Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

computer becomes nonresponsive !!


  • This topic is locked This topic is locked
13 replies to this topic

#1 swift06

swift06

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:kerala
  • Local time:02:43 AM

Posted 19 September 2012 - 10:38 AM

my computer running on windows 7 ultimate has been working abnormally since last 3 weeks and symptoms are increasing..

when the computer is opened for few mins.. it is normal.. after some time when I try to type... the keyboard letters are not detected also when I try to
open a desktop icon by usual double click..its properties tab get opened instead...

so i'll log off and just press 'Switch User' although there's only one user....then the computer will be alright for a variable time

last time these switch user cycle increased in frequency and last mouse becomes insensitive and when i try to take the log off bar the start up list disappears

and finally I shuts down and then restarts ... again same thing repeats... :blink:

plz help..

Attached Files


I never go back on my words.....BELIEVE IT !!!


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,762 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:13 PM

Posted 24 September 2012 - 10:40 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/469147 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows, you should not bother creating a GMER log.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 thisisu

thisisu

  • Malware Response Team
  • 2,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:04:13 PM

Posted 28 September 2012 - 04:48 PM

Hello swift06 :)

it is normal.. after some time when I try to type... the keyboard letters are not detected also when I try to open a desktop icon by usual double click..its properties tab get opened instead...

No, this is not normal let's run a couple of additional scans to see if anything is revealed.

Posted Image From Programs and Features (via Control Panel), please uninstall the below:
  • Java™ 6 Update 20
  • Java™ 6 Update 35
  • Toolbar Cleaner 1.0

__

Posted Image Please download Malwarebytes Anti-Malware and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When the scan is complete, click OK, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).

__

Posted Image Please download OTL.

  • Save it to your desktop.
  • Right mouse click on the OTL icon on your desktop and select Run as Administrator
  • Check the "Scan All Users" checkbox.
  • Check the "Standard Output".
  • Change the setting of "Drivers" and "Services" to "All"
  • Copy the text in the code box below and paste it into the Posted Image text-field.
    activex
    netsvcs
    %windir%\system32\drivers\*.sys /lockedfiles
    
  • Now click the Posted Image button.
  • Two reports will be created:
    • OTL.txt <-- Will be opened
    • Extras.txt <-- Will be minimized
  • Paste the contents of OTL.txt here for me to review but attach Extras.txt


#4 swift06

swift06
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:kerala
  • Local time:02:43 AM

Posted 28 September 2012 - 08:55 PM

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.28.09

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
compaq :: CEREBRO [administrator]

9/29/2012 7:31:50 AM
mbam-log-2012-09-29 (07-31-50).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 189925
Time elapsed: 3 minute(s), 26 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\compaq\Downloads\RemoveWAT - VerifiedFiles.exe (HackTool.Wpakill) -> Quarantined and deleted successfully.

(end)

I never go back on my words.....BELIEVE IT !!!


#5 swift06

swift06
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:kerala
  • Local time:02:43 AM

Posted 28 September 2012 - 09:05 PM

thanks thisisu....

here are the results....

OTL logfile created on: 9/29/2012 7:39:10 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\compaq\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.47 Gb Total Physical Memory | 2.21 Gb Available Physical Memory | 63.82% Memory free
6.93 Gb Paging File | 5.55 Gb Available in Paging File | 80.13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48.73 Gb Total Space | 14.18 Gb Free Space | 29.09% Space Free | Partition Type: NTFS
Drive D: | 208.47 Gb Total Space | 143.34 Gb Free Space | 68.76% Space Free | Partition Type: NTFS
Drive E: | 208.47 Gb Total Space | 206.24 Gb Free Space | 98.93% Space Free | Partition Type: NTFS

Computer Name: CEREBRO | User Name: compaq | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/29 07:33:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\compaq\Desktop\OTL.exe
PRC - [2012/09/28 06:37:17 | 001,285,888 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
PRC - [2012/09/28 06:35:54 | 001,591,768 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
PRC - [2012/09/14 06:13:37 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/07/28 02:21:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/07/03 12:04:45 | 000,055,544 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
PRC - [2012/06/25 18:45:14 | 000,082,824 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe
PRC - [2012/01/19 00:49:26 | 000,232,616 | ---- | M] (Panda Security) -- C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe
PRC - [2011/04/17 13:35:26 | 001,462,272 | ---- | M] ( ) -- C:\Program Files\BitMeter\BitMeter2.exe
PRC - [2010/11/20 17:47:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/11/20 17:47:09 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/04/06 01:25:01 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2010/03/25 08:20:00 | 002,516,296 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE


========== Modules (No Company Name) ==========

MOD - [2012/09/14 06:13:37 | 002,244,064 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/09/11 13:59:55 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6c59a14a23f734093e80d6093e25302a\Microsoft.VisualBasic.ni.dll
MOD - [2012/09/11 13:47:18 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/09/11 13:47:13 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/09/11 13:47:08 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/09/11 13:47:05 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/09/11 13:46:53 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/09/11 13:46:47 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012/04/27 16:08:08 | 000,092,600 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2013\bdmetrics.dll
MOD - [2012/04/25 12:24:09 | 000,202,032 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2013\txmlutil.dll
MOD - [2011/12/11 16:01:22 | 000,008,704 | ---- | M] () -- C:\Users\compaq\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.7.gadget\GetCoreTempInfoNET.dll
MOD - [2011/12/11 16:01:22 | 000,007,680 | ---- | M] () -- C:\Users\compaq\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.7.gadget\SystemInfo.dll
MOD - [2011/12/11 16:01:22 | 000,006,144 | ---- | M] () -- C:\Users\compaq\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.7.gadget\CoreTempReader.dll
MOD - [2011/08/31 14:39:06 | 000,155,136 | ---- | M] () -- C:\Windows\System32\AI_ContextMenu.dll
MOD - [2011/03/02 12:40:51 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll


========== Services (SafeList) ==========

SRV - [2012/09/28 06:37:17 | 001,285,888 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe -- (VSSERV)
SRV - [2012/09/20 06:47:24 | 000,059,152 | ---- | M] (Bitdefender) [Disabled | Stopped] -- C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe -- (BdDesktopParental)
SRV - [2012/09/14 06:13:37 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/08/30 07:06:25 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/28 02:21:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/03 12:04:45 | 000,055,544 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe -- (UPDATESRV)
SRV - [2012/06/25 18:45:14 | 000,082,824 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe -- (SafeBox)
SRV - [2012/03/11 08:28:54 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011/08/12 14:40:23 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/04/06 01:25:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2009/07/14 06:46:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 06:46:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 06:45:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2000/05/24 15:20:36 | 000,015,360 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\System32\ATMsrvc.exe -- (ATMsrvc)


========== Driver Services (All) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - [2012/09/29 07:35:58 | 000,054,016 | ---- | M] () [Kernel | Boot | Unknown] -- C:\Windows\System32\drivers\jsguyh.sys -- (ynnvwhqd)
DRV - [2012/09/28 06:35:08 | 000,161,312 | ---- | M] (BitDefender LLC) [File_System | Boot | Running] -- C:\Windows\System32\drivers\gzflt.sys -- (gzflt)
DRV - [2012/08/23 17:07:27 | 000,066,392 | ---- | M] (BitDefender SRL) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\bdsandbox.sys -- (BDSandBox)
DRV - [2012/08/22 22:46:54 | 001,292,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tcpip.sys -- (TCPIP6)
DRV - [2012/08/22 22:46:54 | 001,292,144 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tcpip.sys -- (Tcpip)
DRV - [2012/07/12 17:12:20 | 000,132,600 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys -- (bdselfpr)
DRV - [2012/07/06 15:13:12 | 000,077,192 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- c:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys -- (BdfNdisf)
DRV - [2012/07/02 15:21:35 | 000,343,456 | ---- | M] (BitDefender S.R.L.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\trufos.sys -- (trufos)
DRV - [2012/06/13 14:00:26 | 000,473,248 | ---- | M] (BitDefender) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\avckf.sys -- (avckf)
DRV - [2012/06/13 14:00:22 | 000,617,984 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avc3.sys -- (avc3)
DRV - [2012/06/02 10:15:04 | 000,067,440 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2012/06/02 10:15:03 | 000,134,000 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2012/06/02 10:10:59 | 000,369,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\cng.sys -- (CNG)
DRV - [2012/04/28 08:47:07 | 000,183,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2012/04/17 14:40:22 | 000,072,704 | ---- | M] (BitDefender) [Kernel | System | Running] -- C:\Windows\System32\drivers\bdvedisk.sys -- (BDVEDISK)
DRV - [2012/03/17 12:57:18 | 000,056,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\partmgr.sys -- (partmgr)
DRV - [2012/03/01 11:16:57 | 000,019,824 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\System32\drivers\fs_rec.sys -- (Fs_Rec)
DRV - [2012/02/17 09:43:22 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2011/11/25 13:59:40 | 000,240,184 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avchv.sys -- (avchv)
DRV - [2011/11/14 20:16:27 | 000,090,704 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys -- (bdfwfpf)
DRV - [2011/07/09 08:00:00 | 000,223,744 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxsmb10.sys -- (mrxsmb10)
DRV - [2011/04/29 08:16:33 | 000,311,808 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srv.sys -- (srv)
DRV - [2011/04/29 08:16:15 | 000,310,272 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srv2.sys -- (srv2)
DRV - [2011/04/29 08:16:10 | 000,114,688 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srvnet.sys -- (srvnet)
DRV - [2011/04/27 07:47:28 | 000,096,768 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxsmb20.sys -- (mrxsmb20)
DRV - [2011/04/27 07:47:22 | 000,123,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxsmb.sys -- (mrxsmb)
DRV - [2011/04/25 07:48:03 | 000,338,944 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\afd.sys -- (AFD)
DRV - [2011/02/23 10:17:33 | 000,069,632 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\bowser.sys -- (bowser)
DRV - [2011/02/11 19:12:16 | 009,036,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2010/11/23 15:46:58 | 003,253,352 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService)
DRV - [2010/11/20 18:00:16 | 000,245,632 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\volsnap.sys -- (volsnap)
DRV - [2010/11/20 18:00:16 | 000,053,120 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\volmgr.sys -- (volmgr)
DRV - [2010/11/20 18:00:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 18:00:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 18:00:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 18:00:14 | 000,160,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vhdmp.sys -- (vhdmp)
DRV - [2010/11/20 18:00:12 | 000,053,120 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\termdd.sys -- (TermDD)
DRV - [2010/11/20 18:00:10 | 000,173,440 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2010/11/20 18:00:10 | 000,085,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sbp2port.sys -- (sbp2port)
DRV - [2010/11/20 18:00:06 | 001,211,264 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2010/11/20 18:00:06 | 000,712,576 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ndis.sys -- (NDIS)
DRV - [2010/11/20 18:00:06 | 000,153,984 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pci.sys -- (pci)
DRV - [2010/11/20 18:00:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvstor.sys -- (nvstor)
DRV - [2010/11/20 18:00:06 | 000,117,120 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvraid.sys -- (nvraid)
DRV - [2010/11/20 18:00:05 | 000,233,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msiscsi.sys -- (iScsiPrt)
DRV - [2010/11/20 18:00:04 | 000,116,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msdsm.sys -- (msdsm)
DRV - [2010/11/20 18:00:01 | 000,130,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mpio.sys -- (mpio)
DRV - [2010/11/20 18:00:01 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msahci.sys -- (msahci)
DRV - [2010/11/20 18:00:00 | 000,078,208 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mountmgr.sys -- (mountmgr)
DRV - [2010/11/20 17:59:54 | 000,332,160 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\iaStorV.sys -- (iaStorV)
DRV - [2010/11/20 17:59:53 | 000,014,208 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2010/11/20 17:59:47 | 000,728,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl)
DRV - [2010/11/20 17:59:15 | 000,274,304 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\acpi.sys -- (ACPI)
DRV - [2010/11/20 17:59:15 | 000,022,400 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amdxata.sys -- (amdxata)
DRV - [2010/11/20 17:59:13 | 000,080,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\amdsata.sys -- (amdsata)
DRV - [2010/11/20 17:54:30 | 000,194,800 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\fvevol.sys -- (fvevol)
DRV - [2010/11/20 15:54:46 | 000,133,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpdr.sys -- (RDPDR)
DRV - [2010/11/20 15:54:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 15:52:20 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tssecsrv.sys -- (tssecsrv)
DRV - [2010/11/20 15:52:19 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPCDD.sys -- (RDPCDD)
DRV - [2010/11/20 15:51:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 15:51:10 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2010/11/20 15:37:50 | 000,118,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2010/11/20 15:37:45 | 000,063,488 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wanarp.sys -- (Wanarpv6)
DRV - [2010/11/20 15:37:45 | 000,063,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wanarp.sys -- (WANARP)
DRV - [2010/11/20 15:37:39 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2010/11/20 15:37:13 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tcpipreg.sys -- (tcpipreg)
DRV - [2010/11/20 15:36:41 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tunnel.sys -- (tunnel)
DRV - [2010/11/20 15:36:36 | 000,046,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2010/11/20 15:31:12 | 000,164,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\1394ohci.sys -- (1394ohci)
DRV - [2010/11/20 15:31:09 | 000,258,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbhub.sys -- (usbhub)
DRV - [2010/11/20 15:30:24 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\umbus.sys -- (umbus)
DRV - [2010/11/20 15:30:21 | 000,304,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HdAudio.sys -- (HdAudAddService)
DRV - [2010/11/20 15:30:21 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbvideo.sys -- (usbvideo)
DRV - [2010/11/20 15:30:08 | 000,075,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2010/11/20 15:30:04 | 000,076,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBSTOR.SYS -- (USBSTOR)
DRV - [2010/11/20 15:29:44 | 000,080,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio)
DRV - [2010/11/20 15:29:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 15:29:43 | 000,042,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbehci.sys -- (usbehci)
DRV - [2010/11/20 15:29:38 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hidusb.sys -- (HidUsb)
DRV - [2010/11/20 15:29:29 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2010/11/20 15:29:20 | 000,132,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WUDFRd.sys -- (WUDFRd)
DRV - [2010/11/20 15:28:59 | 000,092,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WUDFPf.sys -- (WudfPf)
DRV - [2010/11/20 15:20:49 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sffp_sd.sys -- (sffp_sd)
DRV - [2010/11/20 15:20:21 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2010/11/20 15:20:10 | 000,028,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbdhid.sys -- (kbdhid)
DRV - [2010/11/20 14:59:49 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\appid.sys -- (AppID)
DRV - [2010/11/20 14:54:56 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2010/11/20 14:49:15 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\IPMIDrv.sys -- (IPMIDRV)
DRV - [2010/11/20 14:44:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 14:44:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/11/20 14:17:55 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\acpipmi.sys -- (AcpiPmi)
DRV - [2010/11/20 14:14:36 | 000,388,096 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\csc.sys -- (CSC)
DRV - [2010/11/20 14:14:05 | 000,242,688 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\rdbss.sys -- (rdbss)
DRV - [2010/11/20 14:12:43 | 000,115,712 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2010/11/20 14:12:32 | 000,078,336 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\dfsc.sys -- (DfsC)
DRV - [2010/11/20 14:12:28 | 000,246,784 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\udfs.sys -- (udfs)
DRV - [2010/11/20 14:10:21 | 000,513,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\http.sys -- (HTTP)
DRV - [2010/11/20 14:09:44 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\netbt.sys -- (NetBT)
DRV - [2010/11/20 14:09:17 | 000,074,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tdx.sys -- (tdx)
DRV - [2010/11/20 14:08:10 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\cdrom.sys -- (cdrom)
DRV - [2010/06/25 08:03:28 | 000,068,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2009/07/14 06:56:21 | 000,249,408 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\clfs.sys -- (CLFS)
DRV - [2009/07/14 06:56:21 | 000,019,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\compbatt.sys -- (Compbatt)
DRV - [2009/07/14 06:56:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cmdide.sys -- (cmdide)
DRV - [2009/07/14 06:56:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\adpahci.sys -- (adpahci)
DRV - [2009/07/14 06:56:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2009/07/14 06:56:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\amdsbs.sys -- (amdsbs)
DRV - [2009/07/14 06:56:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\adpu320.sys -- (adpu320)
DRV - [2009/07/14 06:56:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\arcsas.sys -- (arcsas)
DRV - [2009/07/14 06:56:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\arc.sys -- (arc)
DRV - [2009/07/14 06:56:15 | 000,053,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AMDAGP.SYS -- (amdagp)
DRV - [2009/07/14 06:56:15 | 000,053,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGP440.sys -- (agp440)
DRV - [2009/07/14 06:56:15 | 000,021,584 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\atapi.sys -- (atapi)
DRV - [2009/07/14 06:56:15 | 000,014,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\amdide.sys -- (amdide)
DRV - [2009/07/14 06:56:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aliide.sys -- (aliide)
DRV - [2009/07/14 06:50:45 | 000,012,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pciide.sys -- (pciide)
DRV - [2009/07/14 06:50:44 | 000,162,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msrpc.sys -- (MsRPC)
DRV - [2009/07/14 06:50:44 | 000,105,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NV_AGP.SYS -- (nv_agp)
DRV - [2009/07/14 06:50:44 | 000,049,728 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\mup.sys -- (Mup)
DRV - [2009/07/14 06:50:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2009/07/14 06:50:44 | 000,041,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mouclass.sys -- (mouclass)
DRV - [2009/07/14 06:50:44 | 000,028,240 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2009/07/14 06:50:43 | 000,013,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\msisadrv.sys -- (msisadrv)
DRV - [2009/07/14 06:50:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2009/07/14 06:50:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MegaSR.sys -- (MegaSR)
DRV - [2009/07/14 06:50:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009/07/14 06:50:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2009/07/14 06:50:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009/07/14 06:50:36 | 000,046,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\isapnp.sys -- (isapnp)
DRV - [2009/07/14 06:50:36 | 000,042,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbdclass.sys -- (kbdclass)
DRV - [2009/07/14 06:50:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\iirsp.sys -- (iirsp)
DRV - [2009/07/14 06:50:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\megasas.sys -- (megasas)
DRV - [2009/07/14 06:50:36 | 000,015,424 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\intelide.sys -- (intelide)
DRV - [2009/07/14 06:50:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\elxstor.sys -- (elxstor)
DRV - [2009/07/14 06:50:28 | 000,198,208 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\fltMgr.sys -- (FltMgr)
DRV - [2009/07/14 06:50:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\djsvs.sys -- (aic78xx)
DRV - [2009/07/14 06:50:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HpSAMD.sys -- (HpSAMD)
DRV - [2009/07/14 06:50:28 | 000,058,448 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\fileinfo.sys -- (FileInfo)
DRV - [2009/07/14 06:50:28 | 000,057,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GAGP30KX.SYS -- (gagp30kx)
DRV - [2009/07/14 06:50:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009/07/14 06:50:28 | 000,022,096 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\crcdisk.sys -- (crcdisk)
DRV - [2009/07/14 06:50:27 | 000,057,424 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\disk.sys -- (Disk)
DRV - [2009/07/14 06:49:11 | 000,297,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\volmgrx.sys -- (volmgrx)
DRV - [2009/07/14 06:49:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2009/07/14 06:49:11 | 000,057,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ULIAGPKX.SYS -- (uliagpkx)
DRV - [2009/07/14 06:49:11 | 000,019,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wd.sys -- (Wd)
DRV - [2009/07/14 06:49:10 | 000,445,008 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\Wdf01000.sys -- (Wdf01000)
DRV - [2009/07/14 06:49:10 | 000,055,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UAGP35.SYS -- (uagp35)
DRV - [2009/07/14 06:49:10 | 000,053,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VIAAGP.SYS -- (viaagp)
DRV - [2009/07/14 06:49:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vdrvroot.sys -- (vdrvroot)
DRV - [2009/07/14 06:49:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/14 06:49:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\viaide.sys -- (viaide)
DRV - [2009/07/14 06:49:10 | 000,012,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\swenum.sys -- (swenum)
DRV - [2009/07/14 06:49:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ql2300.sys -- (ql2300)
DRV - [2009/07/14 06:49:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2009/07/14 06:49:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2009/07/14 06:49:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009/07/14 06:49:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2009/07/14 06:49:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\stexstor.sys -- (stexstor)
DRV - [2009/07/14 06:49:03 | 000,180,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pcmcia.sys -- (pcmcia)
DRV - [2009/07/14 06:49:03 | 000,052,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SISAGP.SYS -- (sisagp)
DRV - [2009/07/14 06:49:03 | 000,017,472 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\spldr.sys -- (spldr)
DRV - [2009/07/14 06:27:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrSerId.sys -- (Brserid)
DRV - [2009/07/14 06:11:15 | 000,586,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PEAuth.sys -- (PEAUTH)
DRV - [2009/07/14 05:47:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbprint.sys -- (usbprint)
DRV - [2009/07/14 05:44:44 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbscan.sys -- (usbscan)
DRV - [2009/07/14 05:32:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)
DRV - [2009/07/14 05:31:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009/07/14 05:31:39 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPENCDD.sys -- (RDPENCDD)
DRV - [2009/07/14 05:25:24 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\modem.sys -- (Modem)
DRV - [2009/07/14 05:25:02 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV - [2009/07/14 05:25:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn)
DRV - [2009/07/14 05:24:58 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rassstp.sys -- (RasSstp)
DRV - [2009/07/14 05:24:53 | 000,077,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2009/07/14 05:24:48 | 000,073,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\raspptp.sys -- (PptpMiniport)
DRV - [2009/07/14 05:24:46 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2009/07/14 05:24:40 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rasacd.sys -- (RasAcd)
DRV - [2009/07/14 05:24:34 | 000,078,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rasl2tp.sys -- (Rasl2tp)
DRV - [2009/07/14 05:24:29 | 000,101,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ipnat.sys -- (IPNAT)
DRV - [2009/07/14 05:24:29 | 000,058,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2009/07/14 05:24:24 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2009/07/14 05:24:13 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\qwavedrv.sys -- (QWAVEdrv)
DRV - [2009/07/14 05:23:58 | 000,104,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\pacer.sys -- (Psched)
DRV - [2009/07/14 05:23:54 | 000,036,352 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\netbios.sys -- (NetBIOS)
DRV - [2009/07/14 05:23:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009/07/14 05:23:41 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smb.sys -- (Smb)
DRV - [2009/07/14 05:23:27 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\irenum.sys -- (IRENUM)
DRV - [2009/07/14 05:23:20 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rspndr.sys -- (rspndr)
DRV - [2009/07/14 05:23:19 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lltdio.sys -- (lltdio)
DRV - [2009/07/14 05:22:53 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mpsdrv.sys -- (mpsdrv)
DRV - [2009/07/14 05:22:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009/07/14 05:22:03 | 000,267,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nwifi.sys -- (NativeWifiP)
DRV - [2009/07/14 05:22:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009/07/14 05:21:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\umpass.sys -- (UmPass)
DRV - [2009/07/14 05:21:34 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bthmodem.sys -- (BTHMODEM)
DRV - [2009/07/14 05:21:33 | 000,091,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hidbth.sys -- (HidBth)
DRV - [2009/07/14 05:21:29 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ohci1394.sys -- (ohci1394)
DRV - [2009/07/14 05:21:18 | 000,086,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbcir.sys -- (usbcir)
DRV - [2009/07/14 05:21:17 | 000,037,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\circlass.sys -- (circlass)
DRV - [2009/07/14 05:21:14 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbohci.sys -- (usbohci)
DRV - [2009/07/14 05:21:10 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbuhci.sys -- (usbuhci)
DRV - [2009/07/14 05:21:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009/07/14 05:21:05 | 000,037,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hidir.sys -- (HidIr)
DRV - [2009/07/14 05:20:57 | 000,005,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2009/07/14 05:16:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MTConfig.sys -- (MTConfig)
DRV - [2009/07/14 05:16:53 | 000,021,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wacompen.sys -- (WacomPen)
DRV - [2009/07/14 05:15:52 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sfloppy.sys -- (sfloppy)
DRV - [2009/07/14 05:15:52 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sffp_mmc.sys -- (sffp_mmc)
DRV - [2009/07/14 05:15:52 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sffdisk.sys -- (sffdisk)
DRV - [2009/07/14 05:15:45 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fdc.sys -- (fdc)
DRV - [2009/07/14 05:15:45 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\flpydisk.sys -- (flpydisk)
DRV - [2009/07/14 05:15:35 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\parport.sys -- (Parport)
DRV - [2009/07/14 05:15:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009/07/14 05:15:29 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\parvdm.sys -- (Parvdm)
DRV - [2009/07/14 05:15:28 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\serenum.sys -- (Serenum)
DRV - [2009/07/14 05:15:08 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mouhid.sys -- (mouhid)
DRV - [2009/07/14 05:15:08 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sermouse.sys -- (sermouse)
DRV - [2009/07/14 05:15:08 | 000,008,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mskssrv.sys -- (MSKSSRV)
DRV - [2009/07/14 05:15:08 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mstee.sys -- (MSTEE)
DRV - [2009/07/14 05:15:08 | 000,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2009/07/14 05:15:07 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mspqm.sys -- (MSPQM)
DRV - [2009/07/14 05:15:01 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\beep.sys -- (Beep)
DRV - [2009/07/14 04:55:59 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\monitor.sys -- (monitor)
DRV - [2009/07/14 04:55:51 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vga.sys -- (VgaSave)
DRV - [2009/07/14 04:55:49 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vgapnp.sys -- (vga)
DRV - [2009/07/14 04:54:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009/07/14 04:53:04 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2009/07/14 04:49:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hidbatt.sys -- (HidBatt)
DRV - [2009/07/14 04:49:19 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\errdev.sys -- (ErrDev)
DRV - [2009/07/14 04:49:18 | 000,014,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CmBatt.sys -- (CmBatt)
DRV - [2009/07/14 04:49:17 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wmiacpi.sys -- (WmiAcpi)
DRV - [2009/07/14 04:45:45 | 000,086,528 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\System32\drivers\luafv.sys -- (luafv)
DRV - [2009/07/14 04:45:29 | 000,028,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\filetrace.sys -- (Filetrace)
DRV - [2009/07/14 04:44:03 | 000,142,336 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\exfat.sys -- (exfat)
DRV - [2009/07/14 04:44:02 | 000,148,480 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fastfat.sys -- (fastfat)
DRV - [2009/07/14 04:42:08 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\nsiproxy.sys -- (nsiproxy)
DRV - [2009/07/14 04:41:32 | 000,035,328 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\npfs.sys -- (Npfs)
DRV - [2009/07/14 04:41:26 | 000,022,528 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\msfs.sys -- (Msfs)
DRV - [2009/07/14 04:41:24 | 000,080,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2009/07/14 04:41:15 | 000,070,656 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\cdfs.sys -- (cdfs)
DRV - [2009/07/14 04:41:12 | 000,004,608 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\null.sys -- (Null)
DRV - [2009/07/14 04:41:04 | 000,055,296 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\amdk8.sys -- (AmdK8)
DRV - [2009/07/14 04:41:04 | 000,053,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\intelppm.sys -- (intelppm)
DRV - [2009/07/14 04:41:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\viac7.sys -- (ViaC7)
DRV - [2009/07/14 04:41:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\amdppm.sys -- (AmdPPM)
DRV - [2009/07/14 04:41:04 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\processr.sys -- (Processor)
DRV - [2009/07/14 04:24:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/14 04:23:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009/07/14 04:23:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009/07/14 04:23:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009/07/14 04:23:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009/07/14 04:23:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009/07/14 03:32:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009/07/14 03:32:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\evbdx.sys -- (ebdrv)
DRV - [2009/07/14 03:32:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bxvbdx.sys -- (b06bdrv)
DRV - [2009/07/14 03:11:34 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand | Unknown] -- C:\Windows\System32\WINSOCK.DLL -- (Winsock)
DRV - [2009/07/14 02:20:20 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)
DRV - [2004/08/13 09:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2790392


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2076268704-2953641702-797820338-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2076268704-2953641702-797820338-1000\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No CLSID value found
IE - HKU\S-1-5-21-2076268704-2953641702-797820338-1000\..\URLSearchHook: {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll ()
IE - HKU\S-1-5-21-2076268704-2953641702-797820338-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2076268704-2953641702-797820338-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2076268704-2953641702-797820338-1000\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://www.google.com/search?ie=utf-8&oe=utf-8&rlz=1V4IPYX&q={searchTerms}
IE - HKU\S-1-5-21-2076268704-2953641702-797820338-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2790392
IE - HKU\S-1-5-21-2076268704-2953641702-797820338-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "http://www.google.com/search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledAddons: admin@indiarailinfo.com:4.103
FF - prefs.js..extensions.enabledAddons: browserprotect@browserprotect.com:1.1.3
FF - prefs.js..extensions.enabledAddons: datafox@thegoan.com:1.9.5
FF - prefs.js..extensions.enabledAddons: donottrackplus@abine.com:2.2.1.829
FF - prefs.js..extensions.enabledAddons: personas@christopher.beard:1.6.2
FF - prefs.js..extensions.enabledAddons: {6e73f6b7-b9ab-44b8-b744-6393e3c2e351}:6.3
FF - prefs.js..extensions.enabledAddons: {B17C1C5A-04B1-11DB-9804-B622A1EF5492}:1.2.1
FF - prefs.js..extensions.enabledAddons: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.68
FF - prefs.js..extensions.enabledAddons: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.10
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}:6.0.33
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}:6.0.35
FF - prefs.js..extensions.enabledAddons: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.10
FF - prefs.js..extensions.enabledAddons: firefox@ghostery.com:2.8.3
FF - prefs.js..extensions.enabledAddons: {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}:3.0.0.9b
FF - prefs.js..keyword.URL: "http://www.google.com/search?rlz=1V2IPYX&ie=utf-8&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\compaq\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\compaq\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\compaq\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\compaq\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/14 06:13:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2012/09/09 06:48:45 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/14 06:13:37 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012/05/31 05:17:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\compaq\AppData\Roaming\mozilla\Extensions
[2012/09/28 06:05:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\compaq\AppData\Roaming\mozilla\Firefox\Profiles\5nw3xlej.default\extensions
[2012/07/29 07:14:18 | 000,000,000 | ---D | M] (Personas Rotator) -- C:\Users\compaq\AppData\Roaming\mozilla\Firefox\Profiles\5nw3xlej.default\extensions\{6e73f6b7-b9ab-44b8-b744-6393e3c2e351}
[2012/07/01 18:15:34 | 000,000,000 | ---D | M] (Panda Security Toolbar) -- C:\Users\compaq\AppData\Roaming\mozilla\Firefox\Profiles\5nw3xlej.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
[2012/09/19 19:59:25 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\compaq\AppData\Roaming\mozilla\Firefox\Profiles\5nw3xlej.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/09/12 05:17:07 | 000,000,000 | ---D | M] (DoNotTrackPlus) -- C:\Users\compaq\AppData\Roaming\mozilla\Firefox\Profiles\5nw3xlej.default\extensions\donottrackplus@abine.com
[2012/09/28 06:05:02 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\compaq\AppData\Roaming\mozilla\Firefox\Profiles\5nw3xlej.default\extensions\firefox@ghostery.com
[2012/05/14 22:11:46 | 000,049,880 | ---- | M] () (No name found) -- C:\Users\compaq\AppData\Roaming\mozilla\firefox\profiles\5nw3xlej.default\extensions\admin@indiarailinfo.com.xpi
[2011/08/14 09:59:54 | 000,047,822 | ---- | M] () (No name found) -- C:\Users\compaq\AppData\Roaming\mozilla\firefox\profiles\5nw3xlej.default\extensions\browserprotect@browserprotect.com.xpi
[2012/06/18 17:23:32 | 000,098,075 | ---- | M] () (No name found) -- C:\Users\compaq\AppData\Roaming\mozilla\firefox\profiles\5nw3xlej.default\extensions\datafox@thegoan.com.xpi
[2011/08/14 10:05:30 | 000,330,316 | ---- | M] () (No name found) -- C:\Users\compaq\AppData\Roaming\mozilla\firefox\profiles\5nw3xlej.default\extensions\personas@christopher.beard.xpi
[2012/09/12 05:17:09 | 000,089,442 | ---- | M] () (No name found) -- C:\Users\compaq\AppData\Roaming\mozilla\firefox\profiles\5nw3xlej.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi
[2012/08/04 20:35:52 | 002,966,066 | ---- | M] () (No name found) -- C:\Users\compaq\AppData\Roaming\mozilla\firefox\profiles\5nw3xlej.default\extensions\{c7b3cf78-9cbc-47b9-ba47-bb84a56069dd}.xpi
[2012/07/26 06:14:54 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\compaq\AppData\Roaming\mozilla\firefox\profiles\5nw3xlej.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/01/22 12:44:47 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\compaq\AppData\Roaming\mozilla\firefox\profiles\5nw3xlej.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2011/10/30 11:17:47 | 000,434,392 | ---- | M] () (No name found) -- C:\Users\compaq\AppData\Roaming\mozilla\firefox\profiles\5nw3xlej.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
[2012/08/30 02:26:22 | 000,007,915 | ---- | M] () (No name found) -- C:\Users\compaq\AppData\Roaming\mozilla\firefox\profiles\5nw3xlej.default\extensions\donottrackplus@abine.com\chrome\content\ff\view_expiry.js
[2012/09/29 07:25:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/06/14 00:00:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012/09/14 06:13:37 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/09/14 06:13:36 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/01/27 20:41:08 | 000,002,325 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pandasecuritytb.xml
[2012/09/14 06:13:36 | 000,002,253 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2012/09/10 22:52:10 | 000,005,142 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wchoppers.xml

========== Chrome ==========


O1 HOSTS File: ([2012/09/10 22:52:59 | 000,000,896 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
O2 - BHO: (Plugin for Media Finder) - {AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2} - C:\Users\compaq\AppData\Roaming\Media Finder\Extensions\IEPlugin32.dll (Media Finder)
O2 - BHO: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll ()
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O3 - HKLM\..\Toolbar: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll ()
O4 - HKLM..\Run: [Bdagent] C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe (Bitdefender)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [Panda Security URL Filtering] C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe (Panda Security)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files\Media Finder\hook.html File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2F089247-604D-468C-BBA6-06D82BE1296D}: NameServer = 218.248.255.139 218.248.245.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F04CCFAB-8073-477A-94E1-1366EFDD85CF}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 03:12:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

========== Files/Folders - Created Within 30 Days ==========

[2012/09/29 07:33:01 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\compaq\Desktop\OTL.exe
[2012/09/29 07:30:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/09/29 07:30:05 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/09/29 07:30:05 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/09/29 07:27:25 | 010,524,080 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\compaq\Desktop\123.exe
[2012/09/28 20:49:57 | 000,000,000 | ---D | C] -- C:\Users\compaq\Desktop\Atwater_system_files
[2012/09/28 20:47:56 | 000,000,000 | ---D | C] -- C:\Users\compaq\Desktop\Food_energy_files
[2012/09/28 20:45:37 | 000,000,000 | ---D | C] -- C:\Users\compaq\Desktop\Harris-Benedict_equation_files
[2012/09/28 20:26:16 | 000,000,000 | ---D | C] -- C:\Users\compaq\Desktop\calories_files
[2012/09/28 20:20:34 | 000,000,000 | ---D | C] -- C:\Users\compaq\Desktop\How To Calculate Percentage Of Calories From Fat, Carbohydrate & Protein _ LIVESTRONG.COM_files
[2012/09/22 11:51:03 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/09/22 11:51:02 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/09/22 11:51:01 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/09/22 11:51:01 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/09/22 11:51:01 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/09/22 11:51:00 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/09/22 11:51:00 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/09/22 11:50:59 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/09/19 20:46:57 | 000,000,000 | ---D | C] -- C:\Users\compaq\Desktop\gmer
[2012/09/19 20:37:47 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\compaq\Desktop\dds.com
[2012/09/12 06:21:24 | 000,240,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2012/09/12 06:21:24 | 000,187,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2012/09/10 22:51:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WGA Remover
[2012/09/10 22:51:50 | 000,000,000 | ---D | C] -- C:\Program Files\WGA Remover
[2012/09/10 05:28:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2012/09/10 05:27:14 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2012/09/09 10:10:14 | 000,000,000 | ---D | C] -- C:\Users\compaq\Desktop\testdisk-6.13
[2012/09/09 09:27:05 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LSCSHostPolicy.dll
[2012/09/09 09:27:05 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\TsUsbFlt.sys
[2012/09/09 09:27:05 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
[2012/09/09 09:27:01 | 001,171,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012/09/09 09:27:01 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2012/09/09 09:27:01 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2012/09/09 09:27:00 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tssrvlic.dll
[2012/09/09 09:26:59 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2012/09/09 09:26:59 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012/09/09 09:26:59 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2012/09/09 09:26:58 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2012/09/09 09:26:57 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2012/09/09 09:26:57 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2012/09/09 09:26:56 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll
[2012/09/09 09:26:55 | 003,207,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2012/09/09 09:26:55 | 001,334,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2012/09/09 09:26:55 | 000,520,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2012/09/09 09:26:54 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2012/09/09 09:26:54 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2012/09/09 09:26:54 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2012/09/09 09:26:53 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2012/09/09 09:26:52 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWSnapin.dll
[2012/09/09 09:26:52 | 001,115,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2012/09/09 09:26:50 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2012/09/09 09:26:49 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012/09/09 09:26:49 | 001,828,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2012/09/09 09:26:48 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2012/09/09 09:26:48 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PushPrinterConnections.exe
[2012/09/09 09:26:47 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe
[2012/09/09 09:26:47 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2012/09/09 09:26:47 | 000,280,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe
[2012/09/09 09:26:46 | 001,371,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmcore.dll
[2012/09/09 09:26:46 | 000,863,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2012/09/09 09:26:45 | 003,367,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2012/09/09 09:26:45 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavengeui.dll
[2012/09/09 09:26:44 | 002,522,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2012/09/09 09:26:44 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWorkspace.dll
[2012/09/09 09:26:44 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2012/09/09 09:26:44 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsmf.dll
[2012/09/09 09:26:43 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2012/09/09 09:26:43 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2012/09/09 09:26:43 | 000,260,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpshell.exe
[2012/09/09 09:26:42 | 002,151,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2012/09/09 09:26:42 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpprefcl.dll
[2012/09/09 09:26:42 | 000,252,928 | ---- | C] (Microsoft) -- C:\Windows\System32\DShowRdpFilter.dll
[2012/09/09 09:26:42 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2012/09/09 09:26:41 | 001,792,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2012/09/09 09:26:41 | 000,974,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppobjs.dll
[2012/09/09 09:26:41 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2012/09/09 09:26:41 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2012/09/09 09:26:41 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2012/09/09 09:26:40 | 001,712,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2012/09/09 09:26:40 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2012/09/09 09:26:40 | 000,508,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2012/09/09 09:26:40 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2012/09/09 09:26:40 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe
[2012/09/09 09:26:40 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012/09/09 09:26:39 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppwinob.dll
[2012/09/09 09:26:39 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
[2012/09/09 09:26:39 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfds.dll
[2012/09/09 09:26:39 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll
[2012/09/09 09:26:38 | 001,063,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\werconcpl.dll
[2012/09/09 09:26:38 | 000,762,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2012/09/09 09:26:38 | 000,442,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2012/09/09 09:26:38 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2012/09/09 09:26:38 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appmgr.dll
[2012/09/09 09:26:38 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpclip.exe
[2012/09/09 09:26:38 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2012/09/09 09:26:38 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpendp.dll
[2012/09/09 09:26:37 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2012/09/09 09:26:37 | 000,508,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2012/09/09 09:26:37 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2012/09/09 09:26:37 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2012/09/09 09:26:37 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpinit.exe
[2012/09/09 09:26:37 | 000,148,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys
[2012/09/09 09:26:37 | 000,144,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2012/09/09 09:26:36 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2012/09/09 09:26:36 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\calc.exe
[2012/09/09 09:26:36 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2012/09/09 09:26:36 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSATAPI.dll
[2012/09/09 09:26:36 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vpnike.dll
[2012/09/09 09:26:35 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2012/09/09 09:26:35 | 000,477,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe
[2012/09/09 09:26:35 | 000,271,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fveapi.dll
[2012/09/09 09:26:35 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tspubwmi.dll
[2012/09/09 09:26:34 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hgprint.dll
[2012/09/09 09:26:33 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prncache.dll
[2012/09/09 09:26:32 | 000,690,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2012/09/09 09:26:32 | 000,458,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2012/09/09 09:26:32 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2012/09/09 09:26:32 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2012/09/09 09:26:32 | 000,175,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\vmbus.sys
[2012/09/09 09:26:32 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net1.exe
[2012/09/09 09:26:32 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2012/09/09 09:26:32 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aitagent.exe
[2012/09/09 09:26:31 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2012/09/09 09:26:31 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2012/09/09 09:26:31 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2012/09/09 09:26:30 | 002,504,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2012/09/09 09:26:30 | 001,750,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2012/09/09 09:26:30 | 000,782,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webservices.dll
[2012/09/09 09:26:30 | 000,464,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrptadm.dll
[2012/09/09 09:26:30 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2012/09/09 09:26:30 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2012/09/09 09:26:30 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSHVHOST.DLL
[2012/09/09 09:26:30 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2012/09/09 09:26:30 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fde.dll
[2012/09/09 09:26:30 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2012/09/09 09:26:30 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2012/09/09 09:26:29 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2012/09/09 09:26:29 | 000,907,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdengin2.dll
[2012/09/09 09:26:29 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netdiagfx.dll
[2012/09/09 09:26:29 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmicsvc.exe
[2012/09/09 09:26:29 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscfgwmi.dll
[2012/09/09 09:26:29 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscobj.dll
[2012/09/09 09:26:29 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2012/09/09 09:26:29 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbGDCoInstaller.dll
[2012/09/09 09:26:28 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2012/09/09 09:26:28 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ENC.DLL
[2012/09/09 09:26:28 | 000,727,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2012/09/09 09:26:28 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DXPTaskRingtone.dll
[2012/09/09 09:26:28 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2012/09/09 09:26:28 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2012/09/09 09:26:28 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcl.exe
[2012/09/09 09:26:28 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2012/09/09 09:26:27 | 001,624,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPEncEn.dll
[2012/09/09 09:26:27 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2012/09/09 09:26:27 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
[2012/09/09 09:26:26 | 002,217,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootres.dll
[2012/09/09 09:26:26 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Narrator.exe
[2012/09/09 09:26:26 | 000,679,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2012/09/09 09:26:26 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2012/09/09 09:26:26 | 000,303,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2012/09/09 09:26:26 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vaultsvc.dll
[2012/09/09 09:26:26 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2012/09/09 09:26:26 | 000,194,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\halmacpi.dll
[2012/09/09 09:26:26 | 000,194,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hal.dll
[2012/09/09 09:26:26 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2012/09/09 09:26:26 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2012/09/09 09:26:26 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2012/09/09 09:26:26 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2012/09/09 09:26:26 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\proquota.exe
[2012/09/09 09:26:25 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2012/09/09 09:26:25 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2012/09/09 09:26:25 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2012/09/09 09:26:25 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2012/09/09 09:26:25 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2012/09/09 09:26:25 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedyn.dll
[2012/09/09 09:26:25 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2012/09/09 09:26:25 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2012/09/09 09:26:25 | 000,155,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2012/09/09 09:26:25 | 000,035,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\winusb.sys
[2012/09/09 09:26:24 | 000,665,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll
[2012/09/09 09:26:24 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2012/09/09 09:26:24 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DXP.dll
[2012/09/09 09:26:24 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL
[2012/09/09 09:26:24 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netid.dll
[2012/09/09 09:26:23 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2012/09/09 09:26:22 | 001,326,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2012/09/09 09:26:22 | 001,131,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2012/09/09 09:26:22 | 001,003,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2012/09/09 09:26:22 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Vault.dll
[2012/09/09 09:26:22 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2012/09/09 09:26:22 | 000,132,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2012/09/09 09:26:22 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nci.dll
[2012/09/09 09:26:21 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DxpTaskSync.dll
[2012/09/09 09:26:21 | 000,098,816 | ---- | C] (Microsoft) -- C:\Windows\System32\Robocopy.exe
[2012/09/09 09:26:20 | 001,188,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DiagCpl.dll
[2012/09/09 09:26:20 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Display.dll
[2012/09/09 09:26:20 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2012/09/09 09:26:20 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\termmgr.dll
[2012/09/09 09:26:20 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiobj.dll
[2012/09/09 09:26:20 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sharemediacpl.dll
[2012/09/09 09:26:20 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2012/09/09 09:26:20 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2012/09/09 09:26:20 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\userinit.exe
[2012/09/09 09:26:19 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2012/09/09 09:26:19 | 000,140,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\scsiport.sys
[2012/09/09 09:26:19 | 000,043,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\winhv.sys
[2012/09/09 09:26:18 | 001,066,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2012/09/09 09:26:18 | 000,856,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallControlPanel.dll
[2012/09/09 09:26:18 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\biocpl.dll
[2012/09/09 09:26:18 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadefui.dll
[2012/09/09 09:26:18 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msconfig.exe
[2012/09/09 09:26:18 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppcomapi.dll
[2012/09/09 09:26:18 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logoncli.dll
[2012/09/09 09:26:18 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2012/09/09 09:26:18 | 000,040,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\vmstorfl.sys
[2012/09/09 09:26:18 | 000,028,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storvsc.sys
[2012/09/09 09:26:17 | 002,202,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SensorsCpl.dll
[2012/09/09 09:26:17 | 002,157,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2012/09/09 09:26:17 | 000,766,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2012/09/09 09:26:17 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2012/09/09 09:26:17 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscmmc.dll
[2012/09/09 09:26:16 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2012/09/09 09:26:16 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2012/09/09 09:26:16 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hgcpl.dll
[2012/09/09 09:26:16 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2012/09/09 09:26:15 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2012/09/09 09:26:15 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2012/09/09 09:26:15 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localsec.dll
[2012/09/09 09:26:15 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2012/09/09 09:26:15 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprddm.dll
[2012/09/09 09:26:15 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll
[2012/09/09 09:26:15 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdsrv.dll
[2012/09/09 09:26:15 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2012/09/09 09:26:14 | 003,727,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2012/09/09 09:26:14 | 001,644,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2012/09/09 09:26:14 | 000,941,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2012/09/09 09:26:14 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VAN.dll
[2012/09/09 09:26:14 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2012/09/09 09:26:14 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2012/09/09 09:26:14 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizeng.dll
[2012/09/09 09:26:14 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2012/09/09 09:26:14 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroleui.dll
[2012/09/09 09:26:14 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprt.exe
[2012/09/09 09:26:14 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prntvpt.dll
[2012/09/09 09:26:14 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w32tm.exe
[2012/09/09 09:26:13 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\main.cpl
[2012/09/09 09:26:13 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSAC3ENC.DLL
[2012/09/09 09:26:13 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2012/09/09 09:26:13 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2012/09/09 09:26:12 | 002,130,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2012/09/09 09:26:12 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2012/09/09 09:26:12 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionCenter.dll
[2012/09/09 09:26:12 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbda.dll
[2012/09/09 09:26:12 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnfldr.dll
[2012/09/09 09:26:12 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2012/09/09 09:26:12 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slui.exe
[2012/09/09 09:26:12 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2012/09/09 09:26:12 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2012/09/09 09:26:12 | 000,312,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MCEWMDRMNDBootstrap.dll
[2012/09/09 09:26:12 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2012/09/09 09:26:12 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskbarcpl.dll
[2012/09/09 09:26:12 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OnLineIDCpl.dll
[2012/09/09 09:26:12 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldp.dll
[2012/09/09 09:26:12 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2012/09/09 09:26:12 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netjoin.dll
[2012/09/09 09:26:12 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
[2012/09/09 09:26:11 | 000,750,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdcpl.dll
[2012/09/09 09:26:11 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2012/09/09 09:26:11 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabletPC.cpl
[2012/09/09 09:26:11 | 000,577,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2012/09/09 09:26:11 | 000,537,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionCenterCPL.dll
[2012/09/09 09:26:11 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2012/09/09 09:26:11 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\intl.cpl
[2012/09/09 09:26:11 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtrmgr.dll
[2012/09/09 09:26:11 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\defaultlocationcpl.dll
[2012/09/09 09:26:11 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\efscore.dll
[2012/09/09 09:26:11 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifsutil.dll
[2012/09/09 09:26:11 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2012/09/09 09:26:11 | 000,137,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\halacpi.dll
[2012/09/09 09:26:11 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recovery.dll
[2012/09/09 09:26:11 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2012/09/09 09:26:11 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2012/09/09 09:26:11 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2012/09/09 09:26:11 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sisbkup.dll
[2012/09/09 09:26:10 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OobeFldr.dll
[2012/09/09 09:26:10 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2012/09/09 09:26:10 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceCenter.dll
[2012/09/09 09:26:10 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2012/09/09 09:26:10 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdedit.exe
[2012/09/09 09:26:10 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recdisc.exe
[2012/09/09 09:26:10 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2012/09/09 09:26:10 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppnp.dll
[2012/09/09 09:26:10 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSTPager.ax
[2012/09/09 09:26:09 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2012/09/09 09:26:09 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshwfp.dll
[2012/09/09 09:26:09 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2012/09/09 09:26:09 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2012/09/09 09:26:09 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2012/09/09 09:26:09 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll
[2012/09/09 09:26:09 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksproxy.ax
[2012/09/09 09:26:09 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpsrcwp.dll
[2012/09/09 09:26:09 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fvecpl.dll
[2012/09/09 09:26:09 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2012/09/09 09:26:09 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdboot.exe
[2012/09/09 09:26:09 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPHLPR.DLL
[2012/09/09 09:26:09 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\migisol.dll
[2012/09/09 09:26:09 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll
[2012/09/09 09:26:09 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpsign.exe
[2012/09/09 09:26:08 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2012/09/09 09:26:08 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshipsec.dll
[2012/09/09 09:26:08 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe
[2012/09/09 09:26:08 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ReAgent.dll
[2012/09/09 09:26:08 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wavemsp.dll
[2012/09/09 09:26:08 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll
[2012/09/09 09:26:08 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\isoburn.exe
[2012/09/09 09:26:08 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2012/09/09 09:26:06 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2012/09/09 09:26:05 | 000,586,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgui.exe
[2012/09/09 09:26:05 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wvc.dll
[2012/09/09 09:26:05 | 000,438,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AdmTmpl.dll
[2012/09/09 09:26:05 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wimgapi.dll
[2012/09/09 09:26:05 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3ui.dll
[2012/09/09 09:26:05 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll
[2012/09/09 09:26:05 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2012/09/09 09:26:05 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzutil.exe
[2012/09/09 09:26:04 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2012/09/09 09:26:04 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcap.dll
[2012/09/09 09:26:04 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupugc.exe
[2012/09/09 09:26:04 | 000,051,200 | ---- | C] (Twain Working Group) -- C:\Windows\twain_32.dll
[2012/09/09 09:26:03 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2012/09/09 09:26:03 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssText3d.scr
[2012/09/09 09:26:03 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srrstr.dll
[2012/09/09 09:26:03 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qasf.dll
[2012/09/09 09:26:03 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanconn.dll
[2012/09/09 09:26:03 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationSettings.exe
[2012/09/09 09:26:03 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uxlib.dll
[2012/09/09 09:26:03 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2012/09/09 09:26:02 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2012/09/09 09:26:02 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2012/09/09 09:26:02 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wimserv.exe
[2012/09/09 09:26:02 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2012/09/09 09:26:02 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingFolder.dll
[2012/09/09 09:26:02 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2012/09/09 09:26:02 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2012/09/09 09:26:02 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\acppage.dll
[2012/09/09 09:26:01 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onexui.dll
[2012/09/09 09:26:01 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2012/09/09 09:26:01 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nltest.exe
[2012/09/09 09:26:01 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeResults.exe
[2012/09/09 09:26:01 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iTVData.dll
[2012/09/09 09:26:01 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2012/09/09 09:26:01 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2012/09/09 09:26:01 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpdwcn.dll
[2012/09/09 09:26:01 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2012/09/09 09:26:01 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetapi.dll
[2012/09/09 09:26:01 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsbas.dll
[2012/09/09 09:26:01 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfmon.exe
[2012/09/09 09:26:01 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UserAccountControlSettings.dll
[2012/09/09 09:26:01 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe
[2012/09/09 09:26:01 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\runonce.exe
[2012/09/09 09:26:01 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPCRYPT.DLL
[2012/09/09 09:26:01 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vpnikeapi.dll
[2012/09/09 09:26:00 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmdev.dll
[2012/09/09 09:26:00 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2012/09/09 09:26:00 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2012/09/09 09:26:00 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsadmin.exe
[2012/09/09 09:26:00 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFPlay.dll
[2012/09/09 09:26:00 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2012/09/09 09:26:00 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll
[2012/09/09 09:26:00 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2012/09/09 09:26:00 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2012/09/09 09:26:00 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsmproxy.dll
[2012/09/09 09:25:59 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2012/09/09 09:25:59 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Bubbles.scr
[2012/09/09 09:25:59 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlcese30.dll
[2012/09/09 09:25:59 | 000,211,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2012/09/09 09:25:59 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kstvtune.ax
[2012/09/09 09:25:59 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tabcal.exe
[2012/09/09 09:25:59 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdmat.dll
[2012/09/09 09:25:59 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpd3d.dll
[2012/09/09 09:25:59 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsium.dll
[2012/09/09 09:25:58 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceStatus.dll
[2012/09/09 09:25:58 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2012/09/09 09:25:58 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2012/09/09 09:25:58 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mystify.scr
[2012/09/09 09:25:58 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Ribbons.scr
[2012/09/09 09:25:58 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceSyncProvider.dll
[2012/09/09 09:25:58 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionQueue.dll
[2012/09/09 09:25:58 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2012/09/09 09:25:58 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercfg.cpl
[2012/09/09 09:25:58 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MdSched.exe
[2012/09/09 09:25:58 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CscMig.dll
[2012/09/09 09:25:58 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSVRMGMT.DLL
[2012/09/09 09:25:58 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2012/09/09 09:25:58 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olethk32.dll
[2012/09/09 09:25:58 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapistub.dll
[2012/09/09 09:25:58 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapi32.dll
[2012/09/09 09:25:58 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpremove.exe
[2012/09/09 09:25:58 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2012/09/09 09:25:58 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\djoin.exe
[2012/09/09 09:25:58 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanprotdim.dll
[2012/09/09 09:25:58 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2012/09/09 09:25:57 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOD.DLL
[2012/09/09 09:25:57 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2012/09/09 09:25:57 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VBICodec.ax
[2012/09/09 09:25:57 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2012/09/09 09:25:57 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiavideo.dll
[2012/09/09 09:25:57 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax
[2012/09/09 09:25:57 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fphc.dll
[2012/09/09 09:25:57 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\takeown.exe
[2012/09/09 09:25:57 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\utildll.dll
[2012/09/09 09:25:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
[2012/09/09 09:25:56 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmnet.dll
[2012/09/09 09:25:56 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdv.dll
[2012/09/09 09:25:56 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2012/09/09 09:25:56 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattend.dll
[2012/09/09 09:25:56 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
[2012/09/09 09:25:56 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppinst.dll
[2012/09/09 09:25:56 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstp.exe
[2012/09/09 09:25:56 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QCLIPROV.DLL
[2012/09/09 09:25:56 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cca.dll
[2012/09/09 09:25:55 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2012/09/09 09:25:55 | 000,567,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2012/09/09 09:25:55 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelPost.exe
[2012/09/09 09:25:55 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcln.dll
[2012/09/09 09:25:55 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MuiUnattend.exe
[2012/09/09 09:25:55 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vfwwdm32.dll
[2012/09/09 09:25:55 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2012/09/09 09:25:55 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\umb.dll
[2012/09/09 09:25:55 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdhui.dll
[2012/09/09 09:25:55 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basesrv.dll
[2012/09/09 09:25:55 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qprocess.exe
[2012/09/09 09:25:54 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msorcl32.dll
[2012/09/09 09:25:54 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsicli.exe
[2012/09/09 09:25:54 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\desk.cpl
[2012/09/09 09:25:54 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BdeHdCfg.exe
[2012/09/09 09:25:54 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2012/09/09 09:25:54 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spbcd.dll
[2012/09/09 09:25:54 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wkscli.dll
[2012/09/09 09:25:54 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WavDest.dll
[2012/09/09 09:25:54 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\relog.exe
[2012/09/09 09:25:54 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PrintIsolationProxy.dll
[2012/09/09 09:25:54 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AzSqlExt.dll
[2012/09/09 09:25:54 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qwinsta.exe
[2012/09/09 09:25:54 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2012/09/09 09:25:54 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msg.exe
[2012/09/09 09:25:54 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chglogon.exe
[2012/09/09 09:25:53 | 001,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2012/09/09 09:25:53 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSTIFF.dll
[2012/09/09 09:25:53 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\itircl.dll
[2012/09/09 09:25:53 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpps.dll
[2012/09/09 09:25:53 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2012/09/09 09:25:53 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2012/09/09 09:25:53 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2012/09/09 09:25:53 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amstream.dll
[2012/09/09 09:25:53 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertPolEng.dll
[2012/09/09 09:25:53 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MultiDigiMon.exe
[2012/09/09 09:25:53 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2012/09/09 09:25:53 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksxbar.ax
[2012/09/09 09:25:53 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2012/09/09 09:25:53 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netbtugc.exe
[2012/09/09 09:25:53 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quser.exe
[2012/09/09 09:25:53 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chgport.exe
[2012/09/09 09:25:53 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsdiscon.exe
[2012/09/09 09:25:53 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscon.exe
[2012/09/09 09:25:53 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qappsrv.exe
[2012/09/09 09:25:53 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chgusr.exe
[2012/09/09 09:25:53 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syssetup.dll
[2012/09/09 09:25:53 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nrpsrv.dll
[2012/09/09 09:25:52 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2012/09/09 09:25:52 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2012/09/09 09:25:52 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppc.dll
[2012/09/09 09:25:52 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2012/09/09 09:25:52 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2012/09/09 09:25:52 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tlscsp.dll
[2012/09/09 09:25:52 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2012/09/09 09:25:52 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciqtz32.dll
[2012/09/09 09:25:52 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiarpc.dll
[2012/09/09 09:25:52 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
[2012/09/09 09:25:52 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tskill.exe
[2012/09/09 09:25:52 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ReAgentc.exe
[2012/09/09 09:25:52 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logoff.exe
[2012/09/09 09:25:52 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shadow.exe
[2012/09/09 09:25:52 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rwinsta.exe
[2012/09/09 09:25:52 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\muifontsetup.dll
[2012/09/09 09:25:51 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\manage-bde.exe
[2012/09/09 09:25:51 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\repair-bde.exe
[2012/09/09 09:25:51 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\luainstall.dll
[2012/09/09 09:25:51 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe
[2012/09/09 09:25:51 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbisurf.ax
[2012/09/09 09:25:51 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdiasqmmodule.dll
[2012/09/09 09:25:51 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll
[2012/09/09 09:25:51 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbrpm.sys
[2012/09/09 09:25:51 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe
[2012/09/09 09:25:51 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll
[2012/09/09 09:25:51 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdi.sys
[2012/09/09 09:25:51 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdprefdrvapi.dll
[2012/09/09 09:25:51 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spopk.dll
[2012/09/09 09:25:50 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2012/09/09 09:25:50 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmicres.dll
[2012/09/09 09:25:50 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetmib1.dll
[2012/09/09 09:25:50 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\g711codc.ax
[2012/09/09 09:25:50 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmbusres.dll
[2012/09/09 09:25:50 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2012/09/09 09:25:50 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2012/09/09 09:25:50 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmstorfltres.dll
[2012/09/09 09:25:50 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\profprov.dll
[2012/09/09 09:25:50 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reset.exe
[2012/09/09 09:25:50 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\change.exe
[2012/09/09 09:25:50 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\query.exe
[2012/09/09 09:25:49 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSMON.dll
[2012/09/09 09:25:49 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfts.dll
[2012/09/09 09:25:48 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPENCDD.dll
[2012/09/09 09:25:48 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\elsTrans.dll
[2012/09/09 09:25:48 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TRAPI.dll
[2012/09/09 09:25:48 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsperf.dll
[2012/09/09 09:25:47 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napdsnap.dll
[2012/09/09 09:25:47 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsauth.dll
[2012/09/09 09:25:47 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schedcli.dll
[2012/09/09 09:25:46 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2012/09/09 09:25:46 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll
[2012/09/09 09:25:46 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sscore.dll
[2012/09/09 09:25:46 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll
[2012/09/09 09:25:45 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\VMBusHID.sys
[2012/09/09 09:25:45 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcfgex.dll
[2012/09/09 09:25:44 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VmbusCoinstaller.dll
[2012/09/09 09:25:44 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VmdCoinstall.dll
[2012/09/09 09:25:44 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IcCoinstall.dll
[2012/09/09 09:25:44 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmictimeprovider.dll
[2012/09/09 09:25:44 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2012/09/09 09:25:44 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2012/09/09 09:25:44 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmbuspipe.dll
[2012/09/09 09:25:44 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshirda.dll
[2012/09/09 09:25:44 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2012/09/09 09:25:43 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPREFDD.dll
[2012/09/09 09:25:43 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\C_ISCII.DLL
[2012/09/09 09:25:43 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shunimpl.dll
[2012/09/09 09:25:43 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2012/09/09 09:25:43 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2012/09/09 09:25:41 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2012/09/09 09:25:41 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlsbres.dll
[2012/09/09 09:25:41 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pifmgr.dll
[2012/09/09 09:25:41 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDSG.DLL
[2012/09/09 09:25:41 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbdlk41a.dll
[2012/09/09 09:25:41 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDCZ1.DLL
[2012/09/09 09:25:41 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTUQ.DLL
[2012/09/09 09:25:41 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTUF.DLL
[2012/09/09 09:25:41 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDSF.DLL
[2012/09/09 09:25:41 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDPO.DLL
[2012/09/09 09:25:41 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDNEPR.DLL
[2012/09/09 09:25:41 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINBEN.DLL
[2012/09/09 09:25:41 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGR1.DLL
[2012/09/09 09:25:41 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGKL.DLL
[2012/09/09 09:25:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDUS.DLL
[2012/09/09 09:25:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDUGHR1.DLL
[2012/09/09 09:25:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTURME.DLL
[2012/09/09 09:25:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTAJIK.DLL
[2012/09/09 09:25:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDMON.DLL
[2012/09/09 09:25:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDMAORI.DLL
[2012/09/09 09:25:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDLT1.DLL
[2012/09/09 09:25:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINTEL.DLL
[2012/09/09 09:25:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINTAM.DLL
[2012/09/09 09:25:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINORI.DLL
[2012/09/09 09:25:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINMAR.DLL
[2012/09/09 09:25:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINKAN.DLL
[2012/09/09 09:25:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINHIN.DLL
[2012/09/09 09:25:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBULG.DLL
[2012/09/09 09:25:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBLR.DLL
[2012/09/09 09:25:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBASH.DLL
[2012/09/09 09:25:41 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\vms3cap.sys
[2012/09/09 09:25:41 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGEO.DLL
[2012/09/09 09:25:41 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnaddr.dll
[2012/09/09 09:25:40 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BlbEvents.dll
[2012/09/09 09:25:40 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizres.dll
[2012/09/09 09:25:30 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2012/09/09 09:24:57 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll
[2012/09/09 09:24:40 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqmapi.dll
[2012/09/09 08:53:32 | 000,751,391 | ---- | C] (Farbar) -- C:\Users\compaq\Desktop\MiniToolBox.exe
[2012/09/09 08:39:38 | 000,000,000 | ---D | C] -- C:\Users\compaq\AppData\Roaming\Malwarebytes
[2012/09/09 08:39:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/09/09 07:34:56 | 000,919,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll
[2012/09/09 07:34:56 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpudd.dll
[2012/09/09 07:34:56 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdpvideominiport.sys
[2012/09/09 07:34:45 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012/09/09 07:34:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2012/09/09 07:33:49 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/09/09 07:33:44 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll
[2012/09/09 07:33:31 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/09/09 07:33:30 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/09/09 07:33:24 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll
[2012/09/09 07:33:20 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2012/09/09 07:33:20 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2012/09/09 07:33:20 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe
[2012/09/09 07:33:10 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012/09/09 07:27:31 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll
[2012/09/09 07:24:43 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012/09/09 07:24:43 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012/09/09 07:24:37 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012/09/09 07:24:37 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2012/09/09 07:24:37 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012/09/09 07:24:30 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012/09/09 07:24:30 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012/09/09 06:49:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2013
[2012/09/09 06:48:53 | 000,072,704 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\bdvedisk.sys
[2012/09/09 06:48:33 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\capicom.dll
[2012/09/09 06:48:33 | 000,077,192 | ---- | C] (BitDefender LLC) -- C:\Windows\System32\drivers\BdfNdisf6.sys
[2012/09/09 06:48:33 | 000,066,392 | ---- | C] (BitDefender SRL) -- C:\Windows\System32\drivers\bdsandbox.sys
[2012/09/09 06:48:30 | 000,617,984 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\avc3.sys
[2012/09/09 06:48:30 | 000,473,248 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\avckf.sys
[2012/09/09 06:34:07 | 000,000,000 | ---D | C] -- C:\Users\compaq\AppData\Roaming\Bitdefender
[2012/09/09 06:34:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Bitdefender
[2012/09/09 06:29:59 | 000,343,456 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\System32\drivers\trufos.sys
[2012/09/09 06:29:59 | 000,161,312 | ---- | C] (BitDefender LLC) -- C:\Windows\System32\drivers\gzflt.sys
[2012/09/05 06:37:40 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012/09/03 12:11:15 | 000,000,000 | ---D | C] -- C:\Users\compaq\Documents\How To Take Apart A Microwave_files
[2012/09/02 17:08:22 | 000,000,000 | ---D | C] -- C:\Users\compaq\New folder (3)
[2012/08/31 11:45:34 | 000,000,000 | ---D | C] -- C:\Users\compaq\CHEMISTRY PROJECT -ATOMS
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/09/29 07:40:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/09/29 07:35:58 | 000,054,016 | ---- | M] () -- C:\Windows\System32\drivers\jsguyh.sys
[2012/09/29 07:33:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\compaq\Desktop\OTL.exe
[2012/09/29 07:29:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/29 07:27:58 | 010,524,080 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\compaq\Desktop\123.exe
[2012/09/29 07:21:09 | 000,014,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/29 07:21:09 | 000,014,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/29 07:06:01 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2076268704-2953641702-797820338-1000UA.job
[2012/09/29 07:06:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2076268704-2953641702-797820338-1000Core.job
[2012/09/29 06:29:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/09/29 06:25:19 | 000,615,122 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/09/29 06:25:19 | 000,103,496 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/09/29 06:20:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/29 06:20:50 | 2791,137,280 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/28 20:49:58 | 000,223,078 | ---- | M] () -- C:\Users\compaq\Desktop\Atwater_system.htm
[2012/09/28 20:47:56 | 000,237,247 | ---- | M] () -- C:\Users\compaq\Desktop\Food_energy.htm
[2012/09/28 20:45:38 | 000,214,800 | ---- | M] () -- C:\Users\compaq\Desktop\Harris-Benedict_equation.htm
[2012/09/28 20:26:18 | 000,027,579 | ---- | M] () -- C:\Users\compaq\Desktop\calories.shtml
[2012/09/28 20:20:37 | 000,176,109 | ---- | M] () -- C:\Users\compaq\Desktop\How To Calculate Percentage Of Calories From Fat, Carbohydrate & Protein _ LIVESTRONG.COM.htm
[2012/09/28 06:35:08 | 000,161,312 | ---- | M] (BitDefender LLC) -- C:\Windows\System32\drivers\gzflt.sys
[2012/09/19 22:33:19 | 002,748,760 | ---- | M] () -- C:\Users\compaq\nutritio.pdf
[2012/09/19 20:37:48 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\compaq\Desktop\dds.com
[2012/09/15 22:30:27 | 000,009,488 | ---- | M] () -- C:\Users\compaq\Desktop\ex1087.pdf
[2012/09/14 06:40:42 | 000,000,478 | ---- | M] () -- C:\Windows\System32\checkdnsid.xml
[2012/09/10 22:52:59 | 000,000,896 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/09/10 07:24:28 | 002,098,896 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/09/10 05:36:36 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msclmd.dll
[2012/09/09 08:53:32 | 000,751,391 | ---- | M] (Farbar) -- C:\Users\compaq\Desktop\MiniToolBox.exe
[2012/09/09 08:53:01 | 000,458,240 | ---- | M] () -- C:\Users\compaq\Desktop\CKScanner.exe
[2012/09/09 06:50:20 | 000,955,027 | ---- | M] () -- C:\ProgramData\1347152380.bdinstall.bin
[2012/09/09 06:49:28 | 000,253,404 | -H-- | M] () -- C:\bdr-ld01
[2012/09/09 06:49:28 | 000,009,216 | -H-- | M] () -- C:\bdr-ld01.mbr
[2012/09/09 06:49:28 | 000,000,308 | -H-- | M] () -- C:\bdr-cf01
[2012/09/09 06:49:18 | 000,002,122 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Total Security 2013.lnk
[2012/09/09 06:28:03 | 000,151,485 | ---- | M] () -- C:\ProgramData\1347152138.bdinstall.bin
[2012/09/08 18:04:38 | 000,072,647 | ---- | M] () -- C:\Users\compaq\Desktop\PediatricGuidelinesFinal.pdf
[2012/09/08 17:55:39 | 000,059,822 | ---- | M] () -- C:\Users\compaq\Desktop\R 2.png
[2012/09/08 17:54:37 | 000,067,200 | ---- | M] () -- C:\Users\compaq\Desktop\R 1.png
[2012/09/08 07:08:34 | 000,297,067 | ---- | M] () -- C:\Users\compaq\Yuvraj_Singh.htm
[2012/09/08 07:05:35 | 000,179,787 | ---- | M] () -- C:\Users\compaq\Yogeshwar_Dutt.htm
[2012/09/08 07:04:48 | 000,191,624 | ---- | M] () -- C:\Users\compaq\Vijay_Kumar_(sport_shooter).htm
[2012/09/07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/09/07 10:51:44 | 000,000,407 | ---- | M] () -- C:\Users\compaq\Desktop\Downloads.lnk
[2012/09/03 12:11:18 | 000,167,240 | ---- | M] () -- C:\Users\compaq\Documents\How To Take Apart A Microwave.htm
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/09/29 07:35:57 | 000,054,016 | ---- | C] () -- C:\Windows\System32\drivers\jsguyh.sys
[2012/09/28 20:49:57 | 000,223,078 | ---- | C] () -- C:\Users\compaq\Desktop\Atwater_system.htm
[2012/09/28 20:47:55 | 000,237,247 | ---- | C] () -- C:\Users\compaq\Desktop\Food_energy.htm
[2012/09/28 20:45:37 | 000,214,800 | ---- | C] () -- C:\Users\compaq\Desktop\Harris-Benedict_equation.htm
[2012/09/28 20:26:16 | 000,027,579 | ---- | C] () -- C:\Users\compaq\Desktop\calories.shtml
[2012/09/28 20:20:34 | 000,176,109 | ---- | C] () -- C:\Users\compaq\Desktop\How To Calculate Percentage Of Calories From Fat, Carbohydrate & Protein _ LIVESTRONG.COM.htm
[2012/09/19 22:33:19 | 002,748,760 | ---- | C] () -- C:\Users\compaq\nutritio.pdf
[2012/09/15 22:30:27 | 000,009,488 | ---- | C] () -- C:\Users\compaq\Desktop\ex1087.pdf
[2012/09/09 09:27:00 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2012/09/09 09:26:51 | 000,146,852 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2012/09/09 09:25:53 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2012/09/09 09:25:49 | 000,010,429 | ---- | C] () -- C:\Windows\System32\ScavengeSpace.xml
[2012/09/09 09:25:39 | 000,105,559 | ---- | C] () -- C:\Windows\System32\RacRules.xml
[2012/09/09 08:53:00 | 000,458,240 | ---- | C] () -- C:\Users\compaq\Desktop\CKScanner.exe
[2012/09/09 06:50:20 | 000,955,027 | ---- | C] () -- C:\ProgramData\1347152380.bdinstall.bin
[2012/09/09 06:49:28 | 000,000,308 | -H-- | C] () -- C:\bdr-cf01
[2012/09/09 06:49:18 | 000,002,122 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Total Security 2013.lnk
[2012/09/09 06:34:05 | 035,188,281 | -H-- | C] () -- C:\bdr-im01.gz
[2012/09/09 06:34:05 | 002,294,848 | -H-- | C] () -- C:\bdr-bz01
[2012/09/09 06:34:05 | 000,253,404 | -H-- | C] () -- C:\bdr-ld01
[2012/09/09 06:34:05 | 000,009,216 | -H-- | C] () -- C:\bdr-ld01.mbr
[2012/09/09 06:28:03 | 000,151,485 | ---- | C] () -- C:\ProgramData\1347152138.bdinstall.bin
[2012/09/08 18:04:38 | 000,072,647 | ---- | C] () -- C:\Users\compaq\Desktop\PediatricGuidelinesFinal.pdf
[2012/09/08 17:55:39 | 000,059,822 | ---- | C] () -- C:\Users\compaq\Desktop\R 2.png
[2012/09/08 17:54:37 | 000,067,200 | ---- | C] () -- C:\Users\compaq\Desktop\R 1.png
[2012/09/08 07:08:33 | 000,297,067 | ---- | C] () -- C:\Users\compaq\Yuvraj_Singh.htm
[2012/09/08 07:05:34 | 000,179,787 | ---- | C] () -- C:\Users\compaq\Yogeshwar_Dutt.htm
[2012/09/08 07:04:47 | 000,191,624 | ---- | C] () -- C:\Users\compaq\Vijay_Kumar_(sport_shooter).htm
[2012/09/03 12:11:14 | 000,167,240 | ---- | C] () -- C:\Users\compaq\Documents\How To Take Apart A Microwave.htm
[2012/03/10 07:50:45 | 000,465,388 | ---- | C] () -- C:\ProgramData\1331344688.bdinstall.bin
[2011/12/11 16:03:38 | 000,000,412 | ---- | C] () -- C:\Users\compaq\AppData\Roaming\All CPU Meter_Settings.ini
[2011/11/30 06:12:26 | 000,000,352 | ---- | C] () -- C:\Users\compaq\AppData\Roaming\Network Meter_Settings.ini
[2011/11/07 16:08:39 | 000,155,136 | ---- | C] () -- C:\Windows\System32\AI_ContextMenu.dll
[2011/10/17 15:29:28 | 000,000,002 | ---- | C] () -- C:\Windows\System32\Youruan1video converter.dat
[2011/10/17 15:29:25 | 000,001,380 | ---- | C] () -- C:\Windows\pro video converter.ini
[2011/10/17 15:29:25 | 000,000,155 | ---- | C] () -- C:\Windows\video converter.ini
[2011/10/17 15:29:23 | 000,139,264 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/10/17 15:29:22 | 000,524,288 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/09/30 21:34:36 | 000,038,912 | ---- | C] () -- C:\Users\compaq\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/09/22 13:00:20 | 000,126,976 | ---- | C] () -- C:\Windows\System32\mk4vc60.dll
[2011/09/22 10:20:36 | 000,000,000 | ---- | C] () -- C:\Users\compaq\AppData\Local\{B1E5A5ED-E152-4F45-8DD8-909D3136CF56}
[2011/09/19 12:07:16 | 000,020,147 | ---- | C] () -- C:\Users\compaq\AppData\Roaming\UserTile.png
[2011/09/01 12:57:47 | 000,000,000 | ---- | C] () -- C:\Users\compaq\AppData\Local\{75A87B41-FC91-41FE-9078-39486B87F4B3}
[2011/08/12 14:46:34 | 002,098,896 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/08/12 14:28:46 | 000,030,208 | ---- | C] () -- C:\Windows\System32\cdac32.dll
[2011/08/12 14:28:46 | 000,007,960 | ---- | C] () -- C:\Windows\System32\cdac.dll
[2011/08/12 14:28:46 | 000,000,443 | ---- | C] () -- C:\Windows\Splapp.ini
[2011/08/12 14:06:34 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2011/08/12 14:03:07 | 000,134,592 | ---- | C] () -- C:\Windows\System32\igfcg500.bin
[2011/02/11 19:10:52 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2011/02/11 19:10:50 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2011/02/11 19:10:50 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2011/02/11 18:40:40 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2011/02/11 18:38:44 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config

========== ZeroAccess Check ==========

[2009/07/14 10:12:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 10:11:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 17:49:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 06:46:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

< %windir%\system32\drivers\*.sys /lockedfiles >
[2012/09/28 06:35:08 | 000,161,312 | ---- | M] (BitDefender LLC) Unable to obtain MD5 -- C:\Windows\system32\drivers\gzflt.sys

< End of report >



looking forward to ur reply... :thumbsup:

Attached Files


I never go back on my words.....BELIEVE IT !!!


#6 thisisu

thisisu

  • Malware Response Team
  • 2,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:04:13 PM

Posted 28 September 2012 - 09:43 PM

Upload the below file here
  • C:\Windows\System32\drivers\jsguyh.sys


#7 swift06

swift06
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:kerala
  • Local time:02:43 AM

Posted 01 October 2012 - 09:05 AM

sorry man..

cant find that file.. u requested...

there is not even a file starting with j...


another problem happened few days back and still persists-- screen goes into a cyan/ sepia color after some time...

when computer switched on .. theres no problem... it happens a few mins afterwards... what could it be

and it is not reverting back to color whatever i do...unless restart...
plz help

I never go back on my words.....BELIEVE IT !!!


#8 thisisu

thisisu

  • Malware Response Team
  • 2,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:04:13 PM

Posted 01 October 2012 - 11:36 AM

screen goes into a cyan/ sepia color after some time...

when computer switched on .. theres no problem... it happens a few mins afterwards... what could it be

My only guess at the moment is that it's a screensaver. Do you know how to check? Click here for help.

__

Posted Image Fix items using OTL

  • First, boot back into Safe Mode with Networking as we will run this fix from there.
  • Double-click OTL.exe to run. (Vista/7 right-click and select Run as Administrator)
  • Shut down your protection software now (antivirus, antispyware...etc) to avoid possible conflicts.
  • Download the following file to your desktop:
  • Then drag OTLfix.txt into the Posted Image text-field.
  • You should see a bunch of text transferred over into the text-field.
  • Now click the Posted Image button.
  • The fix will need a reboot. Please allow the computer to boot into Normal Mode.
  • Click the OK button (upon reboot).
  • When OTL is finished, Notepad will open. Close Notepad.
  • A log file will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date of the tool run.
  • Attach this log to your next message.

__

Let me know what problems remain after you have completed these steps.

#9 thisisu

thisisu

  • Malware Response Team
  • 2,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:04:13 PM

Posted 04 October 2012 - 01:33 PM

Are you still with me, swift06?

#10 swift06

swift06
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:kerala
  • Local time:02:43 AM

Posted 04 October 2012 - 07:30 PM

yes.. just had to move away from home...

the problems still persists after the fix with OTL..

1.after switching on computer, when we try to press a keyboard button,it will not be recognized and mouse on double clinking the desktop shortcut ,opens the properties tab of the same...

2. also after a variable time , monitor goes for a cyan/ sepia tone which becomes to rue color after sometime .... thi repeats ... sometimes it does not change back at all..

what to do next???

Attached Files


I never go back on my words.....BELIEVE IT !!!


#11 thisisu

thisisu

  • Malware Response Team
  • 2,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:04:13 PM

Posted 04 October 2012 - 11:13 PM

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#12 swift06

swift06
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:kerala
  • Local time:02:43 AM

Posted 05 October 2012 - 08:34 PM

eset completed ...

No threats found!!!

next what should i do??... problems persists...

I never go back on my words.....BELIEVE IT !!!


#13 thisisu

thisisu

  • Malware Response Team
  • 2,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:04:13 PM

Posted 05 October 2012 - 10:15 PM

Since the problems you are experiencing are not malware related, you will have to post in the Windows 7 sub-forum for additional assistance.

__

Your system appears to be clean :)
If you are not experiencing any other malware related issues, it is time to do our final steps:

  • Any programs we had you download and/or install can be removed at this time.
  • If we had you download and run ComboFix, here is how to uninstall it:
    • Press and hold the Windows key Posted Image and then press the letter R on your keyboard.
    • This opens the Run dialog box.
    • Copy and paste the below text inside the text-field:
    • "%userprofile%\desktop\ComboFix" /uninstall
    • Now press ENTER
    • ComboFix will extract its files one last time and you should receive a notification that ComboFix has been uninstalled shortly after.
  • You can re-enable your Disk Emulation software at this time via DeFogger.
  • If we had you create or download a registry patch or "fix" script, these can be deleted at this time.
  • You can delete the C:\JRT folder at this time.
  • Please run OTL.
    • Click the Clean Up button.
    • Follow the prompts.
    • This will remove OTL, and will require a reboot.

Remove the old restore points and create a new restore point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Setting a new restore point AFTER cleaning your system will enable your computer to "roll-back" to a clean working state if needed. :
  • Go to Start => Right-click "Computer" and select "Properties".
  • In the left pane select "System Protection".
  • Press "Configure".
  • Select "Delete". Then press "Continue" close and "OK".
  • Select your drive (drive C) and press "Create".
  • Fill in a name for the restore point and press "Create".
  • After finished press "Close".
Recommendation:
  • I recommend installing this small application for safe surfing: Javacoolsİ SpywareBlaster
  • SpywareBlaster will add a large list of programs and sites into your Internet Explorer and Firefox settings and that will protect you from running and downloading known malicious programs.
  • Download and install it.
  • Update it manually by clicking on Updates in the left pane and then Check for Updates.
  • Then enable all the protections by clicking on Protection Status on the left pane. Then click on Enable All Protection.
  • The free version doesn't have an automatic update. Update it once in two or three weeks and enable all protection again.
Be safe :)

#14 thisisu

thisisu

  • Malware Response Team
  • 2,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:04:13 PM

Posted 05 October 2012 - 10:16 PM

This thread will now be closed since the issue seems to be resolved.

If you need this topic reopened, please send me a Private Message and I will reopen it for you.

If you should have a new issue, please start a new topic.

Everyone else should start a new topic.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users