Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan.Dropper.BCMiner


  • This topic is locked This topic is locked
12 replies to this topic

#1 mgear86

mgear86

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 14 July 2012 - 09:12 AM

In the process of switching anti-virus software (my employer's provided software was expiring) I discovered that I was infected with BCMiner. All attempts to remove it using Malwarebytes and AVG have failed. When I run either of those programs it will detect the trojan and attempt to remove. However, upon restarting the trojan is still on the system. I've attempted to remove it via safe mode, with the same results. I'm running Windows 7 64-bit. Also, something has shut off Windows Firewall, and when I try to turn it back on I get error code 0x80070424. Any help is appreciated.


.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.4.1
Run by NMSH at 9:47:21 on 2012-07-14
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3839.2314 [GMT -4:00]
.
AV: McAfee VirusScan Enterprise *Enabled/Outdated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee VirusScan Enterprise Antispyware Module *Enabled/Outdated* {3D54B793-665E-3129-9103-206115370C8A}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files (x86)\FlashMute\flashmute.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
C:\Program Files (x86)\QuickTime\qttask.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://yahoo.com/
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Open FVD Suite IE Plugin: {2b171655-a70c-5c18-b693-6cb5dc269d44} - C:\PROGRA~2\FVDIEP~1\FVDIEPlugin_1.dll
BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: FVD Suite IE Plugin: {2b171655-a70c-5c18-b693-6cb5dc269d41} - C:\PROGRA~2\FVDIEP~1\FVDIEPlugin_1.dll
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
uRun: [FlashMute] C:\Program Files (x86)\FlashMute\FlashMute.exe
uRun: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun: [<NO NAME>]
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SNAPFI~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: FVDIEPlugin Add Page - C:\PROGRA~2\FVDIEP~1\FVDIEPlugin_1.dll/IECONTEXT.DLL.HTM
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
LSP: mswsock.dll
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 10.0.1.1
TCP: Interfaces\{3DE02E36-3C2C-40C4-8E90-A7B28B29CF40} : DhcpNameServer = 10.0.1.1
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\microsoft shared\Web Folders\PKMCDO.DLL
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Open FVD Suite IE Plugin: {2B171655-A70C-5c18-B693-6CB5DC269D44} - C:\PROGRA~2\FVDIEP~1\FVDIEPlugin_1.dll
BHO-X64: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO-X64: AVG Do Not Track - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: SmartSelect - No File
TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB-X64: FVD Suite IE Plugin: {2B171655-A70C-5c18-B693-6CB5DC269D41} - C:\PROGRA~2\FVDIEP~1\FVDIEPlugin_1.dll
TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
mRun-x64: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun-x64: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun-x64: [(Default)]
mRun-x64: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\NMSH\AppData\Roaming\Mozilla\Firefox\Profiles\6i387xgo.default\
FF - prefs.js: browser.startup.homepage - hxxp://news.google.com/nwshp?hl=en&tab=wn
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B2a33cce1-efc8-45f2-b372-9644a590378d%7D&mid=fc8cf6d8c2e247d0bf71b57816d2781f-8cb314de8ca49b2d2a8f1d668caae66f4ea95a79&ds=AVG&v=11.1.0.12&lang=en&pr=fr&d=2012-07-13%2007%3A47%3A59&sap=ku&q=
FF - prefs.js: network.proxy.type - 0
FF - component: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn\components\WCFirefoxExtn.dll
FF - component: C:\Users\NMSH\AppData\Roaming\Mozilla\Firefox\Profiles\6i387xgo.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\XPATLCOM.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\npsitesafety.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\npjpi170_04.dll
FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Flash Video Downloader Youtube Downloader: artur.dubovoy@gmail.com - %profile%\extensions\artur.dubovoy@gmail.com
FF - Ext: Clean the junk: cleanjunk@netmaster.com.ua - %profile%\extensions\cleanjunk@netmaster.com.ua
FF - Ext: FrameExt: frameext@teesoft.info - %profile%\extensions\frameext@teesoft.info
FF - Ext: Flashblock: {3d7eb24f-2740-49df-8937-200b1cc08f8a} - %profile%\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: Image Toolbar: {A4732521-77D9-447E-A557-B279AC923F06} - %profile%\extensions\{A4732521-77D9-447E-A557-B279AC923F06}
FF - Ext: ImageHost Grabber: {E4091D66-127C-11DB-903A-DE80D2EFDFE8} - %profile%\extensions\{E4091D66-127C-11DB-903A-DE80D2EFDFE8}
FF - Ext: Adobe Acrobat - Create PDF: web2pdfextension@web2pdf.adobedotcom - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF - Ext: AVG Do Not Track: {F53C93F1-07D5-430c-86D4-C9531B27DFAF} - C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack
FF - Ext: AVG Security Toolbar: avg@toolbar - C:\ProgramData\AVG Secure Search\11.1.0.12
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\system32\DRIVERS\amd_sata.sys --> C:\Windows\system32\DRIVERS\amd_sata.sys [?]
R0 amd_xata;amd_xata;C:\Windows\system32\DRIVERS\amd_xata.sys --> C:\Windows\system32\DRIVERS\amd_xata.sys [?]
R0 AVGIDSHA;AVGIDSHA;C:\Windows\system32\DRIVERS\avgidsha.sys --> C:\Windows\system32\DRIVERS\avgidsha.sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-3-9 365568]
R2 AMD Reservation Manager;AMD Reservation Manager;C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-6-17 194496]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-7-4 5160568]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-5 291896]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-8-20 92216]
R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2010-11-22 1119768]
R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-9-11 399344]
R2 TomTomHOMEService;TomTomHOMEService;C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-1-23 92592]
R2 vToolbarUpdater11.2.0;vToolbarUpdater11.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [2012-7-13 935008]
R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\avgidsdrivera.sys --> C:\Windows\system32\DRIVERS\avgidsdrivera.sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\avgidsfiltera.sys --> C:\Windows\system32\DRIVERS\avgidsfiltera.sys [?]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-6-16 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-15 253088]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-6-16 136176]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-07-13 11:50:01 -------- d-----w- C:\Users\NMSH\AppData\Roaming\AVG2012
2012-07-13 11:48:51 -------- d-----w- C:\Users\NMSH\AppData\Local\AVG Secure Search
2012-07-13 11:47:57 -------- d-----w- C:\ProgramData\AVG Secure Search
2012-07-13 11:47:54 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search
2012-07-13 11:47:54 -------- d-----w- C:\Program Files (x86)\AVG Secure Search
2012-07-13 11:46:25 -------- d-----w- C:\Windows\SysWow64\drivers\AVG
2012-07-13 11:45:45 -------- d--h--w- C:\$AVG
2012-07-13 11:45:45 -------- d-----w- C:\Windows\System32\drivers\AVG
2012-07-13 11:45:45 -------- d-----w- C:\ProgramData\AVG2012
2012-07-13 11:43:52 -------- d-----w- C:\Program Files (x86)\AVG
2012-07-13 11:41:17 -------- d--h--w- C:\ProgramData\Common Files
2012-07-13 11:41:17 -------- d-----w- C:\ProgramData\MFAData
2012-07-13 02:05:51 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-07-13 01:48:09 -------- d-----w- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2012-07-13 01:27:50 -------- d-----w- C:\Windows\System32\SPReview
2012-07-13 01:27:09 -------- d-----w- C:\Windows\System32\EventProviders
2012-07-13 01:10:50 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-07-13 01:10:50 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-07-13 01:10:50 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-07-13 01:10:50 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-07-13 01:10:50 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-07-13 01:10:50 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-07-13 01:10:50 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-07-13 00:59:16 48976 ----a-w- C:\Windows\System32\netfxperf.dll
2012-07-13 00:59:16 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2012-07-13 00:59:06 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2012-07-13 00:59:03 59392 ----a-w- C:\Windows\System32\drivers\TsUsbFlt.sys
2012-07-13 00:59:03 3715584 ----a-w- C:\Windows\System32\mstscax.dll
2012-07-13 00:59:03 1838080 ----a-w- C:\Windows\System32\d3d10warp.dll
2012-07-13 00:59:03 12288 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
2012-07-13 00:59:02 14967808 ----a-w- C:\Program Files\DVD Maker\OmdBase.dll
2012-07-13 00:59:01 3215872 ----a-w- C:\Windows\SysWow64\mstscax.dll
2012-07-13 00:57:59 833024 ----a-w- C:\Windows\SysWow64\user32.dll
2012-07-13 00:56:59 94592 ----a-w- C:\Windows\System32\drivers\mountmgr.sys
2012-07-13 00:55:56 3072 ----a-w- C:\Windows\System32\drivers\en-US\tsusbflt.sys.mui
2012-07-13 00:55:56 2560 ----a-w- C:\Windows\System32\drivers\en-US\rdpwd.sys.mui
2012-07-13 00:55:53 4608 ----a-w- C:\Windows\System32\drivers\en-US\kbdclass.sys.mui
2012-07-13 00:55:52 6144 ----a-w- C:\Windows\System32\drivers\en-US\IPMIDrv.sys.mui
2012-07-13 00:55:49 399872 ----a-w- C:\Windows\System32\dpx.dll
2012-07-13 00:55:49 189952 ----a-w- C:\Windows\SysWow64\wdscore.dll
2012-07-13 00:55:21 606208 ----a-w- C:\Windows\SysWow64\wbem\fastprox.dll
2012-07-13 00:55:21 363008 ----a-w- C:\Windows\SysWow64\wbemcomn.dll
2012-07-13 00:53:00 529408 ----a-w- C:\Windows\System32\wbemcomn.dll
2012-07-13 00:50:26 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2012-07-13 00:50:26 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2012-07-13 00:50:18 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-07-13 00:50:18 1462272 ----a-w- C:\Windows\System32\crypt32.dll
2012-07-13 00:50:18 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-07-13 00:50:17 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-07-13 00:50:17 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-07-13 00:50:17 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2012-07-13 00:48:57 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-07-13 00:29:27 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2012-07-13 00:29:04 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-07-13 00:29:03 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-07-13 00:29:03 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-07-13 00:27:58 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2012-07-13 00:27:58 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2012-07-13 00:20:26 288640 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2012-07-13 00:20:26 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-07-13 00:14:07 2164224 ----a-w- C:\Program Files\Windows Journal\Journal.exe
2012-07-13 00:14:07 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2012-07-13 00:14:06 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-07-13 00:14:06 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2012-07-13 00:14:06 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2012-07-13 00:14:06 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2012-07-12 15:36:03 -------- d-----w- C:\Windows\Microsoft Antimalware
2012-07-12 02:05:39 -------- d-----w- C:\Program Files\Microsoft Security Client
2012-07-12 02:04:10 -------- d-----w- C:\71644da1ff93a9206ebf
2012-07-12 01:22:14 -------- d-----w- C:\ProgramData\Recovery
2012-07-12 01:07:43 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
2012-06-21 23:29:15 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-21 23:28:46 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-21 23:28:08 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-21 23:28:08 186752 ----a-w- C:\Windows\System32\wuwebv.dll
.
==================== Find3M ====================
.
2012-07-13 02:20:10 175616 ----a-w- C:\Windows\System32\msclmd.dll
2012-07-13 02:20:10 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2012-07-12 11:52:51 285071 ----a-w- C:\DUMP3dca.tmp
2012-07-03 17:46:44 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll
2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll
2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2012-06-03 13:53:51 772552 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll
2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-04-26 05:34:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-04-22 03:32:06 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-19 08:50:26 28480 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
2012-04-15 14:28:44 418464 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
.
============= FINISH: 9:49:09.28 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:01:57 PM

Posted 14 July 2012 - 09:39 AM

Hi,

Please run the following:

download Farbar Recovery Scan Tool and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to the disclaimer.
[*]Place a check next to List Drivers MD5 as well as the default check marks that are already there
[*]Press Scan button.
[*]FRST will let you know when the scan is complete and has written the FRST.txt to file, close out this message, then type the following into the search box:
services.exe
[*]now press the search button
[*]when the search is complete, search.txt will also be written to your USB
[*]type exit and reboot the computer normally
[*]please copy and paste both logs in your reply.(FRST.txt and Search.txt)[/list]

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#3 mgear86

mgear86
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 14 July 2012 - 10:58 AM

Hi CatByte,

Thanks for your response. It won't let me post FRST.txt as one post because it is too long. So I'll break it up into couple of post. Then I'll post search.txt.
-------------

Scan result of Farbar Recovery Scan Tool Version: 14-07-2012 01
Ran by SYSTEM at 14-07-2012 11:19:46
Running from G:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background [611896 2010-09-15] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [497648 2010-11-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe [664600 2010-09-28] (PDF Complete Inc)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime [282624 2006-09-01] (Apple Computer, Inc.)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [336384 2011-03-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] [x]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [36760 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [821144 2010-10-25] (Adobe Systems Inc.)
HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" [2587008 2012-04-05] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" [1107552 2012-07-13] ()
HKU\NMSH\...\Run: [FlashMute] C:\Program Files (x86)\FlashMute\FlashMute.exe [143360 2005-12-18] ()
HKU\NMSH\...\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [247728 2012-01-22] (TomTom)
Tcpip\Parameters: [DhcpNameServer] 10.0.1.1
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Snapfish PictureMover.lnk
ShortcutTarget: Snapfish PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)

==================== Services (Whitelisted) ======

2 AMD Reservation Manager; "C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe" [194496 2010-06-17] (Advanced Micro Devices)
2 AVGIDSAgent; "C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe" [5160568 2012-07-04] (AVG Technologies CZ, s.r.o.)
2 avgwd; "C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe" [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)
2 TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [92592 2012-01-22] (TomTom)
2 vToolbarUpdater11.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [935008 2012-07-13] ()
3 rpcapd; "C:\Program Files (x86)\WinPcap\rpcapd.exe" -d -f "C:\Program Files (x86)\WinPcap\rpcapd.ini" [x]

========================== Drivers (Whitelisted) =============

3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [124496 2011-12-23] (AVG Technologies CZ, s.r.o. )
3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfiltera.sys [29776 2011-12-23] (AVG Technologies CZ, s.r.o. )
0 AVGIDSHA; C:\Windows\System32\Drivers\AVGIDSHA.sys [28480 2012-04-19] (AVG Technologies CZ, s.r.o. )
1 Avgldx64; C:\Windows\System32\Drivers\Avgldx64.sys [289872 2012-02-22] (AVG Technologies CZ, s.r.o.)
1 Avgmfx64; C:\Windows\System32\Drivers\Avgmfx64.sys [47696 2011-12-23] (AVG Technologies CZ, s.r.o.)
0 Avgrkx64; C:\Windows\System32\Drivers\Avgrkx64.sys [36944 2012-01-31] (AVG Technologies CZ, s.r.o.)
1 Avgtdia; C:\Windows\System32\Drivers\Avgtdia.sys [383808 2012-03-19] (AVG Technologies CZ, s.r.o.)
2 NPF; C:\Windows\System32\Drivers\NPF.sys [35344 2010-06-25] (CACE Technologies, Inc.)
3 AODDriver4.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2012-07-14 05:50 - 2012-07-14 05:50 - 00020838 ____A C:\Users\NMSH\Desktop\Attach.txt
2012-07-14 05:49 - 2012-07-14 05:49 - 00028963 ____A C:\Users\NMSH\Desktop\DDS.txt
2012-07-14 05:47 - 2012-07-14 05:47 - 00607260 ____R (Swearware) C:\Users\NMSH\Desktop\dds.scr
2012-07-14 05:46 - 2012-07-14 05:46 - 00000470 ____A C:\Users\NMSH\Desktop\defogger_disable.log
2012-07-14 05:46 - 2012-07-14 05:46 - 00000000 ____A C:\Users\NMSH\defogger_reenable
2012-07-14 05:45 - 2012-07-14 05:45 - 00050477 ____A C:\Users\NMSH\Desktop\Defogger.exe
2012-07-14 04:29 - 2012-07-14 05:12 - 00006839 ____A C:\Users\NMSH\Desktop\avgrep.txt
2012-07-13 14:14 - 2012-07-13 15:00 - 00008189 ____A C:\Windows\System32\avgrep.txt
2012-07-13 14:08 - 2012-07-13 14:08 - 00033758 ____A C:\Users\NMSH\AppData\Local\dt.dat
2012-07-13 03:50 - 2012-07-13 03:50 - 00000000 ____D C:\Users\NMSH\AppData\Roaming\AVG2012
2012-07-13 03:48 - 2012-07-13 03:48 - 00000927 ____A C:\Users\Public\Desktop\AVG 2012.lnk
2012-07-13 03:48 - 2012-07-13 03:48 - 00000000 ____D C:\Users\NMSH\AppData\Local\AVG Secure Search
2012-07-13 03:47 - 2012-07-13 03:50 - 00000000 ____D C:\Users\All Users\AVG Secure Search
2012-07-13 03:47 - 2012-07-13 03:48 - 00000000 ____D C:\Program Files (x86)\AVG Secure Search
2012-07-13 03:46 - 2012-07-13 03:46 - 00000000 ____D C:\Windows\SysWOW64\Drivers\AVG
2012-07-13 03:45 - 2012-07-14 05:44 - 00000000 ____D C:\Windows\System32\Drivers\AVG
2012-07-13 03:45 - 2012-07-14 05:41 - 00000000 ____D C:\Users\All Users\AVG2012
2012-07-13 03:45 - 2012-07-13 03:45 - 00000000 ___HD C:\$AVG
2012-07-13 03:43 - 2012-07-13 03:43 - 00000000 ____D C:\Program Files (x86)\AVG
2012-07-13 03:41 - 2012-07-14 05:44 - 00000000 ____D C:\Users\All Users\MFAData
2012-07-13 03:40 - 2012-07-13 03:40 - 03875048 ____A (AVG Technologies) C:\Users\NMSH\Desktop\avg_free_stb_all_2012_2195_cnet.exe
2012-07-12 18:05 - 2012-06-11 19:08 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-07-12 17:48 - 2012-07-12 17:48 - 00000000 ____D C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2012-07-12 17:42 - 2012-07-12 17:42 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 03695416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2012-07-12 17:42 - 2012-07-12 17:42 - 03695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2012-07-12 17:42 - 2012-07-12 17:42 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-07-12 17:42 - 2012-07-12 17:42 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-07-12 17:42 - 2012-07-12 17:42 - 02311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-07-12 17:42 - 2012-07-12 17:42 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-07-12 17:42 - 2012-07-12 17:42 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00697344 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00603648 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00580608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00534528 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00452608 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00448512 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2012-07-12 17:42 - 2012-07-12 17:42 - 00434176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00403248 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00367104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2012-07-12 17:42 - 2012-07-12 17:42 - 00353792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00353584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00282112 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00267776 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00249344 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00227840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00223232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00222208 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00203776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-07-12 17:42 - 2012-07-12 17:42 - 00165888 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2012-07-12 17:42 - 2012-07-12 17:42 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00162304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00160256 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2012-07-12 17:42 - 2012-07-12 17:42 - 00160256 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2012-07-12 17:42 - 2012-07-12 17:42 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2012-07-12 17:42 - 2012-07-12 17:42 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00145920 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-07-12 17:42 - 2012-07-12 17:42 - 00135168 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00130560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00123392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00118784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00114176 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00111616 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00091648 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2012-07-12 17:42 - 2012-07-12 17:42 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2012-07-12 17:42 - 2012-07-12 17:42 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2012-07-12 17:42 - 2012-07-12 17:42 - 00086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00082432 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2012-07-12 17:42 - 2012-07-12 17:42 - 00076800 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2012-07-12 17:42 - 2012-07-12 17:42 - 00074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2012-07-12 17:42 - 2012-07-12 17:42 - 00074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2012-07-12 17:42 - 2012-07-12 17:42 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00066048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00063488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2012-07-12 17:42 - 2012-07-12 17:42 - 00055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00054272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00049664 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00035840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00023552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00012288 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2012-07-12 17:42 - 2012-07-12 17:42 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2012-07-12 17:42 - 2012-07-12 17:42 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2012-07-12 17:42 - 2012-07-12 17:42 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2012-07-12 17:41 - 2012-07-12 17:43 - 00003752 ____A C:\Windows\IE9_main.log
2012-07-12 17:33 - 2012-07-02 23:19 - 59701280 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-07-12 17:27 - 2012-07-12 17:27 - 00000000 ____D C:\Windows\System32\SPReview
2012-07-12 17:27 - 2012-07-12 17:27 - 00000000 ____D C:\Windows\System32\EventProviders
2012-07-12 17:10 - 2012-02-29 22:46 - 00023408 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys
2012-07-12 17:10 - 2012-02-29 22:38 - 00220672 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-07-12 17:10 - 2012-02-29 22:33 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2012-07-12 17:10 - 2012-02-29 22:28 - 00005120 ____A (Microsoft Corporation) C:\Windows\System32\wmi.dll
2012-07-12 17:10 - 2012-02-29 21:37 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2012-07-12 17:10 - 2012-02-29 21:33 - 00159232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2012-07-12 17:10 - 2012-02-29 21:29 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2012-07-12 16:59 - 2010-11-20 05:27 - 03715584 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2012-07-12 16:59 - 2010-11-20 05:27 - 00012288 ____A (Microsoft Corporation) C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
2012-07-12 16:59 - 2010-11-20 05:26 - 01838080 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2012-07-12 16:59 - 2010-11-20 04:19 - 03215872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2012-07-12 16:59 - 2010-11-20 03:07 - 00059392 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\TsUsbFlt.sys
2012-07-12 16:59 - 2010-11-04 17:58 - 01130824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2012-07-12 16:59 - 2010-11-04 17:57 - 01942856 ____A (Microsoft Corporation) C:\Windows\System32\dfshim.dll
2012-07-12 16:59 - 2010-11-04 17:57 - 00048976 ____A (Microsoft Corporation) C:\Windows\System32\netfxperf.dll
2012-07-12 16:58 - 2010-11-20 05:39 - 05066752 ____A (Microsoft Corporation) C:\Windows\System32\AuthFWSnapin.dll
2012-07-12 16:58 - 2010-11-20 05:34 - 00295808 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\volsnap.sys
2012-07-12 16:58 - 2010-11-20 05:34 - 00215936 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\vhdmp.sys
2012-07-12 16:58 - 2010-11-20 05:33 - 01659776 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2012-07-12 16:58 - 2010-11-20 05:33 - 00982912 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2012-07-12 16:58 - 2010-11-20 05:33 - 00951680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2012-07-12 16:58 - 2010-11-20 05:33 - 00376192 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2012-07-12 16:58 - 2010-11-20 05:33 - 00366976 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msrpc.sys
2012-07-12 16:58 - 2010-11-20 05:33 - 00299392 ____A (Microsoft Corporation) C:\Windows\System32\mcupdate_GenuineIntel.dll
2012-07-12 16:58 - 2010-11-20 05:33 - 00273792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys
2012-07-12 16:58 - 2010-11-20 05:33 - 00189824 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2012-07-12 16:58 - 2010-11-20 05:33 - 00166272 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvstor.sys
2012-07-12 16:58 - 2010-11-20 05:33 - 00148352 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvraid.sys
2012-07-12 16:58 - 2010-11-20 05:32 - 00107904 ____A (Advanced Micro Devices) C:\Windows\System32\Drivers\amdsata.sys
2012-07-12 16:58 - 2010-11-20 05:29 - 00345600 ____A (Microsoft Corporation) C:\Windows\System32\fveapi.dll
2012-07-12 16:58 - 2010-11-20 05:28 - 00298104 ____A (Microsoft Corporation) C:\Windows\System32\bcryptprimitives.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 14633472 ____A (Microsoft Corporation) C:\Windows\System32\wmp.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 03860992 ____A (Microsoft Corporation) C:\Windows\System32\UIRibbon.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 03650560 ____A (Microsoft Corporation) C:\Windows\System32\MSVidCtl.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 03027968 ____A (Microsoft Corporation) C:\Windows\System32\WMVCORE.DLL
2012-07-12 16:58 - 2010-11-20 05:27 - 03008000 ____A (Microsoft Corporation) C:\Windows\System32\xpsservices.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 02652160 ____A (Microsoft Corporation) C:\Windows\System32\netshell.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 02543616 ____A (Microsoft Corporation) C:\Windows\System32\wpdshext.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 02314752 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 02262528 ____A (Microsoft Corporation) C:\Windows\System32\SyncCenter.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 02223616 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 02086912 ____A (Microsoft Corporation) C:\Windows\System32\ole32.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 02072576 ____A (Microsoft Corporation) C:\Windows\System32\WMPEncEn.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 02055680 ____A (Microsoft Corporation) C:\Windows\System32\Query.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 02018304 ____A (Microsoft Corporation) C:\Windows\System32\WsmSvc.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 01900544 ____A (Microsoft Corporation) C:\Windows\System32\setupapi.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 01888256 ____A (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL
2012-07-12 16:58 - 2010-11-20 05:27 - 01808384 ____A (Microsoft Corporation) C:\Windows\System32\pnidui.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 01753088 ____A (Microsoft Corporation) C:\Windows\System32\vssapi.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 01743360 ____A (Microsoft Corporation) C:\Windows\System32\sysmain.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 01646080 ____A (Microsoft Corporation) C:\Windows\System32\wevtsvc.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 01556992 ____A (Microsoft Corporation) C:\Windows\System32\RacEngn.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 01509888 ____A (Microsoft Corporation) C:\Windows\System32\msdtctm.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 01441280 ____A (Microsoft Corporation) C:\Windows\System32\wlanpref.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 01326080 ____A (Microsoft Corporation) C:\Windows\System32\NaturalLanguage6.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 01281024 ____A (Microsoft Corporation) C:\Windows\System32\werconcpl.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 01243136 ____A (Microsoft Corporation) C:\Windows\System32\WMNetMgr.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 01219584 ____A (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 01212416 ____A (Microsoft Corporation) C:\Windows\System32\propsys.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 01197056 ____A (Microsoft Corporation) C:\Windows\System32\taskschd.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 01190400 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 01158656 ____A (Microsoft Corporation) C:\Windows\System32\webservices.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 01110016 ____A (Microsoft Corporation) C:\Windows\System32\schedsvc.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 01098240 ____A (Microsoft Corporation) C:\Windows\System32\Vault.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 01082880 ____A (Microsoft Corporation) C:\Windows\System32\sppobjs.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 01024512 ____A (Microsoft Corporation) C:\Windows\System32\wmpmde.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 01008128 ____A (Microsoft Corporation) C:\Windows\System32\user32.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00933888 ____A (Microsoft Corporation) C:\Windows\System32\sqlsrv32.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00867840 ____A (Microsoft Corporation) C:\Windows\System32\SearchFolder.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00849920 ____A (Microsoft Corporation) C:\Windows\System32\qmgr.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00800256 ____A (Microsoft Corporation) C:\Windows\System32\usp10.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00778752 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00758784 ____A (Microsoft Corporation) C:\Windows\System32\samsrv.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00758272 ____A (Microsoft Corporation) C:\Windows\System32\PortableDeviceApi.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00750080 ____A (Microsoft Corporation) C:\Windows\System32\TSWorkspace.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00720896 ____A (Microsoft Corporation) C:\Windows\System32\odbc32.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00695808 ____A (Microsoft Corporation) C:\Windows\System32\netlogon.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00680960 ____A (Microsoft Corporation) C:\Windows\System32\termsrv.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00605696 ____A (Microsoft Corporation) C:\Windows\System32\wmpeffects.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00582656 ____A (Microsoft Corporation) C:\Windows\System32\sxs.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00577536 ____A (Microsoft Corporation) C:\Windows\System32\WSDApi.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00524288 ____A (Microsoft Corporation) C:\Windows\System32\wmicmiplugin.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00519680 ____A (Microsoft Corporation) C:\Windows\System32\netcfgx.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00512000 ____A (Microsoft Corporation) C:\Windows\System32\rpcss.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00501248 ____A (Microsoft Corporation) C:\Windows\System32\WinSATAPI.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00488448 ____A (Microsoft Corporation) C:\Windows\System32\secproc.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00485888 ____A (Microsoft Corporation) C:\Windows\System32\secproc_isv.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00481280 ____A (Microsoft Corporation) C:\Windows\System32\wmpps.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00476160 ____A (Microsoft Corporation) C:\Windows\System32\QAGENTRT.DLL
2012-07-12 16:58 - 2010-11-20 05:27 - 00473600 ____A (Microsoft Corporation) C:\Windows\System32\taskcomp.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00457216 ____A (Microsoft Corporation) C:\Windows\System32\msdrm.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00448512 ____A (Microsoft Corporation) C:\Windows\System32\shlwapi.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00444416 ____A (Microsoft Corporation) C:\Windows\System32\winhttp.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00409600 ____A (Microsoft Corporation) C:\Windows\System32\photowiz.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00370688 ____A (Microsoft Corporation) C:\Windows\System32\shsvcs.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00326144 ____A (Microsoft Corporation) C:\Windows\System32\mswsock.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00324096 ____A (Microsoft Corporation) C:\Windows\System32\netdiagfx.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00312832 ____A (Microsoft Corporation) C:\Windows\System32\Wldap32.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00312320 ____A (Microsoft Corporation) C:\Windows\System32\msv1_0.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00303616 ____A (Microsoft Corporation) C:\Windows\System32\nlasvc.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00299520 ____A (Microsoft Corporation) C:\Windows\System32\tsmf.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00297984 ____A (Microsoft Corporation) C:\Windows\System32\ws2_32.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00266240 ____A (Microsoft Corporation) C:\Windows\System32\QAGENT.DLL
2012-07-12 16:58 - 2010-11-20 05:27 - 00263168 ____A (Microsoft Corporation) C:\Windows\System32\vpnike.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00263168 ____A (Microsoft Corporation) C:\Windows\System32\spwizui.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00258560 ____A (Microsoft Corporation) C:\Windows\System32\WebClnt.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00257024 ____A (Microsoft Corporation) C:\Windows\System32\stobject.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00244736 ____A (Microsoft Corporation) C:\Windows\System32\sqmapi.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00236032 ____A (Microsoft Corporation) C:\Windows\System32\srvsvc.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\winsta.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00210944 ____A (Microsoft Corporation) C:\Windows\System32\ncsi.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00183808 ____A (Microsoft Corporation) C:\Windows\System32\prncache.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00146944 ____A (Microsoft Corporation) C:\Windows\System32\scavengeui.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00121856 ____A (Microsoft Corporation) C:\Windows\System32\SessEnv.dll
2012-07-12 16:58 - 2010-11-20 05:27 - 00109056 ____A (Microsoft Corporation) C:\Windows\System32\userenv.dll
2012-07-12 16:58 - 2010-11-20 05:26 - 04120064 ____A (Microsoft Corporation) C:\Windows\System32\mf.dll
2012-07-12 16:58 - 2010-11-20 05:26 - 03391488 ____A (Microsoft Corporation) C:\Windows\System32\dbgeng.dll
2012-07-12 16:58 - 2010-11-20 05:26 - 03205120 ____A (Microsoft Corporation) C:\Windows\System32\mmcndmgr.dll
2012-07-12 16:58 - 2010-11-20 05:26 - 02565632 ____A (Microsoft Corporation) C:\Windows\System32\esent.dll
2012-07-12 16:58 - 2010-11-20 05:26 - 02067456 ____A (Microsoft Corporation) C:\Windows\System32\d3d9.dll
2012-07-12 16:58 - 2010-11-20 05:26 - 01866240 ____A (Microsoft Corporation) C:\Windows\System32\ExplorerFrame.dll
2012-07-12 16:58 - 2010-11-20 05:26 - 01632256 ____A (Microsoft Corporation) C:\Windows\System32\dwmcore.dll
2012-07-12 16:58 - 2010-11-20 05:26 - 01340416 ____A (Microsoft Corporation) C:\Windows\System32\diagperf.dll
2012-07-12 16:58 - 2010-11-20 05:26 - 01244160 ____A (Microsoft Corporation) C:\Windows\System32\imapi2fs.dll
2012-07-12 16:58 - 2010-11-20 05:26 - 01137664 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2012-07-12 16:58 - 2010-11-20 05:26 - 01009152 ____A (Microsoft Corporation) C:\Windows\System32\mcmde.dll
2012-07-12 16:58 - 2010-11-20 05:26 - 00955904 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll
2012-07-12 16:58 - 2010-11-20 05:26 - 00853504 ____A (Microsoft Corporation) C:\Windows\System32\IKEEXT.DLL
2012-07-12 16:58 - 2010-11-20 05:26 - 00828416 ____A (Microsoft Corporation) C:\Windows\System32\MPSSVC.dll
2012-07-12 16:58 - 2010-11-20 05:26 - 00787968 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2012-07-12 16:58 - 2010-11-20 05:26 - 00777728 ____A (Microsoft Corporation) C:\Windows\System32\gpsvc.dll
2012-07-12 16:58 - 2010-11-20 05:26 - 00658944 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2012-07-12 16:58 - 2010-11-20 05:26 - 00630272 ____A (Microsoft Corporation) C:\Windows\System32\evr.dll
2012-07-12 16:58 - 2010-11-20 05:26 - 00584192 ____A (Microsoft Corporation) C:\Windows\System32\ipsmsnap.dll
2012-07-12 16:58 - 2010-11-20 05:26 - 00551936 ____A (Microsoft Corporation) C:\Windows\System32\localsec.dll
2012-07-12 16:58 - 2010-11-20 05:26 - 00503296 ____A (Microsoft Corporation) C:\Windows\System32\imapi2.dll
2012-07-12 16:58 - 2010-11-20 05:26 - 00501248 ____A (Microsoft Corporation) C:\Windows\System32\IPSECSVC.DLL
2012-07-12 16:58 - 2010-11-20 05:26 - 00422912 ____A (Microsoft Corporation) C:\Windows\System32\drvstore.dll
2012-07-12 16:58 - 2010-11-20 05:26 - 00403968 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2012-07-12 16:58 - 2010-11-20 05:26 - 00381440 ____A (Microsoft Corporation) C:\Windows\System32\mfds.dll
2012-07-12 16:58 - 2010-11-20 05:26 - 00317952 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcore.dll
2012-07-12 16:58 - 2010-11-20 05:26 - 00295936 ____A (Microsoft Corporation) C:\Windows\System32\framedynos.dll
2012-07-12 16:58 - 2010-11-20 05:26 - 00281600 ____A (Microsoft) C:\Windows\System32\DShowRdpFilter.dll
2012-07-12 16:58 - 2010-11-20 05:26 - 00279040 ____A (Microsoft Corporation) C:\Windows\System32\framedyn.dll
2012-07-12 16:58 - 2010-11-20 05:26 - 00257024 ____A (Microsoft Corporation) C:\Windows\System32\mfreadwrite.dll
2012-07-12 16:58 - 2010-11-20 05:26 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\hgprint.dll
2012-07-12 16:58 - 2010-11-20 05:26 - 00171520 ____A (Microsoft Corporation) C:\Windows\System32\fde.dll
2012-07-12 16:58 - 2010-11-20 05:26 - 00084992 ____A (Microsoft Corporation) C:\Windows\System32\dot3api.dll
2012-07-12 16:58 - 2010-11-20 05:25 - 03957760 ____A (Microsoft Corporation) C:\Windows\System32\WinSAT.exe
2012-07-12 16:58 - 2010-11-20 05:25 - 01975296 ____A (Microsoft Corporation) C:\Windows\System32\CertEnroll.dll
2012-07-12 16:58 - 2010-11-20 05:25 - 01927680 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2012-07-12 16:58 - 2010-11-20 05:25 - 01796096 ____A (Microsoft Corporation) C:\Windows\System32\certmgr.dll
2012-07-12 16:58 - 2010-11-20 05:25 - 01600512 ____A (Microsoft Corporation) C:\Windows\System32\VSSVC.exe
2012-07-12 16:58 - 2010-11-20 05:25 - 01504256 ____A (Microsoft Corporation) C:\Windows\System32\wbengine.exe
2012-07-12 16:58 - 2010-11-20 05:25 - 01116672 ____A (Microsoft Corporation) C:\Windows\System32\mstsc.exe
2012-07-12 16:58 - 2010-11-20 05:25 - 00958464 ____A (Microsoft Corporation) C:\Windows\System32\actxprxy.dll
2012-07-12 16:58 - 2010-11-20 05:25 - 00902144 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2012-07-12 16:58 - 2010-11-20 05:25 - 00897536 ____A (Microsoft Corporation) C:\Windows\System32\azroles.dll
2012-07-12 16:58 - 2010-11-20 05:25 - 00705024 ____A (Microsoft Corporation) C:\Windows\System32\BFE.DLL
2012-07-12 16:58 - 2010-11-20 05:25 - 00679424 ____A (Microsoft Corporation) C:\Windows\System32\audiosrv.dll
2012-07-12 16:58 - 2010-11-20 05:25 - 00598016 ____A (Microsoft Corporation) C:\Windows\System32\spinstall.exe
2012-07-12 16:58 - 2010-11-20 05:25 - 00594432 ____A (Microsoft Corporation) C:\Windows\System32\comdlg32.dll
2012-07-12 16:58 - 2010-11-20 05:25 - 00559104 ____A (Microsoft Corporation) C:\Windows\System32\spoolsv.exe
2012-07-12 16:58 - 2010-11-20 05:25 - 00464384 ____A (Microsoft Corporation) C:\Windows\System32\taskeng.exe
2012-07-12 16:58 - 2010-11-20 05:25 - 00412160 ____A (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2012-07-12 16:58 - 2010-11-20 05:25 - 00390656 ____A (Microsoft Corporation) C:\Windows\System32\winlogon.exe
2012-07-12 16:58 - 2010-11-20 05:25 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\RMActivate_isv.exe
2012-07-12 16:58 - 2010-11-20 05:25 - 00359424 ____A (Microsoft Corporation) C:\Windows\System32\RMActivate.exe
2012-07-12 16:58 - 2010-11-20 05:25 - 00342016 ____A (Microsoft Corporation) C:\Windows\System32\apphelp.dll
2012-07-12 16:58 - 2010-11-20 05:25 - 00301568 ____A (Microsoft Corporation) C:\Windows\System32\spreview.exe
2012-07-12 16:58 - 2010-11-20 05:25 - 00296448 ____A (Microsoft Corporation) C:\Windows\System32\AudioSes.dll
2012-07-12 16:58 - 2010-11-20 05:25 - 00285696 ____A (Microsoft Corporation) C:\Windows\System32\schtasks.exe
2012-07-12 16:58 - 2010-11-20 05:25 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\credui.dll
2012-07-12 16:58 - 2010-11-20 05:24 - 00689152 ____A (Microsoft Corporation) C:\Windows\System32\FXSSVC.exe
2012-07-12 16:58 - 2010-11-20 05:24 - 00653312 ____A (Microsoft Corporation) C:\Windows\System32\lpksetup.exe
2012-07-12 16:58 - 2010-11-20 05:24 - 00345088 ____A (Microsoft Corporation) C:\Windows\System32\cmd.exe
2012-07-12 16:58 - 2010-11-20 05:24 - 00343040 ____A (Microsoft Corporation) C:\Windows\System32\lsm.exe
2012-07-12 16:58 - 2010-11-20 05:24 - 00272896 ____A (Microsoft Corporation) C:\Windows\System32\mcbuilder.exe
2012-07-12 16:58 - 2010-11-20 04:51 - 00424448 ____A (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2012-07-12 16:58 - 2010-11-20 04:32 - 05066752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AuthFWSnapin.dll
2012-07-12 16:58 - 2010-11-20 04:21 - 11410432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2012-07-12 16:58 - 2010-11-20 04:21 - 01712640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xpsservices.dll
2012-07-12 16:58 - 2010-11-20 04:21 - 01667584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2012-07-12 16:58 - 2010-11-20 04:21 - 01619456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2012-07-12 16:58 - 2010-11-20 04:21 - 01548288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2012-07-12 16:58 - 2010-11-20 04:21 - 01363456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2012-07-12 16:58 - 2010-11-20 04:21 - 01175040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2012-07-12 16:58 - 2010-11-20 04:21 - 01128448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2012-07-12 16:58 - 2010-11-20 04:21 - 01115136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RacEngn.dll
2012-07-12 16:58 - 2010-11-20 04:21 - 01010688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2012-07-12 16:58 - 2010-11-20 04:21 - 00646144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2012-07-12 16:58 - 2010-11-20 04:21 - 00626176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2012-07-12 16:58 - 2010-11-20 04:21 - 00597504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2012-07-12 16:58 - 2010-11-20 04:21 - 00505856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2012-07-12 16:58 - 2010-11-20 04:21 - 00492032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2012-07-12 16:58 - 2010-11-20 04:21 - 00423936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2012-07-12 16:58 - 2010-11-20 04:21 - 00381440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2012-07-12 16:58 - 2010-11-20 04:21 - 00351232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2012-07-12 16:58 - 2010-11-20 04:21 - 00350208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shlwapi.dll
2012-07-12 16:58 - 2010-11-20 04:21 - 00270848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2012-07-12 16:58 - 2010-11-20 04:21 - 00269824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2012-07-12 16:58 - 2010-11-20 04:21 - 00206848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\upnp.dll
2012-07-12 16:58 - 2010-11-20 04:21 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2012-07-12 16:58 - 2010-11-20 04:21 - 00113664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2012-07-12 16:58 - 2010-11-20 04:21 - 00081920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2012-07-12 16:58 - 2010-11-20 04:20 - 01414144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2012-07-12 16:58 - 2010-11-20 04:20 - 00988160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2012-07-12 16:58 - 2010-11-20 04:20 - 00573440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbc32.dll
2012-07-12 16:58 - 2010-11-20 04:20 - 00563712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2012-07-12 16:58 - 2010-11-20 04:20 - 00547840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceApi.dll
2012-07-12 16:58 - 2010-11-20 04:20 - 00428032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2012-07-12 16:58 - 2010-11-20 04:20 - 00406528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2012-07-12 16:58 - 2010-11-20 04:19 - 03207680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2012-07-12 16:58 - 2010-11-20 04:19 - 02291712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2012-07-12 16:58 - 2010-11-20 04:19 - 02151936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll
2012-07-12 16:58 - 2010-11-20 04:19 - 01698816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2012-07-12 16:58 - 2010-11-20 04:19 - 01493504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2012-07-12 16:58 - 2010-11-20 04:19 - 01401344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2012-07-12 16:58 - 2010-11-20 04:19 - 00954752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc40.dll
2012-07-12 16:58 - 2010-11-20 04:19 - 00954288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc40u.dll
2012-07-12 16:58 - 2010-11-20 04:19 - 00732160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imapi2fs.dll
2012-07-12 16:58 - 2010-11-20 04:19 - 00341504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2012-07-12 16:58 - 2010-11-20 04:19 - 00296448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2012-07-12 16:58 - 2010-11-20 04:19 - 00257024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2012-07-12 16:58 - 2010-11-20 04:19 - 00206336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\framedynos.dll
2012-07-12 16:58 - 2010-11-20 04:18 - 02522624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2012-07-12 16:58 - 2010-11-20 04:18 - 01828352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2012-07-12 16:58 - 2010-11-20 04:18 - 01792000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2012-07-12 16:58 - 2010-11-20 04:18 - 01555456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certmgr.dll
2012-07-12 16:58 - 2010-11-20 04:18 - 01371136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2012-07-12 16:58 - 2010-11-20 04:18 - 01334272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2012-07-12 16:58 - 2010-11-20 04:18 - 01171456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2012-07-12 16:58 - 2010-11-20 04:18 - 00739840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2012-07-12 16:58 - 2010-11-20 04:18 - 00640512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2012-07-12 16:58 - 2010-11-20 04:18 - 00522752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2012-07-12 16:58 - 2010-11-20 04:18 - 00485888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2012-07-12 16:58 - 2010-11-20 04:18 - 00342016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2012-07-12 16:58 - 2010-11-20 04:18 - 00323072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\drvstore.dll
2012-07-12 16:58 - 2010-11-20 04:18 - 00295936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2012-07-12 16:58 - 2010-11-20 04:18 - 00252928 ____A (Microsoft) C:\Windows\SysWOW64\DShowRdpFilter.dll
2012-07-12 16:58 - 2010-11-20 04:18 - 00091136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dot3api.dll
2012-07-12 16:58 - 2010-11-20 04:17 - 01049600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2012-07-12 16:58 - 2010-11-20 04:17 - 00327168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2012-07-12 16:58 - 2010-11-20 04:17 - 00322048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2012-07-12 16:58 - 2010-11-20 04:17 - 00302592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
2012-07-12 16:58 - 2010-11-20 04:17 - 00220672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe
2012-07-12 16:58 - 2010-11-20 03:05 - 00274944 ____A (Microsoft Corporation) C:\Windows\System32\rdpdd.dll
2012-07-12 16:58 - 2010-11-20 02:44 - 00229888 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\1394ohci.sys
2012-07-12 16:58 - 2010-11-20 01:27 - 00309248 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys
2012-07-12 16:58 - 2010-11-20 01:25 - 00753664 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\http.sys
2012-07-12 16:58 - 2010-11-20 01:23 - 00261632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netbt.sys
2012-07-12 16:58 - 2010-11-20 01:21 - 00119296 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdx.sys
2012-07-12 16:58 - 2010-11-19 19:52 - 00419880 ____A C:\Windows\SysWOW64\locale.nls
2012-07-12 16:58 - 2010-11-19 19:52 - 00419880 ____A C:\Windows\System32\locale.nls
2012-07-12 16:58 - 2010-11-04 18:20 - 00347904 ____A C:\Windows\System32\systemsf.ebd
2012-07-12 16:58 - 2010-11-04 17:58 - 00297808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mscoree.dll
2012-07-12 16:58 - 2010-11-04 17:58 - 00049488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netfxperf.dll
2012-07-12 16:58 - 2010-11-04 17:57 - 00444752 ____A (Microsoft Corporation) C:\Windows\System32\mscoree.dll
2012-07-12 16:58 - 2010-11-04 17:53 - 00320352 ____A (Microsoft Corporation) C:\Windows\System32\PresentationHost.exe
2012-07-12 16:58 - 2010-11-04 17:53 - 00295264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHost.exe
2012-07-12 16:58 - 2010-11-04 17:53 - 00109928 ____A (Microsoft Corporation) C:\Windows\System32\PresentationHostProxy.dll
2012-07-12 16:58 - 2010-11-04 17:53 - 00099176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHostProxy.dll
2012-07-12 16:58 - 2009-07-13 17:16 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tcpmonui.dll
2012-07-12 16:57 - 2010-11-20 05:44 - 01077248 ____A (Microsoft Corporation) C:\Windows\System32\Narrator.exe
2012-07-12 16:57 - 2010-11-20 05:34 - 00363392 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\volmgrx.sys
2012-07-12 16:57 - 2010-11-20 05:34 - 00071552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\volmgr.sys
2012-07-12 16:57 - 2010-11-20 05:33 - 00410496 ____A (Intel Corporation) C:\Windows\System32\Drivers\iaStorV.sys
2012-07-12 16:57 - 2010-11-20 05:33 - 00289664 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fltMgr.sys
2012-07-12 16:57 - 2010-11-20 05:33 - 00263040 ____A (Microsoft Corporation) C:\Windows\System32\hal.dll
2012-07-12 16:57 - 2010-11-20 05:33 - 00213888 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdyboost.sys
2012-07-12 16:57 - 2010-11-20 05:33 - 00184704 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\pci.sys
2012-07-12 16:57 - 2010-11-20 05:33 - 00171392 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\scsiport.sys
2012-07-12 16:57 - 2010-11-20 05:33 - 00140672 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msdsm.sys
2012-07-12 16:57 - 2010-11-20 05:33 - 00103808 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\sbp2port.sys
2012-07-12 16:57 - 2010-11-20 05:33 - 00078720 ____A (Hewlett-Packard Company) C:\Windows\System32\Drivers\HpSAMD.sys
2012-07-12 16:57 - 2010-11-20 05:33 - 00063360 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\termdd.sys
2012-07-12 16:57 - 2010-11-20 05:33 - 00031104 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msahci.sys
2012-07-12 16:57 - 2010-11-20 05:32 - 02217856 ____A (Microsoft Corporation) C:\Windows\System32\bootres.dll
2012-07-12 16:57 - 2010-11-20 05:32 - 00334208 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\acpi.sys
2012-07-12 16:57 - 2010-11-20 05:32 - 00179072 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Classpnp.sys
2012-07-12 16:57 - 2010-11-20 05:32 - 00112000 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2012-07-12 16:57 - 2010-11-20 05:32 - 00027008 ____A (Advanced Micro Devices) C:\Windows\System32\Drivers\amdxata.sys
2012-07-12 16:57 - 2010-11-20 05:28 - 00780008 ____A (Microsoft Corporation) C:\Windows\System32\ci.dll
2012-07-12 16:57 - 2010-11-20 05:28 - 00223248 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2012-07-12 16:57 - 2010-11-20 05:28 - 00166784 ____A (Microsoft Corporation) C:\Windows\System32\basecsp.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 02851840 ____A (Microsoft Corporation) C:\Windows\System32\themeui.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 02250752 ____A (Microsoft Corporation) C:\Windows\System32\SensorsCpl.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 02193920 ____A (Microsoft Corporation) C:\Windows\System32\themecpl.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 01689600 ____A (Microsoft Corporation) C:\Windows\System32\netcenter.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 01389056 ____A (Microsoft Corporation) C:\Windows\System32\pla.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 01363968 ____A (Microsoft Corporation) C:\Windows\System32\wdc.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 01160192 ____A (Microsoft Corporation) C:\Windows\System32\MSMPEG2ENC.DLL
2012-07-12 16:57 - 2010-11-20 05:27 - 01120768 ____A (Microsoft Corporation) C:\Windows\System32\sdengin2.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 01050624 ____A (Microsoft Corporation) C:\Windows\System32\printui.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00933376 ____A (Microsoft Corporation) C:\Windows\System32\SmiEngine.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00812032 ____A (Microsoft Corporation) C:\Windows\System32\wpccpl.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00799744 ____A (Microsoft Corporation) C:\Windows\System32\msftedit.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00691200 ____A (Microsoft Corporation) C:\Windows\System32\VAN.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00658432 ____A (Microsoft Corporation) C:\Windows\System32\PerfCenterCPL.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00633344 ____A (Microsoft Corporation) C:\Windows\System32\riched20.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00625664 ____A (Microsoft Corporation) C:\Windows\System32\usercpl.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00625664 ____A (Microsoft Corporation) C:\Windows\System32\mscms.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00624128 ____A (Microsoft Corporation) C:\Windows\System32\qedit.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00611840 ____A (Microsoft Corporation) C:\Windows\System32\wpd_ci.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00580096 ____A (Microsoft Corporation) C:\Windows\System32\wiaservc.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00571904 ____A (Microsoft Corporation) C:\Windows\System32\mspbda.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00552960 ____A (Microsoft Corporation) C:\Windows\System32\msdri.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00486400 ____A (Microsoft Corporation) C:\Windows\System32\powercpl.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00483840 ____A (Microsoft Corporation) C:\Windows\System32\StructuredQuery.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00475136 ____A (Microsoft Corporation) C:\Windows\System32\wlangpui.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00462336 ____A (Microsoft Corporation) C:\Windows\System32\wiadefui.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00455168 ____A (Microsoft Corporation) C:\Windows\System32\nshipsec.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00429568 ____A (Microsoft Corporation) C:\Windows\System32\puiobj.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00424448 ____A (Microsoft Corporation) C:\Windows\System32\rastls.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00418816 ____A (Microsoft Corporation) C:\Windows\System32\sppwinob.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00416256 ____A (Microsoft Corporation) C:\Windows\System32\prnfldr.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00414208 ____A (Microsoft Corporation) C:\Windows\System32\wlanui.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00406016 ____A (Microsoft Corporation) C:\Windows\System32\scesrv.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00372736 ____A (Microsoft Corporation) C:\Windows\System32\mtxclu.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00367104 ____A (Microsoft Corporation) C:\Windows\System32\wcncsvc.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00357888 ____A (Microsoft Corporation) C:\Windows\System32\sharemediacpl.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00344064 ____A (Microsoft Corporation) C:\Windows\System32\rasmans.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\srchadmin.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00316928 ____A (Microsoft Corporation) C:\Windows\System32\tapisrv.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00303616 ____A (Microsoft Corporation) C:\Windows\System32\scansetting.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00264192 ____A (Microsoft Corporation) C:\Windows\System32\upnp.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00253440 ____A (Microsoft Corporation) C:\Windows\System32\tcpipcfg.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00244224 ____A (Microsoft Corporation) C:\Windows\System32\spp.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00235520 ____A (Microsoft Corporation) C:\Windows\System32\onex.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00232960 ____A (Microsoft Corporation) C:\Windows\System32\scecli.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00232448 ____A (Microsoft Corporation) C:\Windows\System32\sppcomapi.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00229888 ____A (Microsoft Corporation) C:\Windows\System32\XpsRasterService.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00225280 ____A (Microsoft Corporation) C:\Windows\System32\SndVolSSO.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00223232 ____A (Microsoft Corporation) C:\Windows\System32\wmpsrcwp.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00223232 ____A (Microsoft Corporation) C:\Windows\System32\QSHVHOST.DLL
2012-07-12 16:57 - 2010-11-20 05:27 - 00222720 ____A (Microsoft Corporation) C:\Windows\System32\wwanconn.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00215552 ____A (Microsoft Corporation) C:\Windows\System32\netiohlp.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00211456 ____A (Microsoft Corporation) C:\Windows\System32\rasppp.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00196608 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00188928 ____A (Microsoft Corporation) C:\Windows\System32\netjoin.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00187904 ____A (Microsoft Corporation) C:\Windows\System32\rpchttp.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00187904 ____A (Microsoft Corporation) C:\Windows\System32\provsvc.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00165376 ____A (Microsoft Corporation) C:\Windows\System32\netid.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00161792 ____A (Microsoft Corporation) C:\Windows\System32\ocsetapi.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00156160 ____A (Microsoft Corporation) C:\Windows\System32\prntvpt.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00148992 ____A (Microsoft Corporation) C:\Windows\System32\t2embed.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00130048 ____A (Microsoft Corporation) C:\Windows\System32\shsetup.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00118784 ____A (Microsoft Corporation) C:\Windows\System32\wkssvc.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00117248 ____A (Microsoft Corporation) C:\Windows\System32\wpdbusenum.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00112640 ____A (Microsoft Corporation) C:\Windows\System32\thumbcache.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00107520 ____A (Microsoft Corporation) C:\Windows\System32\QUTIL.DLL
2012-07-12 16:57 - 2010-11-20 05:27 - 00095232 ____A (Microsoft Corporation) C:\Windows\System32\regapi.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00092672 ____A (Microsoft Corporation) C:\Windows\System32\TabSvc.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00090112 ____A (Microsoft Corporation) C:\Windows\System32\nci.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00078848 ____A (Microsoft Corporation) C:\Windows\System32\WUDFSvc.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00070656 ____A (Microsoft Corporation) C:\Windows\System32\nlaapi.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00067584 ____A (Microsoft Corporation) C:\Windows\System32\samcli.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00065536 ____A (Microsoft Corporation) C:\Windows\System32\RpcRtRemote.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00063488 ____A (Microsoft Corporation) C:\Windows\System32\wscapi.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\rtutils.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00046592 ____A (Microsoft Corporation) C:\Windows\System32\msasn1.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00040960 ____A (Microsoft Corporation) C:\Windows\System32\TsUsbGDCoInstaller.dll
2012-07-12 16:57 - 2010-11-20 05:27 - 00038912 ____A (Microsoft Corporation) C:\Windows\System32\vpnikeapi.dll
2012-07-12 16:57 - 2010-11-20 05:26 - 02746880 ____A (Microsoft Corporation) C:\Windows\System32\gameux.dll
2012-07-12 16:57 - 2010-11-20 05:26 - 01457664 ____A (Microsoft Corporation) C:\Windows\System32\DxpTaskSync.dll
2012-07-12 16:57 - 2010-11-20 05:26 - 01202176 ____A (Microsoft Corporation) C:\Windows\System32\DiagCpl.dll
2012-07-12 16:57 - 2010-11-20 05:26 - 01066496 ____A (Microsoft Corporation) C:\Windows\System32\Display.dll
2012-07-12 16:57 - 2010-11-20 05:26 - 00934912 ____A (Microsoft Corporation) C:\Windows\System32\FirewallControlPanel.dll
2012-07-12 16:57 - 2010-11-20 05:26 - 00861184 ____A (Microsoft Corporation) C:\Windows\System32\fontext.dll
2012-07-12 16:57 - 2010-11-20 05:26 - 00675328 ____A (Microsoft Corporation) C:\Windows\System32\DXPTaskRingtone.dll
2012-07-12 16:57 - 2010-11-20 05:26 - 00569344 ____A (Microsoft Corporation) C:\Windows\System32\iphlpsvc.dll
2012-07-12 16:57 - 2010-11-20 05:26 - 00459776 ____A (Microsoft Corporation) C:\Windows\System32\DXP.dll
2012-07-12 16:57 - 2010-11-20 05:26 - 00355328 ____A (Microsoft Corporation) C:\Windows\System32\Faultrep.dll
2012-07-12 16:57 - 2010-11-20 05:26 - 00348160 ____A (Microsoft Corporation) C:\Windows\System32\eapp3hst.dll
2012-07-12 16:57 - 2010-11-20 05:26 - 00332288 ____A (Microsoft Corporation) C:\Windows\System32\hgcpl.dll
2012-07-12 16:57 - 2010-11-20 05:26 - 00303616 ____A (Microsoft Corporation) C:\Windows\System32\eapphost.dll
2012-07-12 16:57 - 2010-11-20 05:26 - 00279552 ____A (Microsoft Corporation) C:\Windows\System32\dxdiagn.dll
2012-07-12 16:57 - 2010-11-20 05:26 - 00239616 ____A (Microsoft Corporation) C:\Windows\System32\dskquoui.dll
2012-07-12 16:57 - 2010-11-20 05:26 - 00232448 ____A (Microsoft Corporation) C:\Windows\System32\ListSvc.dll
2012-07-12 16:57 - 2010-11-20 05:26 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\mprapi.dll
2012-07-12 16:57 - 2010-11-20 05:26 - 00217088 ____A (Microsoft Corporation) C:\Windows\System32\iasrad.dll
2012-07-12 16:57 - 2010-11-20 05:26 - 00211456 ____A (Microsoft Corporation) C:\Windows\System32\mprddm.dll
2012-07-12 16:57 - 2010-11-20 05:26 - 00186880 ____A (Microsoft Corporation) C:\Windows\System32\logoncli.dll
2012-07-12 16:57 - 2010-11-20 05:26 - 00166912 ____A (Microsoft Corporation) C:\Windows\System32\inetpp.dll
2012-07-12 16:57 - 2010-11-20 05:26 - 00162816 ____A (Microsoft Corporation) C:\Windows\System32\dps.dll
2012-07-12 16:57 - 2010-11-20 05:26 - 00145920 ____A (Microsoft Corporation) C:\Windows\System32\IPHLPAPI.DLL
2012-07-12 16:57 - 2010-11-20 05:26 - 00128512 ____A (Microsoft Corporation) C:\Windows\System32\dwmredir.dll
2012-07-12 16:57 - 2010-11-20 05:26 - 00118272 ____A (Microsoft Corporation) C:\Windows\System32\dnscmmc.dll
2012-07-12 16:57 - 2010-11-20 05:26 - 00116224 ____A (Windows ® Codename Longhorn DDK provider) C:\Windows\System32\fms.dll
2012-07-12 16:57 - 2010-11-20 05:26 - 00100864 ____A (Microsoft Corporation) C:\Windows\System32\iasacct.dll
2012-07-12 16:57 - 2010-11-20 05:26 - 00100864 ____A (Microsoft Corporation) C:\Windows\System32\davclnt.dll
2012-07-12 16:57 - 2010-11-20 05:26 - 00078848 ____A (Microsoft Corporation) C:\Windows\System32\hbaapi.dll
2012-07-12 16:57 - 2010-11-20 05:26 - 00072192 ____A (Microsoft Corporation) C:\Windows\System32\fdeploy.dll
2012-07-12 16:57 - 2010-11-20 05:26 - 00069120 ____A (Microsoft Corporation) C:\Windows\System32\dot3cfg.dll
2012-07-12 16:57 - 2010-11-20 05:26 - 00050176 ____A (Microsoft Corporation) C:\Windows\System32\lsmproxy.dll
2012-07-12 16:57 - 2010-11-20 05:26 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\mimefilt.dll
2012-07-12 16:57 - 2010-11-20 05:25 - 03524608 ____A (Microsoft Corporation) C:\Windows\System32\sppsvc.exe
2012-07-12 16:57 - 2010-11-20 05:25 - 01264640 ____A (Microsoft Corporation) C:\Windows\System32\sdclt.exe
2012-07-12 16:57 - 2010-11-20 05:25 - 00749568 ____A (Microsoft Corporation) C:\Windows\System32\batmeter.dll
2012-07-12 16:57 - 2010-11-20 05:25 - 00726528 ____A (Microsoft Corporation) C:\Windows\System32\AuxiliaryDisplayCpl.dll
2012-07-12 16:57 - 2010-11-20 05:25 - 00633856 ____A (Microsoft Corporation) C:\Windows\System32\comctl32.dll
2012-07-12 16:57 - 2010-11-20 05:25 - 00533504 ____A (Microsoft Corporation) C:\Windows\System32\vds.exe
2012-07-12 16:57 - 2010-11-20 05:25 - 00504320 ____A (Microsoft Corporation) C:\Windows\System32\biocpl.dll
2012-07-12 16:57 - 2010-11-20 05:25 - 00405504 ____A (Microsoft Corporation) C:\Windows\System32\wisptis.exe
2012-07-12 16:57 - 2010-11-20 05:25 - 00314368 ____A (Microsoft Corporation) C:\Windows\System32\clusapi.dll
2012-07-12 16:57 - 2010-11-20 05:25 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\wusa.exe
2012-07-12 16:57 - 2010-11-20 05:25 - 00273920 ____A (Microsoft Corporation) C:\Windows\System32\SndVol.exe
2012-07-12 16:57 - 2010-11-20 05:25 - 00257024 ____A (Microsoft Corporation) C:\Windows\System32\taskmgr.exe
2012-07-12 16:57 - 2010-11-20 05:25 - 00199168 ____A (Microsoft Corporation) C:\Windows\System32\PkgMgr.exe
2012-07-12 16:57 - 2010-11-20 05:25 - 00186368 ____A (Microsoft Corporation) C:\Windows\System32\ocsetup.exe
2012-07-12 16:57 - 2010-11-20 05:25 - 00168448 ____A (Microsoft Corporation) C:\Windows\System32\bcdsrv.dll
2012-07-12 16:57 - 2010-11-20 05:25 - 00158720 ____A (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2012-07-12 16:57 - 2010-11-20 05:25 - 00139264 ____A (Microsoft Corporation) C:\Windows\System32\cabview.dll
2012-07-12 16:57 - 2010-11-20 05:25 - 00128000 ____A (Microsoft) C:\Windows\System32\Robocopy.exe
2012-07-12 16:57 - 2010-11-20 05:25 - 00114688 ____A (Microsoft Corporation) C:\Windows\System32\AxInstSv.dll
2012-07-12 16:57 - 2010-11-20 05:25 - 00088576 ____A (Microsoft Corporation) C:\Windows\System32\setupcl.exe
2012-07-12 16:57 - 2010-11-20 05:25 - 00069120 ____A (Microsoft Corporation) C:\Windows\System32\taskhost.exe
2012-07-12 16:57 - 2010-11-20 05:25 - 00067072 ____A (Microsoft Corporation) C:\Windows\splwow64.exe
2012-07-12 16:57 - 2010-11-20 05:25 - 00022016 ____A (Microsoft Corporation) C:\Windows\System32\credssp.dll
2012-07-12 16:57 - 2010-11-20 05:24 - 00957440 ____A (Microsoft Corporation) C:\Windows\System32\mblctr.exe
2012-07-12 16:57 - 2010-11-20 05:24 - 00850944 ____A (Microsoft Corporation) C:\Windows\System32\mmsys.cpl
2012-07-12 16:57 - 2010-11-20 05:24 - 00793088 ____A (Microsoft Corporation) C:\Windows\System32\autoconv.exe
2012-07-12 16:57 - 2010-11-20 05:24 - 00777728 ____A (Microsoft Corporation) C:\Windows\System32\autochk.exe
2012-07-12 16:57 - 2010-11-20 05:24 - 00763904 ____A (Microsoft Corporation) C:\Windows\System32\autofmt.exe
2012-07-12 16:57 - 2010-11-20 05:24 - 00726528 ____A (Microsoft Corporation) C:\Windows\System32\appwiz.cpl
2012-07-12 16:57 - 2010-11-20 05:24 - 00684032 ____A (Microsoft Corporation) C:\Windows\System32\TabletPC.cpl
2012-07-12 16:57 - 2010-11-20 05:24 - 00477696 ____A (Microsoft Corporation) C:\Windows\System32\PhotoScreensaver.scr
2012-07-12 16:57 - 2010-11-20 05:24 - 00442368 ____A (Microsoft Corporation) C:\Windows\System32\winspool.drv
2012-07-12 16:57 - 2010-11-20 05:24 - 00378880 ____A (Microsoft Corporation) C:\Windows\System32\msinfo32.exe
2012-07-12 16:57 - 2010-11-20 05:24 - 00359936 ____A (Microsoft Corporation) C:\Windows\System32\eudcedit.exe
2012-07-12 16:57 - 2010-11-20 05:24 - 00300032 ____A (Microsoft Corporation) C:\Windows\System32\msconfig.exe
2012-07-12 16:57 - 2010-11-20 05:24 - 00250880 ____A (Microsoft Corporation) C:\Windows\System32\ksproxy.ax
2012-07-12 16:57 - 2010-11-20 05:24 - 00217088 ____A (Microsoft Corporation) C:\Windows\System32\wdmaud.drv
2012-07-12 16:57 - 2010-11-20 05:24 - 00126464 ____A (Microsoft Corporation) C:\Windows\System32\audiodg.exe
2012-07-12 16:57 - 2010-11-20 05:24 - 00122880 ____A (Microsoft Corporation) C:\Windows\System32\aitagent.exe
2012-07-12 16:57 - 2010-11-20 05:24 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\WSTPager.ax
2012-07-12 16:57 - 2010-11-20 04:55 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
2012-07-12 16:57 - 2010-11-20 04:23 - 00144768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 02983424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 02755072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 02311168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 02146304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SyncCenter.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 01624064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPEncEn.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 01326592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanpref.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 01227776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 01003008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMNetMgr.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 00933376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Vault.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 00782336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 00778240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sqlsrv32.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 00560128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 00458752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 00411648 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlangpui.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 00380416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sxs.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 00372224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 00363520 ____A (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 00352768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\termmgr.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 00352256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmpeffects.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 00346624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 00335872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WinSATAPI.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 00328192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shsvcs.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 00307712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 00305152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 00301568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\srchadmin.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 00276992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 00246272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\scansetting.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 00228352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 00206848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 00194048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 00181760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tcpipcfg.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\spp.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 00156672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 00139264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 00135168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 00134656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 00082944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 00072192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\regapi.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 00051712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 00051200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\samcli.dll
2012-07-12 16:57 - 2010-11-20 04:21 - 00046080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RpcRtRemote.dll
2012-07-12 16:57 - 2010-11-20 04:20 - 02504192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMVCORE.DLL
2012-07-12 16:57 - 2010-11-20 04:20 - 02494464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netshell.dll
2012-07-12 16:57 - 2010-11-20 04:20 - 01750528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pnidui.dll
2012-07-12 16:57 - 2010-11-20 04:20 - 01508864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pla.dll
2012-07-12 16:57 - 2010-11-20 04:20 - 00932352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
2012-07-12 16:57 - 2010-11-20 04:20 - 00801280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\NaturalLanguage6.dll
2012-07-12 16:57 - 2010-11-20 04:20 - 00441856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\powercpl.dll
2012-07-12 16:57 - 2010-11-20 04:20 - 00324608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2012-07-12 16:57 - 2010-11-20 04:20 - 00225792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netdiagfx.dll
2012-07-12 16:57 - 2010-11-20 04:20 - 00199168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\onex.dll
2012-07-12 16:57 - 2010-11-20 04:20 - 00171520 ____A (Microsoft Corporation) C:\Windows\SysWOW64\QAGENT.DLL
2012-07-12 16:57 - 2010-11-20 04:20 - 00167936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\QSHVHOST.DLL
2012-07-12 16:57 - 2010-11-20 04:20 - 00166400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netiohlp.dll
2012-07-12 16:57 - 2010-11-20 04:20 - 00152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2012-07-12 16:57 - 2010-11-20 04:20 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netid.dll
2012-07-12 16:57 - 2010-11-20 04:20 - 00116736 ____A (Microsoft Corporation) C:\Windows\SysWOW64\prncache.dll
2012-07-12 16:57 - 2010-11-20 04:20 - 00078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nci.dll
2012-07-12 16:57 - 2010-11-20 04:19 - 02576384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2012-07-12 16:57 - 2010-11-20 04:19 - 00830464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2012-07-12 16:57 - 2010-11-20 04:19 - 00666624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2012-07-12 16:57 - 2010-11-20 04:19 - 00488448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2012-07-12 16:57 - 2010-11-20 04:19 - 00400896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ipsmsnap.dll
2012-07-12 16:57 - 2010-11-20 04:19 - 00392192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imapi2.dll
2012-07-12 16:57 - 2010-11-20 04:19 - 00337408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2012-07-12 16:57 - 2010-11-20 04:19 - 00320512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mtxclu.dll
2012-07-12 16:57 - 2010-11-20 04:19 - 00232448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2012-07-12 16:57 - 2010-11-20 04:19 - 00213504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll
2012-07-12 16:57 - 2010-11-20 04:19 - 00202752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\framedyn.dll
2012-07-12 16:57 - 2010-11-20 04:19 - 00197120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2012-07-12 16:57 - 2010-11-20 04:19 - 00196608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2012-07-12 16:57 - 2010-11-20 04:19 - 00167936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msutb.dll
2012-07-12 16:57 - 2010-11-20 04:19 - 00124416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fde.dll
2012-07-12 16:57 - 2010-11-20 04:19 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IPHLPAPI.DLL
2012-07-12 16:57 - 2010-11-20 04:19 - 00066560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\hbaapi.dll
2012-07-12 16:57 - 2010-11-20 04:19 - 00042496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mimefilt.dll
2012-07-12 16:57 - 2010-11-20 04:19 - 00034304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msasn1.dll
2012-07-12 16:57 - 2010-11-20 04:18 - 01400320 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DxpTaskSync.dll
2012-07-12 16:57 - 2010-11-20 04:18 - 01040384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2012-07-12 16:57 - 2010-11-20 04:18 - 00854016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2012-07-12 16:57 - 2010-11-20 04:18 - 00762880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\azroles.dll
2012-07-12 16:57 - 2010-11-20 04:18 - 00665600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AuxiliaryDisplayCpl.dll
2012-07-12 16:57 - 2010-11-20 04:18 - 00630784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DXPTaskRingtone.dll
2012-07-12 16:57 - 2010-11-20 04:18 - 00530432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2012-07-12 16:57 - 2010-11-20 04:18 - 00508416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2012-07-12 16:57 - 2010-11-20 04:18 - 00309760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2012-07-12 16:57 - 2010-11-20 04:18 - 00254464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2012-07-12 16:57 - 2010-11-20 04:18 - 00222208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2012-07-12 16:57 - 2010-11-20 04:18 - 00195584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2012-07-12 16:57 - 2010-11-20 04:18 - 00168960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2012-07-12 16:57 - 2010-11-20 04:18 - 00131584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2012-07-12 16:57 - 2010-11-20 04:18 - 00080384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2012-07-12 16:57 - 2010-11-20 04:17 - 00303104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe
2012-07-12 16:57 - 2010-11-20 04:17 - 00227328 ____A (Microsoft Corporation) C:\Windows\SysWOW64\taskmgr.exe
2012-07-12 16:57 - 2010-11-20 04:17 - 00192000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2012-07-12 16:57 - 2010-11-20 04:17 - 00179712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2012-07-12 16:57 - 2010-11-20 04:17 - 00142336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\net1.exe
2012-07-12 16:57 - 2010-11-20 04:17 - 00098816 ____A (Microsoft) C:\Windows\SysWOW64\Robocopy.exe
2012-07-12 16:57 - 2010-11-20 04:17 - 00028672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\proquota.exe
2012-07-12 16:57 - 2010-11-20 04:17 - 00026624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\userinit.exe
2012-07-12 16:57 - 2010-11-20 04:16 - 00905216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mmsys.cpl
2012-07-12 16:57 - 2010-11-20 04:16 - 00776192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2012-07-12 16:57 - 2010-11-20 04:16 - 00679424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\autoconv.exe
2012-07-12 16:57 - 2010-11-20 04:16 - 00668160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2012-07-12 16:57 - 2010-11-20 04:16 - 00658944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\autofmt.exe
2012-07-12 16:57 - 2010-11-20 04:16 - 00320000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2012-07-12 16:57 - 2010-11-20 04:08 - 00833024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2012-07-12 16:57 - 2010-11-20 04:08 - 00311296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2012-07-12 16:57 - 2010-11-20 03:04 - 00248832 ____A (Microsoft Corporation) C:\Windows\System32\wksprt.exe
2012-07-12 16:57 - 2010-11-20 02:52 - 00164352 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndiswan.sys
2012-07-12 16:57 - 2010-11-20 02:52 - 00129536 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rasl2tp.sys
2012-07-12 16:57 - 2010-11-20 02:52 - 00111104 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\raspptp.sys
2012-07-12 16:57 - 2010-11-20 02:52 - 00088576 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\wanarp.sys
2012-07-12 16:57 - 2010-11-20 02:52 - 00082944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ipfltdrv.sys
2012-07-12 16:57 - 2010-11-20 02:44 - 00325120 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys
2012-07-12 16:57 - 2010-11-20 02:44 - 00091648 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBSTOR.SYS
2012-07-12 16:57 - 2010-11-20 02:43 - 00076800 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2012-07-12 16:57 - 2010-11-20 02:43 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys
2012-07-12 16:57 - 2010-11-20 02:43 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\winusb.sys
2012-07-12 16:57 - 2010-11-20 02:33 - 00243712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ks.sys
2012-07-12 16:57 - 2010-11-20 01:26 - 00328192 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\udfs.sys
2012-07-12 16:57 - 2010-11-20 01:26 - 00140800 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxdav.sys
2012-07-12 16:57 - 2010-11-04 18:11 - 00433512 ____A (Microsoft Corporation) C:\Windows\System32\MCEWMDRMNDBootstrap.dll
2012-07-12 16:57 - 2010-11-04 17:58 - 00155472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2012-07-12 16:57 - 2010-11-04 17:57 - 00154960 ____A (Microsoft Corporation) C:\Windows\System32\mscorier.dll
2012-07-12 16:56 - 2010-11-20 05:44 - 00133632 ____A (Microsoft Corporation) C:\Windows\System32\NAPHLPR.DLL
2012-07-12 16:56 - 2010-11-20 05:44 - 00050176 ____A (Microsoft Corporation) C:\Windows\System32\NAPCRYPT.DLL
2012-07-12 16:56 - 2010-11-20 05:33 - 00155008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mpio.sys
2012-07-12 16:56 - 2010-11-20 05:33 - 00094592 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mountmgr.sys
2012-07-12 16:56 - 2010-11-20 05:33 - 00014720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hwpolicy.sys
2012-07-12 16:56 - 2010-11-20 05:32 - 00155520 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ataport.sys
2012-07-12 16:56 - 2010-11-20 05:27 - 02146816 ____A (Microsoft Corporation) C:\Windows\System32\networkmap.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 01911808 ____A (Microsoft Corporation) C:\Windows\System32\OpcServices.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 01672704 ____A (Microsoft Corporation) C:\Windows\System32\networkexplorer.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 01232896 ____A (Microsoft Corporation) C:\Windows\System32\WMADMOD.DLL
2012-07-12 16:56 - 2010-11-20 05:27 - 01080320 ____A (Microsoft Corporation) C:\Windows\System32\onexui.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00978944 ____A (Microsoft Corporation) C:\Windows\System32\WMSPDMOD.DLL
2012-07-12 16:56 - 2010-11-20 05:27 - 00898560 ____A (Microsoft Corporation) C:\Windows\System32\OobeFldr.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00781312 ____A (Microsoft Corporation) C:\Windows\System32\wmdrmsdk.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00769536 ____A (Microsoft Corporation) C:\Windows\System32\sud.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\sdcpl.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00681472 ____A (Microsoft Corporation) C:\Windows\System32\WUDFx.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00666112 ____A (Microsoft Corporation) C:\Windows\System32\WMVSDECD.DLL
2012-07-12 16:56 - 2010-11-20 05:27 - 00641024 ____A (Microsoft Corporation) C:\Windows\System32\msscp.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00636416 ____A (Microsoft Corporation) C:\Windows\System32\wmdrmdev.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00594432 ____A (Microsoft Corporation) C:\Windows\System32\wvc.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00527872 ____A (Microsoft Corporation) C:\Windows\System32\wmdrmnet.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00503296 ____A (Microsoft Corporation) C:\Windows\System32\srcore.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00451072 ____A (Microsoft Corporation) C:\Windows\System32\shwebsvc.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00446976 ____A (Microsoft Corporation) C:\Windows\System32\sqlcese30.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00445952 ____A (Microsoft Corporation) C:\Windows\System32\spwizeng.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00435712 ____A (Microsoft Corporation) C:\Windows\System32\PortableDeviceStatus.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00431104 ____A (Microsoft Corporation) C:\Windows\System32\WPDSp.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00421888 ____A (Microsoft Corporation) C:\Windows\System32\termmgr.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00419840 ____A (Microsoft Corporation) C:\Windows\System32\systemcpl.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00414720 ____A (Microsoft Corporation) C:\Windows\System32\wlanmsm.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00403968 ____A (Microsoft Corporation) C:\Windows\System32\untfs.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00392192 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00366080 ____A (Microsoft Corporation) C:\Windows\System32\zipfldr.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00358400 ____A (Microsoft Corporation) C:\Windows\System32\wmpdxm.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00344576 ____A (Microsoft Corporation) C:\Windows\System32\ntprint.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00337920 ____A (Microsoft Corporation) C:\Windows\System32\raschap.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00335360 ____A (Microsoft Corporation) C:\Windows\System32\msieftp.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00325632 ____A (Microsoft Corporation) C:\Windows\System32\msnetobj.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00313856 ____A (Microsoft Corporation) C:\Windows\System32\ReAgent.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00300032 ____A (Microsoft Corporation) C:\Windows\System32\pdh.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00288256 ____A (Microsoft Corporation) C:\Windows\System32\mssphtb.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\srrstr.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00268288 ____A (Microsoft Corporation) C:\Windows\System32\MSAC3ENC.DLL
2012-07-12 16:56 - 2010-11-20 05:27 - 00255488 ____A (Microsoft Corporation) C:\Windows\System32\wavemsp.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00254464 ____A (Microsoft Corporation) C:\Windows\System32\qasf.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00250880 ____A (Microsoft Corporation) C:\Windows\System32\qdv.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00243712 ____A (Microsoft Corporation) C:\Windows\System32\taskbarcpl.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00238080 ____A (Microsoft Corporation) C:\Windows\System32\mstask.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00224256 ____A (Microsoft Corporation) C:\Windows\System32\PortableDeviceSyncProvider.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00222208 ____A (Microsoft Corporation) C:\Windows\System32\rdpencom.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00221696 ____A (Microsoft Corporation) C:\Windows\System32\OnLineIDCpl.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00217600 ____A (Microsoft Corporation) C:\Windows\System32\WinSCard.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\wpdwcn.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00207360 ____A (Microsoft Corporation) C:\Windows\System32\sysclass.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00200192 ____A (Microsoft Corporation) C:\Windows\System32\syncui.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00193024 ____A (Microsoft Corporation) C:\Windows\System32\netplwiz.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00190976 ____A (Microsoft Corporation) C:\Windows\System32\vdsbas.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00189952 ____A (Microsoft Corporation) C:\Windows\System32\SmartcardCredentialProvider.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00185856 ____A (Microsoft Corporation) C:\Windows\System32\vdsutil.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00182784 ____A (Microsoft Corporation) C:\Windows\System32\WUDFPlatform.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00181248 ____A (Microsoft Corporation) C:\Windows\System32\qcap.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00172544 ____A (Microsoft Corporation) C:\Windows\System32\twext.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00170496 ____A (Microsoft Corporation) C:\Windows\System32\sdrsvc.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00154624 ____A (Microsoft Corporation) C:\Windows\System32\uxlib.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00153088 ____A (Microsoft Corporation) C:\Windows\System32\remotepg.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00146944 ____A (Microsoft Corporation) C:\Windows\System32\recovery.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00145920 ____A (Microsoft Corporation) C:\Windows\System32\sppc.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00143360 ____A (Microsoft Corporation) C:\Windows\System32\mydocs.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00135168 ____A (Microsoft Corporation) C:\Windows\System32\shacct.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00132608 ____A (Microsoft Corporation) C:\Windows\System32\wmpshell.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00129536 ____A (Microsoft Corporation) C:\Windows\System32\ntlanman.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00128000 ____A (Microsoft Corporation) C:\Windows\System32\srvcli.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00124928 ____A (Microsoft Corporation) C:\Windows\System32\wiavideo.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00124416 ____A (Microsoft Corporation) C:\Windows\System32\QSVRMGMT.DLL
2012-07-12 16:56 - 2010-11-20 05:27 - 00121856 ____A (Microsoft Corporation) C:\Windows\System32\secproc_ssp_isv.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00121856 ____A (Microsoft Corporation) C:\Windows\System32\secproc_ssp.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00115200 ____A (Microsoft Corporation) C:\Windows\System32\WPDShServiceObj.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00102400 ____A (Microsoft Corporation) C:\Windows\System32\sppnp.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00086016 ____A (Microsoft Corporation) C:\Windows\System32\TSpkg.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00084480 ____A (Microsoft Corporation) C:\Windows\System32\UserAccountControlSettings.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00079872 ____A (Microsoft Corporation) C:\Windows\System32\QCLIPROV.DLL
2012-07-12 16:56 - 2010-11-20 05:27 - 00078848 ____A (Microsoft Corporation) C:\Windows\System32\spbcd.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00073728 ____A (Microsoft Corporation) C:\Windows\System32\tlscsp.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\unimdmat.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00072704 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00072192 ____A (Microsoft Corporation) C:\Windows\System32\napdsnap.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00071680 ____A (Microsoft Corporation) C:\Windows\System32\wkscli.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00068096 ____A (Microsoft Corporation) C:\Windows\System32\vfwwdm32.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00068096 ____A (Microsoft Corporation) C:\Windows\System32\rdpd3d.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\wsnmp32.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00066048 ____A (Microsoft Corporation) C:\Windows\System32\ncryptui.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00061952 ____A (Microsoft Corporation) C:\Windows\System32\WavDest.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00061952 ____A (Microsoft Corporation) C:\Windows\System32\vss_ps.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00059904 ____A (Microsoft Corporation) C:\Windows\System32\umb.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\odbcconf.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00048128 ____A (Microsoft Corporation) C:\Windows\System32\PrintIsolationProxy.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00047104 ____A (Microsoft Corporation) C:\Windows\System32\wshbth.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00044544 ____A (Microsoft Corporation) C:\Windows\System32\WUDFCoinstaller.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00044032 ____A (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00038912 ____A (Microsoft Corporation) C:\Windows\System32\msvidc32.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00037376 ____A (Microsoft Corporation) C:\Windows\System32\shimgvw.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00036352 ____A (Microsoft Corporation) C:\Windows\System32\wdiasqmmodule.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00035840 ____A (Microsoft Corporation) C:\Windows\System32\msdmo.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\seclogon.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00029184 ____A (Microsoft Corporation) C:\Windows\System32\netutils.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00028160 ____A (Microsoft Corporation) C:\Windows\System32\shgina.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00026112 ____A (Microsoft Corporation) C:\Windows\System32\wsdchngr.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00025600 ____A (Microsoft Corporation) C:\Windows\System32\msyuv.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00024064 ____A (Microsoft Corporation) C:\Windows\System32\sisbkup.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00024064 ____A (Microsoft Corporation) C:\Windows\System32\schedcli.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00023040 ____A (Microsoft Corporation) C:\Windows\System32\rdprefdrvapi.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00021504 ____A (Microsoft Corporation) C:\Windows\System32\TRAPI.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00018944 ____A (Microsoft Corporation) C:\Windows\System32\spopk.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00017408 ____A (Microsoft Corporation) C:\Windows\System32\syssetup.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00016896 ____A (Microsoft Corporation) C:\Windows\System32\muifontsetup.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\msrle32.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00015360 ____A (Microsoft Corporation) C:\Windows\System32\slwga.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00015360 ____A (Microsoft Corporation) C:\Windows\System32\nrpsrv.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00014848 ____A (Microsoft Corporation) C:\Windows\System32\tsbyuv.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\wshirda.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\sscore.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00011264 ____A (Microsoft Corporation) C:\Windows\System32\shunimpl.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\riched32.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00010240 ____A (Microsoft Corporation) C:\Windows\System32\rdpcfgex.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\spwmp.dll
2012-07-12 16:56 - 2010-11-20 05:27 - 00005120 ____A (Microsoft Corporation) C:\Windows\System32\msdxm.ocx
2012-07-12 16:56 - 2010-11-20 05:27 - 00005120 ____A (Microsoft Corporation) C:\Windows\System32\dxmasf.dll
2012-07-12 16:56 - 2010-11-20 05:26 - 01087488 ____A (Microsoft Corporation) C:\Windows\System32\dbghelp.dll
2012-07-12 16:56 - 2010-11-20 05:26 - 00701440 ____A (Microsoft Corporation) C:\Windows\System32\dsuiext.dll
2012-07-12 16:56 - 2010-11-20 05:26 - 00623104 ____A (Microsoft Corporation) C:\Windows\System32\FXSAPI.dll
2012-07-12 16:56 - 2010-11-20 05:26 - 00573952 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2012-07-12 16:56 - 2010-11-20 05:26 - 00508928 ____A (Microsoft Corporation) C:\Windows\System32\DeviceCenter.dll
2012-07-12 16:56 - 2010-11-20 05:26 - 00495104 ____A (Microsoft Corporation) C:\Windows\System32\drmmgrtn.dll
2012-07-12 16:56 - 2010-11-20 05:26 - 00434688 ____A (Microsoft Corporation) C:\Windows\System32\FXSTIFF.dll
2012-07-12 16:56 - 2010-11-20 05:26 - 00345600 ____A (Microsoft Corporation) C:\Windows\System32\MediaMetadataHandler.dll
2012-07-12 16:56 - 2010-11-20 05:26 - 00313344 ____A (Microsoft Corporation) C:\Windows\System32\dot3ui.dll
2012-07-12 16:56 - 2010-11-20 05:26 - 00304128 ____A (Microsoft Corporation) C:\Windows\System32\efscore.dll
2012-07-12 16:56 - 2010-11-20 05:26 - 00282624 ____A (Microsoft Corporation) C:\Windows\System32\iTVData.dll
2012-07-12 16:56 - 2010-11-20 05:26 - 00281088 ____A (Microsoft Corporation) C:\Windows\System32\iprtrmgr.dll
2012-07-12 16:56 - 2010-11-20 05:26 - 00252416 ____A (Microsoft Corporation) C:\Windows\System32\dot3svc.dll
2012-07-12 16:56 - 2010-11-20 05:26 - 00240640 ____A (Microsoft Corporation) C:\Windows\System32\MFPlay.dll
2012-07-12 16:56 - 2010-11-20 05:26 - 00233984 ____A (Microsoft Corporation) C:\Windows\System32\defaultlocationcpl.dll
2012-07-12 16:56 - 2010-11-20 05:26 - 00225280 ____A (Microsoft Corporation) C:\Windows\System32\DevicePairingFolder.dll
2012-07-12 16:56 - 2010-11-20 05:26 - 00206848 ____A (Microsoft Corporation) C:\Windows\System32\mfps.dll
2012-07-12 16:56 - 2010-11-20 05:26 - 00198656 ____A (Microsoft Corporation) C:\Windows\System32\iasrecst.dll
2012-07-12 16:56 - 2010-11-20 05:26 - 00194048 ____A (Microsoft Corporation) C:\Windows\System32\itircl.dll
2012-07-12 16:56 - 2010-11-20 05:26 - 00180736 ____A (Microsoft Corporation) C:\Windows\System32\ifsutil.dll
2012-07-12 16:56 - 2010-11-20 05:26 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\EhStorAPI.dll
2012-07-12 16:56 - 2010-11-20 05:26 - 00121344 ____A (Microsoft Corporation) C:\Windows\System32\fphc.dll
2012-07-12 16:56 - 2010-11-20 05:26 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\eappgnui.dll
2012-07-12 16:56 - 2010-11-20 05:26 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\dot3msm.dll
2012-07-12 16:56 - 2010-11-20 05:26 - 00091648 ____A (Microsoft Corporation) C:\Windows\System32\mapistub.dll
2012-07-12 16:56 - 2010-11-20 05:26 - 00091648 ____A (Microsoft Corporation) C:\Windows\System32\mapi32.dll
2012-07-12 16:56 - 2010-11-20 05:26 - 00090624 ____A (Microsoft Corporation) C:\Windows\System32\KMSVC.DLL
2012-07-12 16:56 - 2010-11-20 05:26 - 00084992 ____A (Microsoft Corporation) C:\Windows\System32\Mcx2Svc.dll
2012-07-12 16:56 - 2010-11-20 05:26 - 00074240 ____A (Microsoft Corporation) C:\Windows\System32\fdProxy.dll
2012-07-12 16:56 - 2010-11-20 05:26 - 00065536 ____A (Microsoft Corporation) C:\Windows\System32\inetmib1.dll
2012-07-12 16:56 - 2010-11-20 05:26 - 00054272 ____A (Microsoft Corporation) C:\Windows\System32\iyuv_32.dll
2012-07-12 16:56 - 2010-11-20 05:26 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\luainstall.dll
2012-07-12 16:56 - 2010-11-20 05:26 - 00045056 ____A (Microsoft Corporation) C:\Windows\System32\httpapi.dll
2012-07-12 16:56 - 2010-11-20 05:26 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\FXSMON.dll
2012-07-12 16:56 - 2010-11-20 05:26 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\mciqtz32.dll
2012-07-12 16:56 - 2010-11-20 05:26 - 00037376 ____A (Microsoft Corporation) C:\Windows\System32\iscsium.dll
2012-07-12 16:56 - 2010-11-20 05:26 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\dsauth.dll
2012-07-12 16:56 - 2010-11-20 05:26 - 00027136 ____A (Microsoft Corporation) C:\Windows\System32\HotStartUserAgent.dll
2012-07-12 16:56 - 2010-11-20 05:26 - 00025600 ____A (Microsoft Corporation) C:\Windows\System32\elsTrans.dll
2012-07-12 16:56 - 2010-11-20 05:25 - 03745792 ____A (Microsoft Corporation) C:\Windows\System32\accessibilitycpl.dll
2012-07-12 16:56 - 2010-11-20 05:25 - 01065984 ____A (Microsoft Corporation) C:\Windows\System32\cryptui.dll
2012-07-12 16:56 - 2010-11-20 05:25 - 00840192 ____A (Microsoft Corporation) C:\Windows\System32\blackbox.dll
2012-07-12 16:56 - 2010-11-20 05:25 - 00780800 ____A (Microsoft Corporation) C:\Windows\System32\ActionCenter.dll
2012-07-12 16:56 - 2010-11-20 05:25 - 00549888 ____A (Microsoft Corporation) C:\Windows\System32\ActionCenterCPL.dll
2012-07-12 16:56 - 2010-11-20 05:25 - 00472064 ____A (Microsoft Corporation) C:\Windows\System32\azroleui.dll
2012-07-12 16:56 - 2010-11-20 05:25 - 00460800 ____A (Microsoft Corporation) C:\Windows\System32\certcli.dll
2012-07-12 16:56 - 2010-11-20 05:25 - 00395776 ____A (Microsoft Corporation) C:\Windows\System32\nltest.exe
2012-07-12 16:56 - 2010-11-20 05:25 - 00349696 ____A (Microsoft Corporation) C:\Windows\System32\slui.exe
2012-07-12 16:56 - 2010-11-20 05:25 - 00306688 ____A (Microsoft Corporation) C:\Windows\System32\RMActivate_ssp.exe
2012-07-12 16:56 - 2010-11-20 05:25 - 00305152 ____A (Microsoft Corporation) C:\Windows\System32\RMActivate_ssp_isv.exe
2012-07-12 16:56 - 2010-11-20 05:25 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\rstrui.exe
2012-07-12 16:56 - 2010-11-20 05:25 - 00294912 ____A (Microsoft Corporation) C:\Windows\System32\WindowsAnytimeUpgradeResults.exe
2012-07-12 16:56 - 2010-11-20 05:25 - 00293888 ____A (Microsoft Corporation) C:\Windows\System32\wsqmcons.exe
2012-07-12 16:56 - 2010-11-20 05:25 - 00279040 ____A (Microsoft Corporation) C:\Windows\System32\sethc.exe
2012-07-12 16:56 - 2010-11-20 05:25 - 00238080 ____A (Microsoft Corporation) C:\Windows\System32\recdisc.exe

#4 mgear86

mgear86
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 14 July 2012 - 11:01 AM

2012-07-12 16:56 - 2010-11-20 05:25 - 00226816 ____A (Microsoft Corporation) C:\Windows\System32\WUDFHost.exe
2012-07-12 16:56 - 2010-11-20 05:25 - 00213504 ____A (Microsoft Corporation) C:\Windows\System32\ActionQueue.dll
2012-07-12 16:56 - 2010-11-20 05:25 - 00172544 ____A (Microsoft Corporation) C:\Windows\System32\perfmon.exe
2012-07-12 16:56 - 2010-11-20 05:25 - 00155136 ____A (Microsoft Corporation) C:\Windows\System32\autoplay.dll
2012-07-12 16:56 - 2010-11-20 05:25 - 00152064 ____A (Microsoft Corporation) C:\Windows\System32\net1.exe
2012-07-12 16:56 - 2010-11-20 05:25 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll
2012-07-12 16:56 - 2010-11-20 05:25 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\AuxiliaryDisplayServices.dll
2012-07-12 16:56 - 2010-11-20 05:25 - 00109568 ____A (Microsoft Corporation) C:\Windows\System32\nslookup.exe
2012-07-12 16:56 - 2010-11-20 05:25 - 00095232 ____A (Microsoft Corporation) C:\Windows\System32\cca.dll
2012-07-12 16:56 - 2010-11-20 05:25 - 00094720 ____A (Microsoft Corporation) C:\Windows\System32\cabinet.dll
2012-07-12 16:56 - 2010-11-20 05:25 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\amstream.dll
2012-07-12 16:56 - 2010-11-20 05:25 - 00084992 ____A (Microsoft Corporation) C:\Windows\System32\asycfilt.dll
2012-07-12 16:56 - 2010-11-20 05:25 - 00080384 ____A (Microsoft Corporation) C:\Windows\System32\certprop.dll
2012-07-12 16:56 - 2010-11-20 05:25 - 00078848 ____A (Microsoft Corporation) C:\Windows\System32\tabcal.exe
2012-07-12 16:56 - 2010-11-20 05:25 - 00071680 ____A (Microsoft Corporation) C:\Windows\System32\CertPolEng.dll
2012-07-12 16:56 - 2010-11-20 05:25 - 00070656 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2012-07-12 16:56 - 2010-11-20 05:25 - 00063488 ____A (Microsoft Corporation) C:\Windows\System32\takeown.exe
2012-07-12 16:56 - 2010-11-20 05:25 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\PnPUnattend.exe
2012-07-12 16:56 - 2010-11-20 05:25 - 00058880 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll
2012-07-12 16:56 - 2010-11-20 05:25 - 00058368 ____A (Microsoft Corporation) C:\Windows\System32\tzutil.exe
2012-07-12 16:56 - 2010-11-20 05:25 - 00056832 ____A (Microsoft Corporation) C:\Windows\System32\runonce.exe
2012-07-12 16:56 - 2010-11-20 05:25 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\acppage.dll
2012-07-12 16:56 - 2010-11-20 05:25 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\repair-bde.exe
2012-07-12 16:56 - 2010-11-20 05:25 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\MultiDigiMon.exe
2012-07-12 16:56 - 2010-11-20 05:25 - 00046080 ____A (Microsoft Corporation) C:\Windows\System32\cscapi.dll
2012-07-12 16:56 - 2010-11-20 05:25 - 00043008 ____A (Microsoft Corporation) C:\Windows\System32\relog.exe
2012-07-12 16:56 - 2010-11-20 05:25 - 00031744 ____A (Microsoft Corporation) C:\Windows\System32\proquota.exe
2012-07-12 16:56 - 2010-11-20 05:25 - 00031744 ____A (Microsoft Corporation) C:\Windows\System32\AzSqlExt.dll
2012-07-12 16:56 - 2010-11-20 05:25 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\userinit.exe
2012-07-12 16:56 - 2010-11-20 05:25 - 00030208 ____A (Microsoft Corporation) C:\Windows\System32\cscdll.dll
2012-07-12 16:56 - 2010-11-20 05:25 - 00026112 ____A (Microsoft Corporation) C:\Windows\System32\WerFaultSecure.exe
2012-07-12 16:56 - 2010-11-20 05:25 - 00024576 ____A (Microsoft Corporation) C:\Windows\System32\bitsperf.dll
2012-07-12 16:56 - 2010-11-20 05:25 - 00014848 ____A (Microsoft Corporation) C:\Windows\System32\BWUnpairElevated.dll
2012-07-12 16:56 - 2010-11-20 05:25 - 00014336 ____A (Microsoft Corporation) C:\Windows\System32\browseui.dll
2012-07-12 16:56 - 2010-11-20 05:25 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\C_ISCII.DLL
2012-07-12 16:56 - 2010-11-20 05:25 - 00008192 ____A (Microsoft Corporation) C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
2012-07-12 16:56 - 2010-11-20 05:24 - 00899584 ____A (Microsoft Corporation) C:\Windows\System32\Bubbles.scr
2012-07-12 16:56 - 2010-11-20 05:24 - 00721408 ____A (Microsoft Corporation) C:\Windows\System32\bthprops.cpl
2012-07-12 16:56 - 2010-11-20 05:24 - 00606208 ____A (Microsoft Corporation) C:\Windows\System32\dfrgui.exe
2012-07-12 16:56 - 2010-11-20 05:24 - 00497664 ____A (Microsoft Corporation) C:\Windows\System32\main.cpl
2012-07-12 16:56 - 2010-11-20 05:24 - 00474112 ____A (Microsoft Corporation) C:\Windows\System32\sysmon.ocx
2012-07-12 16:56 - 2010-11-20 05:24 - 00373248 ____A (Microsoft Corporation) C:\Windows\System32\intl.cpl
2012-07-12 16:56 - 2010-11-20 05:24 - 00363520 ____A (Microsoft Corporation) C:\Windows\System32\diskraid.exe
2012-07-12 16:56 - 2010-11-20 05:24 - 00352768 ____A (Microsoft Corporation) C:\Windows\System32\sysdm.cpl
2012-07-12 16:56 - 2010-11-20 05:24 - 00346112 ____A (Microsoft Corporation) C:\Windows\System32\bcdedit.exe
2012-07-12 16:56 - 2010-11-20 05:24 - 00333824 ____A (Microsoft Corporation) C:\Windows\System32\ssText3d.scr
2012-07-12 16:56 - 2010-11-20 05:24 - 00321536 ____A (Microsoft Corporation) C:\Windows\System32\unimdm.tsp
2012-07-12 16:56 - 2010-11-20 05:24 - 00242688 ____A (Microsoft Corporation) C:\Windows\System32\Mystify.scr
2012-07-12 16:56 - 2010-11-20 05:24 - 00241664 ____A (Microsoft Corporation) C:\Windows\System32\Ribbons.scr
2012-07-12 16:56 - 2010-11-20 05:24 - 00232448 ____A (Microsoft Corporation) C:\Windows\System32\bitsadmin.exe
2012-07-12 16:56 - 2010-11-20 05:24 - 00196096 ____A (Microsoft Corporation) C:\Windows\System32\VBICodec.ax
2012-07-12 16:56 - 2010-11-20 05:24 - 00175616 ____A (Microsoft Corporation) C:\Windows\System32\bcdboot.exe
2012-07-12 16:56 - 2010-11-20 05:24 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\powercfg.cpl
2012-07-12 16:56 - 2010-11-20 05:24 - 00166400 ____A (Microsoft Corporation) C:\Windows\System32\diskpart.exe
2012-07-12 16:56 - 2010-11-20 05:24 - 00152064 ____A (Microsoft Corporation) C:\Windows\System32\iscsicli.exe
2012-07-12 16:56 - 2010-11-20 05:24 - 00146944 ____A (Microsoft Corporation) C:\Windows\System32\MdSched.exe
2012-07-12 16:56 - 2010-11-20 05:24 - 00133120 ____A (Microsoft Corporation) C:\Windows\System32\Kswdmcap.ax
2012-07-12 16:56 - 2010-11-20 05:24 - 00130048 ____A (Microsoft Corporation) C:\Windows\System32\desk.cpl
2012-07-12 16:56 - 2010-11-20 05:24 - 00128000 ____A (Microsoft Corporation) C:\Windows\System32\msiexec.exe
2012-07-12 16:56 - 2010-11-20 05:24 - 00104448 ____A (Microsoft Corporation) C:\Windows\System32\logman.exe
2012-07-12 16:56 - 2010-11-20 05:24 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\kstvtune.ax
2012-07-12 16:56 - 2010-11-20 05:24 - 00102400 ____A (Microsoft Corporation) C:\Windows\System32\mobsync.exe
2012-07-12 16:56 - 2010-11-20 05:24 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\cmstp.exe
2012-07-12 16:56 - 2010-11-20 05:24 - 00091648 ____A (Microsoft Corporation) C:\Windows\System32\isoburn.exe
2012-07-12 16:56 - 2010-11-20 05:24 - 00079872 ____A (Microsoft Corporation) C:\Windows\System32\manage-bde.exe
2012-07-12 16:56 - 2010-11-20 05:24 - 00071168 ____A (Microsoft Corporation) C:\Windows\System32\findstr.exe
2012-07-12 16:56 - 2010-11-20 05:24 - 00071168 ____A (Microsoft Corporation) C:\Windows\bfsvc.exe
2012-07-12 16:56 - 2010-11-20 05:24 - 00066048 ____A (Microsoft Corporation) C:\Windows\System32\ksxbar.ax
2012-07-12 16:56 - 2010-11-20 05:24 - 00061440 ____A (Microsoft Corporation) C:\Windows\System32\djoin.exe
2012-07-12 16:56 - 2010-11-20 05:24 - 00057856 ____A (Microsoft Corporation) C:\Windows\System32\g711codc.ax
2012-07-12 16:56 - 2010-11-20 05:24 - 00048128 ____A (Microsoft Corporation) C:\Windows\System32\ftp.exe
2012-07-12 16:56 - 2010-11-20 05:24 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\vbisurf.ax
2012-07-12 16:56 - 2010-11-20 05:24 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\choice.exe
2012-07-12 16:56 - 2010-11-20 05:24 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\LogonUI.exe
2012-07-12 16:56 - 2010-11-20 05:24 - 00018432 ____A (Microsoft Corporation) C:\Windows\System32\FXSUNATD.exe
2012-07-12 16:56 - 2010-11-20 05:24 - 00017920 ____A (Microsoft Corporation) C:\Windows\System32\fixmapi.exe
2012-07-12 16:56 - 2010-11-20 05:16 - 12625920 ____A (Microsoft Corporation) C:\Windows\System32\wmploc.DLL
2012-07-12 16:56 - 2010-11-20 05:15 - 01164800 ____A (Microsoft Corporation) C:\Windows\System32\UIRibbonRes.dll
2012-07-12 16:56 - 2010-11-20 05:14 - 00007680 ____A (Microsoft Corporation) C:\Windows\System32\spwizres.dll
2012-07-12 16:56 - 2010-11-20 05:13 - 00147456 ____A (Microsoft Corporation) C:\Windows\System32\RDPENCDD.dll
2012-07-12 16:56 - 2010-11-20 05:13 - 00069120 ____A (Microsoft Corporation) C:\Windows\System32\nlsbres.dll
2012-07-12 16:56 - 2010-11-20 05:12 - 00035328 ____A (Microsoft Corporation) C:\Windows\System32\pifmgr.dll
2012-07-12 16:56 - 2010-11-20 05:02 - 01148416 ____A (Microsoft Corporation) C:\Windows\System32\IMJP10.IME
2012-07-12 16:56 - 2010-11-20 05:02 - 00457216 ____A (Microsoft Corporation) C:\Windows\System32\imkr80.ime
2012-07-12 16:56 - 2010-11-20 05:02 - 00008192 ____A (Microsoft Corporation) C:\Windows\System32\KBDTUQ.DLL
2012-07-12 16:56 - 2010-11-20 05:02 - 00008192 ____A (Microsoft Corporation) C:\Windows\System32\KBDTUF.DLL
2012-07-12 16:56 - 2010-11-20 05:02 - 00008192 ____A (Microsoft Corporation) C:\Windows\System32\KBDSG.DLL
2012-07-12 16:56 - 2010-11-20 05:02 - 00008192 ____A (Microsoft Corporation) C:\Windows\System32\kbdlk41a.dll
2012-07-12 16:56 - 2010-11-20 05:02 - 00008192 ____A (Microsoft Corporation) C:\Windows\System32\KBDGKL.DLL
2012-07-12 16:56 - 2010-11-20 05:02 - 00008192 ____A (Microsoft Corporation) C:\Windows\System32\KBDCZ1.DLL
2012-07-12 16:56 - 2010-11-20 05:02 - 00007680 ____A (Microsoft Corporation) C:\Windows\System32\KBDSF.DLL
2012-07-12 16:56 - 2010-11-20 05:02 - 00007680 ____A (Microsoft Corporation) C:\Windows\System32\KBDPO.DLL
2012-07-12 16:56 - 2010-11-20 05:02 - 00007680 ____A (Microsoft Corporation) C:\Windows\System32\KBDNEPR.DLL
2012-07-12 16:56 - 2010-11-20 05:02 - 00007680 ____A (Microsoft Corporation) C:\Windows\System32\KBDINTAM.DLL
2012-07-12 16:56 - 2010-11-20 05:02 - 00007680 ____A (Microsoft Corporation) C:\Windows\System32\KBDINBEN.DLL
2012-07-12 16:56 - 2010-11-20 05:02 - 00007680 ____A (Microsoft Corporation) C:\Windows\System32\KBDGR1.DLL
2012-07-12 16:56 - 2010-11-20 05:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDUS.DLL
2012-07-12 16:56 - 2010-11-20 05:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDUGHR1.DLL
2012-07-12 16:56 - 2010-11-20 05:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDTURME.DLL
2012-07-12 16:56 - 2010-11-20 05:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDTAJIK.DLL
2012-07-12 16:56 - 2010-11-20 05:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDMON.DLL
2012-07-12 16:56 - 2010-11-20 05:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDMAORI.DLL
2012-07-12 16:56 - 2010-11-20 05:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDLT1.DLL
2012-07-12 16:56 - 2010-11-20 05:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDINTEL.DLL
2012-07-12 16:56 - 2010-11-20 05:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDINORI.DLL
2012-07-12 16:56 - 2010-11-20 05:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDINMAR.DLL
2012-07-12 16:56 - 2010-11-20 05:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDINKAN.DLL
2012-07-12 16:56 - 2010-11-20 05:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDINHIN.DLL
2012-07-12 16:56 - 2010-11-20 05:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDBULG.DLL
2012-07-12 16:56 - 2010-11-20 05:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDBLR.DLL
2012-07-12 16:56 - 2010-11-20 05:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDBASH.DLL
2012-07-12 16:56 - 2010-11-20 05:02 - 00006656 ____A (Microsoft Corporation) C:\Windows\System32\KBDGEO.DLL
2012-07-12 16:56 - 2010-11-20 04:58 - 00003072 ____A (Microsoft Corporation) C:\Windows\System32\dpnaddr.dll
2012-07-12 16:56 - 2010-11-20 04:54 - 00052736 ____A (Microsoft Corporation) C:\Windows\System32\BlbEvents.dll
2012-07-12 16:56 - 2010-11-20 04:51 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-ums-l1-1-0.dll
2012-07-12 16:56 - 2010-11-20 04:36 - 00107008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\NAPHLPR.DLL
2012-07-12 16:56 - 2010-11-20 04:36 - 00046080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\NAPCRYPT.DLL
2012-07-12 16:56 - 2010-11-20 04:21 - 02202624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SensorsCpl.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 02157568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00902656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2012-07-12 16:56 - 2010-11-20 04:21 - 00755200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sud.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00739328 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2012-07-12 16:56 - 2010-11-20 04:21 - 00738816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00638976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00616960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00600064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00541184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2012-07-12 16:56 - 2010-11-20 04:21 - 00507392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmdev.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00473600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\riched20.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00444928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00436736 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmnet.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00428544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shwebsvc.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00428032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00416768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wiadefui.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00410624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\systemcpl.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00410112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanui.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00406528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00352768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\spwizeng.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00350720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WPDSp.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00327680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00318976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\raschap.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00318464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00309760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sqlcese30.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00299520 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmpdxm.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00247808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00242176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tapisrv.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00222208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wavemsp.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SndVolSSO.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00198144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wpdwcn.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00193536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sppcomapi.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00189952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sqmapi.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00186368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00182272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmpsrcwp.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00179712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rasppp.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00175616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\scecli.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00164352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00160256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vdsbas.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00159232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\syncui.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00146944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\remotepg.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00146432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\twext.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00144384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmpps.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00118784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\uxlib.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00115712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00111104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shsetup.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00109568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wiavideo.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00108032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00105984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WPDShServiceObj.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00105472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmpshell.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00100864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sppinst.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00090112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\srvcli.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00087552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00085504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00085504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00080896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\QUTIL.DLL
2012-07-12 16:56 - 2010-11-20 04:21 - 00078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UserAccountControlSettings.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00071168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00069632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tlscsp.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00069632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\spbcd.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00059392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\unimdmat.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00056832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vfwwdm32.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00052224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpd3d.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00051712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wsnmp32.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00051200 ____A (Twain Working Group) C:\Windows\twain_32.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00047104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wkscli.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00040448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wtsapi32.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00037376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rtutils.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00036864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00036352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wshbth.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00035840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shimgvw.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\utildll.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00027648 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vpnikeapi.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00021504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wsdchngr.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00021504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\TRAPI.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00021504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdprefdrvapi.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00020992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shgina.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00019968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\spopk.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00019456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sisbkup.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00017408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schedcli.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00014848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\syssetup.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00012288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tsbyuv.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00011264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wshirda.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shunimpl.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00009728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00008704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\riched32.dll
2012-07-12 16:56 - 2010-11-20 04:21 - 00004096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2012-07-12 16:56 - 2010-11-20 04:21 - 00004096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2012-07-12 16:56 - 2010-11-20 04:20 - 02130944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\networkmap.dll
2012-07-12 16:56 - 2010-11-20 04:20 - 01661440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\networkexplorer.dll
2012-07-12 16:56 - 2010-11-20 04:20 - 01644032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netcenter.dll
2012-07-12 16:56 - 2010-11-20 04:20 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2012-07-12 16:56 - 2010-11-20 04:20 - 01111552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\onexui.dll
2012-07-12 16:56 - 2010-11-20 04:20 - 00859648 ____A (Microsoft Corporation) C:\Windows\SysWOW64\OobeFldr.dll
2012-07-12 16:56 - 2010-11-20 04:20 - 00656384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2012-07-12 16:56 - 2010-11-20 04:20 - 00600576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PerfCenterCPL.dll
2012-07-12 16:56 - 2010-11-20 04:20 - 00509440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2012-07-12 16:56 - 2010-11-20 04:20 - 00427520 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceStatus.dll
2012-07-12 16:56 - 2010-11-20 04:20 - 00395264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\prnfldr.dll
2012-07-12 16:56 - 2010-11-20 04:20 - 00346112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nshipsec.dll
2012-07-12 16:56 - 2010-11-20 04:20 - 00297472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2012-07-12 16:56 - 2010-11-20 04:20 - 00295424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
2012-07-12 16:56 - 2010-11-20 04:20 - 00283136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qdv.dll
2012-07-12 16:56 - 2010-11-20 04:20 - 00236544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2012-07-12 16:56 - 2010-11-20 04:20 - 00218112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\OnLineIDCpl.dll
2012-07-12 16:56 - 2010-11-20 04:20 - 00206848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2012-07-12 16:56 - 2010-11-20 04:20 - 00190976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qcap.dll
2012-07-12 16:56 - 2010-11-20 04:20 - 00183296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceSyncProvider.dll
2012-07-12 16:56 - 2010-11-20 04:20 - 00175616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2012-07-12 16:56 - 2010-11-20 04:20 - 00174592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ocsetapi.dll
2012-07-12 16:56 - 2010-11-20 04:20 - 00165376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\provsvc.dll
2012-07-12 16:56 - 2010-11-20 04:20 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netjoin.dll
2012-07-12 16:56 - 2010-11-20 04:20 - 00136192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mydocs.dll
2012-07-12 16:56 - 2010-11-20 04:20 - 00121344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2012-07-12 16:56 - 2010-11-20 04:20 - 00120320 ____A (Microsoft Corporation) C:\Windows\SysWOW64\prntvpt.dll
2012-07-12 16:56 - 2010-11-20 04:20 - 00099328 ____A (Microsoft Corporation) C:\Windows\SysWOW64\QSVRMGMT.DLL
2012-07-12 16:56 - 2010-11-20 04:20 - 00090112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2012-07-12 16:56 - 2010-11-20 04:20 - 00077824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\olethk32.dll
2012-07-12 16:56 - 2010-11-20 04:20 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\QCLIPROV.DLL
2012-07-12 16:56 - 2010-11-20 04:20 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntlanman.dll
2012-07-12 16:56 - 2010-11-20 04:20 - 00068096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\napdsnap.dll
2012-07-12 16:56 - 2010-11-20 04:20 - 00060928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncryptui.dll
2012-07-12 16:56 - 2010-11-20 04:20 - 00056832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2012-07-12 16:56 - 2010-11-20 04:20 - 00052224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2012-07-12 16:56 - 2010-11-20 04:20 - 00046592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pdhui.dll
2012-07-12 16:56 - 2010-11-20 04:20 - 00040960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
2012-07-12 16:56 - 2010-11-20 04:20 - 00022528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netutils.dll
2012-07-12 16:56 - 2010-11-20 04:20 - 00017408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\perfts.dll
2012-07-12 16:56 - 2010-11-20 04:20 - 00008192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00856576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\FirewallControlPanel.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00828928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fontext.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00592384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00504320 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00481792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00429056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\localsec.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00320512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00312832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00301568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00271360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00268800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00266752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MediaMetadataHandler.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00265216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00226304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSAC3ENC.DLL
2012-07-12 16:56 - 2010-11-20 04:19 - 00219648 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iTVData.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00216576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2012-07-12 16:56 - 2010-11-20 04:19 - 00209920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstask.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00202240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00176128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00176128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MFPlay.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00172032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iasrad.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mprapi.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00148992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ifsutil.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00127488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\logoncli.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00122880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iasrecst.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00120320 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvfw32.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\migisol.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00098304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fphc.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00093696 ____A (Windows ® Codename Longhorn DDK provider) C:\Windows\SysWOW64\fms.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00084480 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mciavi32.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00082944 ____A (Radius Inc.) C:\Windows\SysWOW64\iccvid.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iasacct.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00059904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fdeploy.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00052736 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetmib1.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00050176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iyuv_32.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\luainstall.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00036352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mciqtz32.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00034816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\httpapi.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvidc32.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00030720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msdmo.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00028672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iscsium.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00022528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msyuv.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00021504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\lsmproxy.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00013312 ____A (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
2012-07-12 16:56 - 2010-11-20 04:19 - 00013312 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrle32.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 03727872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\accessibilitycpl.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 01003520 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00744448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00743424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00740864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\batmeter.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00685056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dsuiext.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00537600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenterCPL.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00489984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00484864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DeviceCenter.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00402944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00333824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dot3ui.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00314368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\azroleui.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00257024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpx.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00243712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\audiodev.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00242176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00230912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00220672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\defaultlocationcpl.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00211456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairingFolder.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00210432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxdiagn.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00205312 ____A (Microsoft Corporation) C:\Windows\SysWOW64\efscore.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00202752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\activeds.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00196608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dskquoui.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00186880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\adsldp.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00146944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\autoplay.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00132608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cabview.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00128512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\EhStorAPI.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00115200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dot3msm.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnscmmc.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00094208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00091648 ____A (Microsoft Corporation) C:\Windows\SysWOW64\avifil32.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dot3cfg.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cabinet.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00070656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\amstream.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00067584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00066560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cca.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\CertPolEng.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00045568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\acppage.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00034816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cscapi.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00030208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dsauth.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00028160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AzSqlExt.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cscdll.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00022528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elsTrans.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00019456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\bitsperf.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00017408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2012-07-12 16:56 - 2010-11-20 04:18 - 00011264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\C_ISCII.DLL
2012-07-12 16:56 - 2010-11-20 04:18 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\browseui.dll
2012-07-12 16:56 - 2010-11-20 04:17 - 00586752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dfrgui.exe
2012-07-12 16:56 - 2010-11-20 04:17 - 00327680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wimserv.exe
2012-07-12 16:56 - 2010-11-20 04:17 - 00314880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2012-07-12 16:56 - 2010-11-20 04:17 - 00314368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe
2012-07-12 16:56 - 2010-11-20 04:17 - 00288256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\eudcedit.exe
2012-07-12 16:56 - 2010-11-20 04:17 - 00280064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2012-07-12 16:56 - 2010-11-20 04:17 - 00278016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2012-07-12 16:56 - 2010-11-20 04:17 - 00276480 ____A (Microsoft Corporation) C:\Windows\SysWOW64\diskraid.exe
2012-07-12 16:56 - 2010-11-20 04:17 - 00270336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sethc.exe
2012-07-12 16:56 - 2010-11-20 04:17 - 00209920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PkgMgr.exe
2012-07-12 16:56 - 2010-11-20 04:17 - 00197632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ocsetup.exe
2012-07-12 16:56 - 2010-11-20 04:17 - 00157184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\perfmon.exe
2012-07-12 16:56 - 2010-11-20 04:17 - 00144896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iscsicli.exe
2012-07-12 16:56 - 2010-11-20 04:17 - 00133632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\diskpart.exe
2012-07-12 16:56 - 2010-11-20 04:17 - 00113152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setupugc.exe
2012-07-12 16:56 - 2010-11-20 04:17 - 00101376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mobsync.exe
2012-07-12 16:56 - 2010-11-20 04:17 - 00098304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nslookup.exe
2012-07-12 16:56 - 2010-11-20 04:17 - 00095232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\logagent.exe
2012-07-12 16:56 - 2010-11-20 04:17 - 00086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\isoburn.exe
2012-07-12 16:56 - 2010-11-20 04:17 - 00084992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cmstp.exe
2012-07-12 16:56 - 2010-11-20 04:17 - 00082944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2012-07-12 16:56 - 2010-11-20 04:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2012-07-12 16:56 - 2010-11-20 04:17 - 00070656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MuiUnattend.exe
2012-07-12 16:56 - 2010-11-20 04:17 - 00066048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\w32tm.exe
2012-07-12 16:56 - 2010-11-20 04:17 - 00062976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\findstr.exe
2012-07-12 16:56 - 2010-11-20 04:17 - 00051200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\takeown.exe
2012-07-12 16:56 - 2010-11-20 04:17 - 00050688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\runonce.exe
2012-07-12 16:56 - 2010-11-20 04:17 - 00047616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzutil.exe
2012-07-12 16:56 - 2010-11-20 04:17 - 00042496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ftp.exe
2012-07-12 16:56 - 2010-11-20 04:17 - 00037888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2012-07-12 16:56 - 2010-11-20 04:17 - 00034304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\unlodctr.exe
2012-07-12 16:56 - 2010-11-20 04:17 - 00033792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2012-07-12 16:56 - 2010-11-20 04:17 - 00028672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2012-07-12 16:56 - 2010-11-20 04:17 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netiougc.exe
2012-07-12 16:56 - 2010-11-20 04:17 - 00024064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2012-07-12 16:56 - 2010-11-20 04:17 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe
2012-07-12 16:56 - 2010-11-20 04:16 - 00878592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Bubbles.scr
2012-07-12 16:56 - 2010-11-20 04:16 - 00692736 ____A (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl
2012-07-12 16:56 - 2010-11-20 04:16 - 00649216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
2012-07-12 16:56 - 2010-11-20 04:16 - 00516096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\main.cpl
2012-07-12 16:56 - 2010-11-20 04:16 - 00413696 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr
2012-07-12 16:56 - 2010-11-20 04:16 - 00389632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2012-07-12 16:56 - 2010-11-20 04:16 - 00345088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2012-07-12 16:56 - 2010-11-20 04:16 - 00326656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sysdm.cpl
2012-07-12 16:56 - 2010-11-20 04:16 - 00293888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ssText3d.scr
2012-07-12 16:56 - 2010-11-20 04:16 - 00281088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp
2012-07-12 16:56 - 2010-11-20 04:16 - 00221184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Mystify.scr
2012-07-12 16:56 - 2010-11-20 04:16 - 00220672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Ribbons.scr
2012-07-12 16:56 - 2010-11-20 04:16 - 00193536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2012-07-12 16:56 - 2010-11-20 04:16 - 00186368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\bitsadmin.exe
2012-07-12 16:56 - 2010-11-20 04:16 - 00172032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wdmaud.drv
2012-07-12 16:56 - 2010-11-20 04:16 - 00153600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\VBICodec.ax
2012-07-12 16:56 - 2010-11-20 04:16 - 00142336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2012-07-12 16:56 - 2010-11-20 04:16 - 00128000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\desk.cpl
2012-07-12 16:56 - 2010-11-20 04:16 - 00107008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Kswdmcap.ax
2012-07-12 16:56 - 2010-11-20 04:16 - 00084480 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kstvtune.ax
2012-07-12 16:56 - 2010-11-20 04:16 - 00068608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WSTPager.ax
2012-07-12 16:56 - 2010-11-20 04:16 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ksxbar.ax
2012-07-12 16:56 - 2010-11-20 04:16 - 00045568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\g711codc.ax
2012-07-12 16:56 - 2010-11-20 04:16 - 00033792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbisurf.ax
2012-07-12 16:56 - 2010-11-20 04:08 - 12625408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2012-07-12 16:56 - 2010-11-20 04:08 - 00663040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2012-07-12 16:56 - 2010-11-20 04:08 - 00119808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imm32.dll
2012-07-12 16:56 - 2010-11-20 04:08 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDTUQ.DLL
2012-07-12 16:56 - 2010-11-20 04:08 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDTUF.DLL
2012-07-12 16:56 - 2010-11-20 04:08 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDSG.DLL
2012-07-12 16:56 - 2010-11-20 04:08 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kbdlk41a.dll
2012-07-12 16:56 - 2010-11-20 04:08 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDGR1.DLL
2012-07-12 16:56 - 2010-11-20 04:08 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDGKL.DLL
2012-07-12 16:56 - 2010-11-20 04:08 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDCZ1.DLL
2012-07-12 16:56 - 2010-11-20 04:08 - 00007168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDSF.DLL
2012-07-12 16:56 - 2010-11-20 04:08 - 00007168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDPO.DLL
2012-07-12 16:56 - 2010-11-20 04:08 - 00007168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDNEPR.DLL
2012-07-12 16:56 - 2010-11-20 04:08 - 00007168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDINTAM.DLL
2012-07-12 16:56 - 2010-11-20 04:08 - 00007168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDINORI.DLL
2012-07-12 16:56 - 2010-11-20 04:08 - 00007168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDINMAR.DLL
2012-07-12 16:56 - 2010-11-20 04:08 - 00007168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDINKAN.DLL
2012-07-12 16:56 - 2010-11-20 04:08 - 00007168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDINHIN.DLL
2012-07-12 16:56 - 2010-11-20 04:08 - 00007168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDINBEN.DLL
2012-07-12 16:56 - 2010-11-20 04:08 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDUS.DLL
2012-07-12 16:56 - 2010-11-20 04:08 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDUGHR1.DLL
2012-07-12 16:56 - 2010-11-20 04:08 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDTURME.DLL
2012-07-12 16:56 - 2010-11-20 04:08 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAJIK.DLL
2012-07-12 16:56 - 2010-11-20 04:08 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDMON.DLL
2012-07-12 16:56 - 2010-11-20 04:08 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDMAORI.DLL
2012-07-12 16:56 - 2010-11-20 04:08 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDLT1.DLL
2012-07-12 16:56 - 2010-11-20 04:08 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDINTEL.DLL
2012-07-12 16:56 - 2010-11-20 04:08 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDGEO.DLL
2012-07-12 16:56 - 2010-11-20 04:08 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDBULG.DLL
2012-07-12 16:56 - 2010-11-20 04:08 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDBLR.DLL
2012-07-12 16:56 - 2010-11-20 04:08 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2012-07-12 16:56 - 2010-11-20 04:07 - 01164800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2012-07-12 16:56 - 2010-11-20 04:07 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\spwizres.dll
2012-07-12 16:56 - 2010-11-20 04:06 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2012-07-12 16:56 - 2010-11-20 04:05 - 00035328 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pifmgr.dll
2012-07-12 16:56 - 2010-11-20 04:00 - 01027584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2012-07-12 16:56 - 2010-11-20 04:00 - 00430080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2012-07-12 16:56 - 2010-11-20 03:57 - 00002560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnaddr.dll
2012-07-12 16:56 - 2010-11-20 03:37 - 00031744 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbrpm.sys
2012-07-12 16:56 - 2010-11-20 03:04 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tssecsrv.sys
2012-07-12 16:56 - 2010-11-20 02:52 - 00131584 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\pacer.sys
2012-07-12 16:56 - 2010-11-20 02:52 - 00057856 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndproxy.sys
2012-07-12 16:56 - 2010-11-20 02:51 - 00125440 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tunnel.sys
2012-07-12 16:56 - 2010-11-20 02:51 - 00045056 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpipreg.sys
2012-07-12 16:56 - 2010-11-20 02:50 - 00056832 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndisuio.sys
2012-07-12 16:56 - 2010-11-20 02:49 - 00146432 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rmcast.sys
2012-07-12 16:56 - 2010-11-20 02:44 - 00350208 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\HdAudio.sys
2012-07-12 16:56 - 2010-11-20 02:44 - 00343040 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
2012-07-12 16:56 - 2010-11-20 02:44 - 00098816 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys
2012-07-12 16:56 - 2010-11-20 02:44 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\umbus.sys
2012-07-12 16:56 - 2010-11-20 02:44 - 00032896 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBCAMD2.sys
2012-07-12 16:56 - 2010-11-20 02:43 - 00172544 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFRd.sys
2012-07-12 16:56 - 2010-11-20 02:43 - 00122368 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hdaudbus.sys
2012-07-12 16:56 - 2010-11-20 02:43 - 00030208 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys
2012-07-12 16:56 - 2010-11-20 02:42 - 00112128 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFPf.sys
2012-07-12 16:56 - 2010-11-20 02:34 - 00014336 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\sffp_sd.sys
2012-07-12 16:56 - 2010-11-20 02:33 - 00038912 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\CompositeBus.sys
2012-07-12 16:56 - 2010-11-20 02:33 - 00033280 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\kbdhid.sys
2012-07-12 16:56 - 2010-11-20 02:14 - 00061440 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\appid.sys
2012-07-12 16:56 - 2010-11-20 02:09 - 00029696 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\scfilter.sys
2012-07-12 16:56 - 2010-11-20 02:04 - 00078848 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\IPMIDrv.sys
2012-07-12 16:56 - 2010-11-20 01:49 - 00258048 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2012-07-12 16:56 - 2010-11-20 01:30 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\acpipmi.sys
2012-07-12 16:56 - 2010-11-20 01:26 - 00102400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2012-07-12 16:56 - 2010-11-20 01:22 - 00026624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdi.sys
2012-07-12 16:56 - 2010-11-20 01:19 - 00147456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cdrom.sys
2012-07-12 16:56 - 2010-11-09 17:48 - 00010429 ____A C:\Windows\System32\ScavengeSpace.xml
2012-07-12 16:56 - 2010-11-04 18:11 - 00312168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MCEWMDRMNDBootstrap.dll
2012-07-12 16:56 - 2010-11-04 17:58 - 00080720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2012-07-12 16:55 - 2010-11-20 05:26 - 00399872 ____A (Microsoft Corporation) C:\Windows\System32\dpx.dll
2012-07-12 16:55 - 2010-11-20 04:21 - 00363008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wbemcomn.dll
2012-07-12 16:55 - 2010-11-20 04:21 - 00189952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wdscore.dll
2012-07-12 16:55 - 2010-11-04 18:20 - 00105559 ____A C:\Windows\SysWOW64\RacRules.xml
2012-07-12 16:55 - 2010-11-04 18:20 - 00105559 ____A C:\Windows\System32\RacRules.xml
2012-07-12 16:55 - 2009-06-10 13:39 - 00001041 ____A C:\Windows\SysWOW64\tcpbidi.xml
2012-07-12 16:53 - 2010-11-20 05:27 - 00529408 ____A (Microsoft Corporation) C:\Windows\System32\wbemcomn.dll
2012-07-12 16:50 - 2012-06-08 21:43 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-07-12 16:50 - 2012-04-23 21:37 - 01462272 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-07-12 16:50 - 2012-04-23 21:37 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-07-12 16:50 - 2012-04-23 21:37 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-07-12 16:50 - 2012-04-23 20:36 - 01158656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2012-07-12 16:50 - 2012-04-23 20:36 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2012-07-12 16:50 - 2012-04-23 20:36 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2012-07-12 16:50 - 2012-01-04 02:44 - 00509952 ____A (Microsoft Corporation) C:\Windows\System32\ntshrui.dll
2012-07-12 16:50 - 2012-01-04 00:58 - 00442880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2012-07-12 16:49 - 2012-06-08 20:41 - 12873728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2012-07-12 16:49 - 2012-06-05 22:06 - 02004480 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2012-07-12 16:49 - 2012-06-05 22:06 - 01881600 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2012-07-12 16:49 - 2012-06-05 21:05 - 01390080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2012-07-12 16:49 - 2012-06-05 21:05 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2012-07-12 16:49 - 2012-04-30 21:40 - 00209920 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2012-07-12 16:49 - 2012-04-25 21:41 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-07-12 16:49 - 2012-04-25 21:41 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-07-12 16:49 - 2012-04-25 21:34 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-07-12 16:49 - 2012-03-16 23:58 - 00075120 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2012-07-12 16:49 - 2011-12-29 22:26 - 00515584 ____A (Microsoft Corporation) C:\Windows\System32\timedate.cpl
2012-07-12 16:49 - 2011-12-29 21:27 - 00478720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2012-07-12 16:49 - 2011-11-16 22:35 - 00395776 ____A (Microsoft Corporation) C:\Windows\System32\webio.dll
2012-07-12 16:49 - 2011-11-16 21:35 - 00314880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2012-07-12 16:49 - 2011-07-15 21:41 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2012-07-12 16:49 - 2011-07-15 21:41 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2012-07-12 16:49 - 2011-07-15 21:41 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2012-07-12 16:49 - 2011-07-15 21:39 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2012-07-12 16:49 - 2011-07-15 21:37 - 01162752 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2012-07-12 16:49 - 2011-07-15 21:37 - 00421888 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2012-07-12 16:49 - 2011-07-15 21:21 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 21:21 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 21:21 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 21:21 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 21:21 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 21:21 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 21:21 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 21:21 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 21:21 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 21:21 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 21:21 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 21:21 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 21:21 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 21:21 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 21:21 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 21:21 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 21:21 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 21:21 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 21:21 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 21:21 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 21:21 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 21:21 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 21:21 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 21:21 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 21:21 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 21:21 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 21:21 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 21:21 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 20:29 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2012-07-12 16:49 - 2011-07-15 20:25 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2012-07-12 16:49 - 2011-07-15 20:24 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2012-07-12 16:49 - 2011-07-15 20:24 - 00272384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2012-07-12 16:49 - 2011-07-15 20:24 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2012-07-12 16:49 - 2011-07-15 20:15 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 20:15 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 20:15 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 20:15 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 20:15 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 20:15 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 20:15 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 20:15 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 20:15 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 20:15 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 20:15 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 20:15 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 20:15 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 20:15 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 20:15 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 20:15 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 20:15 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 20:15 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 20:15 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 20:15 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 20:15 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 20:15 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 20:15 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 20:15 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 18:21 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2012-07-12 16:49 - 2011-07-15 18:21 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2012-07-12 16:49 - 2011-07-15 18:17 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 18:17 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 18:17 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-07-12 16:49 - 2011-07-15 18:17 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2012-07-12 16:49 - 2011-07-08 18:46 - 00288768 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2012-07-12 16:49 - 2011-06-23 21:34 - 00214528 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2012-07-12 16:49 - 2011-06-23 21:25 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2012-07-12 16:49 - 2011-05-24 03:42 - 00404480 ____A (Microsoft Corporation) C:\Windows\System32\umpnpmgr.dll
2012-07-12 16:49 - 2011-05-24 02:40 - 00064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2012-07-12 16:49 - 2011-05-24 02:40 - 00044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2012-07-12 16:49 - 2011-05-24 02:39 - 00145920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2012-07-12 16:49 - 2011-05-24 02:37 - 00252928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2012-07-12 16:49 - 2011-04-26 18:40 - 00158208 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2012-07-12 16:49 - 2011-04-26 18:39 - 00128000 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2012-07-12 16:49 - 2010-11-20 05:27 - 00033792 ____A (Microsoft Corporation) C:\Windows\System32\profprov.dll
2012-07-12 16:49 - 2010-11-20 05:25 - 00207872 ____A (Microsoft Corporation) C:\Windows\System32\cfgmgr32.dll
2012-07-12 16:49 - 2010-06-25 19:55 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\msxml3r.dll
2012-07-12 16:49 - 2010-06-25 19:24 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2012-07-12 16:48 - 2012-06-01 21:50 - 00458704 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2012-07-12 16:48 - 2012-06-01 21:48 - 00151920 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2012-07-12 16:48 - 2012-06-01 21:48 - 00095600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2012-07-12 16:48 - 2012-06-01 21:45 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2012-07-12 16:48 - 2012-06-01 21:44 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2012-07-12 16:48 - 2012-06-01 20:40 - 00225280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2012-07-12 16:48 - 2012-06-01 20:40 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2012-07-12 16:48 - 2012-06-01 20:39 - 00219136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2012-07-12 16:48 - 2012-06-01 20:34 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2012-07-12 16:48 - 2012-04-27 19:55 - 00210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-07-12 16:48 - 2012-04-07 04:31 - 03216384 ____A (Microsoft Corporation) C:\Windows\System32\msi.dll
2012-07-12 16:48 - 2012-04-07 03:26 - 02342400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2012-07-12 16:48 - 2012-02-16 22:38 - 01031680 ____A (Microsoft Corporation) C:\Windows\System32\rdpcore.dll
2012-07-12 16:48 - 2012-02-16 21:34 - 00826880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2012-07-12 16:48 - 2012-02-16 20:57 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
2012-07-12 16:48 - 2011-12-27 19:59 - 00498688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2012-07-12 16:48 - 2011-12-16 00:46 - 00634880 ____A (Microsoft Corporation) C:\Windows\System32\msvcrt.dll
2012-07-12 16:48 - 2011-12-15 23:52 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2012-07-12 16:48 - 2011-11-16 22:35 - 01447936 ____A (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2012-07-12 16:48 - 2011-11-16 22:35 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2012-07-12 16:48 - 2011-11-16 22:35 - 00029184 ____A (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2012-07-12 16:48 - 2011-11-16 22:35 - 00028160 ____A (Microsoft Corporation) C:\Windows\System32\secur32.dll
2012-07-12 16:48 - 2011-11-16 22:33 - 00031232 ____A (Microsoft Corporation) C:\Windows\System32\lsass.exe
2012-07-12 16:48 - 2011-11-04 21:32 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2012-07-12 16:48 - 2011-11-04 20:26 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2012-07-12 16:48 - 2011-10-25 21:25 - 01572864 ____A (Microsoft Corporation) C:\Windows\System32\quartz.dll
2012-07-12 16:48 - 2011-10-25 21:25 - 00366592 ____A (Microsoft Corporation) C:\Windows\System32\qdvd.dll
2012-07-12 16:48 - 2011-10-25 20:32 - 01328128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2012-07-12 16:48 - 2011-10-25 20:32 - 00514560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2012-07-12 16:29 - 2012-05-04 03:06 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-07-12 16:29 - 2012-05-04 02:03 - 03968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-07-12 16:29 - 2012-05-04 02:03 - 03913072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-07-12 16:29 - 2011-10-25 21:21 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2012-07-12 16:28 - 2012-03-02 22:35 - 01544704 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2012-07-12 16:28 - 2012-03-02 21:31 - 01077248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2012-07-12 16:28 - 2011-10-14 22:31 - 00723456 ____A (Microsoft Corporation) C:\Windows\System32\EncDec.dll
2012-07-12 16:28 - 2011-10-14 21:38 - 00534528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2012-07-12 16:28 - 2011-08-26 21:37 - 00861696 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2012-07-12 16:28 - 2011-08-26 21:37 - 00331776 ____A (Microsoft Corporation) C:\Windows\System32\oleacc.dll
2012-07-12 16:28 - 2011-08-26 20:26 - 00571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2012-07-12 16:28 - 2011-08-26 20:26 - 00233472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2012-07-12 16:28 - 2011-08-16 21:26 - 00613888 ____A (Microsoft Corporation) C:\Windows\System32\psisdecd.dll
2012-07-12 16:28 - 2011-08-16 21:25 - 00108032 ____A (Microsoft Corporation) C:\Windows\System32\psisrndr.ax
2012-07-12 16:28 - 2011-08-16 20:24 - 00465408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2012-07-12 16:28 - 2011-08-16 20:19 - 00075776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2012-07-12 16:28 - 2011-06-15 21:49 - 00199680 ____A (Microsoft Corporation) C:\Windows\System32\xmllite.dll
2012-07-12 16:28 - 2011-06-15 20:33 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2012-07-12 16:28 - 2011-06-15 02:02 - 00212992 ____A (Microsoft Corporation) C:\Windows\System32\odbctrac.dll
2012-07-12 16:28 - 2011-06-15 02:02 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\odbccp32.dll
2012-07-12 16:28 - 2011-06-15 02:02 - 00106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccu32.dll
2012-07-12 16:28 - 2011-06-15 02:02 - 00106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccr32.dll
2012-07-12 16:28 - 2011-06-15 00:55 - 00319488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2012-07-12 16:28 - 2011-06-15 00:55 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2012-07-12 16:28 - 2011-06-15 00:55 - 00122880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2012-07-12 16:28 - 2011-06-15 00:55 - 00086016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2012-07-12 16:28 - 2011-06-15 00:55 - 00081920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2012-07-12 16:28 - 2011-04-28 19:06 - 00467456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2012-07-12 16:28 - 2011-04-28 19:05 - 00410112 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2012-07-12 16:28 - 2011-04-28 19:05 - 00168448 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2012-07-12 16:28 - 2011-01-17 03:09 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2012-07-12 16:28 - 2011-01-16 21:47 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2012-07-12 16:28 - 2010-11-20 05:26 - 00321024 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2012-07-12 16:28 - 2010-11-20 05:24 - 00288256 ____A (Microsoft Corporation) C:\Windows\System32\MSNP.ax
2012-07-12 16:28 - 2010-11-20 05:24 - 00104960 ____A (Microsoft Corporation) C:\Windows\System32\Mpeg2Data.ax
2012-07-12 16:28 - 2010-11-20 05:24 - 00075776 ____A (Microsoft Corporation) C:\Windows\System32\MSDvbNP.ax
2012-07-12 16:28 - 2010-11-20 04:18 - 00219136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2012-07-12 16:28 - 2010-11-20 04:16 - 00204288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2012-07-12 16:28 - 2010-11-20 04:16 - 00072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2012-07-12 16:28 - 2010-11-20 04:16 - 00059904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2012-07-12 16:27 - 2011-05-02 21:29 - 00976896 ____A (Microsoft Corporation) C:\Windows\System32\inetcomm.dll
2012-07-12 16:27 - 2011-05-02 20:30 - 00741376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2012-07-12 16:20 - 2012-03-30 03:35 - 01918320 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2012-07-12 16:20 - 2010-11-20 05:33 - 00288640 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2012-07-12 16:07 - 2012-06-05 22:02 - 01133568 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll
2012-07-12 16:07 - 2012-06-05 21:03 - 00805376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2012-07-12 16:07 - 2011-11-19 06:58 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\packager.dll
2012-07-12 16:07 - 2011-11-19 06:01 - 00067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2012-07-12 16:07 - 2011-11-16 22:41 - 01731920 ____A (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2012-07-12 16:07 - 2011-11-16 21:38 - 01292080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2012-07-12 15:58 - 2012-07-12 15:58 - 00347424 ____A (Microsoft Corporation) C:\Users\NMSH\Desktop\MicrosoftFixit.wu.Run.exe
2012-07-12 07:36 - 2012-07-12 07:36 - 00000000 ____D C:\Windows\Microsoft Antimalware
2012-07-11 18:05 - 2012-07-12 08:00 - 00000000 ____D C:\Program Files\Microsoft Security Client
2012-07-11 18:04 - 2012-07-12 08:00 - 00000000 ____D C:\71644da1ff93a9206ebf
2012-07-11 18:04 - 2012-07-11 18:04 - 00000000 __AHT C:\Windows\wusa.lock
2012-07-11 17:22 - 2012-07-11 22:19 - 00000000 ____D C:\Users\All Users\Recovery
2012-07-11 17:07 - 2012-07-11 17:07 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA%
2012-07-10 13:11 - 2012-07-10 13:23 - 488392021 ____A C:\Users\NMSH\Desktop\WWE RAW 7-9-12 - Full Show (HQ) - Monday Night Raw 07-09-12 (SD).mp4
2012-07-08 06:37 - 2012-07-08 06:37 - 00737238 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2012-06-29 15:35 - 2012-07-12 16:07 - 00007608 ____A C:\Users\NMSH\AppData\Local\Resmon.ResmonCfg
2012-06-29 03:52 - 2012-06-29 03:52 - 00013051 ____A C:\Users\NMSH\Documents\accounting_supervisor_i.htm
2012-06-29 03:52 - 2012-06-29 03:52 - 00000000 ____D C:\Users\NMSH\Documents\accounting_supervisor_i_files
2012-06-21 15:29 - 2012-06-02 14:19 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-21 15:29 - 2012-06-02 14:19 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-21 15:29 - 2012-06-02 14:19 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-21 15:29 - 2012-06-02 14:15 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-21 15:28 - 2012-06-02 14:19 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-21 15:28 - 2012-06-02 14:19 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-21 15:28 - 2012-06-02 14:15 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-06-21 15:28 - 2012-06-02 11:19 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-21 15:28 - 2012-06-02 11:15 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe

============ 3 Months Modified Files ========================

2012-07-14 07:15 - 2010-11-22 17:01 - 01182192 ____A C:\Windows\WindowsUpdate.log
2012-07-14 07:11 - 2009-07-13 21:13 - 00730320 ____A C:\Windows\System32\PerfStringBackup.INI
2012-07-14 07:09 - 2011-06-16 17:23 - 00000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-07-14 06:32 - 2012-04-15 06:28 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-07-14 05:55 - 2009-07-13 20:45 - 00015792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-07-14 05:55 - 2009-07-13 20:45 - 00015792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-07-14 05:50 - 2012-07-14 05:50 - 00020838 ____A C:\Users\NMSH\Desktop\Attach.txt
2012-07-14 05:49 - 2012-07-14 05:49 - 00028963 ____A C:\Users\NMSH\Desktop\DDS.txt
2012-07-14 05:47 - 2012-07-14 05:47 - 00607260 ____R (Swearware) C:\Users\NMSH\Desktop\dds.scr
2012-07-14 05:46 - 2012-07-14 05:46 - 00000470 ____A C:\Users\NMSH\Desktop\defogger_disable.log
2012-07-14 05:46 - 2012-07-14 05:46 - 00000000 ____A C:\Users\NMSH\defogger_reenable
2012-07-14 05:45 - 2012-07-14 05:45 - 00050477 ____A C:\Users\NMSH\Desktop\Defogger.exe
2012-07-14 05:41 - 2011-06-16 17:23 - 00000890 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-07-14 05:41 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-07-14 05:40 - 2009-07-13 20:51 - 00056987 ____A C:\Windows\setupact.log
2012-07-14 05:12 - 2012-07-14 04:29 - 00006839 ____A C:\Users\NMSH\Desktop\avgrep.txt
2012-07-14 04:23 - 2010-11-22 20:16 - 00307400 ____A C:\Windows\PFRO.log
2012-07-13 15:00 - 2012-07-13 14:14 - 00008189 ____A C:\Windows\System32\avgrep.txt
2012-07-13 14:08 - 2012-07-13 14:08 - 00033758 ____A C:\Users\NMSH\AppData\Local\dt.dat
2012-07-13 03:48 - 2012-07-13 03:48 - 00000927 ____A C:\Users\Public\Desktop\AVG 2012.lnk
2012-07-13 03:40 - 2012-07-13 03:40 - 03875048 ____A (AVG Technologies) C:\Users\NMSH\Desktop\avg_free_stb_all_2012_2195_cnet.exe
2012-07-13 02:52 - 2011-03-12 13:21 - 00127536 ____A C:\Users\NMSH\AppData\Local\GDIPFONTCACHEV1.DAT
2012-07-12 18:25 - 2009-07-13 20:45 - 05009672 ____A C:\Windows\System32\FNTCACHE.DAT
2012-07-12 18:20 - 2009-07-13 18:36 - 00175616 ____A (Microsoft Corporation) C:\Windows\System32\msclmd.dll
2012-07-12 18:20 - 2009-07-13 18:36 - 00152576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2012-07-12 17:43 - 2012-07-12 17:41 - 00003752 ____A C:\Windows\IE9_main.log
2012-07-12 17:42 - 2012-07-12 17:42 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 03695416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2012-07-12 17:42 - 2012-07-12 17:42 - 03695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2012-07-12 17:42 - 2012-07-12 17:42 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-07-12 17:42 - 2012-07-12 17:42 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-07-12 17:42 - 2012-07-12 17:42 - 02311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-07-12 17:42 - 2012-07-12 17:42 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-07-12 17:42 - 2012-07-12 17:42 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00697344 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00603648 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00580608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00534528 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00452608 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00448512 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2012-07-12 17:42 - 2012-07-12 17:42 - 00434176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00403248 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00367104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2012-07-12 17:42 - 2012-07-12 17:42 - 00353792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00353584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00282112 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00267776 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00249344 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00227840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00223232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00222208 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00203776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-07-12 17:42 - 2012-07-12 17:42 - 00165888 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2012-07-12 17:42 - 2012-07-12 17:42 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00162304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00160256 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2012-07-12 17:42 - 2012-07-12 17:42 - 00160256 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2012-07-12 17:42 - 2012-07-12 17:42 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2012-07-12 17:42 - 2012-07-12 17:42 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00145920 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-07-12 17:42 - 2012-07-12 17:42 - 00135168 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00130560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00123392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00118784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00114176 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00111616 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00091648 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2012-07-12 17:42 - 2012-07-12 17:42 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2012-07-12 17:42 - 2012-07-12 17:42 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2012-07-12 17:42 - 2012-07-12 17:42 - 00086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00082432 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2012-07-12 17:42 - 2012-07-12 17:42 - 00076800 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2012-07-12 17:42 - 2012-07-12 17:42 - 00074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2012-07-12 17:42 - 2012-07-12 17:42 - 00074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2012-07-12 17:42 - 2012-07-12 17:42 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00066048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00063488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2012-07-12 17:42 - 2012-07-12 17:42 - 00055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00054272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00049664 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00035840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00023552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2012-07-12 17:42 - 2012-07-12 17:42 - 00012288 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2012-07-12 17:42 - 2012-07-12 17:42 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2012-07-12 17:42 - 2012-07-12 17:42 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2012-07-12 17:42 - 2012-07-12 17:42 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2012-07-12 17:17 - 2009-07-13 18:34 - 00000499 ____A C:\Windows\win.ini
2012-07-12 16:07 - 2012-06-29 15:35 - 00007608 ____A C:\Users\NMSH\AppData\Local\Resmon.ResmonCfg
2012-07-12 15:58 - 2012-07-12 15:58 - 00347424 ____A (Microsoft Corporation) C:\Users\NMSH\Desktop\MicrosoftFixit.wu.Run.exe
2012-07-12 03:52 - 2010-11-22 20:16 - 00285071 ____A C:\DUMP3dca.tmp
2012-07-11 18:04 - 2012-07-11 18:04 - 00000000 __AHT C:\Windows\wusa.lock
2012-07-10 13:23 - 2012-07-10 13:11 - 488392021 ____A C:\Users\NMSH\Desktop\WWE RAW 7-9-12 - Full Show (HQ) - Monday Night Raw 07-09-12 (SD).mp4
2012-07-08 06:37 - 2012-07-08 06:37 - 00737238 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2012-07-07 22:05 - 2011-03-19 06:00 - 00002040 ___AH C:\Users\NMSH\Documents\Default.rdp
2012-07-07 14:00 - 2011-05-08 12:16 - 00000340 ____A C:\Windows\Tasks\HPCeeScheduleForNMSH-HP$.job
2012-07-03 09:46 - 2011-03-12 15:53 - 00024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-07-02 23:19 - 2012-07-12 17:33 - 59701280 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-06-29 15:33 - 2011-04-22 23:09 - 00000296 ____A C:\Windows\Tasks\AppleSoftwareUpdate.job
2012-06-29 03:52 - 2012-06-29 03:52 - 00013051 ____A C:\Users\NMSH\Documents\accounting_supervisor_i.htm
2012-06-11 19:08 - 2012-07-12 18:05 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-06-08 21:43 - 2012-07-12 16:50 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-06-08 20:41 - 2012-07-12 16:49 - 12873728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2012-06-05 22:06 - 2012-07-12 16:49 - 02004480 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2012-06-05 22:06 - 2012-07-12 16:49 - 01881600 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2012-06-05 22:02 - 2012-07-12 16:07 - 01133568 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll
2012-06-05 21:05 - 2012-07-12 16:49 - 01390080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2012-06-05 21:05 - 2012-07-12 16:49 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2012-06-05 21:03 - 2012-07-12 16:07 - 00805376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2012-06-03 05:53 - 2012-06-03 05:54 - 00772552 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2012-06-03 05:53 - 2012-06-03 05:54 - 00174024 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2012-06-03 05:53 - 2012-06-03 05:54 - 00174024 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2012-06-03 05:52 - 2012-06-03 05:51 - 00892360 ____A (Oracle Corporation) C:\Users\NMSH\Documents\jre-7u4-windows-i586-iftw.exe
2012-06-02 14:19 - 2012-06-21 15:29 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-02 14:19 - 2012-06-21 15:29 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-02 14:19 - 2012-06-21 15:29 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-02 14:19 - 2012-06-21 15:28 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-02 14:19 - 2012-06-21 15:28 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-02 14:15 - 2012-06-21 15:29 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-02 14:15 - 2012-06-21 15:28 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-06-02 11:19 - 2012-06-21 15:28 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-02 11:15 - 2012-06-21 15:28 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-06-01 21:50 - 2012-07-12 16:48 - 00458704 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2012-06-01 21:48 - 2012-07-12 16:48 - 00151920 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2012-06-01 21:48 - 2012-07-12 16:48 - 00095600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2012-06-01 21:45 - 2012-07-12 16:48 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2012-06-01 21:44 - 2012-07-12 16:48 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2012-06-01 20:40 - 2012-07-12 16:48 - 00225280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2012-06-01 20:40 - 2012-07-12 16:48 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2012-06-01 20:39 - 2012-07-12 16:48 - 00219136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2012-06-01 20:34 - 2012-07-12 16:48 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2012-06-01 13:22 - 2010-11-22 20:16 - 00336127 ____N C:\Windows\Minidump\060112-19484-01.dmp
2012-05-14 13:54 - 2012-05-14 13:54 - 04644283 ____A C:\Users\NMSH\Desktop\attachments_2012_05_14.zip
2012-05-07 14:06 - 2012-05-07 14:06 - 02153720 ____A (Hewlett-Packard Development Company, L.P. ) C:\Users\NMSH\Desktop\sp44536.exe
2012-05-04 03:06 - 2012-07-12 16:29 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-05-04 02:03 - 2012-07-12 16:29 - 03968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-05-04 02:03 - 2012-07-12 16:29 - 03913072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-04-30 21:40 - 2012-07-12 16:49 - 00209920 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2012-04-28 21:15 - 2011-04-04 14:03 - 00029696 ____A C:\Users\NMSH\Documents\Cost of living.xls
2012-04-27 19:55 - 2012-07-12 16:48 - 00210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-04-25 21:41 - 2012-07-12 16:49 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-04-25 21:41 - 2012-07-12 16:49 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-04-25 21:34 - 2012-07-12 16:49 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-04-23 21:37 - 2012-07-12 16:50 - 01462272 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-04-23 21:37 - 2012-07-12 16:50 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-04-23 21:37 - 2012-07-12 16:50 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-04-23 20:36 - 2012-07-12 16:50 - 01158656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2012-04-23 20:36 - 2012-07-12 16:50 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2012-04-23 20:36 - 2012-07-12 16:50 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2012-04-23 18:36 - 2012-04-23 17:35 - 110000000 ____A C:\Users\NMSH\Documents\Karafun.part1.rar
2012-04-23 17:29 - 2012-04-23 17:25 - 15235409 ____A C:\Users\NMSH\Documents\Karafun.part2.rar
2012-04-23 17:18 - 2012-04-23 17:18 - 05272364 ____A (Recisio ) C:\Users\NMSH\Documents\karafunplayer_1.20.86.exe
2012-04-23 16:35 - 2012-04-23 16:35 - 02865885 ____A (Gisburne Media) C:\Users\NMSH\Documents\cdgplayer.exe
2012-04-22 12:53 - 2012-04-22 12:41 - 70206362 ____A C:\Users\NMSH\Documents\WWE Raw 7-22-02 Part 7 (Low).flv
2012-04-22 12:53 - 2012-04-22 12:41 - 67236911 ____A C:\Users\NMSH\Documents\WWE Raw 7-22-02 Part 6 (Low).flv
2012-04-22 12:52 - 2012-04-22 12:41 - 80771430 ____A C:\Users\NMSH\Documents\WWE Raw 7-22-02 Part 4 (Low).flv
2012-04-22 12:52 - 2012-04-22 12:41 - 65919425 ____A C:\Users\NMSH\Documents\WWE Raw 7-22-02 Part 5 (Low).flv
2012-04-22 12:51 - 2012-04-22 12:40 - 70034655 ____A C:\Users\NMSH\Documents\WWE Raw 7-22-02 Part 3 (Low).flv
2012-04-22 12:49 - 2012-04-22 12:38 - 68689419 ____A C:\Users\NMSH\Documents\WWE Raw 7-22-02 Part 1 (Low).flv
2012-04-21 19:32 - 2012-04-15 06:28 - 00404640 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-04-21 08:23 - 2011-05-13 20:36 - 00039424 ____A C:\Users\NMSH\Documents\Book1.xls
2012-04-20 03:39 - 2012-04-20 03:39 - 00034131 ____A C:\Users\NMSH\Documents\blazed.zip
2012-04-19 19:03 - 2012-04-19 19:03 - 00001476 ____A C:\Users\NMSH\Documents\untitled.mht
2012-04-19 18:54 - 2012-04-19 18:54 - 00000046 ____A C:\Windows\SysWOW64\DonationCoder_urlsnooper_InstallInfo.dat
2012-04-19 18:53 - 2012-04-14 22:18 - 03530752 ____A C:\Users\NMSH\Documents\URLSnooperSetup.exe
2012-04-19 18:38 - 2012-04-19 18:38 - 01017652 ____A C:\Users\NMSH\Documents\rtmpdump-20110925-git-6230845-win32.zip
2012-04-19 00:50 - 2012-04-19 00:50 - 00028480 ____A (AVG Technologies CZ, s.r.o. ) C:\Windows\System32\Drivers\avgidsha.sys
2012-04-18 14:57 - 2012-04-18 14:52 - 248968963 ____A C:\Users\NMSH\Documents\430.mp4

ZeroAccess:
C:\Windows\Installer\{7f181879-dbc8-d040-7510-2ddd75d0d813}
C:\Windows\Installer\{7f181879-dbc8-d040-7510-2ddd75d0d813}\@
C:\Windows\Installer\{7f181879-dbc8-d040-7510-2ddd75d0d813}\L
C:\Windows\Installer\{7f181879-dbc8-d040-7510-2ddd75d0d813}\U
C:\Windows\Installer\{7f181879-dbc8-d040-7510-2ddd75d0d813}\L\00000004.@
C:\Windows\Installer\{7f181879-dbc8-d040-7510-2ddd75d0d813}\L\1afb2d56
C:\Windows\Installer\{7f181879-dbc8-d040-7510-2ddd75d0d813}\L\201d3dde
C:\Windows\Installer\{7f181879-dbc8-d040-7510-2ddd75d0d813}\U\00000004.@
C:\Windows\Installer\{7f181879-dbc8-d040-7510-2ddd75d0d813}\U\00000008.@
C:\Windows\Installer\{7f181879-dbc8-d040-7510-2ddd75d0d813}\U\000000cb.@
C:\Windows\Installer\{7f181879-dbc8-d040-7510-2ddd75d0d813}\U\80000000.@
C:\Windows\Installer\{7f181879-dbc8-d040-7510-2ddd75d0d813}\U\80000032.@
C:\Windows\Installer\{7f181879-dbc8-d040-7510-2ddd75d0d813}\U\80000064.@

ZeroAccess:
C:\Users\NMSH\AppData\Local\{7f181879-dbc8-d040-7510-2ddd75d0d813}
C:\Users\NMSH\AppData\Local\{7f181879-dbc8-d040-7510-2ddd75d0d813}\@
C:\Users\NMSH\AppData\Local\{7f181879-dbc8-d040-7510-2ddd75d0d813}\L
C:\Users\NMSH\AppData\Local\{7f181879-dbc8-d040-7510-2ddd75d0d813}\U

ZeroAccess:
C:\Windows\assembly\GAC_32\Desktop.ini

ZeroAccess:
C:\Windows\assembly\GAC_64\Desktop.ini

========================= Known DLLs (Whitelisted) ============

========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe 014A9CB92514E27C0107614DF764BC06 ZeroAccess <==== ATTENTION!.
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

========================= Memory info ======================

Percentage of memory in use: 21%
Total physical RAM: 3839.29 MB
Available physical RAM: 3007.65 MB
Total Pagefile: 3837.43 MB
Available Pagefile: 2986.41 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: (OS) (Fixed) (Total:918.13 GB) (Free:531.34 GB) NTFS
2 Drive e: (HP_RECOVERY) (Fixed) (Total:13.28 GB) (Free:1.62 GB) NTFS ==>[System with boot components (obtained from reading drive)]
4 Drive g: (NOLAN'S) (Removable) (Total:0.48 GB) (Free:0.32 GB) FAT
9 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
10 Drive y: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 931 GB 0 B
Disk 1 Online 489 MB 0 B
Disk 2 No Media 0 B 0 B
Disk 3 No Media 0 B 0 B
Disk 4 No Media 0 B 0 B
Disk 5 No Media 0 B 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 100 MB 1024 KB
Partition 2 Primary 918 GB 101 MB
Partition 3 Primary 13 GB 918 GB

==================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y SYSTEM NTFS Partition 100 MB Healthy

==================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C OS NTFS Partition 918 GB Healthy

==================================================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E HP_RECOVERY NTFS Partition 13 GB Healthy

==================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 488 MB 16 KB

==================================================================================

Disk: 1
Partition 1
Type : 0E
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 G NOLAN'S FAT Removable 488 MB Healthy

==================================================================================

==========================================================

Last Boot: 2012-07-08 08:06

======================= End Of Log ==========================

Farbar Recovery Scan Tool Version: 14-07-2012 01
Ran by SYSTEM at 2012-07-14 11:23:42
Running from G:\

================== Search: "services.exe" ===================

C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB

C:\Windows\System32\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 014A9CB92514E27C0107614DF764BC06

====== End Of Search ======

#5 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:01:57 PM

Posted 14 July 2012 - 11:13 AM

Hi

Please do the following:


Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it on the flashdrive as fixlist.txt

start
SubSystems: [Windows] ==> ZeroAccess
HKLM-x32\...\Run: [] [x]
C:\Windows\Installer\{7f181879-dbc8-d040-7510-2ddd75d0d813}
C:\Users\NMSH\AppData\Local\{7f181879-dbc8-d040-7510-2ddd75d0d813}
C:\Windows\assembly\GAC_32\Desktop.ini
C:\Windows\assembly\GAC_64\Desktop.ini
replace: C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe C:\Windows\System32\services.exe
end

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system

Now please enter System Recovery Options then select Command Prompt

Run FRST (or FRST64 if you have the 64bit version) and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Reboot Normally.


NEXT


Refer to the ComboFix User's Guide

  • Download ComboFix from the following location:

    Link

    * IMPORTANT !!! Place ComboFix.exe on your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix.
    You can get help on disabling your protection programs here
  • Double click on ComboFix.exe & follow the prompts.
  • Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.
  • When finished, it shall produce a log for you. Post that log in your next reply

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


    ---------------------------------------------------------------------------------------------
  • Ensure your AntiVirus and AntiSpyware applications are re-enabled.

    ---------------------------------------------------------------------------------------------

NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#6 mgear86

mgear86
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 14 July 2012 - 02:41 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) Version: 14-07-2012 01
Ran by SYSTEM at 2012-07-14 14:30:30 Run:1
Running from G:\

==============================================

HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Session Manager\SubSystems\\Windows No ZeroAccess entry found.
HKEY_LOCAL_MACHINE\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ Default Value restored successfully.
C:\Windows\Installer\{7f181879-dbc8-d040-7510-2ddd75d0d813} moved successfully.
C:\Users\NMSH\AppData\Local\{7f181879-dbc8-d040-7510-2ddd75d0d813} moved successfully.
C:\Windows\assembly\GAC_32\Desktop.ini moved successfully.
C:\Windows\assembly\GAC_64\Desktop.ini moved successfully.
C:\Windows\System32\services.exe moved successfully.
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe copied successfully to C:\Windows\System32\services.exe

==== End of Fixlog ====

#7 mgear86

mgear86
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 14 July 2012 - 02:43 PM

ComboFix 12-07-14.01 - NMSH 07/14/12 15:17:07.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3839.2351 [GMT -4:00]
Running from: c:\users\NMSH\Desktop\ComboFix.exe
AV: McAfee VirusScan Enterprise *Enabled/Outdated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: McAfee VirusScan Enterprise Antispyware Module *Enabled/Outdated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Thumbs.db
c:\users\NMSH\AppData\Roaming\inst.exe
c:\windows\iun6002.exe
c:\windows\XSxS
.
.
((((((((((((((((((((((((( Files Created from 2012-06-14 to 2012-07-14 )))))))))))))))))))))))))))))))
.
.
2012-07-13 11:50 . 2012-07-13 11:50 -------- d-----w- c:\users\NMSH\AppData\Roaming\AVG2012
2012-07-13 11:48 . 2012-07-13 11:48 -------- d-----w- c:\users\NMSH\AppData\Local\AVG Secure Search
2012-07-13 11:47 . 2012-07-13 11:50 -------- d-----w- c:\programdata\AVG Secure Search
2012-07-13 11:47 . 2012-07-13 11:48 -------- d-----w- c:\program files (x86)\AVG Secure Search
2012-07-13 11:47 . 2012-07-13 11:47 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search
2012-07-13 11:46 . 2012-07-13 11:46 -------- d-----w- c:\windows\SysWow64\drivers\AVG
2012-07-13 11:45 . 2012-07-14 13:44 -------- d-----w- c:\windows\system32\drivers\AVG
2012-07-13 11:45 . 2012-07-14 13:41 -------- d-----w- c:\programdata\AVG2012
2012-07-13 11:45 . 2012-07-13 11:45 -------- d-----w- C:\$AVG
2012-07-13 11:43 . 2012-07-13 11:43 -------- d-----w- c:\program files (x86)\AVG
2012-07-13 11:41 . 2012-07-14 13:44 -------- d-----w- c:\programdata\MFAData
2012-07-13 11:41 . 2012-07-13 11:41 -------- d--h--w- c:\programdata\Common Files
2012-07-13 02:05 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-13 01:48 . 2012-07-13 01:48 -------- d-----w- c:\program files (x86)\Microsoft CAPICOM 2.1.0.2
2012-07-13 01:27 . 2012-07-13 01:27 -------- d-----w- c:\windows\system32\SPReview
2012-07-13 01:27 . 2012-07-13 01:27 -------- d-----w- c:\windows\system32\EventProviders
2012-07-13 01:10 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-07-13 01:10 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-07-13 01:10 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-07-13 01:10 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2012-07-13 01:10 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-07-13 01:10 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-07-13 01:10 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-07-13 00:59 . 2010-11-05 01:57 48976 ----a-w- c:\windows\system32\netfxperf.dll
2012-07-13 00:59 . 2010-11-05 01:57 1942856 ----a-w- c:\windows\system32\dfshim.dll
2012-07-13 00:59 . 2010-11-05 01:58 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2012-07-13 00:59 . 2010-11-20 13:27 12288 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-07-13 00:59 . 2010-11-20 13:27 3715584 ----a-w- c:\windows\system32\mstscax.dll
2012-07-13 00:59 . 2010-11-20 13:26 1838080 ----a-w- c:\windows\system32\d3d10warp.dll
2012-07-13 00:59 . 2010-11-20 11:07 59392 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2012-07-13 00:59 . 2010-11-20 13:27 14967808 ----a-w- c:\program files\DVD Maker\OmdBase.dll
2012-07-13 00:59 . 2010-11-20 12:19 3215872 ----a-w- c:\windows\SysWow64\mstscax.dll
2012-07-13 00:57 . 2010-11-20 13:26 569344 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-07-13 00:56 . 2010-11-20 13:33 94592 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2012-07-13 00:55 . 2010-11-20 13:01 2560 ----a-w- c:\windows\system32\drivers\en-US\rdpwd.sys.mui
2012-07-13 00:55 . 2010-11-20 12:57 3072 ----a-w- c:\windows\system32\drivers\en-US\tsusbflt.sys.mui
2012-07-13 00:55 . 2010-11-20 13:10 4608 ----a-w- c:\windows\system32\drivers\en-US\kbdclass.sys.mui
2012-07-13 00:55 . 2010-11-20 13:11 6144 ----a-w- c:\windows\system32\drivers\en-US\IPMIDrv.sys.mui
2012-07-13 00:55 . 2010-11-20 13:26 399872 ----a-w- c:\windows\system32\dpx.dll
2012-07-13 00:55 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\wdscore.dll
2012-07-13 00:55 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll
2012-07-13 00:55 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll
2012-07-13 00:53 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2012-07-13 00:50 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll
2012-07-13 00:50 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2012-07-13 00:50 . 2012-04-24 05:37 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-07-13 00:50 . 2012-04-24 05:37 1462272 ----a-w- c:\windows\system32\crypt32.dll
2012-07-13 00:50 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-07-13 00:50 . 2012-04-24 05:37 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-07-13 00:50 . 2012-04-24 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-07-13 00:50 . 2012-04-24 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-07-13 00:48 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-07-13 00:29 . 2011-10-26 05:21 43520 ----a-w- c:\windows\system32\csrsrv.dll
2012-07-13 00:29 . 2012-05-04 11:06 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-07-13 00:29 . 2012-05-04 10:03 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-07-13 00:29 . 2012-05-04 10:03 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-07-13 00:27 . 2011-05-03 05:29 976896 ----a-w- c:\windows\system32\inetcomm.dll
2012-07-13 00:27 . 2011-05-03 04:30 741376 ----a-w- c:\windows\SysWow64\inetcomm.dll
2012-07-13 00:20 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-07-13 00:20 . 2010-11-20 13:33 288640 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-07-13 00:14 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-07-13 00:14 . 2010-11-20 13:24 2164224 ----a-w- c:\program files\Windows Journal\Journal.exe
2012-07-13 00:14 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2012-07-13 00:14 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-07-13 00:14 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2012-07-13 00:14 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-07-12 15:36 . 2012-07-12 15:36 -------- d-----w- c:\windows\Microsoft Antimalware
2012-07-12 02:05 . 2012-07-12 16:00 -------- d-----w- c:\program files\Microsoft Security Client
2012-07-12 02:04 . 2012-07-12 16:00 -------- d-----w- C:\71644da1ff93a9206ebf
2012-07-12 01:22 . 2012-07-12 06:19 -------- d-----w- c:\programdata\Recovery
2012-07-12 01:07 . 2012-07-12 01:07 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2012-06-21 23:29 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-21 23:29 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-21 23:29 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-21 23:29 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-21 23:28 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-21 23:28 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-21 23:28 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-21 23:28 . 2012-06-02 19:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-21 23:28 . 2012-06-02 19:15 36864 ----a-w- c:\windows\system32\wuapp.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-13 02:20 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-07-13 02:20 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-07-12 11:52 . 2010-11-23 04:16 285071 ----a-w- C:\DUMP3dca.tmp
2012-07-03 17:46 . 2011-03-12 23:53 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-03 13:53 . 2012-06-03 13:54 772552 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-04-22 03:32 . 2012-04-15 14:28 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-19 08:50 . 2012-04-19 08:50 28480 ----a-w- c:\windows\system32\drivers\avgidsha.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-07-13 11:47 2074208 ----a-w- c:\program files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll" [2012-07-13 2074208]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FlashMute"="c:\program files (x86)\FlashMute\FlashMute.exe" [2005-12-18 143360]
"TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2012-01-23 247728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2010-09-28 664600]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"QuickTime Task"="c:\program files (x86)\QuickTime\qttask.exe" [2006-09-01 282624]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-03-09 336384]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2010-10-25 36760]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2010-10-25 821144]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-07-13 1107552]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
Snapfish PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe [2010-9-28 1040952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-17 136176]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-15 253088]
R3 AODDriver4.0;AODDriver4.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-17 136176]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-06-07 1255736]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2010-08-13 75904]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2010-08-13 38016]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-03-09 203776]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-03-09 365568]
S2 AMD Reservation Manager;AMD Reservation Manager;c:\program files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 194496]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\avgidsagent.exe [2012-07-04 5160568]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-08-21 92216]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35344]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2010-09-28 1119768]
S2 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-09-11 399344]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-01-23 92592]
S2 vToolbarUpdater11.2.0;vToolbarUpdater11.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [2012-07-13 935008]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-03-09 9258496]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-03-09 300544]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2010-07-22 1002848]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2011-03-13 82816]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-09-03 349800]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-15 14:28]
.
2012-06-29 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files (x86)\Apple Software Update\SoftwareUpdate.exe [2006-08-29 18:21]
.
2012-07-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-17 01:23]
.
2012-07-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-17 01:23]
.
2012-07-07 c:\windows\Tasks\HPCeeScheduleForNMSH-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-09-15 611896]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-11-08 497648]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Supplementary Scan -------
.
uStart Page = hxxp://yahoo.com/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: FVDIEPlugin Add Page - c:\progra~2\FVDIEP~1\FVDIEPlugin_1.dll/IECONTEXT.DLL.HTM
TCP: DhcpNameServer = 10.0.1.1
TCP: Interfaces\{3DE02E36-3C2C-40C4-8E90-A7B28B29CF40}: DhcpNameServer = 10.0.1.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll
FF - ProfilePath - c:\users\NMSH\AppData\Roaming\Mozilla\Firefox\Profiles\6i387xgo.default\
FF - prefs.js: browser.startup.homepage - hxxp://news.google.com/nwshp?hl=en&tab=wn
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B2a33cce1-efc8-45f2-b372-9644a590378d%7D&mid=fc8cf6d8c2e247d0bf71b57816d2781f-8cb314de8ca49b2d2a8f1d668caae66f4ea95a79&ds=AVG&v=11.1.0.12&lang=en&pr=fr&d=2012-07-13%2007%3A47%3A59&sap=ku&q=
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Flash Video Downloader Youtube Downloader: artur.dubovoy@gmail.com - %profile%\extensions\artur.dubovoy@gmail.com
FF - Ext: Clean the junk: cleanjunk@netmaster.com.ua - %profile%\extensions\cleanjunk@netmaster.com.ua
FF - Ext: FrameExt: frameext@teesoft.info - %profile%\extensions\frameext@teesoft.info
FF - Ext: Flashblock: {3d7eb24f-2740-49df-8937-200b1cc08f8a} - %profile%\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: Image Toolbar: {A4732521-77D9-447E-A557-B279AC923F06} - %profile%\extensions\{A4732521-77D9-447E-A557-B279AC923F06}
FF - Ext: ImageHost Grabber: {E4091D66-127C-11DB-903A-DE80D2EFDFE8} - %profile%\extensions\{E4091D66-127C-11DB-903A-DE80D2EFDFE8}
FF - Ext: Adobe Acrobat - Create PDF: web2pdfextension@web2pdf.adobedotcom - c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF - Ext: AVG Do Not Track: {F53C93F1-07D5-430c-86D4-C9531B27DFAF} - c:\program files (x86)\AVG\AVG2012\Firefox\DoNotTrack
FF - Ext: AVG Security Toolbar: avg@toolbar - c:\programdata\AVG Secure Search\11.1.0.12
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-WM_Recorder_102 - c:\windows\iun6002.exe
AddRemove-{B1A4A13D-4665-4ED3-9DFE-F845725FBBD8} - c:\program files (x86)\InstallShield Installation Information\{B1A4A13D-4665-4ED3-9DFE-F845725FBBD8}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1711144829-5549640-2036380566-1000\Software\SecuROM\License information*]
"datasecu"=hex:40,9d,3b,ba,61,e2,d3,4a,64,ee,a6,48,c8,ba,87,ec,f8,0c,41,31,a6,
24,c7,3a,8c,da,20,cd,3d,37,fa,7d,68,fc,c4,8e,3e,93,16,0f,21,66,e9,ac,00,9b,\
"rkeysecu"=hex:60,dc,58,c5,cf,f4,2d,34,f7,58,a5,20,79,3e,f2,82
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_233_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_233_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Network Associates]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
.
**************************************************************************
.
Completion time: 2012-07-14 15:31:10 - machine was rebooted
ComboFix-quarantined-files.txt 2012-07-14 19:31
.
Pre-Run: 570,507,530,240 bytes free
Post-Run: 570,947,776,512 bytes free
.
- - End Of File - - 121D15C9F544038A1FECBB44E0107360

#8 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:01:57 PM

Posted 14 July 2012 - 02:54 PM

Please do the following:

  • Please open your MalwareBytes AntiMalware Program
  • Click the Update Tab and search for updates
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected. <-- very important
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.



NEXT


Go here to run an online scanner from ESET.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activeX control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  • Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • Wait for the scan to finish
  • When the scan completes, press the LIST OF THREATS FOUND button
  • Press EXPORT TO TEXT FILE , name the file ESETSCAN and save it to your desktop
  • Include the contents of this report in your next reply.
  • Press the BACK button.
  • Press Finish

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#9 mgear86

mgear86
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 14 July 2012 - 07:47 PM

It looks like it's clean now. Malwarebytes didn't find anything. But I'll leave it to your expert opinion.

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.14.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
NMSH :: NMSH-HP [administrator]

07/14/12 3:57:55 PM
mbam-log-2012-07-14 (15-57-55).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 219719
Time elapsed: 2 minute(s), 40 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

C:\FRST\Quarantine\services.exe Win64/Patched.B.Gen trojan
C:\FRST\Quarantine\{7f181879-dbc8-d040-7510-2ddd75d0d813}\U\00000008.@ Win64/Agent.BA trojan
C:\FRST\Quarantine\{7f181879-dbc8-d040-7510-2ddd75d0d813}\U\80000000.@ Win64/Sirefef.AE trojan
C:\FRST\Quarantine\{7f181879-dbc8-d040-7510-2ddd75d0d813}\U\80000032.@ a variant of Win32/Sirefef.FD trojan

#10 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:01:57 PM

Posted 14 July 2012 - 07:51 PM

looks good

we just have some housekeeping to do now, please do the following:


You can delete the DDS and FRST logs and programs from your desktop, also right click and delete the C:\FRST folder


NEXT


Follow these steps to uninstall Combofix

  • Make sure your security programs are totally disabled.
  • Click START then RUN
  • Now copy/paste Combofix /uninstall into the runbox and click OK. Note the space between the ..X and the /U, it needs to be there.

Posted Image


If there are any logs/tools remaining on your desktop > right click and delete them.


NEXT


Below I have included a number of recommendations for how to protect your computer against malware infections.

  • It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article
    Strong passwords: How to create and use them
    Then consider a password keeper, to keep all your passwords safe. KeePass is a small utility that allows you to manage all your passwords.

  • Keep Windows updated by regularly checking their website at :
    http://windowsupdate.microsoft.com/
    This will ensure your computer has always the latest security updates available installed on your computer.

  • Make Internet Explorer more secure
    • Click Start > Run
    • Type Inetcpl.cpl & click OK
    • Click on the Security tab
    • Click Reset all zones to default level
    • Make sure the Internet Zone is selected & Click Custom level
    • In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
    • Next Click OK, then Apply button and then OK to exit the Internet Properties page.

  • Download TFC to your desktop
    • Close any open windows.
    • Double click the TFC icon to run the program
    • TFC will close all open programs itself in order to run,
    • Click the Start button to begin the process.
    • Allow TFC to run uninterrupted.
    • The program should not take long to finish it's job
    • Once its finished it should automatically reboot your machine,
    • if it doesn't, manually reboot to ensure a complete clean
    It's normal after running TFC cleaner that the PC will be slower to boot the first time.

  • WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
    • Green to go
    • Yellow for caution
    • Red to stop
    WOT has an addon available for both Firefox and IE

  • Keep a backup of your important files - Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.

  • ERUNT (Emergency Recovery Utility NT) allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed.

  • In light of your recent issue, I'm sure you'd like to avoid any future infections. Please take a look at this well written article:
    PC Safety and Security--What Do I Need?.


Thank you for your patience, and performing all of the procedures requested.

Please respond one last time so we can consider the thread resolved and close it, thank-you.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#11 mgear86

mgear86
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 14 July 2012 - 08:32 PM

Thanks for all of your help. Your assistance has been greatly appreciated.

#12 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:01:57 PM

Posted 14 July 2012 - 10:39 PM

you are welcome

stay safe :hello:

~CB

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#13 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:01:57 PM

Posted 14 July 2012 - 10:39 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users