467 1884 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
17:24:54.0471 1884 SharedAccess - ok
17:24:54.0480 1884 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
17:24:54.0482 1884 ShellHWDetection - ok
17:24:54.0485 1884 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:24:54.0485 1884 SiSRaid2 - ok
17:24:54.0488 1884 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
17:24:54.0489 1884 SiSRaid4 - ok
17:24:54.0494 1884 SkypeUpdate (68ea68d03bf58389fe6ad2b38fad798c) C:\Program Files (x86)\Skype\Updater\Updater.exe
17:24:54.0494 1884 SkypeUpdate - ok
17:24:54.0495 1884 SmartViewService - ok
17:24:54.0499 1884 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:24:54.0500 1884 Smb - ok
17:24:54.0503 1884 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
17:24:54.0504 1884 SNMPTRAP - ok
17:24:54.0506 1884 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:24:54.0506 1884 spldr - ok
17:24:54.0518 1884 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
17:24:54.0521 1884 Spooler - ok
17:24:54.0594 1884 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
17:24:54.0610 1884 sppsvc - ok
17:24:54.0629 1884 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
17:24:54.0630 1884 sppuinotify - ok
17:24:54.0632 1884 sptd - ok
17:24:54.0644 1884 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
17:24:54.0647 1884 srv - ok
17:24:54.0657 1884 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
17:24:54.0659 1884 srv2 - ok
17:24:54.0664 1884 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
17:24:54.0665 1884 srvnet - ok
17:24:54.0671 1884 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
17:24:54.0673 1884 SSDPSRV - ok
17:24:54.0676 1884 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
17:24:54.0677 1884 SstpSvc - ok
17:24:54.0687 1884 StarWindServiceAE (e5c796b621f6fba8616511063d7f0ffe) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
17:24:54.0689 1884 StarWindServiceAE - ok
17:24:54.0691 1884 Steam Client Service - ok
17:24:54.0701 1884 Stereo Service (fc0a58529a02b1eed55ddc58696b7908) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:24:54.0703 1884 Stereo Service - ok
17:24:54.0706 1884 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
17:24:54.0706 1884 stexstor - ok
17:24:54.0708 1884 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
17:24:54.0708 1884 StillCam - ok
17:24:54.0722 1884 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
17:24:54.0725 1884 stisvc - ok
17:24:54.0728 1884 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
17:24:54.0728 1884 storflt - ok
17:24:54.0731 1884 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
17:24:54.0731 1884 storvsc - ok
17:24:54.0733 1884 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
17:24:54.0733 1884 swenum - ok
17:24:54.0745 1884 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
17:24:54.0748 1884 SwitchBoard - ok
17:24:54.0759 1884 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
17:24:54.0763 1884 swprv - ok
17:24:54.0765 1884 Synth3dVsc - ok
17:24:54.0801 1884 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
17:24:54.0810 1884 SysMain - ok
17:24:54.0829 1884 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
17:24:54.0831 1884 TabletInputService - ok
17:24:54.0838 1884 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
17:24:54.0841 1884 TapiSrv - ok
17:24:54.0843 1884 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
17:24:54.0844 1884 TBS - ok
17:24:54.0885 1884 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
17:24:54.0893 1884 Tcpip - ok
17:24:54.0948 1884 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
17:24:54.0954 1884 TCPIP6 - ok
17:24:54.0974 1884 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
17:24:54.0975 1884 tcpipreg - ok
17:24:54.0977 1884 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:24:54.0978 1884 TDPIPE - ok
17:24:54.0979 1884 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
17:24:54.0980 1884 TDTCP - ok
17:24:54.0983 1884 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
17:24:54.0984 1884 tdx - ok
17:24:54.0987 1884 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
17:24:54.0987 1884 TermDD - ok
17:24:55.0001 1884 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
17:24:55.0006 1884 TermService - ok
17:24:55.0008 1884 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
17:24:55.0009 1884 Themes - ok
17:24:55.0012 1884 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:24:55.0012 1884 THREADORDER - ok
17:24:55.0017 1884 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
17:24:55.0018 1884 TrkWks - ok
17:24:55.0026 1884 trufos (df219721ddffcbe03aa894b6b6742ba1) C:\Windows\system32\DRIVERS\trufos.sys
17:24:55.0028 1884 trufos - ok
17:24:55.0034 1884 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
17:24:55.0035 1884 TrustedInstaller - ok
17:24:55.0038 1884 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:24:55.0038 1884 tssecsrv - ok
17:24:55.0041 1884 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
17:24:55.0041 1884 TsUsbFlt - ok
17:24:55.0042 1884 tsusbhub - ok
17:24:55.0047 1884 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
17:24:55.0048 1884 tunnel - ok
17:24:55.0051 1884 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
17:24:55.0051 1884 uagp35 - ok
17:24:55.0059 1884 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
17:24:55.0061 1884 udfs - ok
17:24:55.0065 1884 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
17:24:55.0066 1884 UI0Detect - ok
17:24:55.0069 1884 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
17:24:55.0070 1884 uliagpkx - ok
17:24:55.0072 1884 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
17:24:55.0072 1884 umbus - ok
17:24:55.0074 1884 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
17:24:55.0074 1884 UmPass - ok
17:24:55.0080 1884 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
17:24:55.0082 1884 UmRdpService - ok
17:24:55.0134 1884 UNS (cd114ce02a10fa79c229770788106842) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
17:24:55.0146 1884 UNS - ok
17:24:55.0157 1884 Update Server (7de3f30967cf77bd1fc440c2b847629a) C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe
17:24:55.0160 1884 Update Server - ok
17:24:55.0167 1884 UPDATESRV (6fa5ffc3765c9c444d82faf1d46c1cae) C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe
17:24:55.0168 1884 UPDATESRV - ok
17:24:55.0187 1884 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
17:24:55.0190 1884 upnphost - ok
17:24:55.0195 1884 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
17:24:55.0196 1884 usbaudio - ok
17:24:55.0200 1884 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
17:24:55.0200 1884 usbccgp - ok
17:24:55.0203 1884 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
17:24:55.0204 1884 usbcir - ok
17:24:55.0207 1884 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
17:24:55.0207 1884 usbehci - ok
17:24:55.0215 1884 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
17:24:55.0217 1884 usbhub - ok
17:24:55.0219 1884 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
17:24:55.0219 1884 usbohci - ok
17:24:55.0222 1884 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
17:24:55.0222 1884 usbprint - ok
17:24:55.0225 1884 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:24:55.0226 1884 USBSTOR - ok
17:24:55.0228 1884 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
17:24:55.0228 1884 usbuhci - ok
17:24:55.0230 1884 UTSCSI - ok
17:24:55.0233 1884 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
17:24:55.0234 1884 UxSms - ok
17:24:55.0236 1884 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:24:55.0237 1884 VaultSvc - ok
17:24:55.0239 1884 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
17:24:55.0239 1884 vdrvroot - ok
17:24:55.0249 1884 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
17:24:55.0252 1884 vds - ok
17:24:55.0255 1884 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:24:55.0256 1884 vga - ok
17:24:55.0258 1884 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:24:55.0258 1884 VgaSave - ok
17:24:55.0260 1884 VGPU - ok
17:24:55.0265 1884 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
17:24:55.0266 1884 vhdmp - ok
17:24:55.0269 1884 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
17:24:55.0269 1884 viaide - ok
17:24:55.0272 1884 VirtuWDDM (639ac4e25b001cc471872a77e20a4cab) C:\Windows\system32\DRIVERS\VirtuWDDM.sys
17:24:55.0272 1884 VirtuWDDM - ok
17:24:55.0322 1884 VMAuthdService (3accf0c817a2bb34efbfb72b57b00252) D:\Program Files\VMWare\vmware-authd.exe
17:24:55.0322 1884 VMAuthdService - ok
17:24:55.0327 1884 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
17:24:55.0329 1884 vmbus - ok
17:24:55.0331 1884 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
17:24:55.0331 1884 VMBusHID - ok
17:24:55.0335 1884 vmci (87fc1dd880e8cac4faebb84af61a87c4) C:\Windows\system32\DRIVERS\vmci.sys
17:24:55.0335 1884 vmci - ok
17:24:55.0337 1884 VMnetAdapter (b259c31378bc855afd1b53f59311c251) C:\Windows\system32\DRIVERS\vmnetadapter.sys
17:24:55.0338 1884 VMnetAdapter - ok
17:24:55.0340 1884 VMnetBridge (dec4ce720ffeda939cf1ba315cfbd993) C:\Windows\system32\DRIVERS\vmnetbridge.sys
17:24:55.0341 1884 VMnetBridge - ok
17:24:55.0342 1884 VMnetDHCP - ok
17:24:55.0345 1884 VMnetuserif (1e74142ded099de7ada258042f891a8d) C:\Windows\system32\drivers\vmnetuserif.sys
17:24:55.0345 1884 VMnetuserif - ok
17:24:55.0360 1884 VMUSBArbService (18903ca7936912c337c9d28858880cf2) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
17:24:55.0364 1884 VMUSBArbService - ok
17:24:55.0367 1884 VMware NAT Service - ok
17:24:55.0524 1884 VMwareHostd (f95c4defcc06a1c9e3e1699c845980f1) D:\Program Files\VMWare\vmware-hostd.exe
17:24:55.0618 1884 VMwareHostd - ok
17:24:55.0622 1884 vmx86 (18a28eda522b6c0560e59d5be638d076) C:\Windows\system32\drivers\vmx86.sys
17:24:55.0623 1884 vmx86 - ok
17:24:55.0625 1884 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
17:24:55.0626 1884 volmgr - ok
17:24:55.0634 1884 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
17:24:55.0636 1884 volmgrx - ok
17:24:55.0643 1884 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
17:24:55.0645 1884 volsnap - ok
17:24:55.0649 1884 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
17:24:55.0650 1884 vsmraid - ok
17:24:55.0682 1884 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
17:24:55.0690 1884 VSS - ok
17:24:55.0696 1884 VSSERV - ok
17:24:55.0714 1884 vstor2-mntapi10-shared (6107e33a30c0b923f31c872e1980d2d1) C:\Windows\syswow64\drivers\vstor2-mntapi10-shared.sys
17:24:55.0714 1884 vstor2-mntapi10-shared - ok
17:24:55.0730 1884 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
17:24:55.0730 1884 vwifibus - ok
17:24:55.0733 1884 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
17:24:55.0734 1884 vwififlt - ok
17:24:55.0743 1884 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
17:24:55.0746 1884 W32Time - ok
17:24:55.0749 1884 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
17:24:55.0750 1884 WacomPen - ok
17:24:55.0753 1884 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:24:55.0754 1884 WANARP - ok
17:24:55.0755 1884 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:24:55.0755 1884 Wanarpv6 - ok
17:24:55.0782 1884 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
17:24:55.0789 1884 WatAdminSvc - ok
17:24:55.0821 1884 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
17:24:55.0829 1884 wbengine - ok
17:24:55.0850 1884 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
17:24:55.0852 1884 WbioSrvc - ok
17:24:55.0861 1884 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
17:24:55.0864 1884 wcncsvc - ok
17:24:55.0867 1884 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
17:24:55.0868 1884 WcsPlugInService - ok
17:24:55.0871 1884 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
17:24:55.0872 1884 Wd - ok
17:24:55.0885 1884 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:24:55.0888 1884 Wdf01000 - ok
17:24:55.0892 1884 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:24:55.0893 1884 WdiServiceHost - ok
17:24:55.0894 1884 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:24:55.0896 1884 WdiSystemHost - ok
17:24:55.0902 1884 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
17:24:55.0905 1884 WebClient - ok
17:24:55.0911 1884 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
17:24:55.0913 1884 Wecsvc - ok
17:24:55.0917 1884 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
17:24:55.0918 1884 wercplsupport - ok
17:24:55.0921 1884 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
17:24:55.0922 1884 WerSvc - ok
17:24:55.0925 1884 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:24:55.0925 1884 WfpLwf - ok
17:24:55.0927 1884 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:24:55.0928 1884 WIMMount - ok
17:24:55.0930 1884 WinDefend - ok
17:24:55.0932 1884 WinHttpAutoProxySvc - ok
17:24:55.0941 1884 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
17:24:55.0942 1884 Winmgmt - ok
17:24:55.0983 1884 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
17:24:55.0993 1884 WinRM - ok
17:24:56.0030 1884 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
17:24:56.0035 1884 Wlansvc - ok
17:24:56.0081 1884 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:24:56.0091 1884 wlidsvc - ok
17:24:56.0111 1884 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
17:24:56.0112 1884 WmiAcpi - ok
17:24:56.0119 1884 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
17:24:56.0121 1884 wmiApSrv - ok
17:24:56.0123 1884 WMPNetworkSvc - ok
17:24:56.0126 1884 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
17:24:56.0127 1884 WPCSvc - ok
17:24:56.0131 1884 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
17:24:56.0132 1884 WPDBusEnum - ok
17:24:56.0134 1884 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:24:56.0134 1884 ws2ifsl - ok
17:24:56.0137 1884 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
17:24:56.0139 1884 wscsvc - ok
17:24:56.0140 1884 WSearch - ok
17:24:56.0189 1884 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
17:24:56.0201 1884 wuauserv - ok
17:24:56.0222 1884 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
17:24:56.0222 1884 WudfPf - ok
17:24:56.0227 1884 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:24:56.0228 1884 WUDFRd - ok
17:24:56.0231 1884 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
17:24:56.0233 1884 wudfsvc - ok
17:24:56.0239 1884 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
17:24:56.0241 1884 WwanSvc - ok
17:24:56.0246 1884 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk3\DR3
17:24:56.0248 1884 \Device\Harddisk3\DR3 - ok
17:24:56.0250 1884 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk4\DR4
17:24:56.0251 1884 \Device\Harddisk4\DR4 - ok
17:24:56.0252 1884 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
17:24:56.0253 1884 \Device\Harddisk0\DR0 - ok
17:24:56.0266 1884 MBR (0x1B8) (f6105b1f70a8a7793546658644e99b14) \Device\Harddisk1\DR1
17:24:56.0268 1884 \Device\Harddisk1\DR1 - ok
17:24:56.0279 1884 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk2\DR2
17:24:56.0280 1884 \Device\Harddisk2\DR2 - ok
17:24:56.0281 1884 Boot (0x1200) (2df6a91ad251ce1a493c63944a4ba6a5) \Device\Harddisk3\DR3\Partition0
17:24:56.0282 1884 \Device\Harddisk3\DR3\Partition0 - ok
17:24:56.0283 1884 Boot (0x1200) (db940c5dd24708ed0b4ba4c5b73b8e0f) \Device\Harddisk4\DR4\Partition0
17:24:56.0284 1884 \Device\Harddisk4\DR4\Partition0 - ok
17:24:56.0285 1884 Boot (0x1200) (ae7207780a4d6fef0f3871940afd12c9) \Device\Harddisk0\DR0\Partition0
17:24:56.0286 1884 \Device\Harddisk0\DR0\Partition0 - ok
17:24:56.0287 1884 Boot (0x1200) (70f1545cb0815050b66b9ee2dcfc0521) \Device\Harddisk0\DR0\Partition1
17:24:56.0287 1884 \Device\Harddisk0\DR0\Partition1 - ok
17:24:56.0288 1884 Boot (0x1200) (04e139f74f227a5810583f5619b84198) \Device\Harddisk1\DR1\Partition0
17:24:56.0289 1884 \Device\Harddisk1\DR1\Partition0 - ok
17:24:56.0293 1884 Boot (0x1200) (fff198760f927ed36c002aae3a87f5a0) \Device\Harddisk2\DR2\Partition0
17:24:56.0294 1884 \Device\Harddisk2\DR2\Partition0 - ok
17:24:56.0294 1884 ============================================================
17:24:56.0294 1884 Scan finished
17:24:56.0294 1884 ============================================================
17:24:56.0298 2476 Detected object count: 0
17:24:56.0298 2476 Actual detected object count: 0
17:26:14.0528 0800 Deinitialize success

#7 rocknrob

rocknrob
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:51 AM

Posted 26 April 2012 - 05:11 PM

RogueKiller Report:

RogueKiller V7.3.3 [04/22/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: Bob [Admin rights]
Mode: Scan -- Date: 04/26/2012 17:29:35

¤¤¤ Bad processes: 1 ¤¤¤
[SUSP PATH] aswMBR.exe -- C:\Users\Bob\Desktop\aswMBR.exe -> KILLED [TermProc]

¤¤¤ Registry Entries: 2 ¤¤¤
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

[...]


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: INTEL SSDSC2CW240A3 +++++
--- User ---
[MBR] aced0e306c3012e5ccc0246762b25f56
[BSP] 32a246886b386c79e4c8041193149bda : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 228834 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: WDC WD1001FALS-00J7B1 +++++
--- User ---
[MBR] 9b5d90694d3c02a2c115a3d56c2f351a
[BSP] 6f8568783afd8b2e0394a1de76ae618f : Linux MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953866 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive2: WDC WD1001FALS-00J7B1 +++++
--- User ---
[MBR] 9b2ee674833bd75b10ebf9429e4f9868
[BSP] f484eecd162b249d69867b1918634d4f : Windows 7 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953766 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive3: ST2000DL 003-9VT166 SCSI Disk Device +++++
--- User ---
[MBR] a8a952245e8ad64e98bcd37648b44864
[BSP] 42277431be169e7455312828e509d3ee : Windows 7 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1907727 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive4: ST2000DL 003-9VT166 SCSI Disk Device +++++
--- User ---
[MBR] 59599296df3d68f5811dcd07df01dcbd
[BSP] a683d6614ab5becb63c819adc41357c5 : Windows 7 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1907727 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[1].txt >>
RKreport[1].txt


Results.txt

ListParts by Farbar Version: 12-03-2012 03
Ran by Bob (administrator) on 26-04-2012 at 18:03:45
Windows 7 (X64)
Running From: D:\Downloads\Virus Removal
Language: 0409
************************************************************

========================= Memory info ======================

Percentage of memory in use: 20%
Total physical RAM: 16292.13 MB
Available physical RAM: 13003.85 MB
Total Pagefile: 32582.44 MB
Available Pagefile: 29182.4 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:223.47 GB) (Free:114.2 GB) NTFS
2 Drive d: (2TB Storage) (Fixed) (Total:1863.01 GB) (Free:685.67 GB) NTFS
3 Drive e: (2TB Storage 2) (Fixed) (Total:1863.01 GB) (Free:1185.67 GB) NTFS
4 Drive f: (WD 1TB) (Fixed) (Total:931.51 GB) (Free:457.5 GB) NTFS
5 Drive g: (WD 1TB X1) (Fixed) (Total:931.41 GB) (Free:714.95 GB) NTFS
6 Drive h: (11-068-99-1) (CDROM) (Total:1.91 GB) (Free:0 GB) CDFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 223 GB 0 B
Disk 1 Online 931 GB 1024 KB
Disk 2 Online 931 GB 101 MB
Disk 3 Online 1863 GB 0 B
Disk 4 Online 1863 GB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 100 MB 1024 KB
Partition 2 Primary 223 GB 101 MB

======================================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 System Rese NTFS Partition 100 MB Healthy System (partition with boot components)

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C NTFS Partition 223 GB Healthy Boot

======================================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 931 GB 1024 KB

======================================================================================================

Disk: 1
Partition 1
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 F WD 1TB NTFS Partition 931 GB Healthy

======================================================================================================

Partitions of Disk 2:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 931 GB 101 MB

======================================================================================================

Disk: 2
Partition 1
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 G WD 1TB X1 NTFS Partition 931 GB Healthy

======================================================================================================

Partitions of Disk 3:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 1863 GB 1024 KB

======================================================================================================

Disk: 3
Partition 1
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 E 2TB Storage NTFS Partition 1863 GB Healthy

======================================================================================================

Partitions of Disk 4:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 1863 GB 1024 KB

======================================================================================================

Disk: 4
Partition 1
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 6 D 2TB Storage NTFS Partition 1863 GB Healthy

======================================================================================================

****** End Of Log ******

#8 rocknrob

rocknrob
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:51 AM

Posted 26 April 2012 - 05:24 PM

After running RogueKiller it tells me to check each tab and then delete whatever is there. I'm very leary about touching my MBR. What is it seeing that it considers a threat?

I also have some proprietary strings in hosts file I need for my web development business. I don't see how that can be malicious or dangerous in any way.

Also in the Registry tab there are two items there. I'm assuming they are in the report I pasted here. Before deleting them I want to know what they are.

Thanks for your help,

B.

Oh and on the awsMBR the Fix button was grayed out.

Edited by rocknrob, 26 April 2012 - 05:28 PM.


#9 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:51 AM

Posted 26 April 2012 - 06:16 PM

Please disconnect any external hard drives & USB flash-drives & remove any CDs in trays (if any).

We won't touch the Hosts file. Close RogueKiller. Can't judge what RogueKiller tagged (yet) as possible hijack-items.

Please close any of your open windows/programs and exit; saving any open work you have.
I'd like to have you do a special run of OTL to generate some searches & a new log-report.

  • Download OTL by OldTimer to your desktop: http://oldtimer.geekstogo.com/OTL.exe
  • Please double-click OTL.exe Posted Image to run it. (Note: If you are running on Vista or Windows 7, right-click on the file and choose Run As Administrator).
  • Copy all the lines in between the **** stars lines **** below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    *****************************************************************
    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %SYSTEMDRIVE%\*.exe
    /md5start
    themeui.dll
    beep.sys
    userinit.exe
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32.sys
    ahcix86s.sys
    /md5stop
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    CREATERESTOREPOINT

    *****************************************************************
  • Return to OTL. Right click in the "Custom Scans/Fixes" window (under the aqua-blue bar) and choose Paste.
  • Close any browser(s) windows that may be open.
  • Using your mouse, click on Run Scan.
  • The scan won't take long.
    When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
    These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of just OTL.txt

There will be more to do. Much more.

Edited by Maurice Naggar, 26 April 2012 - 06:19 PM.

~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#10 rocknrob

rocknrob
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:51 AM

Posted 26 April 2012 - 11:19 PM

I have to split it into two posts.

OTL logfile created on: 4/26/2012 11:57:37 PM - Run 1
OTL by OldTimer - Version 3.2.42.1 Folder = D:\Downloads\Virus Removal
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

15.91 Gb Total Physical Memory | 12.09 Gb Available Physical Memory | 75.99% Memory free
31.82 Gb Paging File | 28.54 Gb Available in Paging File | 89.68% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 223.47 Gb Total Space | 113.67 Gb Free Space | 50.87% Space Free | Partition Type: NTFS
Drive D: | 1863.01 Gb Total Space | 685.31 Gb Free Space | 36.79% Space Free | Partition Type: NTFS
Drive E: | 1863.01 Gb Total Space | 1185.67 Gb Free Space | 63.64% Space Free | Partition Type: NTFS
Drive F: | 931.51 Gb Total Space | 457.50 Gb Free Space | 49.11% Space Free | Partition Type: NTFS
Drive G: | 931.41 Gb Total Space | 714.95 Gb Free Space | 76.76% Space Free | Partition Type: NTFS
Drive H: | 1.91 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: HOME-OFFICE-PC | User Name: Bob | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/04/26 23:55:49 | 000,595,968 | ---- | M] (OldTimer Tools) -- D:\Downloads\Virus Removal\OTL.exe
PRC - [2012/04/26 17:13:58 | 027,264,496 | ---- | M] (Dropbox, Inc.) -- C:\Users\Bob\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012/04/13 12:17:49 | 000,189,248 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2012/04/13 12:17:44 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012/04/10 22:29:42 | 002,204,936 | ---- | M] (AgileBits) -- C:\Program Files (x86)\1Password\Agile1pAgent.exe
PRC - [2012/04/10 22:29:34 | 000,767,016 | ---- | M] (AgileBits) -- C:\Program Files (x86)\1Password\Agile1pService.exe
PRC - [2012/04/07 14:11:41 | 004,942,336 | ---- | M] (FNet Co., Ltd.) -- C:\Program Files (x86)\XFastUsb\XFastUsb.exe
PRC - [2012/04/07 14:08:20 | 000,045,056 | ---- | M] () -- C:\Windows\SysWOW64\UTSCSI.EXE
PRC - [2012/03/30 14:41:46 | 000,151,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
PRC - [2012/03/19 16:32:24 | 009,413,712 | ---- | M] (SugarSync, Inc.) -- C:\Program Files (x86)\SugarSync\SugarSyncManager.exe
PRC - [2012/03/02 10:06:22 | 003,141,120 | ---- | M] (Axonic) -- C:\Program Files (x86)\Axonic\click.to\clicktoapp.exe
PRC - [2012/02/29 20:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/02/29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/02/23 12:22:56 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2012/02/16 08:27:44 | 001,104,905 | ---- | M] () -- D:\Downloads\GoogleCal_v2.1\GoogleCal.exe
PRC - [2012/02/10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE
PRC - [2012/01/18 15:47:28 | 000,433,264 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
PRC - [2012/01/18 15:47:20 | 000,354,416 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
PRC - [2012/01/18 15:47:10 | 000,103,536 | ---- | M] (VMware, Inc.) -- D:\Program Files\VMWare\vmware-tray.exe
PRC - [2012/01/18 15:04:52 | 011,839,488 | ---- | M] () -- D:\Program Files\VMWare\vmware-hostd.exe
PRC - [2012/01/18 13:27:20 | 000,079,872 | ---- | M] (VMware, Inc.) -- D:\Program Files\VMWare\vmware-authd.exe
PRC - [2012/01/12 11:54:26 | 000,095,640 | ---- | M] (Binary Fortress Software) -- C:\Program Files (x86)\DisplayFusion\AppHookx86.exe
PRC - [2011/06/24 18:24:34 | 007,435,560 | ---- | M] () -- C:\Program Files (x86)\ASRock Utility\AXTU\Bin\AsrXTU.exe
PRC - [2011/05/20 10:10:26 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/05/20 10:10:12 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2011/04/11 14:20:20 | 000,982,112 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
PRC - [2011/02/22 12:14:40 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2011/02/22 12:14:34 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/11/10 19:38:40 | 000,380,928 | ---- | M] () -- C:\Program Files (x86)\Launchy\Launchy.exe
PRC - [2010/10/28 19:02:02 | 000,056,952 | ---- | M] (Ipswitch) -- C:\Program Files (x86)\Ipswitch\WS_FTP 12\WsftpCOMHelper.exe
PRC - [2010/04/15 07:47:30 | 000,529,024 | -H-- | M] (Cisco Consumer Products LLC) -- C:\Program Files (x86)\Cisco Systems\Cisco Valet Connector\CiscoAdapterSvc.exe
PRC - [2010/04/13 19:01:58 | 000,094,024 | ---- | M] (TechSmith Corporation) -- C:\Program Files (x86)\TechSmith\Snagit 10\TscHelp.exe
PRC - [2010/04/13 19:01:56 | 000,079,688 | ---- | M] (TechSmith Corporation) -- C:\Program Files (x86)\TechSmith\Snagit 10\SnagPriv.exe
PRC - [2010/04/13 19:01:52 | 007,384,904 | ---- | M] (TechSmith Corporation) -- C:\Program Files (x86)\TechSmith\Snagit 10\SnagitEditor.exe
PRC - [2010/04/13 19:01:52 | 007,046,984 | ---- | M] (TechSmith Corporation) -- C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe
PRC - [2009/12/23 17:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe


========== Modules (No Company Name) ==========

MOD - [2012/04/11 19:46:11 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\0642b0c04fa10e6986baf58cf1580879\IAStorUtil.ni.dll
MOD - [2012/04/11 19:27:10 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\262285b3d0afafc5059f3fe9be69bff5\System.Windows.Forms.ni.dll
MOD - [2012/04/11 19:27:07 | 001,590,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8177623eac8f15cf95b587625439eac7\System.Drawing.ni.dll
MOD - [2012/04/10 04:00:52 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\cb5bd98ffa4c82327b0e4db02bb58d2d\System.Management.ni.dll
MOD - [2012/04/10 04:00:51 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\91fa5cc7230b88e3e42b3bccd198f681\IAStorCommon.ni.dll
MOD - [2012/04/10 03:26:36 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a1c4a635721f85bef0ea4194b888b871\System.Runtime.Remoting.ni.dll
MOD - [2012/04/10 03:26:15 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\47b9e7f070271ff50f988f75ea68fa3e\WindowsBase.ni.dll
MOD - [2012/04/10 03:26:13 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll
MOD - [2012/04/10 03:26:11 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll
MOD - [2012/04/10 03:25:55 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll
MOD - [2012/04/10 03:25:04 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2012/04/09 15:45:27 | 000,972,664 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.Office.Interop.Outlook\14.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Outlook.dll
MOD - [2012/03/31 16:36:22 | 000,376,832 | ---- | M] () -- C:\Program Files (x86)\1Password\js3215R.dll
MOD - [2012/03/02 10:06:12 | 000,024,064 | ---- | M] () -- C:\Program Files (x86)\Axonic\click.to\click.to.pdf.dll
MOD - [2012/02/23 11:59:24 | 000,079,872 | ---- | M] () -- C:\Program Files (x86)\Axonic\click.to\click.to.bing.speech.dll
MOD - [2012/02/23 11:59:22 | 000,736,768 | ---- | M] () -- C:\Program Files (x86)\Axonic\click.to\clicktoframework.dll
MOD - [2012/02/20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/02/16 08:27:44 | 001,104,905 | ---- | M] () -- D:\Downloads\GoogleCal_v2.1\GoogleCal.exe
MOD - [2011/06/24 18:24:34 | 007,435,560 | ---- | M] () -- C:\Program Files (x86)\ASRock Utility\AXTU\Bin\AsrXTU.exe
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/11/10 19:39:08 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\Launchy\plugins\controly.dll
MOD - [2010/11/10 19:39:00 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\Launchy\plugins\calcy.dll
MOD - [2010/11/10 19:38:52 | 000,024,064 | ---- | M] () -- C:\Program Files (x86)\Launchy\plugins\gcalc.dll
MOD - [2010/11/10 19:38:40 | 000,380,928 | ---- | M] () -- C:\Program Files (x86)\Launchy\Launchy.exe
MOD - [2010/11/10 19:38:40 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\Launchy\plugins\runner.dll
MOD - [2010/11/10 19:38:24 | 000,122,880 | ---- | M] () -- C:\Program Files (x86)\Launchy\plugins\weby.dll
MOD - [2010/11/10 19:38:08 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Launchy\plugins\verby.dll
MOD - [2010/10/28 18:55:42 | 006,551,672 | ---- | M] () -- C:\Program Files (x86)\Ipswitch\WS_FTP 12\res0409.dll
MOD - [2010/10/28 18:52:36 | 000,948,496 | ---- | M] () -- C:\Program Files (x86)\Ipswitch\WS_FTP 12\libeay32.dll
MOD - [2010/10/28 18:52:36 | 000,153,360 | ---- | M] () -- C:\Program Files (x86)\Ipswitch\WS_FTP 12\ssleay32.dll
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/09/20 18:52:50 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\ASRock Utility\AXTU\Bin\IccLibDll.dll
MOD - [2009/12/17 00:18:48 | 000,233,472 | ---- | M] () -- C:\Program Files (x86)\Launchy\imageformats\qmng4.dll
MOD - [2009/12/16 22:13:02 | 008,314,880 | ---- | M] () -- C:\Program Files (x86)\Launchy\QtGui4.dll
MOD - [2009/12/16 21:56:22 | 000,712,704 | ---- | M] () -- C:\Program Files (x86)\Launchy\QtNetwork4.dll
MOD - [2009/12/16 21:54:46 | 002,236,416 | ---- | M] () -- C:\Program Files (x86)\Launchy\QtCore4.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/04/26 10:02:14 | 001,957,152 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe -- (VSSERV)
SRV:64bit: - [2012/03/13 18:26:10 | 000,066,096 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe -- (UPDATESRV)
SRV:64bit: - [2011/10/14 23:57:26 | 000,466,736 | ---- | M] (BitDefender) [On_Demand | Stopped] -- C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe -- (Update Server)
SRV:64bit: - [2011/09/27 15:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/04/26 08:50:54 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/04/15 17:08:20 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/13 12:17:49 | 000,189,248 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2012/04/13 12:17:44 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/04/10 22:29:34 | 000,767,016 | ---- | M] (AgileBits) [Auto | Running] -- C:\Program Files (x86)\1Password\Agile1pService.exe -- (Agile1Password)
SRV - [2012/04/10 06:17:16 | 000,097,552 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- D:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2012/04/08 13:56:19 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/04/07 14:08:20 | 000,045,056 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\UTSCSI.EXE -- (UTSCSI)
SRV - [2012/04/05 11:37:38 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/03/30 14:41:46 | 000,151,656 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe -- (BingDesktopUpdate)
SRV - [2012/03/19 23:44:20 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) Intel®
SRV - [2012/02/29 20:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/02/29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/02/10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/02/10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc)
SRV - [2012/01/18 15:47:28 | 000,433,264 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2012/01/18 15:47:20 | 000,354,416 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2012/01/18 15:04:52 | 011,839,488 | ---- | M] () [Auto | Running] -- D:\Program Files\VMWare\vmware-hostd.exe -- (VMwareHostd)
SRV - [2012/01/18 13:27:20 | 000,079,872 | ---- | M] (VMware, Inc.) [Auto | Running] -- D:\Program Files\VMWare\vmware-authd.exe -- (VMAuthdService)
SRV - [2011/12/09 14:39:52 | 000,135,584 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2011/08/29 22:11:04 | 000,846,448 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService)
SRV - [2011/05/20 10:10:26 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®
SRV - [2011/02/22 12:14:40 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2011/02/22 12:14:34 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010/05/28 03:14:56 | 001,044,840 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/04/15 07:47:30 | 000,529,024 | -H-- | M] (Cisco Consumer Products LLC) [Auto | Running] -- C:\Program Files (x86)\Cisco Systems\Cisco Valet Connector\CiscoAdapterSvc.exe -- (RaAutoInstSrv_AM10)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/12/23 17:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/04/07 14:15:52 | 000,031,808 | ---- | M] (FNet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\FNETTBOH_305.SYS -- (FNETTBOH_305)
DRV:64bit: - [2012/04/07 14:11:41 | 000,015,936 | ---- | M] (FNet Co., Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\FNETURPX.SYS -- (FNETURPX)
DRV:64bit: - [2012/03/20 20:22:46 | 000,691,896 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avc3.sys -- (avc3)
DRV:64bit: - [2012/03/19 23:32:04 | 014,745,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/17 16:45:56 | 000,545,064 | ---- | M] (BitDefender) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\avckf.sys -- (avckf)
DRV:64bit: - [2012/01/18 15:47:44 | 000,063,088 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2012/01/18 15:46:18 | 000,030,320 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2012/01/18 13:06:00 | 000,045,680 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2012/01/18 13:06:00 | 000,020,080 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2012/01/17 08:45:56 | 000,188,224 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/11/25 15:00:36 | 000,258,736 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avchv.sys -- (avchv)
DRV:64bit: - [2011/11/17 17:38:34 | 000,079,952 | ---- | M] (BitDefender SRL) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bdsandbox.sys -- (bdsandbox)
DRV:64bit: - [2011/11/14 20:16:42 | 000,090,192 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- c:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys -- (BdfNdisf)
DRV:64bit: - [2011/11/14 20:16:38 | 000,103,504 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys -- (bdfwfpf)
DRV:64bit: - [2011/10/27 15:07:05 | 000,329,800 | ---- | M] (BitDefender S.R.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\trufos.sys -- (trufos)
DRV:64bit: - [2011/09/21 10:25:54 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2011/09/02 02:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011/09/02 02:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011/08/29 22:11:04 | 000,039,024 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2011/08/16 14:59:12 | 000,442,088 | ---- | M] (BitDefender) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\bdfsfltr.sys -- (bdfsfltr)
DRV:64bit: - [2011/08/08 14:59:12 | 000,116,336 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2011/06/19 18:53:30 | 000,065,632 | ---- | M] (Lucidlogix Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VirtuWDDM.sys -- (VirtuWDDM)
DRV:64bit: - [2011/05/20 09:53:44 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/04/08 07:00:06 | 000,312,624 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mvs91xx.sys -- (mvs91xx)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/14 19:19:56 | 000,412,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink ™
DRV:64bit: - [2011/02/08 01:30:52 | 000,064,512 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2011/02/08 01:30:52 | 000,039,936 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 07:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/10/19 16:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®
DRV:64bit: - [2010/06/11 14:37:14 | 000,015,368 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AsrAppCharger.sys -- (AsrAppCharger)
DRV:64bit: - [2010/03/23 14:53:16 | 001,101,600 | -H-- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\am10w7.sys -- (AM10)
DRV:64bit: - [2010/01/19 19:32:40 | 000,103,944 | ---- | M] (BitDefender) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bdvedisk.sys -- (BDVEDISK)
DRV:64bit: - [2009/11/17 19:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/09 03:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2012/04/10 06:17:14 | 000,164,528 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- D:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AE A2 65 3A 61 17 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=SPLEP1&pc=SPLH
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={304F2100-B6E3-40FC-8337-8B68A529A027}&mid=ab33e9cfb6da47d097d36d16b2f939b3-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=en&ds=ins14&pr=sa&d=2012-04-07 11:36:50&v=10.2.0.3&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{B2EE15D9-6330-44fe-A6E9-EEFB139A5026}: "URL" = http://search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=ASRK
IE - HKCU\..\SearchScopes\{BC630751-5675-48e0-903B-882ACDC51D67}: "URL" = http://www.google.com/cse?cx=partner-pub-3794288947762788%3A6976579318&ie=UTF-8&q=&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A6976579318&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..keyword.URL: "http://isearch.avg.com/search?cid=%7B14338920-f243-48ea-8f5a-652c0527c06d%7D&mid=ab33e9cfb6da47d097d36d16b2f939b3-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&ds=ins14&v=10.2.0.3&lang=en&pr=sa&d=2012-04-07%2011%3A36%3A50&sap=ku&q="


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_233.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Bob\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Bob\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2012\BDTBEXT\ [2012/04/15 16:16:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012/04/17 00:52:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2012/04/09 20:33:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{5D3F3872-91E9-4d59-AD9F-AA174A3145DD}: C:\Program Files\Logitech\FlowScroll\LogiSmoothFirefoxExt [2012/04/12 11:23:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/04/20 10:51:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/04/26 08:50:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/04/25 18:36:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender 2012\bdtbext\ [2012/04/15 16:16:49 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{513B9C68-871D-11E1-826D-B8AC6F996F26}: C:\Users\Bob\AppData\Local\{513B9C68-871D-11E1-826D-B8AC6F996F26}\ [2012/04/15 13:06:21 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/04/20 10:51:18 | 000,000,000 | ---D | M]

[2012/04/12 18:33:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bob\AppData\Roaming\Mozilla\Extensions
[2012/04/12 18:33:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bob\AppData\Roaming\Mozilla\Extensions\prism@developer.mozilla.org
[2012/04/25 23:17:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\qyn8ebll.default\extensions
[2012/04/07 12:23:47 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\qyn8ebll.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/04/11 14:23:17 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\qyn8ebll.default\extensions\firefox@ghostery.com
[2012/04/07 11:18:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/04/09 20:33:18 | 000,000,000 | ---D | M] (Adobe Contribute Toolbar) -- C:\PROGRAM FILES (X86)\ADOBE\ADOBE CONTRIBUTE CS5.1\PLUGINS\FIREFOXPLUGIN\{01A8CA0A-4C96-465B-A49B-65C46FAD54F9}
[2012/04/12 11:23:37 | 000,000,000 | ---D | M] (Logitech Flow Scroll) -- C:\PROGRAM FILES\LOGITECH\FLOWSCROLL\LOGISMOOTHFIREFOXEXT
[2012/04/15 13:06:21 | 000,000,000 | ---D | M] (Translate This!) -- C:\USERS\BOB\APPDATA\LOCAL\{513B9C68-871D-11E1-826D-B8AC6F996F26}
() (No name found) -- C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QYN8EBLL.DEFAULT\EXTENSIONS\{75CEEE46-9B64-46F8-94BF-54012DE155F0}.XPI
() (No name found) -- C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QYN8EBLL.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
() (No name found) -- C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QYN8EBLL.DEFAULT\EXTENSIONS\{DC572301-7619-498C-A57D-39143191B318}.XPI
() (No name found) -- C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QYN8EBLL.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI
() (No name found) -- C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QYN8EBLL.DEFAULT\EXTENSIONS\LOADTABSPROGRESSIVELY@ITHINC.CN.XPI
() (No name found) -- C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QYN8EBLL.DEFAULT\EXTENSIONS\RESTART@RESTART.ORG.XPI
() (No name found) -- C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QYN8EBLL.DEFAULT\EXTENSIONS\YSLOW@YAHOO-INC.COM.XPI
[2012/04/26 08:50:54 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/01/12 04:58:30 | 000,917,816 | ---- | M] (BitComet) -- C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll
[2012/04/07 11:36:49 | 000,003,749 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/03/13 00:38:32 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/03/13 00:38:32 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Bob\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Bob\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Bob\AppData\Local\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Bob\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: Easy Auto Refresh = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc\1.5_0\
CHR - Extension: Entanglement = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\
CHR - Extension: ChromeAccess = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeoigbhkilbllfomkmmilbfochhlgdmh\1.6_0\
CHR - Extension: Xmarks Bookmark Sync = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla\1.0.22_0\
CHR - Extension: Xmarks Bookmark Sync = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla\1.0.22_0\.bak
CHR - Extension: Image Cropper = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\akeeaafmkigeapaejnlbknplbbpfbcfp\0.6_0\
CHR - Extension: Angry Birds = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.1.2.1_0\
CHR - Extension: TooManyTabs for Chrome = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\amigcgbheognjmfkaieeeadojiibgbdp\1.9.1_0\
CHR - Extension: Send To Instapaper = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\aneobdgphmijbiobonlnmcpmhdepfkog\0.8_0\
CHR - Extension: MeasureIt! = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\aonjhmdcgbgikgjapjckfkefpphjpgma\1.1.3_0\
CHR - Extension: Google Docs = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\5.3.1_0\
CHR - Extension: Session Manager = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbcnbpafconjjigibnhbfmmgdbbkcjfi\0.4_0\
CHR - Extension: Web Developer = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm\0.3.1_0\
CHR - Extension: YouTube = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Firebug Lite for Google Chrome\u2122 = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench\1.4.0.11967_0\
CHR - Extension: EM Calculator = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\cedkhglifjkdpijiphheomafjmkepigd\2.0_0\
CHR - Extension: Launchlist Pro = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfjmekcoebepooldamlampienojfjljf\1.1.1_0\
CHR - Extension: Remember The Milk = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\chdiaibgndcpagmnpkjoelgfkommjbni\3_0\
CHR - Extension: Add to Amazon Wish List = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\
CHR - Extension: Google Related (by Google) = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\cikfgcnnhcibkipoldbjegmeojnkaled\0.7.5.5_0\
CHR - Extension: Do Not Track = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckdcpbflcbeillmamogkpmdhnbeggfja\0.1_0\
CHR - Extension: Google Search = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: VUDU Movies = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\daomabnenlgkenegngdblacoobnncgib\2.0.0.2_0\
CHR - Extension: BuiltWith Technology Profiler = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\dapjbgnjinbpoindlpdmhochffioedbn\1.6_0\
CHR - Extension: Flag for Chrome = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpojpfdiliekbbiplijcphappgcgjfn\0.4.1_0\
CHR - Extension: TwimbowPlus = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddekenaheolnliamjkmnokbpehkeafhp\1.2_0\
CHR - Extension: Read Later Fast = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\decdfngdidijkdjgbknlnepdljfaepji\1.4.0_0\
CHR - Extension: Cortex = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\decglnkhpfoocpafihfbeodhgofefaoc\1.9.0_0\
CHR - Extension: Speed Dial = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi\2.1_0\
CHR - Extension: SEO Site Tools = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\diahigjngdnkdgajdbpjdeomopbpkjjc\2.91_0\
CHR - Extension: Lorem Ipsum Generator = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmpfoncmmihgkooacnplecaopcefceam\2.0.6_0\
CHR - Extension: Session Buddy = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko\3.0.9_0\
CHR - Extension: SearchO = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\eekjldapjblgadclklmgolijbagmdnfk\2.0.7_0\
CHR - Extension: AppBrain Android market = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgkmaemheeocopibkndllbfmgmlkmpn\1_0\
CHR - Extension: SocialPlus! = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\eidogommnbbcgnhfjkcgjnlonijjhmjl\2.6.2_0\
CHR - Extension: Google Calendar = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: Slipstream = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\enkifkknohhbldckfbmffpkdpmhmkcgh\2.2.0_0\
CHR - Extension: Zootool = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadbmegoighhdcpgkmhbobepfnchkahe\1_0\
CHR - Extension: After the Deadline = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdjadjbdihbaodagojiomdljhjhjfho\1.2_0\
CHR - Extension: Zemanta = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\fejeknoakjeblidffkajbioncodnmhge\1.1_0\
CHR - Extension: Koding = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgbjpbdfegnodokpoejnbhnblcojccal\1.1.2_0\
CHR - Extension: Stylish = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\0.9_0\
CHR - Extension: Twimbow = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpbopilbcmejafedlfiigcjphbpeppim\1.90_0\
CHR - Extension: Pendule = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbkffbkamcejhkcaocmkdeiiccpmjfdi\1.0.0_0\
CHR - Extension: Facebook for Chrome = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp\3.1.1_0\
CHR - Extension: Taskforce = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdbfnafnalfjconpgenohfidcaeibkoc\1.4_0\
CHR - Extension: Logitech Flow Scroll = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\geooogfhpjdpeiphckpbgkhpbeobcaoi\4.0.33_0\
CHR - Extension: Pastebin.com = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghipmampnddcpdlppkkamoankmkmcbmh\2.1_0\
CHR - Extension: 1Password = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkndfifopckmhdkohjeoljlbfnjhekfg\3.9.4.39499_0\
CHR - Extension: Name Toolkit = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\glpnacgkadklajcefednddghfmnbnhli\0.0.0.2_0\
CHR - Extension: FlashBlock = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\gofhjkjmkpinhpoiabjplobcaignabnl\0.9.31_0\
CHR - Extension: TweetDeck = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl\1.3_0\
CHR - Extension: LastPass = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.4_0\
CHR - Extension: Flixster = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgbpjlnkjhllfgfdmieompodgaefjcfh\1.0.6_0\
CHR - Extension: Faveous Bookmarklet = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\hggbapbmbffcpdmnaaighhohmkfckkae\2.1_0\
CHR - Extension: Rapportive = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\hihakjfhbmlmjdnnhegiciffjplmdhin\1.2.6_0\
CHR - Extension: TiltShiftMaker = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjjofhgnhekhkccpcnnloagmdpafifeo\1.3.3_0\
CHR - Extension: Eye Dropper = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmdcmlfkchdmnmnmheododdhjedfccka\0.2.6_0\
CHR - Extension: bitly | a simple URL shortener = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic\1.3.1.5_0\
CHR - Extension: META SEO inspector = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibkclpciafdglkjkcibmohobjkcfkaef\1.8.1_0\
CHR - Extension: Google Play Music = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg\4.0_0\
CHR - Extension: Are You Watching This?! Sports = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihnicgbfaikpklojpccmikdmjngflehc\1.2_0\
CHR - Extension: 60 Minutes = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\imjhdahelgojehmfmkmdfjcpfbglbfmj\0.60_0\
CHR - Extension: Clearly = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\iooicodkiihhpojmmeghjclgihfjdjhj\5.3333.576.642_0\
CHR - Extension: Yet Another Extension for Google Bookmarks = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdnejaepfmacfdmhkplckpfdcjgbeode\1.24_0\
CHR - Extension: Disconnect = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo\3.1.1_0\
CHR - Extension: MOG Music = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgljcanfdcmdnncaneopdlcgjlkgpenj\0.9.9_0\
CHR - Extension: Shareaholic for Google Chrome\u2122 = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmipnjdeifmobkhgogdnomkihhgojep\5.3.0_0\
CHR - Extension: WebNotes = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfagadglkbccbemlkeodjhcgokfklhnf\0.1.7_0\
CHR - Extension: Super Full Feeds for Google Reader\u2122 = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\khbjahpecnkenngkidhioicnfpakihgo\1.3.2_0\
CHR - Extension: RoboForm Lite = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\kidhjpmgjfbkmcfpfakmdddddgfbhahj\3.0.1_0\
CHR - Extension: HootSuite = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\kneloppijbcidgidihgdjnooihjcdbij\5.244_0\
CHR - Extension: WebEdit = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkafdhggfbbpbdojbegpokhiiclpnml\2.1_0\
CHR - Extension: Poppit = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
CHR - Extension: Quick Note = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok\1.3.2_0\
CHR - Extension: WebRank SEO = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkhilblbmkdnapffblmecglknalglfji\3.2.6_0\
CHR - Extension: Ghostery = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\3.0.0_0\
CHR - Extension: deviantART muro = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\namljbfbglehfnlonjmebceimaalofei\1.0_0\
CHR - Extension: Incredible StartPage - Productive Start Page for Chrome! = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdfeghkpohnalmpblddmnppfooljekh\1.4.3_0\
CHR - Extension: Jolicloud = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfakdllpdfjjbfommlcnfkedmbigkfdo\1.0.8_0\
CHR - Extension: Amazon Windowshop = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\nielaigelomefgdoljcpfgbdbfefhdjc\1.1.0.0_0\
CHR - Extension: Springpad Extension = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng\2.5.1109.21_0\
CHR - Extension: Autofill = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmmgnhgdeffjkdckmikfpnddkbbfkkk\5.5_0\
CHR - Extension: FreshStart - Cross Browser Session Manager = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmidkjogcjnnlfimjcedenagjfacpobb\1.5.4_0\
CHR - Extension: Personal Blocklist (by Google) = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\nolijncfnkgaikbjbdaogikpmpbdcdef\2.3_0\
CHR - Extension: TabCloud = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\npecfdijgoblfcgagoijgmgejmcpnhof\1.12_0\
CHR - Extension: Google Chrome to Phone Extension = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco\2.3.1_0\
CHR - Extension: SEO for Chrome = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\oangcciaeihlfmhppegpdceadpfaoclj\0.9.5_0\
CHR - Extension: Todo.ly = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\obhefmbclkekanpjjpkbciloojcmpkap\2_0\
CHR - Extension: DropMocks = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\ognjbbjhnopepkolgnajbmchemkakffl\1_0\
CHR - Extension: SlideRocket = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\omeengfjefdmhnkojnfmncpfdbhnecea\1.0.4_0\
CHR - Extension: SlideRocket = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\omeengfjefdmhnkojnfmncpfdbhnecea\2.0.0_0\
CHR - Extension: Google Publisher Toolbar (by Google) = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\omioeahgfecgfpfldejlnideemfidnkc\2.0_0\
CHR - Extension: Diigo: Bookmark, Archive, Highlight & Sticky-Note = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\oojbgadfejifecebmdnhhkbhdjaphole\1.6.9_0\
CHR - Extension: Cacoo - Diagramming & Real-Time Collaboration = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcflmbddgcmomcfngehfhlajjapabojh\1.1.10_0\
CHR - Extension: Evernote Web Clipper = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\5.3.1_0\
CHR - Extension: Instapaper = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjalnmnmioafeenidfbjkghaglaenjbp\1.1_0\
CHR - Extension: Gmail = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Tapatalk Notifier = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\plfhcjljnfjpfcbjpgnflfofmahljkjj\1.3.1_0\

O1 HOSTS File: ([2012/04/26 10:36:42 | 000,006,082 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns.adobe.com
O1 - Hosts: 127.0.0.1 3dns-1.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-4.adobe.com
O1 - Hosts: 127.0.0.1 3dns-5.adobe.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip2.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip4.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-1.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-4.adobe.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip1.adobe.com
O1 - Hosts: 229 more lines...
O2:64bit: - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll (TechSmith Corporation)
O2:64bit: - BHO: (Logitech Flow Scroll) - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\LogiSmooth.dll (Logitech, Inc.)
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (WsftpBrowserHelper Class) - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files (x86)\Ipswitch\WS_FTP 12\wsbho2k0.dll (Ipswitch, Inc. 10 Maguire Road - Suite 220 Lexington, MA 02421)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (1Password) - {CB1A24DA-7416-4921-A0CF-5AA1160AAE2A} - C:\Program Files (x86)\1Password\Agile1pIE.dll (AgileBits)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Logitech Flow Scroll) - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\32-bit\LogiSmooth.dll (Logitech, Inc.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll (TechSmith Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found.
O4:64bit: - HKLM..\Run: [BDAgent] C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe (Bitdefender)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [LogiScrollApp] C:\Program Files\Logitech\FlowScroll\KhalScroll.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Agile1pAgent] C:\Program Files (x86)\1Password\Agile1pAgent.exe (AgileBits)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [vmware-tray] D:\Program Files\VMWare\vmware-tray.exe (VMware, Inc.)
O4 - HKLM..\Run: [XFastUsb] C:\Program Files (x86)\XFastUsb\XFastUsb.exe (FNet Co., Ltd.)
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKCU..\Run: [ASRockXTU] File not found
O4 - HKCU..\Run: [DisplayFusion] C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe (Binary Fortress Software)
O4 - HKCU..\Run: [Ditto] C:\Program Files\Ditto\Ditto.exe ()
O4 - HKCU..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [SugarSync] C:\Program Files (x86)\SugarSync\SugarSyncManager.exe (SugarSync, Inc.)
O4 - HKCU..\Run: [zASRockInstantBoot] File not found
O4 - Startup: C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\click.to.lnk = C:\Program Files (x86)\Axonic\click.to\clicktoapp.exe (Axonic)
O4 - Startup: C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Bob\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GoogleCal.lnk = D:\Downloads\GoogleCal_v2.1\GoogleCal.exe ()
O4 - Startup: C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Launchy.lnk = C:\Program Files (x86)\Launchy\Launchy.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: 1Password - {00FAC6C9-C494-4AD8-B3C0-DE677AFDDBD8} - C:\Program Files (x86)\1Password\Agile1pIE.dll (AgileBits)
O9 - Extra 'Tools' menuitem : 1Password Ctrl+\ - {00FAC6C9-C494-4AD8-B3C0-DE677AFDDBD8} - C:\Program Files (x86)\1Password\Agile1pIE.dll (AgileBits)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bitdefender.com/qsax/qsax.cab (Bitdefender QuickScan Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5A871783-3177-4A5D-AFAA-13BF926F30C8}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FDAB5B43-47D5-4814-B037-81D94B5F59CE}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~1\LUCIDL~1\VIRTU\APPINI~1.DLL) - C:\Program Files\Lucidlogix Technologies\VIRTU\appinit_dll.dll (Lucidlogix Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\LUCIDL~1\VIRTU\x86\APPINI~1.DLL) - C:\Program Files\Lucidlogix Technologies\VIRTU\x86\appinit_dll.dll (Lucidlogix Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/11/03 22:14:31 | 000,392,206 | R--- | M] () - H:\autorun.cdd -- [ CDFS ]
O32 - AutoRun File - [2011/11/03 22:32:35 | 002,415,152 | R--- | M] (EVGA Corporation) - H:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2008/01/31 00:54:38 | 000,009,158 | R--- | M] () - H:\autorun.ico -- [ CDFS ]
O32 - AutoRun File - [2011/11/03 22:14:31 | 000,000,047 | R--- | M] () - H:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{78f90682-80dc-11e1-8567-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{78f90682-80dc-11e1-8567-806e6f6e6963}\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\{dbea01fe-80f3-11e1-ba8d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{dbea01fe-80f3-11e1-ba8d-806e6f6e6963}\Shell\AutoRun\command - "" = F:\ASRSetup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

MsConfig:64bit - StartUpFolder: C:^Users^Bob^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Product Registration.lnk - C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe - (Leader Technologies/Logitech)
MsConfig:64bit - StartUpReg: Acrobat Assistant 8.0 - hkey= - key= - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
MsConfig:64bit - StartUpReg: Adobe Acrobat Speed Launcher - hkey= - key= - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: AdobeAAMUpdater-1.0 - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: AdobeCS5.5ServiceManager - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: AdobeCS6ServiceManager - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: agpitc - hkey= - key= - C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: AirPort Base Station Agent - hkey= - key= - C:\Program Files (x86)\AirPort\APAgent.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: amd_dc_opt - hkey= - key= - C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
MsConfig:64bit - StartUpReg: BCSSync - hkey= - key= - C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: com.apple.dav.bookmarks.daemon - hkey= - key= - C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: EvtMgr6 - hkey= - key= - C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
MsConfig:64bit - StartUpReg: Google Update - hkey= - key= - C:\Users\Bob\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig:64bit - StartUpReg: iTunesHelper - hkey= - key= - D:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: mlerx - hkey= - key= - C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: MobileDocuments - hkey= - key= - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: SandboxieControl - hkey= - key= - D:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
MsConfig:64bit - StartUpReg: Skype - hkey= - key= - C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig:64bit - StartUpReg: SmartViewAgent - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: STCAgent - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: Steam - hkey= - key= - D:\Program Files\Steam\steam.exe (Valve Corporation)
MsConfig:64bit - StartUpReg: SwitchBoard - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: THX TruStudio NB Settings - hkey= - key= - C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe (Creative Technology Ltd)
MsConfig:64bit - StartUpReg: THXCfg64 - hkey= - key= - C:\Windows\SysNative\RunDLL32.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: UpdReg - hkey= - key= - C:\Windows\Updreg.EXE (Creative Technology Ltd.)
MsConfig:64bit - StartUpReg: Wondershare Helper Compact.exe - hkey= - key= - C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Wondershare)
MsConfig:64bit - StartUpReg: ZyngaGamesAgent - hkey= - key= - File not found
MsConfig:64bit - State: "startup" - Reg Error: Key error.

SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: vidc.tscc - C:\Windows\SysWOW64\tsccvid64.dll (TechSmith Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.tscc - C:\Windows\SysWOW64\tsccvid.dll (TechSmith Corporation)
Drivers32: VIDC.VMnc - C:\Windows\SysWow64\vmnc.dll (VMware, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/04/26 17:29:11 | 000,000,000 | ---D | C] -- C:\Users\Bob\Desktop\RK_Quarantine
[2012/04/26 17:21:43 | 002,074,160 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Bob\Desktop\tdsskiller.exe
[2012/04/26 17:09:31 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Bob\Desktop\aswMBR.exe
[2012/04/26 10:36:35 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012/04/26 10:36:35 | 000,000,000 | ---D | C] -- C:\rsit
[2012/04/26 10:30:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2012/04/26 10:30:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2012/04/26 08:50:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012/04/26 08:50:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/04/26 01:54:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bing Desktop
[2012/04/25 18:36:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/04/25 00:43:27 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Opera
[2012/04/25 00:43:27 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\Opera
[2012/04/25 00:43:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2012/04/24 00:29:26 | 000,000,000 | ---D | C] -- C:\Users\Bob\Documents\Ebooks
[2012/04/23 23:42:52 | 000,000,000 | R--D | C] -- C:\Users\Bob\SkyDrive
[2012/04/23 23:42:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive
[2012/04/23 23:33:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012/04/20 11:25:02 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG
[2012/04/20 11:24:47 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\HP
[2012/04/20 11:24:47 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\HP
[2012/04/20 11:12:51 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\Diagnostics
[2012/04/20 10:51:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2012/04/20 10:51:14 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\HpUpdate
[2012/04/20 10:50:57 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2012/04/20 10:50:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2012/04/20 10:50:49 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool
[2012/04/20 10:50:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HP
[2012/04/20 10:50:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard
[2012/04/20 10:50:18 | 000,138,752 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\hpf3l02t.dll
[2012/04/20 10:49:55 | 000,000,000 | -H-D | C] -- C:\Config.Msi
[2012/04/20 10:49:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
[2012/04/20 10:29:25 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2012/04/20 10:29:21 | 000,906,240 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpwwiax5.dll
[2012/04/20 10:29:21 | 000,644,456 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpzids40.dll
[2012/04/20 10:29:20 | 001,422,848 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hpwtiop4.dll
[2012/04/20 10:29:20 | 000,553,472 | ---- | C] (Hewlett Packard) -- C:\Windows\SysNative\hppldcoi.dll
[2012/04/20 10:29:20 | 000,488,960 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hpovst11.dll
[2012/04/18 21:52:13 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/04/18 21:09:50 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Malwarebytes
[2012/04/18 21:09:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/04/18 21:09:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/04/18 21:09:47 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/04/18 21:09:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/04/18 18:21:58 | 000,000,000 | RHSD | C] -- C:\ProgramData\Key-Base
[2012/04/17 20:34:39 | 000,000,000 | ---D | C] -- C:\Users\Bob\Documents\Adobe
[2012/04/17 19:34:28 | 000,000,000 | ---D | C] -- C:\Downloads
[2012/04/17 19:34:20 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\BitComet
[2012/04/17 19:34:19 | 000,000,000 | ---D | C] -- C:\Program Files\BitComet
[2012/04/17 00:08:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notepad Replacer
[2012/04/16 22:04:35 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\FileZilla
[2012/04/16 22:04:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
[2012/04/16 22:04:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla FTP Client
[2012/04/16 19:33:33 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\MOG
[2012/04/16 19:33:02 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MOG
[2012/04/16 19:31:54 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\Deployment
[2012/04/15 18:40:12 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\dxhr
[2012/04/15 18:38:15 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\28050
[2012/04/15 17:08:05 | 008,766,112 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012/04/15 16:16:53 | 000,000,000 | ---D | C] -- C:\ProgramData\BDLogging
[2012/04/15 16:16:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2012
[2012/04/15 16:16:49 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Bitdefender
[2012/04/15 16:16:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Bitdefender
[2012/04/15 16:16:04 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
[2012/04/15 16:15:25 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\QuickScan
[2012/04/15 16:15:14 | 000,442,088 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\bdfsfltr.sys
[2012/04/15 16:15:14 | 000,329,800 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\SysNative\drivers\trufos.sys
[2012/04/15 16:15:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2012/04/15 16:15:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Bitdefender
[2012/04/15 15:36:50 | 000,000,000 | --SD | C] -- C:\Users\Bob\Documents\Passwords Database
[2012/04/15 14:25:40 | 000,000,000 | ---D | C] -- C:\Users\Bob\Documents\Camtasia Studio
[2012/04/15 14:25:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camtasia Studio 7
[2012/04/15 14:25:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012/04/15 14:25:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\TechSmith Shared
[2012/04/15 13:14:22 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\VMware
[2012/04/15 13:14:22 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\VMware
[2012/04/15 13:06:31 | 000,063,088 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmx86.sys
[2012/04/15 13:06:21 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{513B9C68-871D-11E1-826D-B8AC6F996F26}
[2012/04/15 13:06:12 | 000,354,416 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vmnetdhcp.exe
[2012/04/15 13:06:08 | 000,942,192 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\vnetlib64.dll
[2012/04/15 13:06:08 | 000,433,264 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vmnat.exe
[2012/04/15 13:06:08 | 000,030,320 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmnetuserif.sys
[2012/04/15 13:06:07 | 000,039,024 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\hcmon.sys
[2012/04/15 13:06:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
[2012/04/15 13:05:59 | 000,000,000 | ---D | C] -- C:\ProgramData\VMware
[2012/04/15 13:05:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VMware
[2012/04/15 13:05:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\VMware
[2012/04/15 13:05:59 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Shared Virtual Machines
[2012/04/15 13:05:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\VMware
[2012/04/15 12:20:27 | 000,000,000 | R--D | C] -- C:\Sandbox
[2012/04/15 12:13:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
[2012/04/14 23:07:14 | 000,000,000 | ---D | C] -- C:\Users\Bob\Documents\DonationCoder
[2012/04/14 23:07:14 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\DonationCoder
[2012/04/14 22:57:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FindAndRunRobot
[2012/04/14 22:57:32 | 000,000,000 | ---D | C] -- C:\ProgramData\DonationCoder
[2012/04/14 22:57:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FindAndRunRobot
[2012/04/14 20:30:52 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Skype
[2012/04/14 20:30:49 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012/04/14 20:30:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/04/14 20:30:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/04/14 20:30:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012/04/13 23:35:24 | 000,000,000 | -H-D | C] -- C:\ProgramData\{5D3662FF-B114-4392-9128-140D59A29E19}
[2012/04/13 23:35:22 | 000,000,000 | -H-D | C] -- C:\ProgramData\{9C69499E-D8CC-4C66-B856-7076DB8C275E}
[2012/04/13 23:35:21 | 000,000,000 | -H-D | C] -- C:\ProgramData\{E314972B-E8D6-465D-AE74-6CC08535701F}
[2012/04/13 23:35:16 | 000,000,000 | -H-D | C] -- C:\ProgramData\{EC2F7042-ADE8-4F04-9A7E-2316AD6311E2}
[2012/04/13 23:35:13 | 000,000,000 | -H-D | C] -- C:\ProgramData\{63B3AF69-722B-4FA9-965F-94DEB1E78796}
[2012/04/13 23:35:08 | 000,000,000 | -H-D | C] -- C:\ProgramData\{83F263BF-0076-4C4C-93DC-A3EA0CEB7184}
[2012/04/13 23:35:07 | 000,000,000 | -H-D | C] -- C:\ProgramData\{1E8BE8F5-704E-408F-A339-D33679C773FF}
[2012/04/13 23:35:02 | 000,000,000 | -H-D | C] -- C:\ProgramData\{3079F98A-3D1E-417D-A09C-36814730DC09}
[2012/04/13 23:35:01 | 000,000,000 | -H-D | C] -- C:\ProgramData\{4D790C15-A3FF-476F-9F6C-FA6FF12EFFC3}
[2012/04/13 23:34:56 | 000,000,000 | -H-D | C] -- C:\ProgramData\{682FE305-7958-4875-9B95-34673E7151AD}
[2012/04/13 23:34:55 | 000,000,000 | -H-D | C] -- C:\ProgramData\{B2DCFF49-8E43-4A91-B043-7CCB41EA24CE}
[2012/04/13 23:34:50 | 000,000,000 | -H-D | C] -- C:\ProgramData\{529BBEB3-0369-420C-BD9C-37553D289203}
[2012/04/13 23:34:49 | 000,000,000 | -H-D | C] -- C:\ProgramData\{E25B3CC7-9347-4C9D-9339-1E15F9DA7A07}
[2012/04/13 23:34:44 | 000,000,000 | -H-D | C] -- C:\ProgramData\{E6AF2639-F710-4F5B-8830-95A396FB523F}
[2012/04/13 23:34:43 | 000,000,000 | -H-D | C] -- C:\ProgramData\{16996CC6-7043-45AD-9C8D-A784409115E4}
[2012/04/13 23:34:38 | 000,000,000 | -H-D | C] -- C:\ProgramData\{AB404F93-CDCE-40D9-8D4E-8606C84D368C}
[2012/04/13 23:34:37 | 000,000,000 | -H-D | C] -- C:\ProgramData\{9DE75BC9-6CF5-4972-8A4E-86BAAD477DC6}
[2012/04/13 23:34:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Topaz Labs
[2012/04/13 23:34:33 | 000,000,000 | -H-D | C] -- C:\ProgramData\{8265C354-3D13-4FE5-95C7-65F277FF3041}
[2012/04/13 23:34:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topaz Labs
[2012/04/13 23:34:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Topaz Labs
[2012/04/13 17:02:50 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\Alien Skin
[2012/04/13 16:46:54 | 000,000,000 | -H-D | C] -- C:\ProgramData\{E700EA29-049A-42E5-B85D-D2A74571B520}
[2012/04/13 16:46:50 | 000,000,000 | -H-D | C] -- C:\ProgramData\{6C47B826-5902-49BB-BF6B-68F5716FD827}
[2012/04/13 16:46:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Topaz Labs
[2012/04/13 16:46:11 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\PackageAware
[2012/04/13 16:45:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Alien Skin
[2012/04/13 16:45:33 | 000,000,000 | ---D | C] -- C:\Program Files\Alien Skin
[2012/04/13 16:45:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alien Skin
[2012/04/13 12:19:19 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2012/04/13 12:19:19 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2012/04/13 12:19:19 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2012/04/13 12:19:19 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2012/04/13 12:19:17 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2012/04/13 12:19:17 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2012/04/13 09:04:29 | 000,000,000 | ---D | C] -- C:\Users\Bob\Documents\BioWare
[2012/04/13 09:03:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games
[2012/04/13 09:03:30 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\Origin
[2012/04/13 09:03:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2012/04/13 09:03:13 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Origin
[2012/04/13 09:03:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2012/04/13 09:03:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2012/04/13 09:02:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin
[2012/04/13 01:41:13 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\FeedDemon
[2012/04/13 01:41:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FeedDemon
[2012/04/13 01:29:42 | 000,000,000 | ---D | C] -- C:\Users\Bob\Documents\Clickto
[2012/04/13 01:27:27 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\click.to
[2012/04/13 01:27:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\click.to
[2012/04/13 01:27:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Axonic
[2012/04/12 23:15:29 | 000,000,000 | ---D | C] -- C:\Users\Bob\Documents\WB Games
[2012/04/12 23:10:19 | 000,000,000 | ---D | C] -- C:\Users\Bob\Documents\Games for Windows - LIVE Demos
[2012/04/12 23:05:35 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2012/04/12 23:05:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2012/04/12 23:05:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2012/04/12 23:05:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD
[2012/04/12 23:04:49 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\Downloaded Installations
[2012/04/12 23:04:40 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2012/04/12 23:04:40 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2012/04/12 23:04:40 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2012/04/12 23:04:40 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2012/04/12 23:04:40 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2012/04/12 23:04:40 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2012/04/12 23:04:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WB Games
[2012/04/12 21:53:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2012/04/12 21:53:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect 2
[2012/04/12 21:49:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare
[2012/04/12 20:12:24 | 000,000,000 | ---D | C] -- C:\Users\Bob\.ResophNotes
[2012/04/12 20:12:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ResophNotes
[2012/04/12 20:12:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ResophNotes
[2012/04/12 18:33:41 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\WebApps
[2012/04/12 18:33:08 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Prism
[2012/04/12 18:33:08 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\Prism
[2012/04/12 11:23:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech
[2012/04/12 11:22:55 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\LogiShrd
[2012/04/12 11:22:42 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Leadertech
[2012/04/12 11:22:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LogiShrd
[2012/04/12 11:22:30 | 000,018,960 | ---- | C] (Logitech, Inc.) -- C:\Windows\SysNative\drivers\LNonPnP.sys
[2012/04/12 11:22:01 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\LogiShrd
[2012/04/12 11:21:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2012/04/12 11:21:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Logishrd
[2012/04/12 11:21:47 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2012/04/12 11:20:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logishrd
[2012/04/12 11:18:31 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Logitech
[2012/04/12 11:18:31 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Logishrd
[2012/04/11 20:30:53 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1
[2012/04/11 19:06:56 | 002,311,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/04/11 19:06:56 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/04/11 19:06:56 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/04/11 19:06:56 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/04/11 19:06:56 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/04/11 19:06:56 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/04/11 19:06:56 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/04/11 19:06:56 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/04/11 19:06:56 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/04/11 19:06:56 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/04/11 19:06:55 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/04/11 19:06:41 | 005,559,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/04/11 19:06:41 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/04/11 19:06:41 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/04/11 19:05:42 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/04/11 19:05:42 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/04/11 19:05:42 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/04/11 18:58:44 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\PDAppFlex
[2012/04/11 18:45:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Apps Migration
[2012/04/11 18:44:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Apps Sync 2.0
[2012/04/11 18:44:54 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012/04/11 18:44:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012/04/10 21:17:30 | 000,000,000 | ---D | C] -- C:\Users\Bob\MediaEspresso
[2012/04/10 20:49:48 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Ditto
[2012/04/10 20:49:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ditto
[2012/04/10 20:49:42 | 000,000,000 | ---D | C] -- C:\Program Files\Ditto
[2012/04/10 17:32:45 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\DisplayFusion
[2012/04/10 17:32:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DisplayFusion
[2012/04/10 17:32:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DisplayFusion
[2012/04/10 17:32:27 | 000,000,000 | ---D | C] -- C:\Users\Bob\Documents\DisplayFusion Backups
[2012/04/10 14:56:52 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2012/04/10 14:56:34 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Dropbox
[2012/04/10 14:52:15 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Artisteer
[2012/04/10 14:51:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Artisteer 3
[2012/04/10 14:43:02 | 000,000,000 | ---D | C] -- C:\Users\Bob\Documents\Magic Briefcase
[2012/04/10 14:40:39 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\SugarSync
[2012/04/10 14:40:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SugarSync
[2012/04/10 14:28:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/04/10 14:28:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012/04/10 00:32:42 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\Apps
[2012/04/09 23:17:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AirPort
[2012/04/09 22:54:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2012/04/09 22:33:01 | 000,000,000 | ---D | C] -- C:\Users\Bob\Documents\CoffeeCup Software
[2012/04/09 21:04:46 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Launchy
[2012/04/09 21:04:41 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Launchy
[2012/04/09 21:04:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Launchy
[2012/04/09 20:48:28 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2012/04/09 20:32:30 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
[2012/04/09 20:32:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2012/04/09 20:32:29 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Notepad++
[2012/04/09 20:32:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notepad++
[2012/04/09 20:26:56 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM
[2012/04/09 20:25:44 | 000,000,000 | ---D | C] -- C:\Users\Bob\Adobe Flash Builder 4.5
[2012/04/09 20:25:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
[2012/04/09 20:24:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Story
[2012/04/09 20:24:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2012/04/09 20:23:26 | 000,055,280 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\PxHlpa64.sys
[2012/04/09 20:23:26 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdralw2k.sys
[2012/04/09 20:23:26 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdr4_xp.sys
[2012/04/09 20:23:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared
[2012/04/09 20:23:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2012/04/09 20:23:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\My Company Name
[2012/04/09 20:22:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012/04/09 20:22:51 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012/04/09 20:22:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5.5
[2012/04/09 19:39:21 | 000,000,000 | ---D | C] -- C:\ProgramData\xml_param
[2012/04/09 19:35:52 | 000,000,000 | ---D | C] -- C:\Users\Bob\Documents\Wondershare Video Converter Platinum
[2012/04/09 19:35:52 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Wondershare Video Converter Platinum
[2012/04/09 19:35:47 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\Wondershare
[2012/04/09 19:35:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
[2012/04/09 19:35:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wondershare
[2012/04/09 19:35:45 | 000,892,928 | ---- | C] (Free Software Foundation) -- C:\Windows\SysWow64\iconv.dll
[2012/04/09 19:35:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wondershare
[2012/04/09 19:23:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%
[2012/04/09 19:23:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alcohol Soft
[2012/04/09 19:16:42 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/04/09 19:16:42 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/04/09 18:57:45 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/04/09 18:57:45 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/04/09 18:57:45 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/04/09 18:57:45 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/04/09 18:57:45 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/04/09 18:57:45 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/04/09 18:57:45 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/04/09 18:57:45 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/04/09 18:57:45 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/04/09 18:57:45 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/04/09 18:57:45 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/04/09 18:57:45 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/04/09 18:57:45 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/04/09 18:57:45 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/04/09 18:57:45 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/04/09 18:57:45 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/04/09 18:57:45 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/04/09 18:57:45 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/04/09 18:57:45 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/04/09 18:57:45 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/04/09 18:57:45 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/04/09 18:57:45 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/04/09 18:57:45 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/04/09 18:57:45 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/04/09 18:57:45 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/04/09 18:57:45 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/04/09 18:57:45 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/04/09 18:57:45 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/04/09 18:57:45 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/04/09 18:57:45 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/04/09 18:57:45 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/04/09 18:57:45 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/04/09 18:57:45 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/04/09 18:57:45 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/04/09 18:57:45 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/04/09 18:57:45 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/04/09 18:57:45 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/04/09 18:57:45 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/04/09 18:57:45 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/04/09 18:57:45 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/04/09 18:57:45 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/04/09 18:57:45 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/04/09 18:57:45 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/04/09 18:57:45 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/04/09 18:57:45 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/04/09 18:57:45 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/04/09 18:57:45 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/04/09 18:57:45 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/04/09 18:57:45 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/04/09 18:57:45 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/04/09 18:57:45 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/04/09 18:57:45 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/04/09 18:57:45 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/04/09 18:57:45 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/04/09 18:57:45 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/04/09 18:57:45 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/04/09 18:57:45 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/04/09 18:57:45 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/04/09 18:57:45 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/04/09 18:57:45 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/04/09 18:57:45 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/04/09 18:53:52 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2012/04/09 18:53:38 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2012/04/09 18:53:30 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2012/04/09 18:52:01 | 000,530,488 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2012/04/09 18:43:37 | 000,000,000 | ---D | C] -- C:\Users\Bob\Documents\Vuze Downloads
[2012/04/09 18:22:15 | 000,000,000 | ---D | C] -- C:\Users\Bob\Documents\UseNeXT
[2012/04/09 18:22:15 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\UseNeXT
[2012/04/09 18:22:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
[2012/04/09 17:18:29 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\uTorrent
[2012/04/09 16:30:19 | 000,000,000 | R--D | C] -- C:\Backup
[2012/04/09 16:29:38 | 000,085,048 | ---- | C] (Infowatch) -- C:\Windows\SysNative\drivers\CSCrySec.sys
[2012/04/09 16:29:38 | 000,066,104 | ---- | C] (Infowatch) -- C:\Windows\SysNative\drivers\CSVirtualDiskDrv.sys
[2012/04/09 15:45:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2012/04/09 15:45:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012/04/09 15:45:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2012/04/09 15:45:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2012/04/09 15:45:09 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012/04/09 15:45:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2012/04/09 15:45:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2012/04/09 15:44:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2005
[2012/04/09 15:44:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2012/04/09 15:44:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2012/04/09 15:44:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2012/04/09 15:44:41 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012/04/09 15:44:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2012/04/09 15:44:41 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\Microsoft Help
[2012/04/09 15:44:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012/04/09 15:44:40 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012/04/09 15:36:44 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\DomainSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
[2012/04/09 15:33:34 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
[2012/04/09 15:29:39 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CoffeeCup Software
[2012/04/09 15:29:39 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\CoffeeCup Software
[2012/04/09 15:29:39 | 000,000,000 | ---D | C] -- C:\ProgramData\CoffeeCup Software
[2012/04/09 15:29:12 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CoffeeCup Software
[2012/04/09 15:28:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012/04/09 15:27:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ipswitch WS_FTP 12
[2012/04/09 15:27:26 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Ipswitch
[2012/04/09 15:27:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Ipswitch
[2012/04/09 15:27:24 | 000,000,000 | ---D | C] -- C:\Program Files\Ipswitch
[2012/04/09 15:27:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ipswitch
[2012/04/09 14:13:21 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\vlc
[2012/04/09 14:13:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/04/09 14:13:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2012/04/09 13:55:55 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\CrashDumps
[2012/04/09 00:52:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
[2012/04/09 00:52:21 | 000,000,000 | ---D | C] -- C:\Program Files\Core Temp
[2012/04/08 22:18:30 | 000,000,000 | ---D | C] -- C:\Users\Bob\.swt
[2012/04/08 22:18:29 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Azureus
[2012/04/08 22:18:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vuze
[2012/04/08 22:04:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire
[2012/04/08 22:04:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FinalWire
[2012/04/08 21:42:34 | 000,000,000 | ---D | C] -- C:\ProgramData\TorrentPrivacy
[2012/04/08 21:38:05 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallJammer Registry
[2012/04/08 21:37:55 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TP Bittorrent Anonymizer
[2012/04/08 21:37:55 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\TorrentPrivacy
[2012/04/08 21:22:47 | 000,021,992 | ---- | C] (CPUID) -- C:\Windows\SysNative\drivers\cpuz135_x64.sys
[2012/04/08 21:22:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2012/04/08 21:22:47 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2012/04/08 15:14:40 | 000,000,000 | ---D | C] -- C:\Users\Bob\Documents\my games
[2012/04/08 14:00:57 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2012/04/08 13:56:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2012/04/08 11:05:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012/04/08 11:05:46 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2012/04/08 01:22:23 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\Futuremark_Corporation
[2012/04/08 01:21:52 | 000,000,000 | ---D | C] -- C:\Users\Bob\Documents\PCMark 7
[2012/04/08 01:21:45 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\IsolatedStorage
[2012/04/08 01:18:04 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Postbox
[2012/04/08 01:18:04 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\Postbox
[2012/04/08 01:18:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Postbox
[2012/04/08 01:15:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Futuremark
[2012/04/08 01:15:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Futuremark
[2012/04/08 01:15:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Futuremark
[2012/04/08 01:15:45 | 000,000,000 | ---D | C] -- C:\Program Files\Futuremark
[2012/04/08 00:45:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/04/08 00:45:35 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2012/04/08 00:45:35 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2012/04/08 00:45:35 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2012/04/08 00:45:35 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2012/04/08 00:45:30 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/04/08 00:45:30 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/04/08 00:45:30 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2012/04/07 23:41:56 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\TimeLoc.48D78D3C5DA9540D4DE1465EB3FBE37D9D6FFAF9.1
[2012/04/07 23:41:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TimeLoc
[2012/04/07 21:20:25 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\net.tw.air.ShrinkOMatic.7C34F9BA9FAD6689FAABBE85F1F5B46BA5A32DE5.1
[2012/04/07 21:20:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Shrink-O-Matic
[2012/04/07 21:10:34 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2012/04/07 21:10:34 | 000,048,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2012/04/07 21:10:31 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2012/04/07 21:10:30 | 003,715,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2012/04/07 21:10:30 | 001,838,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2012/04/07 21:10:30 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2012/04/07 21:10:30 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2012/04/07 21:10:29 | 003,215,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2012/04/07 21:10:28 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2012/04/07 21:10:28 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2012/04/07 21:10:28 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tssrvlic.dll
[2012/04/07 21:10:27 | 014,633,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2012/04/07 21:10:27 | 003,205,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmcndmgr.dll
[2012/04/07 21:10:27 | 000,629,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pmcsnap.dll
[2012/04/07 21:10:26 | 004,120,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2012/04/07 21:10:26 | 003,008,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xpsservices.dll
[2012/04/07 21:10:26 | 002,086,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2012/04/07 21:10:26 | 001,219,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2012/04/07 21:10:26 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2012/04/07 21:10:26 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2012/04/07 21:10:26 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2012/04/07 21:10:26 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2012/04/07 21:10:26 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2012/04/07 21:10:26 | 000,359,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2012/04/07 21:10:26 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2012/04/07 21:10:26 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2012/04/07 21:10:26 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ppcsnap.dll
[2012/04/07 21:10:26 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PushPrinterConnections.exe
[2012/04/07 21:10:25 | 003,860,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbon.dll
[2012/04/07 21:10:25 | 003,207,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2012/04/07 21:10:25 | 001,866,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll
[2012/04/07 21:10:25 | 001,753,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vssapi.dll
[2012/04/07 21:10:25 | 001,556,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RacEngn.dll
[2012/04/07 21:10:25 | 001,340,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diagperf.dll
[2012/04/07 21:10:25 | 001,334,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2012/04/07 21:10:25 | 001,326,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NaturalLanguage6.dll
[2012/04/07 21:10:25 | 001,197,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll
[2012/04/07 21:10:25 | 000,299,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcupdate_GenuineIntel.dll
[2012/04/07 21:10:25 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwizui.dll
[2012/04/07 21:10:24 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2012/04/07 21:10:24 | 003,957,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSAT.exe
[2012/04/07 21:10:24 | 003,027,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVCORE.DLL
[2012/04/07 21:10:24 | 002,067,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d9.dll
[2012/04/07 21:10:24 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll
[2012/04/07 21:10:24 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2012/04/07 21:10:24 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spinstall.exe
[2012/04/07 21:10:24 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2012/04/07 21:10:24 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spreview.exe
[2012/04/07 21:10:24 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2012/04/07 21:10:24 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpdd.dll
[2012/04/07 21:10:24 | 000,109,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2012/04/07 21:10:24 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2012/04/07 21:10:23 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AuthFWSnapin.dll
[2012/04/07 21:10:23 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuthFWSnapin.dll
[2012/04/07 21:10:23 | 003,391,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dbgeng.dll
[2012/04/07 21:10:23 | 001,632,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmcore.dll
[2012/04/07 21:10:23 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
[2012/04/07 21:10:23 | 001,456,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012/04/07 21:10:23 | 001,115,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RacEngn.dll
[2012/04/07 21:10:23 | 000,958,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\actxprxy.dll
[2012/04/07 21:10:23 | 000,867,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFolder.dll
[2012/04/07 21:10:23 | 000,750,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWorkspace.dll
[2012/04/07 21:10:23 | 000,079,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdvgumd32.dll
[2012/04/07 21:10:22 | 001,927,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2012/04/07 21:10:22 | 001,900,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setupapi.dll
[2012/04/07 21:10:22 | 001,281,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\werconcpl.dll
[2012/04/07 21:10:22 | 001,244,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi2fs.dll
[2012/04/07 21:10:22 | 001,212,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\propsys.dll
[2012/04/07 21:10:22 | 001,116,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2012/04/07 21:10:22 | 001,049,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2012/04/07 21:10:22 | 001,008,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\user32.dll
[2012/04/07 21:10:22 | 000,787,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2012/04/07 21:10:22 | 000,784,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpprefcl.dll
[2012/04/07 21:10:22 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll
[2012/04/07 21:10:22 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netlogon.dll
[2012/04/07 21:10:22 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll
[2012/04/07 21:10:22 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe
[2012/04/07 21:10:22 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PushPrinterConnections.exe
[2012/04/07 21:10:21 | 002,652,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netshell.dll
[2012/04/07 21:10:21 | 002,543,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpdshext.dll
[2012/04/07 21:10:21 | 002,055,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Query.dll
[2012/04/07 21:10:21 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certmgr.dll
[2012/04/07 21:10:21 | 001,509,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdtctm.dll
[2012/04/07 21:10:21 | 001,371,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dwmcore.dll
[2012/04/07 21:10:21 | 000,955,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012/04/07 21:10:21 | 000,897,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\azroles.dll
[2012/04/07 21:10:21 | 000,800,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2012/04/07 21:10:21 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceApi.dll
[2012/04/07 21:10:21 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2012/04/07 21:10:21 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TSWorkspace.dll
[2012/04/07 21:10:21 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comdlg32.dll
[2012/04/07 21:10:21 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
[2012/04/07 21:10:21 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll
[2012/04/07 21:10:21 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcfgx.dll
[2012/04/07 21:10:21 | 000,481,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpps.dll
[2012/04/07 21:10:21 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appmgr.dll
[2012/04/07 21:10:21 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2012/04/07 21:10:21 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shlwapi.dll
[2012/04/07 21:10:21 | 000,422,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvstore.dll
[2012/04/07 21:10:21 | 000,390,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2012/04/07 21:10:21 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
[2012/04/07 21:10:21 | 000,376,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012/04/07 21:10:21 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsm.exe
[2012/04/07 21:10:21 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
[2012/04/07 21:10:21 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apphelp.dll
[2012/04/07 21:10:21 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsmf.dll
[2012/04/07 21:10:21 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpshell.exe
[2012/04/07 21:10:21 | 000,297,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ws2_32.dll
[2012/04/07 21:10:21 | 000,295,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\framedynos.dll
[2012/04/07 21:10:21 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsmf.dll
[2012/04/07 21:10:21 | 000,266,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QAGENT.DLL
[2012/04/07 21:10:21 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2012/04/07 21:10:21 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavengeui.dll
[2012/04/07 21:10:21 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3api.dll
[2012/04/07 21:10:21 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tcpmonui.dll
[2012/04/07 21:10:21 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\LSCSHostPolicy.dll
[2012/04/07 21:10:20 | 002,522,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dbgeng.dll
[2012/04/07 21:10:20 | 002,151,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmcndmgr.dll
[2012/04/07 21:10:20 | 001,808,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pnidui.dll
[2012/04/07 21:10:20 | 001,792,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2012/04/07 21:10:20 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2012/04/07 21:10:20 | 001,190,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2012/04/07 21:10:20 | 001,158,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webservices.dll
[2012/04/07 21:10:20 | 001,098,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Vault.dll
[2012/04/07 21:10:20 | 000,933,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sqlsrv32.dll
[2012/04/07 21:10:20 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samsrv.dll
[2012/04/07 21:10:20 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012/04/07 21:10:20 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2fs.dll
[2012/04/07 21:10:20 | 000,653,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpksetup.exe
[2012/04/07 21:10:20 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ipsmsnap.dll
[2012/04/07 21:10:20 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpprefcl.dll
[2012/04/07 21:10:20 | 000,582,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sxs.dll
[2012/04/07 21:10:20 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2012/04/07 21:10:20 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll
[2012/04/07 21:10:20 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcfgx.dll
[2012/04/07 21:10:20 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfds.dll
[2012/04/07 21:10:20 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fveapi.dll
[2012/04/07 21:10:20 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmd.exe
[2012/04/07 21:10:20 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wldap32.dll
[2012/04/07 21:10:20 | 000,281,600 | ---- | C] (Microsoft) -- C:\Windows\SysNative\DShowRdpFilter.dll
[2012/04/07 21:10:20 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcbuilder.exe
[2012/04/07 21:10:20 | 000,252,928 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\DShowRdpFilter.dll
[2012/04/07 21:10:20 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscobj.dll
[2012/04/07 21:10:20 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsta.dll
[2012/04/07 21:10:20 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hgprint.dll
[2012/04/07 21:10:20 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpclip.exe
[2012/04/07 21:10:20 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll
[2012/04/07 21:10:20 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp.dll
[2012/04/07 21:10:20 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3api.dll
[2012/04/07 21:10:20 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2012/04/07 21:10:19 | 002,262,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SyncCenter.dll
[2012/04/07 21:10:19 | 002,072,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPEncEn.dll
[2012/04/07 21:10:19 | 001,712,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xpsservices.dll
[2012/04/07 21:10:19 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certmgr.dll
[2012/04/07 21:10:19 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanpref.dll
[2012/04/07 21:10:19 | 001,243,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMNetMgr.dll
[2012/04/07 21:10:19 | 001,082,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppobjs.dll
[2012/04/07 21:10:19 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2012/04/07 21:10:19 | 001,009,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcmde.dll
[2012/04/07 21:10:19 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/04/07 21:10:19 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\evr.dll
[2012/04/07 21:10:19 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpeffects.dll
[2012/04/07 21:10:19 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localsec.dll
[2012/04/07 21:10:19 | 000,503,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi2.dll
[2012/04/07 21:10:19 | 000,501,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSATAPI.dll
[2012/04/07 21:10:19 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012/04/07 21:10:19 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2012/04/07 21:10:19 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2012/04/07 21:10:19 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\photowiz.dll
[2012/04/07 21:10:19 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2012/04/07 21:10:19 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netdiagfx.dll
[2012/04/07 21:10:19 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvstore.dll
[2012/04/07 21:10:19 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmd.exe
[2012/04/07 21:10:19 | 000,298,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcryptprimitives.dll
[2012/04/07 21:10:19 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfds.dll
[2012/04/07 21:10:19 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
[2012/04/07 21:10:19 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe
[2012/04/07 21:10:19 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\framedyn.dll
[2012/04/07 21:10:19 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpnike.dll
[2012/04/07 21:10:19 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\stobject.dll
[2012/04/07 21:10:19 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2012/04/07 21:10:19 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vmicsvc.exe
[2012/04/07 21:10:19 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mcbuilder.exe
[2012/04/07 21:10:19 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\framedynos.dll
[2012/04/07 21:10:19 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tscfgwmi.dll
[2012/04/07 21:10:19 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
[2012/04/07 21:10:19 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prncache.dll
[2012/04/07 21:10:19 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpinit.exe
[2012/04/07 21:10:19 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fde.dll
[2012/04/07 21:10:19 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tspubwmi.dll
[2012/04/07 21:10:19 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetpp.dll
[2012/04/07 21:10:19 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netid.dll
[2012/04/07 21:10:19 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2012/04/07 21:10:19 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp.dll
[2012/04/07 21:10:19 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\userenv.dll
[2012/04/07 21:10:18 | 003,211,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012/04/07 21:10:18 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbon.dll
[2012/04/07 21:10:18 | 002,755,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\themeui.dll
[2012/04/07 21:10:18 | 002,746,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2012/04/07 21:10:18 | 001,050,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printui.dll
[2012/04/07 21:10:18 | 000,934,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FirewallControlPanel.dll
[2012/04/07 21:10:18 | 000,854,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dbghelp.dll
[2012/04/07 21:10:18 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmsys.cpl
[2012/04/07 21:10:18 | 000,780,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ci.dll
[2012/04/07 21:10:18 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sqlsrv32.dll
[2012/04/07 21:10:18 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\calc.exe
[2012/04/07 21:10:18 | 000,762,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\azroles.dll
[2012/04/07 21:10:18 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscms.dll
[2012/04/07 21:10:18 | 000,577,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AdmTmpl.dll
[2012/04/07 21:10:18 | 000,571,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mspbda.dll
[2012/04/07 21:10:18 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
[2012/04/07 21:10:18 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\biocpl.dll
[2012/04/07 21:10:18 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscui.dll
[2012/04/07 21:10:18 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\evr.dll
[2012/04/07 21:10:18 | 000,477,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PhotoScreensaver.scr
[2012/04/07 21:10:18 | 000,459,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DXP.dll
[2012/04/07 21:10:18 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winspool.drv
[2012/04/07 21:10:18 | 000,418,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppwinob.dll
[2012/04/07 21:10:18 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wisptis.exe
[2012/04/07 21:10:18 | 000,378,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msinfo32.exe
[2012/04/07 21:10:18 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eapp3hst.dll
[2012/04/07 21:10:18 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appmgr.dll
[2012/04/07 21:10:18 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WinSATAPI.dll
[2012/04/07 21:10:18 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wusa.exe
[2012/04/07 21:10:18 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll

#11 rocknrob

rocknrob
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:51 AM

Posted 26 April 2012 - 11:22 PM

Make that three posts.

[2012/04/07 21:10:18 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scansetting.dll
[2012/04/07 21:10:18 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eapphost.dll
[2012/04/07 21:10:18 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\upnp.dll
[2012/04/07 21:10:18 | 000,253,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tcpipcfg.dll
[2012/04/07 21:10:18 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spp.dll
[2012/04/07 21:10:18 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll
[2012/04/07 21:10:18 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QSHVHOST.DLL
[2012/04/07 21:10:18 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mprapi.dll
[2012/04/07 21:10:18 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PkgMgr.exe
[2012/04/07 21:10:18 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2012/04/07 21:10:18 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
[2012/04/07 21:10:18 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ocsetup.exe
[2012/04/07 21:10:18 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ocsetapi.dll
[2012/04/07 21:10:18 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2012/04/07 21:10:18 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IPHLPAPI.DLL
[2012/04/07 21:10:18 | 000,144,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\basecsp.dll
[2012/04/07 21:10:18 | 000,128,000 | ---- | C] (Microsoft) -- C:\Windows\SysNative\Robocopy.exe
[2012/04/07 21:10:18 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aitagent.exe
[2012/04/07 21:10:18 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2012/04/07 21:10:18 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012/04/07 21:10:17 | 002,851,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themeui.dll
[2012/04/07 21:10:17 | 002,621,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/04/07 21:10:17 | 002,494,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netshell.dll
[2012/04/07 21:10:17 | 001,750,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pnidui.dll
[2012/04/07 21:10:17 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcenter.dll
[2012/04/07 21:10:17 | 001,457,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DxpTaskSync.dll
[2012/04/07 21:10:17 | 001,363,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdc.dll
[2012/04/07 21:10:17 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSMPEG2ENC.DLL
[2012/04/07 21:10:17 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdengin2.dll
[2012/04/07 21:10:17 | 000,932,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\printui.dll
[2012/04/07 21:10:17 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msftedit.dll
[2012/04/07 21:10:17 | 000,691,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VAN.dll
[2012/04/07 21:10:17 | 000,675,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DXPTaskRingtone.dll
[2012/04/07 21:10:17 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PerfCenterCPL.dll
[2012/04/07 21:10:17 | 000,568,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrptadm.dll
[2012/04/07 21:10:17 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2012/04/07 21:10:17 | 000,475,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlangpui.dll
[2012/04/07 21:10:17 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wiadefui.dll
[2012/04/07 21:10:17 | 000,429,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\puiobj.dll
[2012/04/07 21:10:17 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlangpui.dll
[2012/04/07 21:10:17 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scesrv.dll
[2012/04/07 21:10:17 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpeffects.dll
[2012/04/07 21:10:17 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srchadmin.dll
[2012/04/07 21:10:17 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SndVol.exe
[2012/04/07 21:10:17 | 000,263,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hal.dll
[2012/04/07 21:10:17 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scansetting.dll
[2012/04/07 21:10:17 | 000,239,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dskquoui.dll
[2012/04/07 21:10:17 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\onex.dll
[2012/04/07 21:10:17 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scecli.dll
[2012/04/07 21:10:17 | 000,179,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys
[2012/04/07 21:10:17 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QSHVHOST.DLL
[2012/04/07 21:10:17 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2012/04/07 21:10:17 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2012/04/07 21:10:17 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\net1.exe
[2012/04/07 21:10:17 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2012/04/07 21:10:17 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2012/04/07 21:10:17 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmredir.dll
[2012/04/07 21:10:17 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prncache.dll
[2012/04/07 21:10:17 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\thumbcache.dll
[2012/04/07 21:10:17 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2012/04/07 21:10:17 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2012/04/07 21:10:17 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QUTIL.DLL
[2012/04/07 21:10:17 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\regapi.dll
[2012/04/07 21:10:17 | 000,078,720 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\HpSAMD.sys
[2012/04/07 21:10:17 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samcli.dll
[2012/04/07 21:10:17 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
[2012/04/07 21:10:17 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2012/04/07 21:10:16 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2012/04/07 21:10:16 | 002,250,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SensorsCpl.dll
[2012/04/07 21:10:16 | 002,193,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themecpl.dll
[2012/04/07 21:10:16 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SyncCenter.dll
[2012/04/07 21:10:16 | 001,624,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPEncEn.dll
[2012/04/07 21:10:16 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Narrator.exe
[2012/04/07 21:10:16 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPEG2ENC.DLL
[2012/04/07 21:10:16 | 000,782,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webservices.dll
[2012/04/07 21:10:16 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayCpl.dll
[2012/04/07 21:10:16 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appwiz.cpl
[2012/04/07 21:10:16 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TabletPC.cpl
[2012/04/07 21:10:16 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autofmt.exe
[2012/04/07 21:10:16 | 000,633,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\riched20.dll
[2012/04/07 21:10:16 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DXPTaskRingtone.dll
[2012/04/07 21:10:16 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2012/04/07 21:10:16 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powercpl.dll
[2012/04/07 21:10:16 | 000,464,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrptadm.dll
[2012/04/07 21:10:16 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rastls.dll
[2012/04/07 21:10:16 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2.dll
[2012/04/07 21:10:16 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mtxclu.dll
[2012/04/07 21:10:16 | 000,359,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eudcedit.exe
[2012/04/07 21:10:16 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sharemediacpl.dll
[2012/04/07 21:10:16 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Faultrep.dll
[2012/04/07 21:10:16 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hgcpl.dll
[2012/04/07 21:10:16 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\clusapi.dll
[2012/04/07 21:10:16 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msconfig.exe
[2012/04/07 21:10:16 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2012/04/07 21:10:16 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netdiagfx.dll
[2012/04/07 21:10:16 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netiohlp.dll
[2012/04/07 21:10:16 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\onex.dll
[2012/04/07 21:10:16 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netjoin.dll
[2012/04/07 21:10:16 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logoncli.dll
[2012/04/07 21:10:16 | 000,166,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\basecsp.dll
[2012/04/07 21:10:16 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscobj.dll
[2012/04/07 21:10:16 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fde.dll
[2012/04/07 21:10:16 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscmmc.dll
[2012/04/07 21:10:16 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nci.dll
[2012/04/07 21:10:16 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setupcl.exe
[2012/04/07 21:10:16 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdeploy.dll
[2012/04/07 21:10:16 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2012/04/07 21:10:16 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hbaapi.dll
[2012/04/07 21:10:16 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RpcRtRemote.dll
[2012/04/07 21:10:16 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
[2012/04/07 21:10:16 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsmproxy.dll
[2012/04/07 21:10:16 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mimefilt.dll
[2012/04/07 21:10:16 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2012/04/07 21:10:15 | 002,217,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bootres.dll
[2012/04/07 21:10:15 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DxpTaskSync.dll
[2012/04/07 21:10:15 | 001,326,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanpref.dll
[2012/04/07 21:10:15 | 001,264,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdclt.exe
[2012/04/07 21:10:15 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdc.dll
[2012/04/07 21:10:15 | 001,202,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DiagCpl.dll
[2012/04/07 21:10:15 | 001,066,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Display.dll
[2012/04/07 21:10:15 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Display.dll
[2012/04/07 21:10:15 | 001,003,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMNetMgr.dll
[2012/04/07 21:10:15 | 000,957,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mblctr.exe
[2012/04/07 21:10:15 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Vault.dll
[2012/04/07 21:10:15 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmiEngine.dll
[2012/04/07 21:10:15 | 000,905,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmsys.cpl
[2012/04/07 21:10:15 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontext.dll
[2012/04/07 21:10:15 | 000,812,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpccpl.dll
[2012/04/07 21:10:15 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autoconv.exe
[2012/04/07 21:10:15 | 000,777,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autochk.exe
[2012/04/07 21:10:15 | 000,763,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autofmt.exe
[2012/04/07 21:10:15 | 000,749,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\batmeter.dll
[2012/04/07 21:10:15 | 000,679,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autoconv.exe
[2012/04/07 21:10:15 | 000,668,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autochk.exe
[2012/04/07 21:10:15 | 000,665,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AuxiliaryDisplayCpl.dll
[2012/04/07 21:10:15 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2012/04/07 21:10:15 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usercpl.dll
[2012/04/07 21:10:15 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2012/04/07 21:10:15 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpd_ci.dll
[2012/04/07 21:10:15 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshipsec.dll
[2012/04/07 21:10:15 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powercpl.dll
[2012/04/07 21:10:15 | 000,433,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MCEWMDRMNDBootstrap.dll
[2012/04/07 21:10:15 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanui.dll
[2012/04/07 21:10:15 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ipsmsnap.dll
[2012/04/07 21:10:15 | 000,372,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastls.dll
[2012/04/07 21:10:15 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\untfs.dll
[2012/04/07 21:10:15 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2012/04/07 21:10:15 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mtxclu.dll
[2012/04/07 21:10:15 | 000,307,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scesrv.dll
[2012/04/07 21:10:15 | 000,303,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msinfo32.exe
[2012/04/07 21:10:15 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\srchadmin.dll
[2012/04/07 21:10:15 | 000,279,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxdiagn.dll
[2012/04/07 21:10:15 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ksproxy.ax
[2012/04/07 21:10:15 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppcomapi.dll
[2012/04/07 21:10:15 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskmgr.exe
[2012/04/07 21:10:15 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SndVolSSO.dll
[2012/04/07 21:10:15 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpsrcwp.dll
[2012/04/07 21:10:15 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanconn.dll
[2012/04/07 21:10:15 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eapphost.dll
[2012/04/07 21:10:15 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasppp.dll
[2012/04/07 21:10:15 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mprddm.dll
[2012/04/07 21:10:15 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\framedyn.dll
[2012/04/07 21:10:15 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tcpipcfg.dll
[2012/04/07 21:10:15 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe
[2012/04/07 21:10:15 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QAGENT.DLL
[2012/04/07 21:10:15 | 000,171,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\scsiport.sys
[2012/04/07 21:10:15 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcdsrv.dll
[2012/04/07 21:10:15 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msutb.dll
[2012/04/07 21:10:15 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netiohlp.dll
[2012/04/07 21:10:15 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prntvpt.dll
[2012/04/07 21:10:15 | 000,155,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscorier.dll
[2012/04/07 21:10:15 | 000,154,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscorier.dll
[2012/04/07 21:10:15 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2012/04/07 21:10:15 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shsetup.dll
[2012/04/07 21:10:15 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\audiodg.exe
[2012/04/07 21:10:15 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netid.dll
[2012/04/07 21:10:15 | 000,116,224 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2012/04/07 21:10:15 | 000,098,816 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\Robocopy.exe
[2012/04/07 21:10:15 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSTPager.ax
[2012/04/07 21:10:15 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nci.dll
[2012/04/07 21:10:15 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2012/04/07 21:10:15 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\regapi.dll
[2012/04/07 21:10:15 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3cfg.dll
[2012/04/07 21:10:15 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpsign.exe
[2012/04/07 21:10:15 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2012/04/07 21:10:15 | 000,052,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\winhv.sys
[2012/04/07 21:10:15 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mimefilt.dll
[2012/04/07 21:10:15 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpnikeapi.dll
[2012/04/07 21:10:15 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\proquota.exe
[2012/04/07 21:10:14 | 003,745,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\accessibilitycpl.dll
[2012/04/07 21:10:14 | 003,727,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\accessibilitycpl.dll
[2012/04/07 21:10:14 | 002,202,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SensorsCpl.dll
[2012/04/07 21:10:14 | 002,157,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\themecpl.dll
[2012/04/07 21:10:14 | 002,146,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkmap.dll
[2012/04/07 21:10:14 | 001,644,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcenter.dll
[2012/04/07 21:10:14 | 001,065,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptui.dll
[2012/04/07 21:10:14 | 000,898,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OobeFldr.dll
[2012/04/07 21:10:14 | 000,856,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FirewallControlPanel.dll
[2012/04/07 21:10:14 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontext.dll
[2012/04/07 21:10:14 | 000,780,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ActionCenter.dll
[2012/04/07 21:10:14 | 000,769,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sud.dll
[2012/04/07 21:10:14 | 000,740,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\batmeter.dll
[2012/04/07 21:10:14 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dsuiext.dll
[2012/04/07 21:10:14 | 000,649,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appwiz.cpl
[2012/04/07 21:10:14 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VAN.dll
[2012/04/07 21:10:14 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PerfCenterCPL.dll
[2012/04/07 21:10:14 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\usercpl.dll
[2012/04/07 21:10:14 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2012/04/07 21:10:14 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DeviceCenter.dll
[2012/04/07 21:10:14 | 000,503,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012/04/07 21:10:14 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\azroleui.dll
[2012/04/07 21:10:14 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\localsec.dll
[2012/04/07 21:10:14 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wiadefui.dll
[2012/04/07 21:10:14 | 000,416,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prnfldr.dll
[2012/04/07 21:10:14 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PhotoScreensaver.scr
[2012/04/07 21:10:14 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanui.dll
[2012/04/07 21:10:14 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\untfs.dll
[2012/04/07 21:10:14 | 000,373,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\intl.cpl
[2012/04/07 21:10:14 | 000,366,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\zipfldr.dll
[2012/04/07 21:10:14 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\termmgr.dll
[2012/04/07 21:10:14 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwizeng.dll
[2012/04/07 21:10:14 | 000,349,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slui.exe
[2012/04/07 21:10:14 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcdedit.exe
[2012/04/07 21:10:14 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MediaMetadataHandler.dll
[2012/04/07 21:10:14 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
[2012/04/07 21:10:14 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\puiobj.dll
[2012/04/07 21:10:14 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SndVol.exe
[2012/04/07 21:10:14 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\azroleui.dll
[2012/04/07 21:10:14 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hgcpl.dll
[2012/04/07 21:10:14 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pdh.dll
[2012/04/07 21:10:14 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eudcedit.exe
[2012/04/07 21:10:14 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mprddm.dll
[2012/04/07 21:10:14 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSAC3ENC.DLL
[2012/04/07 21:10:14 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskmgr.exe
[2012/04/07 21:10:14 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskbarcpl.dll
[2012/04/07 21:10:14 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\defaultlocationcpl.dll
[2012/04/07 21:10:14 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OnLineIDCpl.dll
[2012/04/07 21:10:14 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SndVolSSO.dll
[2012/04/07 21:10:14 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2012/04/07 21:10:14 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2012/04/07 21:10:14 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sppcomapi.dll
[2012/04/07 21:10:14 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasppp.dll
[2012/04/07 21:10:14 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scecli.dll
[2012/04/07 21:10:14 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twext.dll
[2012/04/07 21:10:14 | 000,155,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys
[2012/04/07 21:10:14 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxlib.dll
[2012/04/07 21:10:14 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\recovery.dll
[2012/04/07 21:10:14 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
[2012/04/07 21:10:14 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2012/04/07 21:10:14 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logoncli.dll
[2012/04/07 21:10:14 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prntvpt.dll
[2012/04/07 21:10:14 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDShServiceObj.dll
[2012/04/07 21:10:14 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shsetup.dll
[2012/04/07 21:10:14 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscmmc.dll
[2012/04/07 21:10:14 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cca.dll
[2012/04/07 21:10:14 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\isoburn.exe
[2012/04/07 21:10:14 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscories.dll
[2012/04/07 21:10:14 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hbaapi.dll
[2012/04/07 21:10:14 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\w32tm.exe
[2012/04/07 21:10:14 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\proquota.exe
[2012/04/07 21:10:14 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\userinit.exe
[2012/04/07 21:10:14 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\userinit.exe
[2012/04/07 21:10:14 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sisbkup.dll
[2012/04/07 21:10:13 | 002,130,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\networkmap.dll
[2012/04/07 21:10:13 | 001,003,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptui.dll
[2012/04/07 21:10:13 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OobeFldr.dll
[2012/04/07 21:10:13 | 000,781,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmsdk.dll
[2012/04/07 21:10:13 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdcpl.dll
[2012/04/07 21:10:13 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sud.dll
[2012/04/07 21:10:13 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ActionCenter.dll
[2012/04/07 21:10:13 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\blackbox.dll
[2012/04/07 21:10:13 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2012/04/07 21:10:13 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthprops.cpl
[2012/04/07 21:10:13 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bthprops.cpl
[2012/04/07 21:10:13 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2012/04/07 21:10:13 | 000,641,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscp.dll
[2012/04/07 21:10:13 | 000,549,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ActionCenterCPL.dll
[2012/04/07 21:10:13 | 000,537,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ActionCenterCPL.dll
[2012/04/07 21:10:13 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\main.cpl
[2012/04/07 21:10:13 | 000,495,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmmgrtn.dll
[2012/04/07 21:10:13 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DeviceCenter.dll
[2012/04/07 21:10:13 | 000,474,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysmon.ocx
[2012/04/07 21:10:13 | 000,460,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2012/04/07 21:10:13 | 000,451,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shwebsvc.dll
[2012/04/07 21:10:13 | 000,446,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sqlcese30.dll
[2012/04/07 21:10:13 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwizeng.dll
[2012/04/07 21:10:13 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shwebsvc.dll
[2012/04/07 21:10:13 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\termmgr.dll
[2012/04/07 21:10:13 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\systemcpl.dll
[2012/04/07 21:10:13 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanmsm.dll
[2012/04/07 21:10:13 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\systemcpl.dll
[2012/04/07 21:10:13 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prnfldr.dll
[2012/04/07 21:10:13 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sysmon.ocx
[2012/04/07 21:10:13 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\intl.cpl
[2012/04/07 21:10:13 | 000,344,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntprint.dll
[2012/04/07 21:10:13 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ssText3d.scr
[2012/04/07 21:10:13 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\unimdm.tsp
[2012/04/07 21:10:13 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Faultrep.dll
[2012/04/07 21:10:13 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wusa.exe
[2012/04/07 21:10:13 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ReAgent.dll
[2012/04/07 21:10:13 | 000,312,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MCEWMDRMNDBootstrap.dll
[2012/04/07 21:10:13 | 000,304,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\efscore.dll
[2012/04/07 21:10:13 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
[2012/04/07 21:10:13 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntprint.dll
[2012/04/07 21:10:13 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2012/04/07 21:10:13 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\photowiz.dll
[2012/04/07 21:10:13 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iTVData.dll
[2012/04/07 21:10:13 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iprtrmgr.dll
[2012/04/07 21:10:13 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sethc.exe
[2012/04/07 21:10:13 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iprtrmgr.dll
[2012/04/07 21:10:13 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srrstr.dll
[2012/04/07 21:10:13 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sethc.exe
[2012/04/07 21:10:13 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MediaMetadataHandler.dll
[2012/04/07 21:10:13 | 000,255,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wavemsp.dll
[2012/04/07 21:10:13 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MFPlay.dll
[2012/04/07 21:10:13 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\recdisc.exe
[2012/04/07 21:10:13 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSAC3ENC.DLL
[2012/04/07 21:10:13 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairingFolder.dll
[2012/04/07 21:10:13 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\defaultlocationcpl.dll
[2012/04/07 21:10:13 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OnLineIDCpl.dll
[2012/04/07 21:10:13 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysclass.dll
[2012/04/07 21:10:13 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\efscore.dll
[2012/04/07 21:10:13 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\activeds.dll
[2012/04/07 21:10:13 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\syncui.dll
[2012/04/07 21:10:13 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dskquoui.dll
[2012/04/07 21:10:13 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VBICodec.ax
[2012/04/07 21:10:13 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ksproxy.ax
[2012/04/07 21:10:13 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netplwiz.dll
[2012/04/07 21:10:13 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
[2012/04/07 21:10:13 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adsldp.dll
[2012/04/07 21:10:13 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsutil.dll
[2012/04/07 21:10:13 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fvecpl.dll
[2012/04/07 21:10:13 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netplwiz.dll
[2012/04/07 21:10:13 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcdboot.exe
[2012/04/07 21:10:13 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powercfg.cpl
[2012/04/07 21:10:13 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netjoin.dll
[2012/04/07 21:10:13 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\syncui.dll
[2012/04/07 21:10:13 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autoplay.dll
[2012/04/07 21:10:13 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
[2012/04/07 21:10:13 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ifsutil.dll
[2012/04/07 21:10:13 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autoplay.dll
[2012/04/07 21:10:13 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayServices.dll
[2012/04/07 21:10:13 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NAPHLPR.DLL
[2012/04/07 21:10:13 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntlanman.dll
[2012/04/07 21:10:13 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srvcli.dll
[2012/04/07 21:10:13 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nslookup.exe
[2012/04/07 21:10:13 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NAPHLPR.DLL
[2012/04/07 21:10:13 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppnp.dll
[2012/04/07 21:10:13 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UserAccountControlSettings.dll
[2012/04/07 21:10:13 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3cfg.dll
[2012/04/07 21:10:13 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSTPager.ax
[2012/04/07 21:10:13 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpd3d.dll
[2012/04/07 21:10:13 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncryptui.dll
[2012/04/07 21:10:13 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ksxbar.ax
[2012/04/07 21:10:13 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdeploy.dll
[2012/04/07 21:10:13 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tzutil.exe
[2012/04/07 21:10:13 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acppage.dll
[2012/04/07 21:10:13 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2012/04/07 21:10:13 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\httpapi.dll
[2012/04/07 21:10:13 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2012/04/07 21:10:13 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftp.exe
[2012/04/07 21:10:13 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sisbkup.dll
[2012/04/07 21:10:13 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
[2012/04/07 21:10:12 | 001,911,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OpcServices.dll
[2012/04/07 21:10:12 | 001,672,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkexplorer.dll
[2012/04/07 21:10:12 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012/04/07 21:10:12 | 001,087,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dbghelp.dll
[2012/04/07 21:10:12 | 000,899,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Bubbles.scr
[2012/04/07 21:10:12 | 000,840,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\blackbox.dll
[2012/04/07 21:10:12 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012/04/07 21:10:12 | 000,685,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dsuiext.dll
[2012/04/07 21:10:12 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmdev.dll
[2012/04/07 21:10:12 | 000,623,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSAPI.dll
[2012/04/07 21:10:12 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmsdk.dll
[2012/04/07 21:10:12 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfrgui.exe
[2012/04/07 21:10:12 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wvc.dll
[2012/04/07 21:10:12 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msftedit.dll
[2012/04/07 21:10:12 | 000,586,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfrgui.exe
[2012/04/07 21:10:12 | 000,573,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012/04/07 21:10:12 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscp.dll
[2012/04/07 21:10:12 | 000,497,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\main.cpl
[2012/04/07 21:10:12 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wvc.dll
[2012/04/07 21:10:12 | 000,438,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AdmTmpl.dll
[2012/04/07 21:10:12 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanmsm.dll
[2012/04/07 21:10:12 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wimgapi.dll
[2012/04/07 21:10:12 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmmgrtn.dll
[2012/04/07 21:10:12 | 000,363,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diskraid.exe
[2012/04/07 21:10:12 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpdxm.dll
[2012/04/07 21:10:12 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshipsec.dll
[2012/04/07 21:10:12 | 000,337,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\raschap.dll
[2012/04/07 21:10:12 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3ui.dll
[2012/04/07 21:10:12 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wimserv.exe
[2012/04/07 21:10:12 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\raschap.dll
[2012/04/07 21:10:12 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsAnytimeUpgradeResults.exe
[2012/04/07 21:10:12 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsqmcons.exe
[2012/04/07 21:10:12 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ssText3d.scr
[2012/04/07 21:10:12 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unimdm.tsp
[2012/04/07 21:10:12 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\diskraid.exe
[2012/04/07 21:10:12 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2012/04/07 21:10:12 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpx.dll
[2012/04/07 21:10:12 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qasf.dll
[2012/04/07 21:10:12 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ReAgent.dll
[2012/04/07 21:10:12 | 000,242,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Mystify.scr
[2012/04/07 21:10:12 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Ribbons.scr
[2012/04/07 21:10:12 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\clusapi.dll
[2012/04/07 21:10:12 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wavemsp.dll
[2012/04/07 21:10:12 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpencom.dll
[2012/04/07 21:10:12 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSCard.dll
[2012/04/07 21:10:12 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpdwcn.dll
[2012/04/07 21:10:12 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ActionQueue.dll
[2012/04/07 21:10:12 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairingFolder.dll
[2012/04/07 21:10:12 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PkgMgr.exe
[2012/04/07 21:10:12 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstask.dll
[2012/04/07 21:10:12 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qasf.dll
[2012/04/07 21:10:12 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2012/04/07 21:10:12 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\input.dll
[2012/04/07 21:10:12 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ocsetup.exe
[2012/04/07 21:10:12 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qcap.dll
[2012/04/07 21:10:12 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpencom.dll
[2012/04/07 21:10:12 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2012/04/07 21:10:12 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpsrcwp.dll
[2012/04/07 21:10:12 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ifsutil.dll
[2012/04/07 21:10:12 | 000,178,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/04/07 21:10:12 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationSettings.exe
[2012/04/07 21:10:12 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perfmon.exe
[2012/04/07 21:10:12 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2012/04/07 21:10:12 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfmon.exe
[2012/04/07 21:10:12 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\remotepg.dll
[2012/04/07 21:10:12 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\net1.exe
[2012/04/07 21:10:12 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\remotepg.dll
[2012/04/07 21:10:12 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twext.dll
[2012/04/07 21:10:12 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpshell.dll
[2012/04/07 21:10:12 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wiavideo.dll
[2012/04/07 21:10:12 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvfw32.dll
[2012/04/07 21:10:12 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\uxlib.dll
[2012/04/07 21:10:12 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setupugc.exe
[2012/04/07 21:10:12 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kstvtune.ax
[2012/04/07 21:10:12 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\migisol.dll
[2012/04/07 21:10:12 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nslookup.exe
[2012/04/07 21:10:12 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabinet.dll
[2012/04/07 21:10:12 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2012/04/07 21:10:12 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mapistub.dll
[2012/04/07 21:10:12 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mapi32.dll
[2012/04/07 21:10:12 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\isoburn.exe
[2012/04/07 21:10:12 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
[2012/04/07 21:10:12 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QUTIL.DLL
[2012/04/07 21:10:12 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tlscsp.dll
[2012/04/07 21:10:12 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\unimdmat.dll
[2012/04/07 21:10:12 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wkscli.dll
[2012/04/07 21:10:12 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe
[2012/04/07 21:10:12 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsnmp32.dll
[2012/04/07 21:10:12 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\umb.dll
[2012/04/07 21:10:12 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\runonce.exe
[2012/04/07 21:10:12 | 000,051,200 | ---- | C] (Twain Working Group) -- C:\Windows\twain_32.dll
[2012/04/07 21:10:12 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NAPCRYPT.DLL
[2012/04/07 21:10:12 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftp.exe
[2012/04/07 21:10:12 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tzutil.exe
[2012/04/07 21:10:12 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NAPCRYPT.DLL
[2012/04/07 21:10:12 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\acppage.dll
[2012/04/07 21:10:12 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iscsium.dll
[2012/04/07 21:10:12 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\httpapi.dll
[2012/04/07 21:10:12 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AzSqlExt.dll
[2012/04/07 21:10:12 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netutils.dll
[2012/04/07 21:10:12 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WerFaultSecure.exe
[2012/04/07 21:10:12 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\syssetup.dll
[2012/04/07 21:10:12 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\muifontsetup.dll
[2012/04/07 21:10:12 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2012/04/07 21:10:12 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2012/04/07 21:10:11 | 001,232,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMADMOD.DLL
[2012/04/07 21:10:11 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OpcServices.dll
[2012/04/07 21:10:11 | 001,148,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10.IME
[2012/04/07 21:10:11 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\onexui.dll
[2012/04/07 21:10:11 | 000,978,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMSPDMOD.DLL
[2012/04/07 21:10:11 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMADMOD.DLL
[2012/04/07 21:10:11 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Bubbles.scr
[2012/04/07 21:10:11 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMSPDMOD.DLL
[2012/04/07 21:10:11 | 000,681,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2012/04/07 21:10:11 | 000,666,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVSDECD.DLL
[2012/04/07 21:10:11 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVSDECD.DLL
[2012/04/07 21:10:11 | 000,527,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmnet.dll
[2012/04/07 21:10:11 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmdev.dll
[2012/04/07 21:10:11 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmnet.dll
[2012/04/07 21:10:11 | 000,435,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceStatus.dll
[2012/04/07 21:10:11 | 000,431,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDSp.dll
[2012/04/07 21:10:11 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceStatus.dll
[2012/04/07 21:10:11 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nltest.exe
[2012/04/07 21:10:11 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2012/04/07 21:10:11 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WPDSp.dll
[2012/04/07 21:10:11 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msnetobj.dll
[2012/04/07 21:10:11 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2012/04/07 21:10:11 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3ui.dll
[2012/04/07 21:10:11 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sqlcese30.dll
[2012/04/07 21:10:11 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpdxm.dll
[2012/04/07 21:10:11 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdv.dll
[2012/04/07 21:10:11 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msnetobj.dll
[2012/04/07 21:10:11 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdv.dll
[2012/04/07 21:10:11 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eapp3hst.dll
[2012/04/07 21:10:11 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstask.dll
[2012/04/07 21:10:11 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pdh.dll
[2012/04/07 21:10:11 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bitsadmin.exe
[2012/04/07 21:10:11 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2012/04/07 21:10:11 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceSyncProvider.dll
[2012/04/07 21:10:11 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mystify.scr
[2012/04/07 21:10:11 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Ribbons.scr
[2012/04/07 21:10:11 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iTVData.dll
[2012/04/07 21:10:11 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxdiagn.dll
[2012/04/07 21:10:11 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpdwcn.dll
[2012/04/07 21:10:11 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsbas.dll
[2012/04/07 21:10:11 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bitsadmin.exe
[2012/04/07 21:10:11 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceSyncProvider.dll
[2012/04/07 21:10:11 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qcap.dll
[2012/04/07 21:10:11 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFPlay.dll
[2012/04/07 21:10:11 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ocsetapi.dll
[2012/04/07 21:10:11 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vdsbas.dll
[2012/04/07 21:10:11 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mprapi.dll
[2012/04/07 21:10:11 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VBICodec.ax
[2012/04/07 21:10:11 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iscsicli.exe
[2012/04/07 21:10:11 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MdSched.exe
[2012/04/07 21:10:11 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys
[2012/04/07 21:10:11 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EhStorAPI.dll
[2012/04/07 21:10:11 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mydocs.dll
[2012/04/07 21:10:11 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powercfg.cpl
[2012/04/07 21:10:11 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CscMig.dll
[2012/04/07 21:10:11 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shacct.dll
[2012/04/07 21:10:11 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Kswdmcap.ax
[2012/04/07 21:10:11 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\desk.cpl
[2012/04/07 21:10:11 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QSVRMGMT.DLL
[2012/04/07 21:10:11 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2012/04/07 21:10:11 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2012/04/07 21:10:11 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fphc.dll
[2012/04/07 21:10:11 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setupcln.dll
[2012/04/07 21:10:11 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3msm.dll
[2012/04/07 21:10:11 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wiavideo.dll
[2012/04/07 21:10:11 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shacct.dll
[2012/04/07 21:10:11 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Kswdmcap.ax
[2012/04/07 21:10:11 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpshell.dll
[2012/04/07 21:10:11 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logman.exe
[2012/04/07 21:10:11 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sppinst.dll
[2012/04/07 21:10:11 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QSVRMGMT.DLL
[2012/04/07 21:10:11 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/04/07 21:10:11 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fphc.dll
[2012/04/07 21:10:11 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logagent.exe
[2012/04/07 21:10:11 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmstp.exe
[2012/04/07 21:10:11 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2012/04/07 21:10:11 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\amstream.dll
[2012/04/07 21:10:11 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2012/04/07 21:10:11 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmstp.exe
[2012/04/07 21:10:11 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kstvtune.ax
[2012/04/07 21:10:11 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logman.exe
[2012/04/07 21:10:11 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QCLIPROV.DLL
[2012/04/07 21:10:11 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UserAccountControlSettings.dll
[2012/04/07 21:10:11 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tabcal.exe
[2012/04/07 21:10:11 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spbcd.dll
[2012/04/07 21:10:11 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\olethk32.dll
[2012/04/07 21:10:11 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mapistub.dll
[2012/04/07 21:10:11 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdProxy.dll
[2012/04/07 21:10:11 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012/04/07 21:10:11 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QCLIPROV.DLL
[2012/04/07 21:10:11 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertPolEng.dll
[2012/04/07 21:10:11 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MuiUnattend.exe
[2012/04/07 21:10:11 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cca.dll
[2012/04/07 21:10:11 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\takeown.exe
[2012/04/07 21:10:11 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PnPUnattend.exe
[2012/04/07 21:10:11 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WavDest.dll
[2012/04/07 21:10:11 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vss_ps.dll
[2012/04/07 21:10:11 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\djoin.exe
[2012/04/07 21:10:11 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncryptui.dll
[2012/04/07 21:10:11 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unimdmat.dll
[2012/04/07 21:10:11 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\g711codc.ax
[2012/04/07 21:10:11 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vfwwdm32.dll
[2012/04/07 21:10:11 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpd3d.dll
[2012/04/07 21:10:11 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsnmp32.dll
[2012/04/07 21:10:11 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vmictimeprovider.dll
[2012/04/07 21:10:11 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MultiDigiMon.exe
[2012/04/07 21:10:11 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/04/07 21:10:11 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\takeown.exe
[2012/04/07 21:10:11 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\runonce.exe
[2012/04/07 21:10:11 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PrintIsolationProxy.dll
[2012/04/07 21:10:11 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pdhui.dll
[2012/04/07 21:10:11 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscapi.dll
[2012/04/07 21:10:11 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\relog.exe
[2012/04/07 21:10:11 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shimgvw.dll
[2012/04/07 21:10:11 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2012/04/07 21:10:11 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\utildll.dll
[2012/04/07 21:10:11 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iscsium.dll
[2012/04/07 21:10:11 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\HotStartUserAgent.dll
[2012/04/07 21:10:11 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vpnikeapi.dll
[2012/04/07 21:10:11 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\lsmproxy.dll
[2012/04/07 21:10:11 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nrpsrv.dll
[2012/04/07 21:10:11 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sscore.dll
[2012/04/07 21:10:10 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbonRes.dll
[2012/04/07 21:10:10 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbonRes.dll
[2012/04/07 21:10:10 | 001,080,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\onexui.dll
[2012/04/07 21:10:10 | 001,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10.IME
[2012/04/07 21:10:10 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imkr80.ime
[2012/04/07 21:10:10 | 000,434,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSTIFF.dll
[2012/04/07 21:10:10 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2012/04/07 21:10:10 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2012/04/07 21:10:10 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2012/04/07 21:10:10 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2012/04/07 21:10:10 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\itircl.dll
[2012/04/07 21:10:10 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msorcl32.dll
[2012/04/07 21:10:10 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diskpart.exe
[2012/04/07 21:10:10 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\itircl.dll
[2012/04/07 21:10:10 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RDPENCDD.dll
[2012/04/07 21:10:10 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppc.dll
[2012/04/07 21:10:10 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iscsicli.exe
[2012/04/07 21:10:10 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpps.dll
[2012/04/07 21:10:10 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mydocs.dll
[2012/04/07 21:10:10 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\diskpart.exe
[2012/04/07 21:10:10 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BdeHdCfg.exe
[2012/04/07 21:10:10 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\desk.cpl
[2012/04/07 21:10:10 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sppc.dll
[2012/04/07 21:10:10 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eappgnui.dll
[2012/04/07 21:10:10 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3msm.dll
[2012/04/07 21:10:10 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mobsync.exe
[2012/04/07 21:10:10 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mobsync.exe
[2012/04/07 21:10:10 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eappgnui.dll
[2012/04/07 21:10:10 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2012/04/07 21:10:10 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2012/04/07 21:10:10 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2012/04/07 21:10:10 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\manage-bde.exe
[2012/04/07 21:10:10 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\napdsnap.dll
[2012/04/07 21:10:10 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\resutils.dll
[2012/04/07 21:10:10 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\findstr.exe
[2012/04/07 21:10:10 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\amstream.dll
[2012/04/07 21:10:10 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tlscsp.dll
[2012/04/07 21:10:10 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastapi.dll
[2012/04/07 21:10:10 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\napdsnap.dll
[2012/04/07 21:10:10 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetmib1.dll
[2012/04/07 21:10:10 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertPolEng.dll
[2012/04/07 21:10:10 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\findstr.exe
[2012/04/07 21:10:10 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spbcd.dll
[2012/04/07 21:10:10 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012/04/07 21:10:10 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vmicres.dll
[2012/04/07 21:10:10 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbcconf.dll
[2012/04/07 21:10:10 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetmib1.dll
[2012/04/07 21:10:10 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\repair-bde.exe
[2012/04/07 21:10:10 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\luainstall.dll
[2012/04/07 21:10:10 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ksxbar.ax
[2012/04/07 21:10:10 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wkscli.dll
[2012/04/07 21:10:10 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\g711codc.ax
[2012/04/07 21:10:10 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2012/04/07 21:10:10 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vmbusres.dll
[2012/04/07 21:10:10 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbisurf.ax
[2012/04/07 21:10:10 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\luainstall.dll
[2012/04/07 21:10:10 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSMON.dll
[2012/04/07 21:10:10 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012/04/07 21:10:10 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mciqtz32.dll
[2012/04/07 21:10:10 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcconf.dll
[2012/04/07 21:10:10 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vmstorfltres.dll
[2012/04/07 21:10:10 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\relog.exe
[2012/04/07 21:10:10 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/04/07 21:10:10 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012/04/07 21:10:10 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dsauth.dll
[2012/04/07 21:10:10 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\choice.exe
[2012/04/07 21:10:10 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdiasqmmodule.dll
[2012/04/07 21:10:10 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciqtz32.dll
[2012/04/07 21:10:10 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shimgvw.dll
[2012/04/07 21:10:10 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdmo.dll
[2012/04/07 21:10:10 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unlodctr.exe
[2012/04/07 21:10:10 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2012/04/07 21:10:10 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbisurf.ax
[2012/04/07 21:10:10 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\profprov.dll
[2012/04/07 21:10:10 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/04/07 21:10:10 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbrpm.sys
[2012/04/07 21:10:10 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdmo.dll
[2012/04/07 21:10:10 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dsauth.dll
[2012/04/07 21:10:10 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscdll.dll
[2012/04/07 21:10:10 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WerFaultSecure.exe
[2012/04/07 21:10:10 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shgina.dll
[2012/04/07 21:10:10 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AzSqlExt.dll
[2012/04/07 21:10:10 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2012/04/07 21:10:10 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\LogonUI.exe
[2012/04/07 21:10:10 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdi.sys
[2012/04/07 21:10:10 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qprocess.exe
[2012/04/07 21:10:10 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsdchngr.dll
[2012/04/07 21:10:10 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netiougc.exe
[2012/04/07 21:10:10 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elsTrans.dll
[2012/04/07 21:10:10 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bitsperf.dll
[2012/04/07 21:10:10 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schedcli.dll
[2012/04/07 21:10:10 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netbtugc.exe
[2012/04/07 21:10:10 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\chgport.exe
[2012/04/07 21:10:10 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tskill.exe
[2012/04/07 21:10:10 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdprefdrvapi.dll
[2012/04/07 21:10:10 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qappsrv.exe
[2012/04/07 21:10:10 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tscon.exe
[2012/04/07 21:10:10 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elsTrans.dll
[2012/04/07 21:10:10 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\chglogon.exe
[2012/04/07 21:10:10 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsdiscon.exe
[2012/04/07 21:10:10 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ReAgentc.exe
[2012/04/07 21:10:10 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TRAPI.dll
[2012/04/07 21:10:10 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TRAPI.dll
[2012/04/07 21:10:10 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shadow.exe
[2012/04/07 21:10:10 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rwinsta.exe
[2012/04/07 21:10:10 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdprefdrvapi.dll
[2012/04/07 21:10:10 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logoff.exe
[2012/04/07 21:10:10 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\chgusr.exe
[2012/04/07 21:10:10 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spopk.dll
[2012/04/07 21:10:10 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bitsperf.dll
[2012/04/07 21:10:10 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spopk.dll
[2012/04/07 21:10:10 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSUNATD.exe
[2012/04/07 21:10:10 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fixmapi.exe
[2012/04/07 21:10:10 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schedcli.dll
[2012/04/07 21:10:10 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfts.dll
[2012/04/07 21:10:10 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\reset.exe
[2012/04/07 21:10:10 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\change.exe
[2012/04/07 21:10:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\query.exe
[2012/04/07 21:10:10 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\syssetup.dll
[2012/04/07 21:10:10 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BWUnpairElevated.dll
[2012/04/07 21:10:10 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\muifontsetup.dll
[2012/04/07 21:10:10 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2012/04/07 21:10:09 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2012/04/07 21:10:09 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2012/04/07 21:10:09 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imkr80.ime
[2012/04/07 21:10:09 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VmbusCoinstaller.dll
[2012/04/07 21:10:09 | 000,129,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VmdCoinstall.dll
[2012/04/07 21:10:09 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IcCoinstall.dll
[2012/04/07 21:10:09 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nlsbres.dll
[2012/04/07 21:10:09 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nlsbres.dll
[2012/04/07 21:10:09 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BlbEvents.dll
[2012/04/07 21:10:09 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pifmgr.dll
[2012/04/07 21:10:09 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pifmgr.dll
[2012/04/07 21:10:09 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBCAMD2.sys
[2012/04/07 21:10:09 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsdchngr.dll
[2012/04/07 21:10:09 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shgina.dll
[2012/04/07 21:10:09 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vmbuspipe.dll
[2012/04/07 21:10:09 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshirda.dll
[2012/04/07 21:10:09 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\C_ISCII.DLL
[2012/04/07 21:10:09 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshirda.dll
[2012/04/07 21:10:09 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shunimpl.dll
[2012/04/07 21:10:09 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\C_ISCII.DLL
[2012/04/07 21:10:09 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\riched32.dll
[2012/04/07 21:10:09 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcfgex.dll
[2012/04/07 21:10:09 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwmp.dll
[2012/04/07 21:10:09 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\riched32.dll
[2012/04/07 21:10:09 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwmp.dll
[2012/04/07 21:10:09 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTUQ.DLL
[2012/04/07 21:10:09 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTUF.DLL
[2012/04/07 21:10:09 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDSG.DLL
[2012/04/07 21:10:09 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kbdlk41a.dll
[2012/04/07 21:10:09 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDGKL.DLL
[2012/04/07 21:10:09 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDCZ1.DLL
[2012/04/07 21:10:09 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwizres.dll
[2012/04/07 21:10:09 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwizres.dll
[2012/04/07 21:10:09 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTUQ.DLL
[2012/04/07 21:10:09 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTUF.DLL
[2012/04/07 21:10:09 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDSG.DLL
[2012/04/07 21:10:09 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDSF.DLL
[2012/04/07 21:10:09 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDPO.DLL
[2012/04/07 21:10:09 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDNEPR.DLL
[2012/04/07 21:10:09 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kbdlk41a.dll
[2012/04/07 21:10:09 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTAM.DLL
[2012/04/07 21:10:09 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBEN.DLL
[2012/04/07 21:10:09 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDGR1.DLL
[2012/04/07 21:10:09 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDGR1.DLL
[2012/04/07 21:10:09 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDGKL.DLL
[2012/04/07 21:10:09 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDCZ1.DLL
[2012/04/07 21:10:09 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDUS.DLL
[2012/04/07 21:10:09 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDUGHR1.DLL
[2012/04/07 21:10:09 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTURME.DLL
[2012/04/07 21:10:09 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTAJIK.DLL
[2012/04/07 21:10:09 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDSF.DLL
[2012/04/07 21:10:09 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDPO.DLL
[2012/04/07 21:10:09 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDNEPR.DLL
[2012/04/07 21:10:09 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDMON.DLL
[2012/04/07 21:10:09 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDMAORI.DLL
[2012/04/07 21:10:09 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDLT1.DLL
[2012/04/07 21:10:09 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTEL.DLL
[2012/04/07 21:10:09 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTAM.DLL
[2012/04/07 21:10:09 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINORI.DLL
[2012/04/07 21:10:09 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINORI.DLL
[2012/04/07 21:10:09 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAR.DLL
[2012/04/07 21:10:09 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAR.DLL
[2012/04/07 21:10:09 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINKAN.DLL
[2012/04/07 21:10:09 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINKAN.DLL
[2012/04/07 21:10:09 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINHIN.DLL
[2012/04/07 21:10:09 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINHIN.DLL
[2012/04/07 21:10:09 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBEN.DLL
[2012/04/07 21:10:09 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBULG.DLL
[2012/04/07 21:10:09 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBLR.DLL
[2012/04/07 21:10:09 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBASH.DLL
[2012/04/07 21:10:09 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDUS.DLL
[2012/04/07 21:10:09 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDUGHR1.DLL
[2012/04/07 21:10:09 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTURME.DLL
[2012/04/07 21:10:09 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTAJIK.DLL
[2012/04/07 21:10:09 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDMON.DLL
[2012/04/07 21:10:09 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDMAORI.DLL
[2012/04/07 21:10:09 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDLT1.DLL
[2012/04/07 21:10:09 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTEL.DLL
[2012/04/07 21:10:09 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDGEO.DLL
[2012/04/07 21:10:09 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDGEO.DLL
[2012/04/07 21:10:09 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBULG.DLL
[2012/04/07 21:10:09 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBLR.DLL
[2012/04/07 21:10:09 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBASH.DLL
[2012/04/07 21:10:09 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdxm.ocx
[2012/04/07 21:10:09 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxmasf.dll
[2012/04/07 21:10:09 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.ocx
[2012/04/07 21:10:09 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxmasf.dll
[2012/04/07 21:10:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-ums-l1-1-0.dll
[2012/04/07 21:10:09 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnaddr.dll
[2012/04/07 21:10:09 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnaddr.dll
[2012/04/07 21:10:08 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpx.dll
[2012/04/07 21:10:08 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdscore.dll
[2012/04/07 21:10:06 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sqmapi.dll
[2012/04/07 21:09:42 | 000,529,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wbemcomn.dll
[2012/04/07 21:09:41 | 000,244,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sqmapi.dll
[2012/04/07 21:01:25 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2012/04/07 21:01:25 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2012/04/07 21:01:23 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2012/04/07 21:01:23 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2012/04/07 21:01:22 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2012/04/07 21:01:22 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2012/04/07 21:01:22 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2012/04/07 21:01:22 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2012/04/07 21:01:22 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2012/04/07 20:32:37 | 000,000,000 | ---D | C] -- C:\Users\Bob\Documents\Snagit
[2012/04/07 20:32:36 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\assembly
[2012/04/07 20:32:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snagit 10
[2012/04/07 20:32:22 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\TechSmith
[2012/04/07 20:32:22 | 000,000,000 | ---D | C] -- C:\ProgramData\TechSmith
[2012/04/07 20:32:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TechSmith
[2012/04/07 19:42:02 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\Spotify
[2012/04/07 19:41:54 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Spotify
[2012/04/07 19:33:21 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\Adobe
[2012/04/07 17:54:02 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012/04/07 17:07:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012/04/07 16:54:36 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012/04/07 16:54:29 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012/04/07 14:19:43 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012/04/07 14:19:40 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012/04/07 14:19:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012/04/07 14:18:29 | 001,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2012/04/07 14:18:29 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/04/07 14:18:29 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/04/07 14:18:29 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2012/04/07 14:18:29 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2012/04/07 14:18:20 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/04/07 14:17:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Splashtop
[2012/04/07 14:15:52 | 000,031,808 | ---- | C] (FNet Co., Ltd.) -- C:\Windows\SysNative\drivers\FNETTBOH_305.SYS
[2012/04/07 14:15:11 | 000,000,000 | ---D | C] -- C:\ProgramData\DeviceVM
[2012/04/07 14:14:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2012/04/07 14:14:10 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2012/04/07 14:14:06 | 000,000,000 | -H-D | C] -- C:\ProgramData\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3}
[2012/04/07 14:14:06 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\DeviceVm
[2012/04/07 14:13:53 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2012/04/07 14:13:52 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaEspresso
[2012/04/07 14:13:52 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\Cyberlink
[2012/04/07 14:13:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink
[2012/04/07 14:13:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2012/04/07 14:13:04 | 000,090,112 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\Updreg.EXE
[2012/04/07 14:13:02 | 000,141,312 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\THXCfg64.exe
[2012/04/07 14:13:02 | 000,026,624 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\THXCfg64.dll
[2012/04/07 14:13:02 | 000,011,264 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\ResDefA.exe
[2012/04/07 14:12:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
[2012/04/07 14:12:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Creative
[2012/04/07 14:12:35 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Macromedia
[2012/04/07 14:12:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2012/04/07 14:12:35 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Adobe
[2012/04/07 14:12:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012/04/07 14:12:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012/04/07 14:12:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012/04/07 14:11:47 | 001,632,128 | ---- | C] (cFos Software GmbH) -- C:\Windows\SysNative\drivers\cfosspeed6.sys
[2012/04/07 14:11:47 | 000,000,000 | ---D | C] -- C:\Program Files\ASRock
[2012/04/07 14:11:41 | 000,015,936 | ---- | C] (FNet Co., Ltd.) -- C:\Windows\SysNative\drivers\FNETURPX.SYS
[2012/04/07 14:11:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XFastUsb
[2012/04/07 14:11:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XFast USB
[2012/04/07 14:11:41 | 000,000,000 | ---D | C] -- C:\ProgramData\FNET
[2012/04/07 14:11:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASRock Utility
[2012/04/07 14:11:35 | 000,015,368 | ---- | C] (Windows ® Win 7 DDK provider) -- C:\Windows\SysNative\drivers\AsrAppCharger.sys
[2012/04/07 14:11:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility
[2012/04/07 14:11:35 | 000,000,000 | ---D | C] -- C:\Program Files\ASRock Utility
[2012/04/07 14:10:15 | 000,065,632 | ---- | C] (Lucidlogix Inc.) -- C:\Windows\SysNative\drivers\VirtuWDDM.sys
[2012/04/07 14:10:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIRTU
[2012/04/07 14:10:14 | 000,000,000 | ---D | C] -- C:\Program Files\Lucidlogix Technologies
[2012/04/07 14:10:14 | 000,000,000 | ---D | C] -- C:\Users\Bob\Lucidlogix
[2012/04/07 14:10:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Etron Technology
[2012/04/07 14:09:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation
[2012/04/07 14:08:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco Systems
[2012/04/07 14:07:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Cisco Systems
[2012/04/07 14:07:15 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Intel Corporation
[2012/04/07 14:06:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2012/04/07 14:06:24 | 000,056,344 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys
[2012/04/07 14:06:22 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Marvell
[2012/04/07 14:06:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Marvell
[2012/04/07 14:06:06 | 000,557,848 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys
[2012/04/07 14:06:05 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\InstallShield
[2012/04/07 14:05:59 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom
[2012/04/07 14:05:54 | 000,000,000 | -HSD | C] -- C:\Windows\Installer

--D | C] -- C:\Windows\SysWow64\RTCOM
[2012/04/07 14:05:46 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012/04/07 14:05:42 | 003,114,088 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2012/04/07 14:05:42 | 002,601,816 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2012/04/07 14:05:42 | 002,405,992 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2012/04/07 14:05:42 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2012/04/07 14:05:42 | 001,805,928 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2012/04/07 14:05:42 | 001,560,680 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2012/04/07 14:05:42 | 001,245,288 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2012/04/07 14:05:42 | 000,876,120 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBAPO64.dll
[2012/04/07 14:05:42 | 000,738,392 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\MBAPO32.dll
[2012/04/07 14:05:42 | 000,625,752 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBTHX64.dll
[2012/04/07 14:05:42 | 000,561,240 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\MBTHX32.dll
[2012/04/07 14:05:42 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2012/04/07 14:05:42 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2012/04/07 14:05:42 | 000,332,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2012/04/07 14:05:42 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2012/04/07 14:05:42 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2012/04/07 14:05:42 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2012/04/07 14:05:42 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2012/04/07 14:05:42 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2012/04/07 14:05:42 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2012/04/07 14:05:42 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2012/04/07 14:05:42 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2012/04/07 14:05:42 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2012/04/07 14:05:42 | 000,092,264 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll
[2012/04/07 14:05:42 | 000,080,984 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBWrp64.dll
[2012/04/07 14:05:42 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2012/04/07 14:05:42 | 000,032,344 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\drivers\MBfilt64.sys
[2012/04/07 14:05:41 | 002,085,440 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2012/04/07 14:05:41 | 001,284,712 | R--- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2012/04/07 14:05:41 | 000,200,800 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2012/04/07 14:05:41 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2012/04/07 14:05:41 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2012/04/07 14:05:41 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012/04/07 14:05:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2012/04/07 14:05:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012/04/07 14:05:10 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2012/04/07 14:05:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2012/04/07 14:05:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2012/04/07 14:05:01 | 000,063,488 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.dll
[2012/04/07 14:05:00 | 000,577,024 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdumdx32.dll
[2012/04/07 14:05:00 | 000,386,560 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpph.dll
[2012/04/07 14:05:00 | 000,110,592 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hccutils.dll
[2012/04/07 14:05:00 | 000,090,112 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxCoIn_v2372.dll
[2012/04/07 14:02:27 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2012/04/07 14:02:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2012/04/07 14:02:23 | 000,000,000 | ---D | C] -- C:\Intel
[2012/04/07 14:00:04 | 000,000,000 | R--D | C] -- C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/04/07 14:00:04 | 000,000,000 | R--D | C] -- C:\Users\Bob\Searches
[2012/04/07 14:00:04 | 000,000,000 | R--D | C] -- C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/04/07 14:00:04 | 000,000,000 | -H-D | C] -- C:\Users\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/04/07 13:59:59 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Identities
[2012/04/07 13:59:57 | 000,000,000 | R--D | C] -- C:\Users\Bob\Contacts
[2012/04/07 13:59:56 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\VirtualStore
[2012/04/07 13:59:55 | 000,000,000 | --SD | C] -- C:\Users\Bob\AppData\Roaming\Microsoft
[2012/04/07 13:59:55 | 000,000,000 | R--D | C] -- C:\Users\Bob\Videos
[2012/04/07 13:59:55 | 000,000,000 | R--D | C] -- C:\Users\Bob\Saved Games
[2012/04/07 13:59:55 | 000,000,000 | R--D | C] -- C:\Users\Bob\Pictures
[2012/04/07 13:59:55 | 000,000,000 | R--D | C] -- C:\Users\Bob\Music
[2012/04/07 13:59:55 | 000,000,000 | R--D | C] -- C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/04/07 13:59:55 | 000,000,000 | R--D | C] -- C:\Users\Bob\Links
[2012/04/07 13:59:55 | 000,000,000 | R--D | C] -- C:\Users\Bob\Favorites
[2012/04/07 13:59:55 | 000,000,000 | R--D | C] -- C:\Users\Bob\Documents
[2012/04/07 13:59:55 | 000,000,000 | R--D | C] -- C:\Users\Bob\Desktop
[2012/04/07 13:59:55 | 000,000,000 | R--D | C] -- C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/04/07 13:59:55 | 000,000,000 | -HSD | C] -- C:\Users\Bob\AppData\Local\Temporary Internet Files
[2012/04/07 13:59:55 | 000,000,000 | -HSD | C] -- C:\Users\Bob\Templates
[2012/04/07 13:59:55 | 000,000,000 | -HSD | C] -- C:\Users\Bob\Start Menu
[2012/04/07 13:59:55 | 000,000,000 | -HSD | C] -- C:\Users\Bob\SendTo
[2012/04/07 13:59:55 | 000,000,000 | -HSD | C] -- C:\Users\Bob\Recent
[2012/04/07 13:59:55 | 000,000,000 | -HSD | C] -- C:\Users\Bob\PrintHood
[2012/04/07 13:59:55 | 000,000,000 | -HSD | C] -- C:\Users\Bob\NetHood
[2012/04/07 13:59:55 | 000,000,000 | -HSD | C] -- C:\Users\Bob\Documents\My Videos
[2012/04/07 13:59:55 | 000,000,000 | -HSD | C] -- C:\Users\Bob\Documents\My Pictures
[2012/04/07 13:59:55 | 000,000,000 | -HSD | C] -- C:\Users\Bob\Documents\My Music
[2012/04/07 13:59:55 | 000,000,000 | -HSD | C] -- C:\Users\Bob\My Documents
[2012/04/07 13:59:55 | 000,000,000 | -HSD | C] -- C:\Users\Bob\Local Settings
[2012/04/07 13:59:55 | 000,000,000 | -HSD | C] -- C:\Users\Bob\AppData\Local\History
[2012/04/07 13:59:55 | 000,000,000 | -HSD | C] -- C:\Users\Bob\Cookies
[2012/04/07 13:59:55 | 000,000,000 | -HSD | C] -- C:\Users\Bob\Application Data
[2012/04/07 13:59:55 | 000,000,000 | -HSD | C] -- C:\Users\Bob\AppData\Local\Application Data
[2012/04/07 13:59:55 | 000,000,000 | -H-D | C] -- C:\Users\Bob\AppData
[2012/04/07 13:59:55 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\Temp
[2012/04/07 13:59:55 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\Microsoft
[2012/04/07 13:59:55 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Media Center Programs
[2012/04/07 13:59:51 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012/04/07 13:59:49 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/04/07 12:27:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012/04/07 12:27:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2012/04/07 12:03:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/04/07 12:03:42 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/04/07 11:41:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2012/04/07 11:40:17 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\CyberLink
[2012/04/07 11:36:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search
[2012/04/07 11:36:48 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/04/07 11:36:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Uninstaller! 7
[2012/04/07 11:36:46 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\URSoft
[2012/04/07 11:36:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Your Uninstaller! 7
[2012/04/07 11:29:36 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Apple Computer
[2012/04/07 11:29:36 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\Apple Computer
[2012/04/07 11:29:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Safari
[2012/04/07 11:29:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012/04/07 11:29:20 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012/04/07 11:29:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012/04/07 11:29:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012/04/07 11:29:19 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\Apple
[2012/04/07 11:29:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012/04/07 11:23:36 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/04/07 11:23:26 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\Google
[2012/04/07 11:19:59 | 000,000,000 | ---D | C] -- C:\Users\Bob\Documents\1Password
[2012/04/07 11:19:54 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Agile Web Solutions
[2012/04/07 11:19:41 | 002,371,584 | ---- | C] (Chilkat Software, Inc.) -- C:\Windows\SysWow64\ChilkatZip2.dll
[2012/04/07 11:19:41 | 001,572,864 | ---- | C] (Chilkat Software, Inc.) -- C:\Windows\SysWow64\ChilkatCrypt2.dll
[2012/04/07 11:19:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1Password
[2012/04/07 11:19:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\1Password
[2012/04/07 11:18:24 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Mozilla
[2012/04/07 11:18:24 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\Mozilla
[2012/04/07 11:18:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/04/07 02:56:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2012/04/07 02:51:05 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Splashtop
[2012/04/07 02:40:31 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\NVIDIA
[2012/04/07 02:40:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EVGA
[2012/04/07 02:40:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EVGA
[2012/04/07 02:39:51 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2012/04/07 02:39:51 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2012/04/07 02:39:51 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2012/04/07 02:39:51 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2012/04/07 02:39:51 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2012/04/07 02:39:51 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2012/04/07 02:39:51 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2012/04/07 02:39:51 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2012/04/07 02:39:51 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2012/04/07 02:39:51 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2012/04/07 02:39:51 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2012/04/07 02:39:51 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2012/04/07 02:39:51 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2012/04/07 02:39:51 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2012/04/07 02:39:51 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2012/04/07 02:39:51 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2012/04/07 02:39:50 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2012/04/07 02:39:50 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2012/04/07 02:39:50 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2012/04/07 02:39:50 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2012/04/07 02:39:50 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2012/04/07 02:39:50 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2012/04/07 02:39:50 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2012/04/07 02:39:50 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2012/04/07 02:39:50 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2012/04/07 02:39:50 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2012/04/07 02:39:50 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2012/04/07 02:39:50 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2012/04/07 02:39:50 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2012/04/07 02:39:50 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2012/04/07 02:39:49 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2012/04/07 02:39:49 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2012/04/07 02:39:49 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2012/04/07 02:39:49 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2012/04/07 02:39:49 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2012/04/07 02:39:49 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2012/04/07 02:39:49 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2012/04/07 02:39:49 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2012/04/07 02:39:49 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2012/04/07 02:39:49 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2012/04/07 02:39:49 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2012/04/07 02:39:49 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2012/04/07 02:39:49 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2012/04/07 02:39:49 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2012/04/07 02:39:49 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2012/04/07 02:39:49 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2012/04/07 02:39:49 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2012/04/07 02:39:49 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2012/04/07 02:39:48 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2012/04/07 02:39:48 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2012/04/07 02:39:48 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2012/04/07 02:39:48 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2012/04/07 02:39:48 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2012/04/07 02:39:48 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2012/04/07 02:39:48 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2012/04/07 02:39:48 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2012/04/07 02:39:48 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2012/04/07 02:39:48 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2012/04/07 02:39:48 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2012/04/07 02:39:48 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2012/04/07 02:39:47 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2012/04/07 02:39:47 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2012/04/07 02:39:47 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2012/04/07 02:39:47 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2012/04/07 02:39:47 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2012/04/07 02:39:47 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2012/04/07 02:39:47 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2012/04/07 02:39:47 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2012/04/07 02:39:47 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2012/04/07 02:39:47 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2012/04/07 02:39:47 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2012/04/07 02:39:47 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2012/04/07 02:39:47 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2012/04/07 02:39:47 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2012/04/07 02:39:46 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2012/04/07 02:39:46 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2012/04/07 02:39:46 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2012/04/07 02:39:46 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2012/04/07 02:39:46 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2012/04/07 02:39:46 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2012/04/07 02:39:46 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2012/04/07 02:39:46 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2012/04/07 02:39:46 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2012/04/07 02:39:46 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2012/04/07 02:39:46 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2012/04/07 02:39:46 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2012/04/07 02:39:46 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2012/04/07 02:39:46 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2012/04/07 02:39:46 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2012/04/07 02:39:46 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2012/04/07 02:39:45 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2012/04/07 02:39:45 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2012/04/07 02:39:45 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2012/04/07 02:39:45 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2012/04/07 02:39:45 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2012/04/07 02:39:45 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2012/04/07 02:39:45 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2012/04/07 02:39:45 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2012/04/07 02:39:45 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2012/04/07 02:39:45 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2012/04/07 02:39:44 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2012/04/07 02:39:44 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2012/04/07 02:39:44 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2012/04/07 02:39:44 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2012/04/07 02:39:44 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2012/04/07 02:39:44 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2012/04/07 02:39:44 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2012/04/07 02:39:44 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2012/04/07 02:39:44 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2012/04/07 02:39:44 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2012/04/07 02:39:44 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2012/04/07 02:39:44 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2012/04/07 02:39:44 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2012/04/07 02:39:44 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2012/04/07 02:39:44 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2012/04/07 02:39:44 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2012/04/07 02:39:43 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2012/04/07 02:39:43 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2012/04/07 02:39:43 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2012/04/07 02:39:43 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2012/04/07 02:39:43 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2012/04/07 02:39:43 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2012/04/07 02:39:43 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2012/04/07 02:39:43 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2012/04/07 02:39:43 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2012/04/07 02:39:43 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2012/04/07 02:39:43 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2012/04/07 02:39:43 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2012/04/07 02:39:43 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2012/04/07 02:39:43 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2012/04/07 02:39:43 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2012/04/07 02:39:43 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2012/04/07 02:39:42 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2012/04/07 02:39:42 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2012/04/07 02:39:42 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2012/04/07 02:39:42 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2012/04/07 02:39:42 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2012/04/07 02:39:42 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2012/04/07 02:39:42 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2012/04/07 02:39:42 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2012/04/07 02:39:42 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2012/04/07 02:39:42 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2012/04/07 02:39:42 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2012/04/07 02:39:42 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2012/04/07 02:39:42 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2012/04/07 02:39:42 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2012/04/07 02:39:42 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2012/04/07 02:39:42 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2012/04/07 02:39:41 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2012/04/07 02:39:41 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2012/04/07 02:39:41 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2012/04/07 02:39:41 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2012/04/07 02:39:41 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2012/04/07 02:39:41 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2012/04/07 02:39:41 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2012/04/07 02:39:41 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2012/04/07 02:39:41 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2012/04/07 02:39:41 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2012/04/07 02:39:41 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2012/04/07 02:39:41 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2012/04/07 02:39:40 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2012/04/07 02:39:40 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2012/04/07 02:39:40 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2012/04/07 02:39:40 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2012/04/07 02:39:40 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2012/04/07 02:39:40 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2012/04/07 02:39:40 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2012/04/07 02:39:40 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2012/04/07 02:39:40 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2012/04/07 02:39:40 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2012/04/07 02:38:40 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/04/07 02:38:40 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/04/07 02:37:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2012/04/07 02:37:28 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EVGA Precision X
[2012/04/07 02:37:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EVGA Precision X
[2012/04/07 02:35:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012/04/07 02:35:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2012/04/07 02:32:31 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012/04/07 02:32:29 | 006,074,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2012/04/07 02:32:29 | 003,089,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2012/04/07 02:32:29 | 000,118,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2012/04/07 02:32:29 | 000,063,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2012/04/07 02:32:09 | 025,543,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012/04/07 02:32:09 | 025,222,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012/04/07 02:32:09 | 019,444,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012/04/07 02:32:09 | 017,642,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012/04/07 02:32:09 | 017,543,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012/04/07 02:32:09 | 015,009,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2012/04/07 02:32:09 | 009,717,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2012/04/07 02:32:09 | 008,008,000 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012/04/07 02:32:09 | 007,713,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012/04/07 02:32:09 | 005,892,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012/04/07 02:32:09 | 002,872,640 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012/04/07 02:32:09 | 002,672,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012/04/07 02:32:09 | 002,660,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2012/04/07 02:32:09 | 002,517,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012/04/07 02:32:09 | 002,437,440 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012/04/07 02:32:09 | 002,301,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2012/04/07 02:32:09 | 001,451,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll
[2012/04/07 02:32:09 | 000,962,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2012/04/07 02:32:09 | 000,812,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2012/04/07 02:32:09 | 000,364,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdecodemft.dll
[2012/04/07 02:32:09 | 000,301,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvdecodemft.dll
[2012/04/07 02:32:09 | 000,260,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2012/04/07 02:32:09 | 000,215,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2012/04/07 02:32:09 | 000,188,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2012/04/07 02:32:09 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012/04/07 02:32:09 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012/04/07 02:32:09 | 000,031,040 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2012/04/07 02:31:33 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2012/04/07 02:26:47 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2012/04/07 02:26:29 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2012/04/07 02:26:29 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2012/04/07 02:26:29 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2012/04/07 02:26:29 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2012/04/07 02:26:29 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2012/04/07 02:26:29 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2012/04/07 02:26:29 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2012/04/07 02:26:29 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2012/04/07 02:26:29 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2012/04/07 02:26:17 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2012/04/07 02:26:16 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2012/04/07 02:26:13 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012/04/07 02:26:12 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2012/04/07 02:26:09 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2012/04/07 02:26:09 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2012/04/07 02:26:09 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2012/04/07 02:26:09 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2012/04/07 02:26:09 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2012/04/07 02:26:09 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2012/04/07 02:26:02 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012/04/07 02:26:02 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/04/07 02:26:02 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/04/07 02:26:02 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/04/07 02:25:58 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012/04/07 02:25:47 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2012/04/07 02:25:47 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2012/04/07 02:25:47 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2012/04/07 02:25:47 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2012/04/07 02:25:47 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2012/04/07 02:25:47 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2012/04/07 02:25:47 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2012/04/07 02:25:47 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2012/04/07 02:25:47 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2012/04/07 02:25:47 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2012/04/07 02:25:47 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2012/04/07 02:25:47 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2012/04/07 02:25:47 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2012/04/07 02:25:35 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/04/07 02:25:35 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012/04/07 02:25:35 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012/04/07 02:25:35 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012/04/07 02:25:35 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012/04/07 02:25:35 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/04/07 02:25:00 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012/04/07 02:24:58 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012/04/07 02:24:58 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012/04/07 02:24:56 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2012/04/07 02:24:56 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2012/04/07 02:24:53 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/04/07 02:24:42 | 000,288,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012/04/07 02:24:28 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012/04/07 02:24:28 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012/04/07 02:24:20 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2012/04/07 02:24:20 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2012/04/07 02:24:20 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2012/04/07 02:24:20 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2012/04/07 02:23:56 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012/04/07 02:23:56 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012/04/07 02:23:56 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2012/04/07 02:23:56 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2012/04/07 02:23:56 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012/04/07 02:23:56 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012/04/07 02:23:43 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2012/04/07 02:23:29 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2012/04/07 02:23:29 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2012/04/07 02:23:29 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2012/04/07 02:23:19 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2012/04/07 02:23:19 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2012/04/07 02:23:04 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012/04/07 02:23:04 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012/04/07 02:23:04 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2012/04/07 02:23:04 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2012/04/07 02:23:04 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012/04/07 02:23:04 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Mpeg2Data.ax
[2012/04/07 02:23:04 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012/04/07 02:23:04 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSDvbNP.ax
[2012/04/07 02:23:04 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mpeg2Data.ax
[2012/04/07 02:23:04 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDvbNP.ax
[2012/04/07 02:22:38 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2012/04/07 02:22:38 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2012/04/07 02:22:38 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2012/04/07 02:22:38 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2012/04/07 02:22:38 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll
[2012/04/07 02:22:38 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2012/04/07 02:22:38 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2012/04/07 02:22:38 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2012/04/07 02:22:30 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012/04/07 02:22:30 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012/04/07 02:22:29 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012/04/07 02:22:29 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012/04/07 02:22:29 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012/04/07 02:22:29 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012/04/07 02:22:29 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012/04/07 02:22:29 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012/04/07 02:22:29 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012/04/07 02:22:29 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012/04/07 02:22:29 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012/04/07 02:22:29 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012/04/07 02:22:29 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012/04/07 02:22:29 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012/04/07 02:22:29 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012/04/07 02:22:29 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012/04/07 02:22:29 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012/04/07 02:22:29 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012/04/07 02:22:29 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012/04/07 02:22:29 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012/04/07 02:22:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/04/07 02:22:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/04/07 02:22:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012/04/07 02:22:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012/04/07 02:22:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012/04/07 02:22:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012/04/07 02:22:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012/04/07 02:22:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012/04/07 02:22:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012/04/07 02:22:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012/04/07 02:22:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/04/07 02:22:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/04/07 02:22:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/04/07 02:22:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/04/07 02:22:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/04/07 02:22:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012/04/07 02:22:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012/04/07 02:22:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012/04/07 02:22:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/04/07 02:22:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/04/07 02:22:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012/04/07 02:22:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012/04/07 02:22:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012/04/07 02:22:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012/04/07 02:22:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012/04/07 02:22:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012/04/07 02:22:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012/04/07 02:22:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012/04/07 02:22:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/04/07 02:22:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012/04/07 02:22:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012/04/07 02:22:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012/04/07 02:22:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012/04/07 02:22:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012/04/07 02:22:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012/04/07 02:22:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012/04/07 02:22:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012/04/07 02:22:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012/04/07 02:22:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/04/07 02:22:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/04/07 02:22:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012/04/07 02:22:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012/04/07 02:22:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012/04/07 02:22:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012/04/07 02:22:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012/04/07 02:22:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012/04/07 02:22:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012/04/07 02:22:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012/04/07 02:22:29 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012/04/07 02:22:12 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2012/04/07 02:22:12 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cfgmgr32.dll
[2012/04/07 02:22:12 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2012/04/07 02:22:00 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2012/04/07 02:22:00 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2012/04/07 02:21:58 | 000,974,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WFS.exe
[2012/04/07 02:21:58 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2012/04/07 02:21:56 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/04/07 02:21:53 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012/04/07 02:21:53 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012/04/07 02:21:53 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012/04/07 02:21:53 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012/04/07 02:21:44 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012/04/07 02:19:41 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/04/07 02:19:41 | 000,070,304 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/04/07 02:19:41 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012/04/07 02:19:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/04/04 01:53:58 | 000,053,656 | ---- | C] (Adobe Systems Inc) -- C:\Windows\SysNative\AdobePDF.dll
[2012/04/04 01:53:56 | 000,024,984 | ---- | C] (Adobe Systems Inc.) -- C:\Windows\SysNative\AdobePDFUI.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/04/26 23:49:00 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/26 23:28:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2110765671-3359471157-1598827369-1000UA.job
[2012/04/26 23:08:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/04/26 23:04:47 | 000,012,736 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/26 23:04:47 | 000,012,736 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/26 22:13:15 | 000,001,053 | ---- | M] () -- C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012/04/26 22:13:12 | 000,001,017 | ---- | M] () -- C:\Users\Bob\Desktop\Dropbox.lnk
[2012/04/26 18:49:00 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/26 17:26:51 | 001,280,512 | ---- | M] () -- C:\Users\Bob\Desktop\RogueKiller.exe
[2012/04/26 17:21:43 | 002,074,160 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Bob\Desktop\tdsskiller.exe
[2012/04/26 17:10:49 | 000,730,528 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/04/26 17:10:49 | 000,626,624 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/04/26 17:10:49 | 000,107,526 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/04/26 17:09:31 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Bob\Desktop\aswMBR.exe
[2012/04/26 17:02:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/04/26 17:02:37 | 4222,713,854 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/26 17:00:19 | 000,000,216 | ---- | M] () -- C:\Users\Bob\defogger_reenable
[2012/04/26 10:36:42 | 000,006,082 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/04/26 10:30:43 | 000,000,928 | ---- | M] () -- C:\Users\Bob\Desktop\NTREGOPT.lnk
[2012/04/26 10:30:43 | 000,000,909 | ---- | M] () -- C:\Users\Bob\Desktop\ERUNT.lnk
[2012/04/25 18:36:53 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/04/25 11:28:00 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2110765671-3359471157-1598827369-1000Core.job
[2012/04/25 08:45:19 | 000,000,046 | ---- | M] () -- C:\Users\Bob\AppData\Local\DonationCoder_findrunrobot_InstallInfo.dat
[2012/04/25 00:43:26 | 000,001,833 | ---- | M] () -- C:\Users\Bob\Desktop\Opera.lnk
[2012/04/24 11:22:41 | 005,037,416 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/04/24 00:27:19 | 000,002,506 | ---- | M] () -- C:\Users\Bob\Desktop\Google Calendar.lnk
[2012/04/20 11:26:20 | 000,232,292 | ---- | M] () -- C:\Windows\hpwins22.dat
[2012/04/20 11:24:48 | 000,232,957 | ---- | M] () -- C:\Windows\hpwins22.dat.temp
[2012/04/20 10:50:56 | 000,001,315 | ---- | M] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2012/04/20 10:50:49 | 000,002,099 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2012/04/20 10:20:43 | 000,011,893 | ---- | M] () -- C:\Users\Bob\Documents\Ticketmaster Member Services - Print Receipt.pdf
[2012/04/18 21:09:48 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/04/18 18:18:08 | 000,001,076 | ---- | M] () -- C:\Users\Bob\Desktop\Your Unin-staller!.lnk
[2012/04/17 20:27:19 | 000,002,055 | ---- | M] () -- C:\Users\Public\Desktop\Lightroom 4 64-bit.lnk
[2012/04/17 03:21:44 | 000,214,016 | ---- | M] () -- C:\Users\Bob\AppData\Roaming\SharedSettings.ccs
[2012/04/17 00:53:00 | 000,002,026 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
[2012/04/16 22:04:34 | 000,002,004 | ---- | M] () -- C:\Users\Public\Desktop\FileZilla Client.lnk
[2012/04/16 16:53:13 | 000,001,456 | ---- | M] () -- C:\Users\Bob\AppData\Local\Adobe Save for Web 13.0 Prefs
[2012/04/15 17:08:20 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/04/15 17:08:20 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/04/15 17:08:05 | 008,766,112 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012/04/15 16:22:37 | 000,193,140 | ---- | M] () -- C:\ProgramData\1334520909.bdinstall.bin
[2012/04/15 16:16:59 | 000,000,385 | ---- | M] () -- C:\Windows\SysNative\user_gensett.xml
[2012/04/15 16:16:54 | 000,000,270 | -H-- | M] () -- C:\bdr-conf
[2012/04/15 16:16:50 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2012/04/15 16:16:49 | 000,002,096 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Internet Security 2012.lnk
[2012/04/15 14:39:47 | 000,002,946 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2012/04/15 14:25:32 | 000,000,876 | ---- | M] () -- C:\Users\Public\Desktop\Camtasia Studio 7.lnk
[2012/04/15 13:06:33 | 000,000,625 | ---- | M] () -- C:\Users\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\VMware Workstation.lnk
[2012/04/15 13:06:07 | 000,001,024 | ---- | M] () -- C:\.rnd
[2012/04/15 13:06:05 | 000,743,066 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/04/15 13:06:05 | 000,001,672 | ---- | M] () -- C:\Users\Public\Desktop\VMware Workstation.lnk
[2012/04/15 12:13:46 | 000,000,867 | ---- | M] () -- C:\Users\Bob\Desktop\Sandboxed Web Browser.lnk
[2012/04/15 12:13:46 | 000,000,867 | ---- | M] () -- C:\Users\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk
[2012/04/14 22:57:32 | 000,001,095 | ---- | M] () -- C:\Users\Bob\Desktop\Find and Run Robot.lnk
[2012/04/14 20:30:49 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/04/13 13:29:33 | 000,002,353 | ---- | M] () -- C:\Users\Bob\Desktop\Google Chrome.lnk
[2012/04/13 12:32:50 | 000,002,067 | ---- | M] () -- C:\Users\Public\Desktop\Lightroom 3.6 64-bit.lnk
[2012/04/13 12:17:49 | 000,189,248 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/04/13 12:17:44 | 002,434,856 | ---- | M] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2012/04/13 12:17:44 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/04/13 09:03:13 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk
[2012/04/13 01:27:24 | 000,001,172 | ---- | M] () -- C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\click.to.lnk
[2012/04/13 01:27:24 | 000,001,136 | ---- | M] () -- C:\Users\Public\Desktop\click.to.lnk
[2012/04/12 23:04:25 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Batman - Arkham City.lnk
[2012/04/12 21:53:41 | 000,000,751 | ---- | M] () -- C:\Users\Public\Desktop\Mass Effect 2.lnk
[2012/04/12 21:53:41 | 000,000,751 | ---- | M] () -- C:\Users\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\Mass Effect 2.lnk
[2012/04/12 18:33:41 | 000,001,932 | ---- | M] () -- C:\Users\Bob\Desktop\Gmail.lnk
[2012/04/12 15:09:57 | 000,000,935 | ---- | M] () -- C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GoogleCal.lnk
[2012/04/12 14:13:52 | 000,001,105 | ---- | M] () -- C:\Users\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2012/04/12 11:22:30 | 000,018,960 | ---- | M] (Logitech, Inc.) -- C:\Windows\SysNative\drivers\LNonPnP.sys
[2012/04/10 17:32:42 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\DisplayFusion.lnk
[2012/04/10 14:51:33 | 000,000,795 | ---- | M] () -- C:\Users\Bob\Desktop\Artisteer 3.lnk
[2012/04/10 14:51:33 | 000,000,795 | ---- | M] () -- C:\Users\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\Artisteer 3.lnk
[2012/04/10 14:43:02 | 000,000,728 | ---- | M] () -- C:\Users\Bob\Desktop\Magic Briefcase.lnk
[2012/04/10 14:40:38 | 000,001,954 | ---- | M] () -- C:\Users\Public\Desktop\SugarSync Manager.lnk
[2012/04/10 14:09:43 | 000,026,650 | ---- | M] () -- C:\Users\Bob\Documents\Ergonis Store _ Invoice.pdf
[2012/04/10 03:21:08 | 000,000,278 | ---- | M] () -- C:\Users\Bob\Documents\ax_files.xml
[2012/04/09 22:54:38 | 000,000,971 | ---- | M] () -- C:\Users\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/04/09 22:54:38 | 000,000,947 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012/04/09 22:34:06 | 000,000,013 | ---- | M] () -- C:\Windows\SysWow64\WinSys32.crc
[2012/04/09 22:33:22 | 000,000,663 | ---- | M] () -- C:\Users\Bob\Desktop\CoffeeCup HTML Editor.lnk
[2012/04/09 22:33:22 | 000,000,663 | ---- | M] () -- C:\Users\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\CoffeeCup HTML Editor.lnk
[2012/04/09 21:04:41 | 000,001,031 | ---- | M] () -- C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Launchy.lnk
[2012/04/09 20:32:30 | 000,001,053 | ---- | M] () -- C:\Users\Bob\Desktop\Notepad++.lnk
[2012/04/09 20:24:19 | 000,001,085 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Content Viewer.lnk
[2012/04/09 19:35:47 | 000,001,379 | ---- | M] () -- C:\Users\Bob\Desktop\Wondershare Video Converter Platinum.lnk
[2012/04/09 19:23:22 | 000,001,184 | ---- | M] () -- C:\Users\Public\Desktop\Alcohol 120%.lnk
[2012/04/09 19:15:48 | 000,001,441 | ---- | M] () -- C:\Users\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/04/09 18:57:45 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/04/09 18:57:45 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/04/09 18:57:45 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/04/09 18:57:45 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/04/09 18:57:45 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/04/09 18:57:45 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/04/09 18:57:45 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/04/09 18:57:45 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/04/09 18:57:45 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/04/09 18:57:45 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/04/09 18:57:45 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/04/09 18:57:45 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/04/09 18:57:45 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/04/09 18:57:45 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/04/09 18:57:45 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/04/09 18:57:45 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/04/09 18:57:45 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/04/09 18:57:45 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/04/09 18:57:45 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/04/09 18:57:45 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/04/09 18:57:45 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/04/09 18:57:45 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/04/09 18:57:45 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/04/09 18:57:45 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/04/09 18:57:45 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/04/09 18:57:45 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/04/09 18:57:45 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/04/09 18:57:45 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/04/09 18:57:45 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/04/09 18:57:45 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/04/09 18:57:45 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/04/09 18:57:45 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/04/09 18:57:45 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/04/09 18:57:45 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/04/09 18:57:45 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/04/09 18:57:45 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/04/09 18:57:45 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/04/09 18:57:45 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/04/09 18:57:45 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/04/09 18:57:45 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/04/09 18:57:45 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/04/09 18:57:45 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/04/09 18:57:45 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/04/09 18:57:45 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/04/09 18:57:45 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/04/09 18:57:45 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/04/09 18:57:45 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/04/09 18:57:45 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/04/09 18:57:45 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012/04/09 18:57:45 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/04/09 18:57:45 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/04/09 18:57:45 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/04/09 18:57:45 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/04/09 18:57:45 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/04/09 18:57:45 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/04/09 18:57:45 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/04/09 18:57:45 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/04/09 18:57:45 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/04/09 18:57:45 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/04/09 18:57:45 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/04/09 18:57:45 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/04/09 18:57:45 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/04/09 18:57:45 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/04/09 18:55:35 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msclmd.dll
[2012/04/09 18:55:35 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msclmd.dll
[2012/04/09 18:52:01 | 000,530,488 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2012/04/09 18:22:07 | 000,000,747 | ---- | M] () -- C:\Users\Bob\Desktop\UseNeXT.lnk
[2012/04/09 16:30:19 | 000,017,408 | ---- | M] () -- C:\Users\Bob\AppData\Local\WebpageIcons.db
[2012/04/09 15:36:43 | 000,000,790 | ---- | M] () -- C:\Users\Public\Desktop\Domain Samurai.lnk
[2012/04/09 15:33:32 | 000,000,790 | ---- | M] () -- C:\Users\Public\Desktop\Market Samurai.lnk
[2012/04/09 15:29:12 | 000,002,883 | ---- | M] () -- C:\Users\Bob\Desktop\CoffeeCup Direct FTP.lnk
[2012/04/09 15:27:26 | 000,001,963 | ---- | M] () -- C:\Users\Public\Desktop\Ipswitch WS_FTP 12.lnk
[2012/04/09 14:13:17 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/04/08 22:20:09 | 000,001,852 | ---- | M] () -- C:\Users\Public\Desktop\Vuze.lnk
[2012/04/08 22:20:09 | 000,001,852 | ---- | M] () -- C:\Users\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2012/04/08 22:09:10 | 000,006,656 | ---- | M] () -- C:\Windows\SysNative\lpcio.dll
[2012/04/08 22:04:15 | 000,001,235 | ---- | M] () -- C:\Users\Bob\Desktop\AIDA64 Extreme Edition.lnk
[2012/04/08 21:38:02 | 000,000,773 | ---- | M] () -- C:\Users\Bob\Desktop\TP Bittorrent Anonymizer.lnk
[2012/04/08 21:38:02 | 000,000,773 | ---- | M] () -- C:\Users\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\TP Bittorrent Anonymizer.lnk
[2012/04/08 21:36:02 | 000,375,808 | ---- | M] () -- C:\Users\Bob\Documents\UPDATE-TP.EXE
[2012/04/08 21:22:47 | 000,000,869 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2012/04/08 13:56:06 | 000,000,687 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2012/04/08 01:18:33 | 000,000,804 | ---- | M] () -- C:\Users\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\Postbox.lnk
[2012/04/08 01:18:02 | 000,000,755 | ---- | M] () -- C:\Users\Public\Desktop\Postbox.lnk
[2012/04/08 01:16:17 | 000,001,042 | ---- | M] () -- C:\Users\Public\Desktop\PCMark 7.lnk
[2012/04/08 00:45:41 | 000,001,561 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/04/07 23:41:54 | 000,000,857 | ---- | M] () -- C:\Users\Public\Desktop\TimeLoc.lnk
[2012/04/07 21:20:24 | 000,000,931 | ---- | M] () -- C:\Users\Public\Desktop\Shrink-O-Matic.lnk
[2012/04/07 19:42:02 | 000,001,757 | ---- | M] () -- C:\Users\Bob\Desktop\Spotify.lnk
[2012/04/07 16:57:03 | 000,042,045 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012/04/07 16:57:03 | 000,042,045 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012/04/07 16:54:59 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/04/07 14:15:52 | 000,031,808 | ---- | M] (FNet Co., Ltd.) -- C:\Windows\SysNative\drivers\FNETTBOH_305.SYS
[2012/04/07 14:13:52 | 000,002,127 | ---- | M] () -- C:\Users\Public\Desktop\CyberLink MediaEspresso.lnk
[2012/04/07 14:13:00 | 000,000,159 | RH-- | M] () -- C:\Windows\ctfile.rfc
[2012/04/07 14:12:42 | 000,000,997 | ---- | M] () -- C:\Users\Public\Desktop\Acrobat.com.lnk
[2012/04/07 14:12:28 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/04/07 14:11:47 | 000,000,003 | ---- | M] () -- C:\Users\Bob\AppData\Local\user_data.ini
[2012/04/07 14:11:41 | 000,015,936 | ---- | M] (FNet Co., Ltd.) -- C:\Windows\SysNative\drivers\FNETURPX.SYS
[2012/04/07 14:11:41 | 000,001,889 | ---- | M] () -- C:\Users\Public\Desktop\XFast USB.LNK
[2012/04/07 14:11:38 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\ASRock InstantBoot.lnk
[2012/04/07 14:11:37 | 000,001,136 | ---- | M] () -- C:\Users\Public\Desktop\ASRock eXtreme Tuner.lnk
[2012/04/07 14:08:20 | 000,045,056 | ---- | M] () -- C:\Windows\SysWow64\UTSCSI.EXE
[2012/04/07 14:07:14 | 000,020,324 | ---- | M] () -- C:\Windows\SysNative\results.xml
[2012/04/07 12:27:33 | 000,000,628 | ---- | M] () -- C:\Windows\SysNative\mapisvc.inf
[2012/04/07 11:29:33 | 000,002,515 | ---- | M] () -- C:\Users\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2012/04/07 11:29:33 | 000,002,491 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2012/04/07 11:18:21 | 000,001,134 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/04/07 02:40:28 | 000,001,232 | ---- | M] () -- C:\Users\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\EVGA OC Scanner X.lnk
[2012/04/07 02:40:28 | 000,001,208 | ---- | M] () -- C:\Users\Bob\Desktop\EVGA OC Scanner X.lnk
[2012/04/07 02:37:28 | 000,001,092 | ---- | M] () -- C:\Users\Bob\Desktop\EVGA Precision X.lnk
[2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/04/04 01:53:58 | 000,053,656 | ---- | M] (Adobe Systems Inc) -- C:\Windows\SysNative\AdobePDF.dll
[2012/04/04 01:53:56 | 000,024,984 | ---- | M] (Adobe Systems Inc.) -- C:\Windows\SysNative\AdobePDFUI.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/04/26 17:26:51 | 001,280,512 | ---- | C] () -- C:\Users\Bob\Desktop\RogueKiller.exe
[2012/04/26 17:00:19 | 000,000,216 | ---- | C] () -- C:\Users\Bob\defogger_reenable
[2012/04/26 10:30:43 | 000,000,928 | ---- | C] () -- C:\Users\Bob\Desktop\NTREGOPT.lnk
[2012/04/26 10:30:43 | 000,000,909 | ---- | C] () -- C:\Users\Bob\Desktop\ERUNT.lnk
[2012/04/25 18:36:53 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/04/25 00:43:26 | 000,001,863 | ---- | C] () -- C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2012/04/25 00:43:26 | 000,001,833 | ---- | C] () -- C:\Users\Bob\Desktop\Opera.lnk
[2012/04/23 23:42:52 | 000,002,160 | ---- | C] () -- C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
[2012/04/20 11:26:16 | 000,232,957 | ---- | C] () -- C:\Windows\hpwins22.dat.temp
[2012/04/20 11:26:16 | 000,002,850 | ---- | C] () -- C:\Windows\hpwmdl22.dat.temp
[2012/04/20 10:51:07 | 000,001,058 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
[2012/04/20 10:50:56 | 000,001,315 | ---- | C] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2012/04/20 10:50:49 | 000,002,099 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2012/04/20 10:30:57 | 000,232,292 | ---- | C] () -- C:\Windows\hpwins22.dat
[2012/04/20 10:30:57 | 000,002,850 | ---- | C] () -- C:\Windows\hpwmdl22.dat
[2012/04/20 10:20:43 | 000,011,893 | ---- | C] () -- C:\Users\Bob\Documents\Ticketmaster Member Services - Print Receipt.pdf
[2012/04/18 21:09:48 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/04/17 20:27:19 | 000,002,063 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 4 64-bit.lnk
[2012/04/17 20:27:19 | 000,002,055 | ---- | C] () -- C:\Users\Public\Desktop\Lightroom 4 64-bit.lnk
[2012/04/16 22:04:34 | 000,002,004 | ---- | C] () -- C:\Users\Public\Desktop\FileZilla Client.lnk
[2012/04/16 16:46:31 | 000,001,456 | ---- | C] () -- C:\Users\Bob\AppData\Local\Adobe Save for Web 13.0 Prefs
[2012/04/15 16:22:37 | 000,193,140 | ---- | C] () -- C:\ProgramData\1334520909.bdinstall.bin
[2012/04/15 16:16:59 | 000,000,385 | ---- | C] () -- C:\Windows\SysNative\user_gensett.xml
[2012/04/15 16:16:54 | 036,942,680 | -H-- | C] () -- C:\bdrescue.gz
[2012/04/15 16:16:54 | 002,510,608 | -H-- | C] () -- C:\bdrescue.vm
[2012/04/15 16:16:54 | 000,217,769 | -H-- | C] () -- C:\bdrescue
[2012/04/15 16:16:54 | 000,009,216 | -H-- | C] () -- C:\bdrescue.mbr
[2012/04/15 16:16:54 | 000,000,270 | -H-- | C] () -- C:\bdr-conf
[2012/04/15 16:16:50 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2012/04/15 16:16:49 | 000,002,096 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Internet Security 2012.lnk
[2012/04/15 14:25:32 | 000,000,876 | ---- | C] () -- C:\Users\Public\Desktop\Camtasia Studio 7.lnk
[2012/04/15 13:06:33 | 000,000,625 | ---- | C] () -- C:\Users\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\VMware Workstation.lnk
[2012/04/15 13:06:07 | 000,001,024 | ---- | C] () -- C:\.rnd
[2012/04/15 13:06:05 | 000,743,066 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/04/15 13:06:05 | 000,001,672 | ---- | C] () -- C:\Users\Public\Desktop\VMware Workstation.lnk
[2012/04/15 12:14:37 | 000,000,867 | ---- | C] () -- C:\Users\Bob\Desktop\Sandboxed Web Browser.lnk
[2012/04/15 12:14:37 | 000,000,867 | ---- | C] () -- C:\Users\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk
[2012/04/15 12:14:35 | 000,002,946 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2012/04/14 23:07:14 | 000,000,046 | ---- | C] () -- C:\Users\Bob\AppData\Local\DonationCoder_findrunrobot_InstallInfo.dat
[2012/04/14 22:57:32 | 000,001,095 | ---- | C] () -- C:\Users\Bob\Desktop\Find and Run Robot.lnk
[2012/04/14 20:30:49 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/04/13 12:32:50 | 000,002,075 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 3.6 64-bit.lnk
[2012/04/13 12:32:50 | 000,002,067 | ---- | C] () -- C:\Users\Public\Desktop\Lightroom 3.6 64-bit.lnk
[2012/04/13 12:17:45 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/04/13 12:17:44 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2012/04/13 12:17:44 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/04/13 09:03:13 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk
[2012/04/13 01:27:24 | 000,001,172 | ---- | C] () -- C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\click.to.lnk
[2012/04/13 01:27:24 | 000,001,136 | ---- | C] () -- C:\Users\Public\Desktop\click.to.lnk
[2012/04/12 23:05:32 | 000,001,338 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
[2012/04/12 23:04:25 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Batman - Arkham City.lnk
[2012/04/12 21:53:41 | 000,000,751 | ---- | C] () -- C:\Users\Public\Desktop\Mass Effect 2.lnk
[2012/04/12 21:53:41 | 000,000,751 | ---- | C] () -- C:\Users\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\Mass Effect 2.lnk
[2012/04/12 18:33:41 | 000,001,932 | ---- | C] () -- C:\Users\Bob\Desktop\Gmail.lnk
[2012/04/12 15:09:57 | 000,000,935 | ---- | C] () -- C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GoogleCal.lnk
[2012/04/12 15:05:51 | 000,002,514 | ---- | C] () -- C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Calendar.lnk
[2012/04/12 15:05:51 | 000,002,506 | ---- | C] () -- C:\Users\Bob\Desktop\Google Calendar.lnk
[2012/04/11 18:45:42 | 000,001,105 | ---- | C] () -- C:\Users\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2012/04/11 18:44:19 | 000,000,892 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/11 18:44:19 | 000,000,888 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/10 17:32:42 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\DisplayFusion.lnk
[2012/04/10 14:57:46 | 000,001,017 | ---- | C] () -- C:\Users\Bob\Desktop\Dropbox.lnk
[2012/04/10 14:56:54 | 000,001,053 | ---- | C] () -- C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012/04/10 14:51:33 | 000,000,795 | ---- | C] () -- C:\Users\Bob\Desktop\Artisteer 3.lnk
[2012/04/10 14:51:33 | 000,000,795 | ---- | C] () -- C:\Users\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\Artisteer 3.lnk
[2012/04/10 14:43:02 | 000,000,728 | ---- | C] () -- C:\Users\Bob\Desktop\Magic Briefcase.lnk
[2012/04/10 14:40:38 | 000,001,966 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SugarSync Manager.lnk
[2012/04/10 14:40:38 | 000,001,954 | ---- | C] () -- C:\Users\Public\Desktop\SugarSync Manager.lnk
[2012/04/10 14:09:43 | 000,026,650 | ---- | C] () -- C:\Users\Bob\Documents\Ergonis Store _ Invoice.pdf
[2012/04/10 00:23:42 | 000,000,278 | ---- | C] () -- C:\Users\Bob\Documents\ax_files.xml
[2012/04/09 23:55:09 | 000,001,075 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
[2012/04/09 23:55:03 | 000,001,211 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk
[2012/04/09 23:54:58 | 000,001,037 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
[2012/04/09 23:54:55 | 000,001,173 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
[2012/04/09 23:54:10 | 000,001,523 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
[2012/04/09 23:54:10 | 000,001,357 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
[2012/04/09 23:17:10 | 000,002,421 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirPort Utility.lnk
[2012/04/09 22:54:38 | 000,000,971 | ---- | C] () -- C:\Users\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/04/09 22:54:38 | 000,000,947 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012/04/09 22:33:31 | 000,000,013 | ---- | C] () -- C:\Windows\SysWow64\WinSys32.crc
[2012/04/09 22:33:22 | 000,000,663 | ---- | C] () -- C:\Users\Bob\Desktop\CoffeeCup HTML Editor.lnk
[2012/04/09 22:33:22 | 000,000,663 | ---- | C] () -- C:\Users\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\CoffeeCup HTML Editor.lnk
[2012/04/09 21:04:41 | 000,001,031 | ---- | C] () -- C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Launchy.lnk
[2012/04/09 20:32:30 | 000,001,053 | ---- | C] () -- C:\Users\Bob\Desktop\Notepad++.lnk
[2012/04/09 20:25:04 | 000,002,026 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
[2012/04/09 20:25:03 | 000,002,465 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
[2012/04/09 20:25:03 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
[2012/04/09 20:24:22 | 000,001,097 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Widget Browser.lnk
[2012/04/09 20:24:19 | 000,001,097 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Content Viewer.lnk
[2012/04/09 20:24:19 | 000,001,085 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Content Viewer.lnk
[2012/04/09 20:22:34 | 000,000,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2012/04/09 19:35:47 | 000,001,379 | ---- | C] () -- C:\Users\Bob\Desktop\Wondershare Video Converter Platinum.lnk
[2012/04/09 19:35:46 | 000,158,720 | ---- | C] () -- C:\Windows\SysWow64\WS_VideoConverterContextMenu.dll
[2012/04/09 19:35:45 | 000,675,840 | ---- | C] () -- C:\Windows\SysWow64\ac3filter.ax
[2012/04/09 19:35:45 | 000,496,640 | ---- | C] () -- C:\Windows\SysWow64\xvid.ax
[2012/04/09 19:23:22 | 000,001,184 | ---- | C] () -- C:\Users\Public\Desktop\Alcohol 120%.lnk
[2012/04/09 19:15:48 | 000,001,447 | ---- | C] () -- C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/04/09 18:57:45 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/04/09 18:57:45 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012/04/09 18:22:07 | 000,000,747 | ---- | C] () -- C:\Users\Bob\Desktop\UseNeXT.lnk
[2012/04/09 16:30:19 | 000,017,408 | ---- | C] () -- C:\Users\Bob\AppData\Local\WebpageIcons.db
[2012/04/09 15:36:43 | 000,000,790 | ---- | C] () -- C:\Users\Public\Desktop\Domain Samurai.lnk
[2012/04/09 15:36:43 | 000,000,790 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Domain Samurai.lnk
[2012/04/09 15:33:32 | 000,000,790 | ---- | C] () -- C:\Users\Public\Desktop\Market Samurai.lnk
[2012/04/09 15:33:32 | 000,000,790 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Market Samurai.lnk
[2012/04/09 15:29:39 | 000,214,016 | ---- | C] () -- C:\Users\Bob\AppData\Roaming\SharedSettings.ccs
[2012/04/09 15:29:12 | 000,002,883 | ---- | C] () -- C:\Users\Bob\Desktop\CoffeeCup Direct FTP.lnk
[2012/04/09 15:27:26 | 000,001,963 | ---- | C] () -- C:\Users\Public\Desktop\Ipswitch WS_FTP 12.lnk
[2012/04/09 14:13:17 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/04/08 22:18:12 | 000,001,852 | ---- | C] () -- C:\Users\Public\Desktop\Vuze.lnk
[2012/04/08 22:18:12 | 000,001,852 | ---- | C] () -- C:\Users\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2012/04/08 22:18:12 | 000,001,852 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk
[2012/04/08 22:04:15 | 000,001,235 | ---- | C] () -- C:\Users\Bob\Desktop\AIDA64 Extreme Edition.lnk
[2012/04/08 21:38:02 | 000,000,773 | ---- | C] () -- C:\Users\Bob\Desktop\TP Bittorrent Anonymizer.lnk
[2012/04/08 21:38:02 | 000,000,773 | ---- | C] () -- C:\Users\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\TP Bittorrent Anonymizer.lnk
[2012/04/08 21:37:55 | 000,375,808 | ---- | C] () -- C:\Users\Bob\Documents\UPDATE-TP.EXE
[2012/04/08 21:22:47 | 000,000,869 | ---- | C] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2012/04/08 13:56:06 | 000,000,687 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2012/04/08 01:18:02 | 000,000,804 | ---- | C] () -- C:\Users\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\Postbox.lnk
[2012/04/08 01:18:02 | 000,000,755 | ---- | C] () -- C:\Users\Public\Desktop\Postbox.lnk
[2012/04/08 01:16:17 | 000,001,042 | ---- | C] () -- C:\Users\Public\Desktop\PCMark 7.lnk
[2012/04/08 00:45:41 | 000,001,561 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/04/07 23:41:54 | 000,000,869 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TimeLoc.lnk
[2012/04/07 23:41:54 | 000,000,857 | ---- | C] () -- C:\Users\Public\Desktop\TimeLoc.lnk
[2012/04/07 21:20:24 | 000,000,943 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shrink-O-Matic.lnk
[2012/04/07 21:20:24 | 000,000,931 | ---- | C] () -- C:\Users\Public\Desktop\Shrink-O-Matic.lnk
[2012/04/07 21:10:28 | 000,095,744 | ---- | C] () -- C:\Windows\SysNative\RDVGHelper.exe
[2012/04/07 21:10:24 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2012/04/07 21:10:10 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2012/04/07 21:10:08 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2012/04/07 21:10:08 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2012/04/07 21:10:05 | 000,146,389 | ---- | C] () -- C:\Windows\SysWow64\printmanagement.msc
[2012/04/07 21:10:05 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2012/04/07 19:42:02 | 000,001,757 | ---- | C] () -- C:\Users\Bob\Desktop\Spotify.lnk
[2012/04/07 19:42:02 | 000,001,743 | ---- | C] () -- C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2012/04/07 16:57:02 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012/04/07 16:57:01 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012/04/07 16:54:59 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/04/07 16:54:29 | 4222,713,854 | -HS- | C] () -- C:\hiberfil.sys
[2012/04/07 14:13:52 | 000,002,127 | ---- | C] () -- C:\Users\Public\Desktop\CyberLink MediaEspresso.lnk
[2012/04/07 14:13:02 | 000,007,195 | ---- | C] () -- C:\Windows\SysNative\THXCfgUninstall64.ini
[2012/04/07 14:13:02 | 000,006,925 | ---- | C] () -- C:\Windows\SysNative\THXCfg64.ini
[2012/04/07 14:13:02 | 000,001,424 | ---- | C] () -- C:\Windows\THXCfg_SP_APOIM.ini
[2012/04/07 14:13:02 | 000,001,323 | ---- | C] () -- C:\Windows\THXCfg_HP_APOIM.ini
[2012/04/07 14:13:02 | 000,001,323 | ---- | C] () -- C:\Windows\THXCfg_APOIM.ini
[2012/04/07 14:13:00 | 000,246,784 | ---- | C] () -- C:\Windows\SysNative\APOMgr64.DLL
[2012/04/07 14:13:00 | 000,190,464 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2012/04/07 14:13:00 | 000,089,088 | ---- | C] () -- C:\Windows\SysNative\CmdRtr64.DLL
[2012/04/07 14:13:00 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2012/04/07 14:13:00 | 000,000,159 | RH-- | C] () -- C:\Windows\ctfile.rfc
[2012/04/07 14:12:42 | 000,001,009 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat.com.lnk
[2012/04/07 14:12:42 | 000,000,997 | ---- | C] () -- C:\Users\Public\Desktop\Acrobat.com.lnk
[2012/04/07 14:12:28 | 000,002,014 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/04/07 14:12:28 | 000,001,441 | ---- | C] () -- C:\Users\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/04/07 14:12:27 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2012/04/07 14:11:47 | 000,000,003 | ---- | C] () -- C:\Users\Bob\AppData\Local\user_data.ini
[2012/04/07 14:11:41 | 000,001,889 | ---- | C] () -- C:\Users\Public\Desktop\XFast USB.LNK
[2012/04/07 14:11:38 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\ASRock InstantBoot.lnk
[2012/04/07 14:11:37 | 000,001,136 | ---- | C] () -- C:\Users\Public\Desktop\ASRock eXtreme Tuner.lnk
[2012/04/07 14:08:20 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\UTSCSI.EXE
[2012/04/07 14:07:14 | 000,020,324 | ---- | C] () -- C:\Windows\SysNative\results.xml
[2012/04/07 14:06:28 | 000,008,192 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2012/04/07 14:05:42 | 002,261,764 | ---- | C] () -- C:\Windows\SysNative\drivers\rtvienna.dat
[2012/04/07 14:05:00 | 001,981,696 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.cpa
[2012/04/07 14:05:00 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2012/04/07 14:05:00 | 000,145,804 | ---- | C] () -- C:\Windows\SysNative\igcompkrng600.bin
[2012/04/07 14:05:00 | 000,094,208 | ---- | C] () -- C:\Windows\SysNative\IccLibDll_x64.dll
[2012/04/07 14:00:06 | 000,001,413 | ---- | C] () -- C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/04/07 13:59:55 | 000,000,290 | ---- | C] () -- C:\Users\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/04/07 13:59:55 | 000,000,272 | ---- | C] () -- C:\Users\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/04/07 12:27:33 | 000,000,628 | ---- | C] () -- C:\Windows\SysNative\mapisvc.inf
[2012/04/07 11:36:46 | 000,001,076 | ---- | C] () -- C:\Users\Bob\Desktop\Your Unin-staller!.lnk
[2012/04/07 11:29:33 | 000,002,515 | ---- | C] () -- C:\Users\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2012/04/07 11:29:33 | 000,002,503 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
[2012/04/07 11:29:33 | 000,002,491 | ---- | C] () -- C:\Users\Public\Desktop\Safari.lnk
[2012/04/07 11:29:19 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012/04/07 11:23:36 | 000,002,353 | ---- | C] () -- C:\Users\Bob\Desktop\Google Chrome.lnk
[2012/04/07 11:23:26 | 000,000,900 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2110765671-3359471157-1598827369-1000UA.job
[2012/04/07 11:23:26 | 000,000,848 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2110765671-3359471157-1598827369-1000Core.job
[2012/04/07 11:18:21 | 000,001,146 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/04/07 11:18:21 | 000,001,134 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/04/07 02:40:28 | 000,001,232 | ---- | C] () -- C:\Users\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\EVGA OC Scanner X.lnk
[2012/04/07 02:40:28 | 000,001,208 | ---- | C] () -- C:\Users\Bob\Desktop\EVGA OC Scanner X.lnk
[2012/04/07 02:37:28 | 000,001,092 | ---- | C] () -- C:\Users\Bob\Desktop\EVGA Precision X.lnk
[2012/04/07 02:32:29 | 002,515,790 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2012/04/07 02:22:29 | 000,006,656 | ---- | C] () -- C:\Windows\SysNative\lpcio.dll
[2012/04/07 02:19:42 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/03/19 23:25:58 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/03/19 22:21:14 | 013,212,672 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2012/02/29 13:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012/02/14 18:47:06 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012/02/14 18:47:06 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

========== Custom Scans ==========

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012/04/25 01:26:18 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Adobe
[2012/04/07 11:21:31 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Agile Web Solutions
[2012/04/10 14:52:14 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Apple Computer
[2012/04/10 14:52:15 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Artisteer
[2012/04/17 19:23:00 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Azureus
[2012/04/17 20:23:54 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\BitComet
[2012/04/15 16:16:49 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Bitdefender
[2012/04/09 22:33:10 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\CoffeeCup Software
[2012/04/11 20:30:53 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1
[2012/04/07 11:40:17 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\CyberLink
[2012/04/07 02:51:05 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\DeviceVm
[2012/04/15 01:43:22 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\DisplayFusion
[2012/04/26 23:53:57 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Ditto
[2012/04/09 15:36:44 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\DomainSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
[2012/04/14 23:07:14 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\DonationCoder
[2012/04/26 22:13:17 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Dropbox
[2012/04/17 00:44:28 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\FileZilla
[2012/04/20 11:25:02 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\HP
[2012/04/20 10:51:14 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\HpUpdate
[2012/04/07 13:59:59 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Identities
[2012/04/07 14:06:05 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\InstallShield
[2012/04/07 14:07:15 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Intel Corporation
[2012/04/17 01:02:17 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Ipswitch
[2012/04/09 21:06:39 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Launchy
[2012/04/12 11:22:42 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Leadertech
[2012/04/12 11:23:03 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Logishrd
[2012/04/12 11:22:49 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Logitech
[2012/04/07 14:12:35 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Macromedia
[2012/04/18 21:09:50 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Malwarebytes
[2012/04/09 15:33:34 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
[2009/07/14 03:45:14 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Media Center Programs
[2012/04/25 01:26:18 | 000,000,000 | --SD | M] -- C:\Users\Bob\AppData\Roaming\Microsoft
[2012/04/07 11:18:28 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Mozilla
[2012/04/07 21:20:25 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\net.tw.air.ShrinkOMatic.7C34F9BA9FAD6689FAABBE85F1F5B46BA5A32DE5.1
[2012/04/09 20:32:37 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Notepad++
[2012/04/10 18:07:54 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\NVIDIA
[2012/04/25 00:43:27 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Opera
[2012/04/13 09:03:34 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Origin
[2012/04/11 18:58:44 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\PDAppFlex
[2012/04/08 01:18:05 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Postbox
[2012/04/12 18:33:41 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Prism
[2012/04/26 10:45:55 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\QuickScan
[2012/04/18 08:36:49 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Skype
[2012/04/12 09:08:56 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Splashtop
[2012/04/26 16:34:04 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Spotify
[2012/04/07 23:41:56 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\TimeLoc.48D78D3C5DA9540D4DE1465EB3FBE37D9D6FFAF9.1
[2012/04/09 23:05:00 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\TorrentPrivacy
[2012/04/07 11:36:46 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\URSoft
[2012/04/25 18:48:50 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\UseNeXT
[2012/04/18 21:53:15 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\uTorrent
[2012/04/26 10:40:50 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\vlc
[2012/04/18 20:09:34 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\VMware
[2012/04/12 18:33:41 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\WebApps
[2012/04/09 19:35:52 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Wondershare Video Converter Platinum

< %APPDATA%\*.exe /s >
[2012/04/08 22:19:48 | 000,310,208 | ---- | M] (Georgia Institute of Technology) -- C:\Users\Bob\AppData\Roaming\Azureus\plugins\mlab\ShaperProbeC.exe
[2012/04/26 17:13:58 | 027,264,496 | ---- | M] (Dropbox, Inc.) -- C:\Users\Bob\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2012/04/12 02:46:46 | 000,872,040 | ---- | M] (Dropbox, Inc.) -- C:\Users\Bob\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2012/04/26 17:14:30 | 000,177,240 | ---- | M] (Dropbox, Inc.) -- C:\Users\Bob\AppData\Roaming\Dropbox\bin\Uninstall.exe
[2012/04/07 21:19:57 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Bob\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2012/04/07 21:19:54 | 014,852,504 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Bob\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airinstaller3x0\airinstaller3x0.exe
[2012/04/09 20:23:32 | 000,010,134 | R--- | M] () -- C:\Users\Bob\AppData\Roaming\Microsoft\Installer\{024521CF-C07E-4F8E-8481-0D75695E03AF}\ARPPRODUCTICON.exe
[2012/04/12 11:22:41 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\Bob\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
[2012/04/09 15:29:12 | 000,039,424 | R--- | M] () -- C:\Users\Bob\AppData\Roaming\Microsoft\Installer\{88741A14-4C9D-469F-BA36-8FDF6037BB68}\Icon88741A14.exe
[2012/04/07 19:42:01 | 004,011,184 | ---- | M] (Spotify Ltd) -- C:\Users\Bob\AppData\Roaming\Spotify\spotify.exe

< %SYSTEMDRIVE%\*.exe >

< MD5 for: AGP440.SYS >
[2009/07/13 21:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/13 21:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/13 21:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009/07/13 21:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: BEEP.SYS >
[2009/07/13 20:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys
[2009/07/13 20:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/13 21:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/13 21:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/13 21:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/13 21:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: EVENTLOG.DLL >
[2011/10/14 23:57:26 | 000,007,840 | ---- | M] () MD5=A8B15EC290C2F28AF39A6FE02F0ACF0D -- C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\lib\eventlog.dll

< MD5 for: IASTOR.SYS >
[2011/05/20 09:53:44 | 000,557,848 | ---- | M] (Intel Corporation) MD5=2FDAEC4B02729C48C0FD1B0B4695995B -- C:\Windows\SysNative\drivers\iaStor.sys
[2011/05/20 09:53:44 | 000,557,848 | ---- | M] (Intel Corporation) MD5=2FDAEC4B02729C48C0FD1B0B4695995B -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_e6913aab23ea9a9c\iaStor.sys

< MD5 for: IASTORV.SYS >
[2010/11/20 09:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/20 09:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/03/11 02:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 02:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011/03/11 02:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 02:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011/03/11 02:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011/03/11 02:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009/07/13 21:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009/07/13 21:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010/11/20 09:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/20 09:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/20 08:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/20 08:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009/07/13 21:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2009/07/13 21:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011/03/11 02:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011/03/11 02:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011/03/11 02:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 02:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011/03/11 02:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 02:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/20 09:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/20 09:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009/07/13 21:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/13 21:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010/11/20 08:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/20 08:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 09:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/20 09:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: THEMEUI.DLL >
[2010/11/20 09:27:26 | 002,851,840 | ---- | M] (Microsoft Corporation) MD5=2C647ABE9A424E55B5F3DAE4629B4277 -- C:\Windows\SysNative\themeui.dll
[2010/11/20 09:27:26 | 002,851,840 | ---- | M] (Microsoft Corporation) MD5=2C647ABE9A424E55B5F3DAE4629B4277 -- C:\Windows\winsxs\amd64_microsoft-windows-themeui_31bf3856ad364e35_6.1.7601.17514_none_e3249be23220b37c\themeui.dll
[2010/11/20 08:21:30 | 002,755,072 | ---- | M] (Microsoft Corporation) MD5=5992A9DF57FD5E6960FDCC2DB69867F7 -- C:\Windows\SysWOW64\themeui.dll
[2010/11/20 08:21:30 | 002,755,072 | ---- | M] (Microsoft Corporation) MD5=5992A9DF57FD5E6960FDCC2DB69867F7 -- C:\Windows\winsxs\x86_microsoft-windows-themeui_31bf3856ad364e35_6.1.7601.17514_none_8706005e79c34246\themeui.dll
[2009/07/13 21:41:55 | 002,851,328 | ---- | M] (Microsoft Corporation) MD5=740304CDCAA54E4312DEDA7F288CEB06 -- C:\Windows\winsxs\amd64_microsoft-windows-themeui_31bf3856ad364e35_6.1.7600.16385_none_e0f3881a35322fe2\themeui.dll
[2009/07/13 21:16:16 | 002,755,072 | ---- | M] (Microsoft Corporation) MD5=BA25800813148F910A600B6DE1F78B2B -- C:\Windows\winsxs\x86_microsoft-windows-themeui_31bf3856ad364e35_6.1.7600.16385_none_84d4ec967cd4beac\themeui.dll

< MD5 for: USERINIT.EXE >
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

========== Alternate Data Streams ==========

@Alternate Data Stream - 177 bytes -> C:\ProgramData\Temp:1CE11B51

< End of report >

#12 rocknrob

rocknrob
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:51 AM

Posted 26 April 2012 - 11:35 PM

I'll be honest with you I would really prefer that you explain what each step and app I run is for. What are the results we're looking for or are expecting. I'm really not to comfortable wit posting all this information on a wide open forum. I understand that most of it is trivial an all but it still concerns me.

So far everything we've done doesn't seem to have given us any insight into the virus, or at least hasn't given me any insight as I don't know what you're looking for.

So when you say "A lot more to do" I'd like to know why and what.

Thanks,
Bob

BTW how is the Happili virus passed on? How could I have possibly got it as I'm very careful and know my way around computers.

Edited by rocknrob, 26 April 2012 - 11:38 PM.


#13 rocknrob

rocknrob
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:51 AM

Posted 27 April 2012 - 10:40 AM

Any chance we can finish working on this? I'm stuck in limbo here.

#14 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:51 AM

Posted 27 April 2012 - 11:01 AM

The Happili is a trojan, not a virus. This is a recent writeup about it at MS http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Trojan:Win32/Medfos.B
There's no telling how you got it. It is impossible to pin-down how, other than general ways, like out of date Java runtime, out-of-date utilities, being out of date with Windows & MS security fixes, or even making a mis-type in a URL when websurfing.
We need generic reports to take a general look and we have to pore thru for the suspects.

In your case now, it is the ".XPI" files that have been attached to Firefox that need removal.
The following OTL fix is to remove them.

  • Please double-click OTL.exe Posted Image to run it. (Note: If you are running on Windows 7 or Vista, right-click on the file and choose Run As Administrator).
  • Copy all the lines in between the **** stars lines **** below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    ***************************************************************
    :files
    C:\USERS\BOB\APPDATA\LOCAL\{513B9C68-871D-11E1-826D-B8AC6F996F26}
    C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QYN8EBLL.DEFAULT\EXTENSIONS\{75CEEE46-9B64-46F8-94BF-54012DE155F0}.XPI
    C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QYN8EBLL.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
    C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QYN8EBLL.DEFAULT\EXTENSIONS\{DC572301-7619-498C-A57D-39143191B318}.XPI
    C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QYN8EBLL.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI
    C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QYN8EBLL.DEFAULT\EXTENSIONS\LOADTABSPROGRESSIVELY@ITHINC.CN.XPI
    C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QYN8EBLL.DEFAULT\EXTENSIONS\RESTART@RESTART.ORG.XPI
    C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QYN8EBLL.DEFAULT\EXTENSIONS\YSLOW@YAHOO-INC.COM.XPI

    :Commands
    [purity]
    [emptytemp]
    [CLEARALLRESTOREPOINTS]
    [EMPTYFLASH]
    [Reboot]

    *****************************************************************
  • Return to OTL. Right click in the "Custom Scans/Fixes" window (under the aqua-blue bar) and choose Paste.
  • Close any browser(s) windows that may be open.
  • Using your mouse, click on the red-lettered button Run Fix.
  • Once you see a message box "Fix complete! Click OK to open the fix log."
    Click the OK button
  • The log will open in Notepad (your default text editor).
  • Save the log. Post a copy of that log in your next reply.

Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process.
If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTL\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.
~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#15 rocknrob

rocknrob
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:51 AM

Posted 27 April 2012 - 11:26 AM

Here's the log. What now?

Should I remove Firefox and re-install a fresh copy?

All processes killed
========== FILES ==========
C:\USERS\BOB\APPDATA\LOCAL\{513B9C68-871D-11E1-826D-B8AC6F996F26}\chrome\content folder moved successfully.
C:\USERS\BOB\APPDATA\LOCAL\{513B9C68-871D-11E1-826D-B8AC6F996F26}\chrome folder moved successfully.
C:\USERS\BOB\APPDATA\LOCAL\{513B9C68-871D-11E1-826D-B8AC6F996F26} folder moved successfully.
C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QYN8EBLL.DEFAULT\EXTENSIONS\{75CEEE46-9B64-46f8-94BF-54012DE155F0}.xpi moved successfully.
C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QYN8EBLL.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi moved successfully.
C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QYN8EBLL.DEFAULT\EXTENSIONS\{dc572301-7619-498c-a57d-39143191b318}.xpi moved successfully.
C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QYN8EBLL.DEFAULT\EXTENSIONS\firebug@software.joehewitt.com.xpi moved successfully.
C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QYN8EBLL.DEFAULT\EXTENSIONS\loadTabsProgressively@ithinc.cn.xpi moved successfully.
C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QYN8EBLL.DEFAULT\EXTENSIONS\restart@restart.org.xpi moved successfully.
C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QYN8EBLL.DEFAULT\EXTENSIONS\yslow@yahoo-inc.com.xpi moved successfully.
File\Folder :Commands not found.
File\Folder [purity] not found.
File\Folder [emptytemp] not found.
File\Folder [CLEARALLRESTOREPOINTS] not found.
File\Folder [EMPTYFLASH] not found.
File\Folder [Reboot] not found.

OTL by OldTimer - Version 3.2.42.1 log created on 04272012_122027

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Edited by rocknrob, 27 April 2012 - 11:28 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users