 |
Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
|
| View previous topic :: View next topic |
| Author |
Message |
MarkC1984
Newbie
Joined: 21 Jun 2012
Last Visit: 23 Jun 2012
Posts: 6
|
 Posted: Thu Jun 21, 2012 7:44 am Post subject: Laptop behaving strangely |
 |
|
I lent my laptop to a friend over the weekend and since getting it back on Wednesday morning have been trying to sort out the mess they left it in. They downloaded several programs to try and hack Facebook games, which I deleted and thought it was all OK.
Turned it on this afternoon, and it takes ages to startup and a command prompt box opens up upon reaching desktop saying Malware Antibytes has stopped working, despite me not having it installed until after that message came up. I am at a loss now, so any help much appreciated please.
DDS Log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:26:28, on 21/06/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Windows Update] C:\Program Files\Hack.exe
O4 - HKLM\..\Run: [HKLM] C:\WindowsUpdate\update.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe
O4 - HKCU\..\Run: [Form1] C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Templates\Hack.exe
O4 - HKCU\..\Run: [Windows Update] C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Templates\Hack.exe
O4 - HKCU\..\Run: [DefaultSystem] C:\Users\Admin\AppData\Roaming\Sys32c.exe
O4 - HKCU\..\Run: [HKCU] C:\WindowsUpdate\update.exe
O4 - HKLM\..\Policies\Explorer\Run: [Policies] C:\WindowsUpdate\update.exe
O4 - HKCU\..\Policies\Explorer\Run: [Policies] C:\WindowsUpdate\update.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: En&queue current page with BID - file://C:\Program Files\Bulk Image Downloader\iemenu\iebidqueue.htm
O8 - Extra context menu item: Enqueue link tar&get with BID - file://C:\Program Files\Bulk Image Downloader\iemenu\iebidlinkqueue.htm
O8 - Extra context menu item: Open &link target with BID - file://C:\Program Files\Bulk Image Downloader\iemenu\iebidlink.htm
O8 - Extra context menu item: Open current page with BI&D - file://C:\Program Files\Bulk Image Downloader\iemenu\iebid.htm
O8 - Extra context menu item: Open current page with BID Link Explorer - file://C:\Program Files\Bulk Image Downloader\iemenu\iebidlinkexplorer.htm
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
--
End of file - 8841 bytes |
|
| Back to top |
|
 |
Gary R
Moderator
Joined: 03 May 2005
Last Visit: 19 Jun 2013
Posts: 9712
Location: Yorkshire
|
|
| Back to top |
|
|
Gary R
Moderator
Joined: 03 May 2005
Last Visit: 19 Jun 2013
Posts: 9712
Location: Yorkshire
|
| Posted: Fri Jun 22, 2012 9:09 am Post subject: |
|
|
| Quote: |
Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.
If you think you have similar problems, please post a log in the "Help with spyware removal" forum and wait for help.
Unless informed of in advance, failure to post replies within 3 days will result in this thread being closed. |
Hi
I'm Gary R,
Before we start: Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.
Because of this, I advise you to backup any personal files and folders before you start.
I'd also recommend that you create a System Restore Point that we can restore to if necessary.
- Click Start, and type Create a restore point into the Search programs and files box.
- Now click on the Create a restore point icon at the top of the find list.
- This will open a System Properties box, with the System Protection tab open ...
- Click on the Create button in the lower part of the window.
- Type Pre Malware Cleanup into the description box, then click Create.
- Windows will now create a Restore Point and notify you when finished.
- Exit any open windows.
Please observe these rules while we work:
- Perform all actions in the order given.
- If you don't know, stop and ask! Don't keep going on.
- Please reply to this thread. Do not start a new topic.
- Stick with it till you're given the all clear.
- Remember, absence of symptoms does not mean the infection is all gone.
- Don't attempt to install any new software (other than those I ask you to) until we've got your computer clean.
- Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process. If your defensive programmes warn you about any of those tools, be assured that they are not infected, and are safe to use.
If you can do these things, everything should go smoothly.
- As you're using Windows7, it will be necessary to right click all tools we use and select ----> Run as Administrator
| Quote: |
| It may be helpful to you to print out or take a copy of any instructions given, as sometimes it is necessary to go offline and you will lose access to them. |
The log you posted is a HijackThis log, not a DDS log.
HJT is pretty much obsolete as far as modern infections are concerned, so I need you to run some alternate scans so that I can get a better idea what we're up against.
Download OTL by OldTimer to your Desktop.
If you already have a copy of OTL delete it and use this version.
- Double click OTL.exe to launch the programme.
- Check the following.
- Scan all users.
- Standard Output.
- Lop check.
- Purity check.
- Under Extra Registry section, select Use SafeList
- Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).
- When finished it will produce two logs.
- OTL.txt (open on your desktop).
- Extras.txt (minimised in your taskbar)
- Please post me both logs.
Next
Download TDSSKiller.zip and extract it to your Desktop.
- Double click on TDSSKiller.exe to launch it.
- If using Vista or Windows7, when prompted by UAC allow the prompt.
- Click on Change parameters
- Check Detect TDLFS file system
- Click OK
- Click on Start Scan
- The scan will run.
- When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
- Now click on Report to open the log file created by TDSSKiller in your root directory C:\
- Post the contents in your next reply please.
- DO NOT TRY TO FIX ANYTHING AT THIS POINT
Summary of the logs I need from you in your next post:
- OTL.txt
- Extras.txt
- TDSSKiller log
Please post each log separately to prevent it being cut off by the forum post size limiter. Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections.
_________________
Gary R Administrator at Malware Removal University
If you've been helped, please donate to help with the costs of this volunteer site .... Spyware Warrior Donations |
|
| Back to top |
|
|
MarkC1984
Newbie
Joined: 21 Jun 2012
Last Visit: 23 Jun 2012
Posts: 6
|
| Posted: Fri Jun 22, 2012 2:57 pm Post subject: |
|
|
I think it cured itself, but I will await your all clear. OTL.txt
OTL logfile created on: 22/06/2012 23:34:36 - Run 1
OTL by OldTimer - Version 3.2.52.0 Folder = C:\Users\Admin\Downloads\Programs
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1.75 Gb Total Physical Memory | 1.01 Gb Available Physical Memory | 57.96% Memory free
3.50 Gb Paging File | 2.13 Gb Available in Paging File | 60.84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 111.72 Gb Free Space | 74.96% Space Free | Partition Type: NTFS
Drive G: | 14.91 Gb Total Space | 4.13 Gb Free Space | 27.68% Space Free | Partition Type: FAT32
Computer Name: ADMIN-PC | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/06/22 23:33:24 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Admin\Downloads\Programs\OTL.exe
PRC - [2012/06/07 19:28:18 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2012/06/07 06:15:36 | 003,491,264 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2012/06/06 12:11:45 | 000,180,648 | ---- | M] (Google Inc.) -- C:\Users\Admin\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler.exe
PRC - [2012/05/31 14:53:00 | 000,008,704 | ---- | M] (Microsoft) -- C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/04/04 06:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/03/26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/05/25 13:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe
========== Modules (No Company Name) ==========
MOD - [2012/06/20 12:49:06 | 020,313,384 | ---- | M] () -- C:\Program Files\Steam\bin\libcef.dll
MOD - [2012/06/20 12:49:05 | 001,099,576 | ---- | M] () -- C:\Program Files\Steam\bin\avcodec-53.dll
MOD - [2012/06/20 12:49:05 | 000,895,312 | ---- | M] () -- C:\Program Files\Steam\bin\chromehtml.dll
MOD - [2012/06/20 12:49:05 | 000,190,776 | ---- | M] () -- C:\Program Files\Steam\bin\avformat-53.dll
MOD - [2012/06/20 12:49:05 | 000,123,192 | ---- | M] () -- C:\Program Files\Steam\bin\avutil-51.dll
MOD - [2012/06/07 09:14:43 | 000,441,880 | ---- | M] () -- C:\Users\Admin\AppData\Local\Google\Chrome\Application\19.0.1084.56\ppgooglenaclpluginchrome.dll
MOD - [2012/06/07 09:14:42 | 003,922,456 | ---- | M] () -- C:\Users\Admin\AppData\Local\Google\Chrome\Application\19.0.1084.56\pdf.dll
MOD - [2012/06/07 09:13:27 | 000,553,496 | ---- | M] () -- C:\Users\Admin\AppData\Local\Google\Chrome\Application\19.0.1084.56\libglesv2.dll
MOD - [2012/06/07 09:13:26 | 000,117,784 | ---- | M] () -- C:\Users\Admin\AppData\Local\Google\Chrome\Application\19.0.1084.56\libegl.dll
MOD - [2012/06/07 09:13:16 | 000,134,696 | ---- | M] () -- C:\Users\Admin\AppData\Local\Google\Chrome\Application\19.0.1084.56\avutil-51.dll
MOD - [2012/06/07 09:13:15 | 000,250,408 | ---- | M] () -- C:\Users\Admin\AppData\Local\Google\Chrome\Application\19.0.1084.56\avformat-54.dll
MOD - [2012/06/07 09:13:14 | 002,375,720 | ---- | M] () -- C:\Users\Admin\AppData\Local\Google\Chrome\Application\19.0.1084.56\avcodec-54.dll
MOD - [2012/06/07 08:23:19 | 009,252,040 | ---- | M] () -- C:\Users\Admin\AppData\Local\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
MOD - [2012/06/07 00:50:58 | 014,413,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\1bdf7de454340e0ea9fc455aeaec49d9\mscorlib.ni.dll
MOD - [2012/06/06 23:20:16 | 000,057,344 | ---- | M] () -- C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf\1.0.0_0\npFreemake.dll
========== Win32 Services (SafeList) ==========
SRV - [2012/06/07 20:28:55 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012/06/06 10:51:53 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/05/31 14:53:00 | 000,008,704 | ---- | M] (Microsoft) [Auto | Running] -- C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe -- (FreemakeVideoCapture)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/04/04 06:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/03/26 17:03:40 | 000,214,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2011/03/16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/07/14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/04/29 03:21:04 | 000,410,624 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\System32\XAudio32.dll -- (HsfXAudioService)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F82F5978-3CF4-4A32-A139-47276D347B31}\MpKsl5b2a2352.sys -- (MpKsl5b2a2352)
DRV - [2012/06/21 17:02:37 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2012/04/23 12:26:26 | 000,096,056 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\idmwfp.sys -- (IDMWFP)
DRV - [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/03/20 20:44:12 | 000,074,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011/12/26 15:27:22 | 000,012,728 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\ampa.sys -- (ampa)
DRV - [2011/02/11 22:23:34 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (npf)
DRV - [2010/11/20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 11:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/08/12 12:07:48 | 000,298,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2009/10/09 02:37:44 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/07/23 21:01:00 | 009,791,072 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/07/14 00:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009/07/13 23:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009/04/29 03:20:56 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio32.sys -- (XAudio)
DRV - [2008/10/03 03:39:28 | 000,222,208 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3859188055-2524284707-904069009-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKU\S-1-5-21-3859188055-2524284707-904069009-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3859188055-2524284707-904069009-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB
IE - HKU\S-1-5-21-3859188055-2524284707-904069009-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2C 61 C6 50 8E 44 CD 01 [binary data]
IE - HKU\S-1-5-21-3859188055-2524284707-904069009-1002\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-3859188055-2524284707-904069009-1002\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3859188055-2524284707-904069009-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3859188055-2524284707-904069009-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Admin\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Admin\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmdownloader@gmail.com: C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ [2012/06/06 23:19:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/06/08 13:19:03 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/06/08 13:19:03 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Admin\AppData\Roaming\IDM\idmmzcc5 [2012/06/22 06:57:45 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Admin\AppData\Local\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Admin\AppData\Local\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Admin\AppData\Local\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Admin\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
O1 HOSTS File: ([2012/06/13 21:36:23 | 000,000,919 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 practivate.adobe.c
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-3859188055-2524284707-904069009-1002..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-3859188055-2524284707-904069009-1002..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKU\S-1-5-21-3859188055-2524284707-904069009-1002..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-3859188055-2524284707-904069009-1002..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-3859188055-2524284707-904069009-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: En&queue current page with BID - C:\Program Files\Bulk Image Downloader\iemenu\iebidqueue.htm ()
O8 - Extra context menu item: Enqueue link tar&get with BID - C:\Program Files\Bulk Image Downloader\iemenu\iebidlinkqueue.htm ()
O8 - Extra context menu item: Open &link target with BID - C:\Program Files\Bulk Image Downloader\iemenu\iebidlink.htm ()
O8 - Extra context menu item: Open current page with BI&D - C:\Program Files\Bulk Image Downloader\iemenu\iebid.htm ()
O8 - Extra context menu item: Open current page with BID Link Explorer - C:\Program Files\Bulk Image Downloader\iemenu\iebidlinkexplorer.htm ()
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3ED5157E-4BDB-4211-9B5D-DA142799D95D}: DhcpNameServer = 194.168.4.100 194.168.8.100
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012/06/22 18:45:47 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{E616E4A0-670A-4E01-8861-CE05A1EF1290}
[2012/06/22 18:45:24 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{93350E88-594C-4EAC-BEC2-947DE84CC85A}
[2012/06/22 11:47:46 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{6CAF8B94-D30A-4BE8-85A4-91D40AF1EEE9}
[2012/06/21 17:02:37 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012/06/21 16:31:33 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Malwarebytes
[2012/06/21 16:31:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/06/21 16:31:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/06/21 16:31:13 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/06/21 16:31:13 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/06/21 16:24:41 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012/06/21 16:24:35 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2012/06/21 14:53:53 | 000,163,840 | ---- | C] (Netscape Communications Corporation) -- C:\Windows\nspr4.dll
[2012/06/21 14:53:53 | 000,087,544 | ---- | C] (Mozilla Foundation) -- C:\Windows\nssutil3.dll
[2012/06/21 14:53:53 | 000,028,160 | ---- | C] (Netscape Communications Corporation) -- C:\Windows\plc4.dll
[2012/06/21 14:53:52 | 000,781,272 | ---- | C] (sqlite.org) -- C:\Windows\mozsqlite3.dll
[2012/06/21 14:53:52 | 000,043,960 | ---- | C] (Mozilla Foundation) -- C:\Windows\mozglue.dll
[2012/06/21 14:53:51 | 000,719,832 | ---- | C] (Mozilla Foundation) -- C:\Windows\mozcrt19.dll
[2012/06/21 14:41:12 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{40BF7AB1-E6BA-4ECE-8DB0-4DE6CF0C6D14}
[2012/06/21 14:40:48 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{515373EC-F056-4BAB-B596-9955A65298D2}
[2012/06/20 13:02:50 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{82BA0B39-FB16-4EAA-8AE2-523B1474592A}
[2012/06/20 13:02:27 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{03C275C6-763F-4574-B4D0-2858EB9D1C75}
[2012/06/20 11:27:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant Pro Edition 5.0
[2012/06/20 11:27:44 | 000,000,000 | ---D | C] -- C:\Program Files\AOMEI Partition Assistant Pro Edition 5.0
[2012/06/19 14:01:35 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{75F3EFDE-DA4C-44F3-BCE5-317D687240AA}
[2012/06/19 14:00:48 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{C72E37C0-41E8-469A-8E16-7109E57C9A54}
[2012/06/19 03:37:46 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012/06/19 03:37:45 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012/06/19 03:37:28 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012/06/19 03:37:28 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2012/06/19 03:37:28 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012/06/19 03:37:12 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012/06/19 03:37:12 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012/06/18 13:41:40 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{14C7CF21-70AA-4B98-9C6D-4AF1C68D15A3}
[2012/06/17 19:06:11 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Eidos
[2012/06/17 19:05:45 | 000,000,000 | RH-D | C] -- C:\Users\Admin\AppData\Roaming\SecuROM
[2012/06/17 18:06:17 | 000,000,000 | ---D | C] -- C:\Program Files\Eidos
[2012/06/17 18:02:00 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2012/06/17 08:45:51 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{8F044D52-53A6-4E6F-8E66-3CE3E389F8A8}
[2012/06/16 11:59:07 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{109662FE-EAD0-4275-940B-CB6639458B79}
[2012/06/15 17:53:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{A2585E44-7A23-481E-A17E-723B1FEC7279}
[2012/06/15 14:46:40 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Sports Interactive
[2012/06/15 14:42:32 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\FMRTEv5
[2012/06/15 14:41:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FMRTE
[2012/06/15 14:41:22 | 000,000,000 | ---D | C] -- C:\BraCa Soft
[2012/06/14 21:56:50 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{3C6B04F7-2028-45B1-BD75-47A2B59515D9}
[2012/06/14 21:56:14 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{7AE0C047-DF22-404C-97D4-A7D7D43D5CBF}
[2012/06/14 15:08:59 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{D0DBC22F-B17D-4DA8-A0AB-D5E71D51DE40}
[2012/06/14 12:02:45 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\ImgBurn
[2012/06/14 11:48:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
[2012/06/14 11:48:40 | 000,000,000 | ---D | C] -- C:\Program Files\ImgBurn
[2012/06/13 21:30:18 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Vso
[2012/06/13 21:29:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO
[2012/06/13 21:29:39 | 000,217,127 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\drv43260.dll
[2012/06/13 21:29:39 | 000,208,935 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\drv33260.dll
[2012/06/13 21:29:39 | 000,176,165 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\drv23260.dll
[2012/06/13 21:29:39 | 000,102,439 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\sipr3260.dll
[2012/06/13 21:29:39 | 000,065,602 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\cook3260.dll
[2012/06/13 21:29:38 | 000,626,688 | ---- | C] (On2.com) -- C:\Windows\System32\vp7vfw.dll
[2012/06/13 21:29:37 | 001,184,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wvc1dmod.dll
[2012/06/13 21:29:33 | 000,000,000 | ---D | C] -- C:\Program Files\VSO
[2012/06/13 15:37:38 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/06/13 15:37:36 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/06/13 15:37:36 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/06/13 15:37:36 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/06/13 15:37:35 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/06/13 15:37:34 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/06/13 15:37:33 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/06/13 15:36:11 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012/06/13 11:52:43 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{DF35E76C-68ED-424D-A604-52C6F5B87E57}
[2012/06/13 11:52:18 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{D9E9B46F-AE10-4007-BC03-E126F787E517}
[2012/06/13 05:16:23 | 000,919,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll
[2012/06/13 05:16:08 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2012/06/13 05:16:08 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2012/06/13 05:16:08 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe
[2012/06/13 05:16:06 | 002,343,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/06/12 22:21:15 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AIM for Windows
[2012/06/12 22:20:59 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\AOL
[2012/06/12 21:53:55 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2012/06/12 21:19:28 | 000,409,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcplx86.dll
[2012/06/12 13:52:39 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\dvdcss
[2012/06/12 12:18:28 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{5460EE59-9EFD-46BB-92EF-177C6EBAF50C}
[2012/06/12 12:18:06 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{11B19AFD-65C7-465F-8AD5-72DE4F09B848}
[2012/06/12 08:55:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
[2012/06/12 08:55:15 | 000,000,000 | ---D | C] -- C:\Program Files\Xvid
[2012/06/11 21:34:51 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\System32\pncrt.dll
[2012/06/11 21:32:46 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
[2012/06/11 21:32:18 | 000,000,000 | ---D | C] -- C:\Program Files\FreeTime
[2012/06/11 14:12:15 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\get_iplayer
[2012/06/11 14:12:15 | 000,000,000 | ---D | C] -- C:\ProgramData\get_iplayer
[2012/06/11 14:06:33 | 000,000,000 | ---D | C] -- C:\Program Files\CamStudio 2.6b
[2012/06/11 14:00:36 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{920DE93B-C345-42D3-B592-44E6E0B17BB1}
[2012/06/11 14:00:09 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{642E9EA0-1180-41C3-A476-70A7307F40F4}
[2012/06/10 17:15:18 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{ED2A497E-3CD0-4181-9327-3A9DF446AFB2}
[2012/06/09 21:12:58 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{870F1A7D-B4C4-4500-B4C8-51F52EFABB57}
[2012/06/09 21:12:33 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{34CBC28C-D34D-491D-9980-75F669672D8A}
[2012/06/09 11:07:02 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{031ECD40-C16E-42A6-8773-6E3D1DA125DF}
[2012/06/09 10:04:52 | 000,758,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\cohelper.dll
[2012/06/09 10:04:51 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012/06/09 09:42:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2012/06/09 09:41:26 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2012/06/09 09:40:42 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2012/06/09 09:34:48 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2012/06/09 08:39:07 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{9174277B-74C5-490D-8B33-7947689F3098}
[2012/06/09 08:39:06 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{A6E3407B-AB77-4C6C-B97E-2A2BFEE36D27}
[2012/06/08 19:25:56 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/06/08 19:23:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/06/08 19:23:09 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/06/08 19:13:54 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{C34FD983-88A2-4590-8DE6-98662029FD1D}
[2012/06/08 19:13:31 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{A285FEEF-1ACC-4E22-AE82-EF109A40CF08}
[2012/06/08 15:41:55 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2012/06/08 13:23:40 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG
[2012/06/08 13:23:40 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\HP
[2012/06/08 13:19:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion
[2012/06/08 13:19:37 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Yahoo!
[2012/06/08 13:19:34 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2012/06/08 13:16:09 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2012/06/08 13:15:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2012/06/08 13:12:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard
[2012/06/08 13:11:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\HP
[2012/06/08 13:08:31 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2012/06/08 13:07:35 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2012/06/08 13:07:05 | 000,452,408 | ---- | C] (Hewlett-Packard) -- C:\Windows\System32\hpzids01.dll
[2012/06/08 13:07:03 | 000,675,840 | ---- | C] (Hewlett-Packard) -- C:\Windows\System32\hpowiav1.dll
[2012/06/08 13:07:02 | 000,573,440 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\System32\hpotscl1.dll
[2012/06/08 13:07:02 | 000,303,104 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\System32\hpovst01.dll
[2012/06/08 12:49:21 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\BID
[2012/06/08 12:49:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bulk Image Downloader
[2012/06/08 12:49:08 | 000,000,000 | ---D | C] -- C:\Program Files\Bulk Image Downloader
[2012/06/08 06:58:23 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{0445D84D-9525-4D17-8973-2B188E060250}
[2012/06/08 06:57:58 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{3EBD87BA-BF80-40C9-87E1-037A67DB1C97}
[2012/06/07 20:28:57 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat
[2012/06/07 20:26:09 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Sports Interactive
[2012/06/07 20:26:08 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Sports Interactive
[2012/06/07 20:26:08 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Sports Interactive
[2012/06/07 20:25:44 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2012/06/07 20:25:44 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2012/06/07 20:25:43 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2012/06/07 20:25:43 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2012/06/07 20:25:42 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2012/06/07 20:25:42 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2012/06/07 20:25:42 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2012/06/07 20:25:42 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2012/06/07 20:25:41 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2012/06/07 20:25:41 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2012/06/07 20:25:41 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2012/06/07 20:25:40 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2012/06/07 20:25:40 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2012/06/07 20:25:40 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2012/06/07 20:25:40 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2012/06/07 20:25:39 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2012/06/07 20:25:39 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2012/06/07 20:25:38 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2012/06/07 20:25:38 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2012/06/07 20:25:38 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2012/06/07 20:25:38 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2012/06/07 20:25:38 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2012/06/07 20:25:37 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2012/06/07 20:25:37 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2012/06/07 20:25:36 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2012/06/07 20:25:35 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2012/06/07 20:25:35 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2012/06/07 20:25:35 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2012/06/07 20:25:35 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2012/06/07 20:25:35 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2012/06/07 20:25:34 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2012/06/07 20:25:34 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2012/06/07 20:25:34 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2012/06/07 20:25:33 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2012/06/07 20:25:32 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2012/06/07 20:25:32 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2012/06/07 20:25:32 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2012/06/07 20:25:31 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2012/06/07 20:25:31 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2012/06/07 20:25:31 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2012/06/07 20:25:30 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2012/06/07 20:25:30 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2012/06/07 20:25:29 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2012/06/07 20:25:29 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2012/06/07 20:25:28 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2012/06/07 20:25:28 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2012/06/07 20:25:28 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2012/06/07 20:25:27 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2012/06/07 20:25:27 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2012/06/07 20:25:26 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2012/06/07 20:25:26 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2012/06/07 20:25:24 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2012/06/07 20:25:24 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2012/06/07 20:25:24 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2012/06/07 20:25:23 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2012/06/07 20:25:23 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2012/06/07 20:25:23 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2012/06/07 20:25:22 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2012/06/07 20:25:21 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2012/06/07 20:24:58 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2012/06/07 20:24:56 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2012/06/07 20:24:56 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2012/06/07 20:24:55 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2012/06/07 20:24:54 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2012/06/07 20:24:54 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2012/06/07 20:24:53 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2012/06/07 20:24:52 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2012/06/07 20:24:51 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2012/06/07 19:36:25 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2012/06/07 19:27:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2012/06/07 19:27:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2012/06/07 19:27:30 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2012/06/07 16:19:14 | 000,000,000 | ---D | C] -- C:\Windows\System32\Adobe
[2012/06/07 10:08:15 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3Gain
[2012/06/07 10:08:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3Gain
[2012/06/07 10:08:14 | 000,000,000 | ---D | C] -- C:\Program Files\MP3Gain
[2012/06/07 09:07:55 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\IDM
[2012/06/07 09:07:55 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\DMCache
[2012/06/07 09:07:49 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2012/06/07 09:07:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2012/06/07 09:07:44 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Download Manager
[2012/06/07 08:58:59 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{87D6640B-C938-4DEA-B4FF-8B059C8CC39E}
[2012/06/07 08:58:32 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{A101FD75-CE7A-4736-8337-0887B0444253}
[2012/06/07 07:18:01 | 000,096,056 | ---- | C] (Tonec Inc.) -- C:\Windows\System32\drivers\idmwfp.sys
[2012/06/07 00:47:25 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012/06/07 00:47:25 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012/06/07 00:47:25 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012/06/07 00:47:25 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012/06/07 00:47:25 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012/06/07 00:47:25 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012/06/07 00:47:24 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012/06/07 00:47:24 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012/06/07 00:47:24 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012/06/07 00:47:24 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012/06/07 00:47:24 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012/06/07 00:47:24 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012/06/07 00:47:23 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012/06/07 00:47:23 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/06/07 00:47:23 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012/06/07 00:47:23 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012/06/07 00:47:23 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012/06/07 00:47:23 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012/06/07 00:47:23 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012/06/07 00:47:23 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012/06/07 00:47:23 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012/06/07 00:47:23 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012/06/07 00:47:23 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012/06/07 00:47:23 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012/06/07 00:47:22 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012/06/07 00:47:22 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012/06/07 00:47:22 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012/06/07 00:47:22 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012/06/07 00:47:22 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012/06/07 00:47:22 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012/06/07 00:21:58 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LSCSHostPolicy.dll
[2012/06/07 00:21:58 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\TsUsbFlt.sys
[2012/06/07 00:21:58 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
[2012/06/07 00:21:50 | 001,171,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012/06/07 00:21:49 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2012/06/07 00:21:49 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2012/06/07 00:21:49 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tssrvlic.dll
[2012/06/07 00:21:44 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2012/06/07 00:21:41 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2012/06/07 00:21:38 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2012/06/07 00:21:35 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2012/06/07 00:21:31 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll
[2012/06/07 00:21:27 | 003,207,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2012/06/07 00:21:26 | 001,334,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2012/06/07 00:21:26 | 000,520,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2012/06/07 00:21:20 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2012/06/07 00:21:20 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2012/06/07 00:21:17 | 001,115,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2012/06/07 00:21:16 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWSnapin.dll
[2012/06/07 00:21:12 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2012/06/07 00:21:08 | 001,828,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2012/06/07 00:21:06 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2012/06/07 00:21:04 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PushPrinterConnections.exe
[2012/06/07 00:21:02 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe
[2012/06/07 00:21:02 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2012/06/07 00:21:02 | 000,280,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe
[2012/06/07 00:20:58 | 001,371,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmcore.dll
[2012/06/07 00:20:56 | 000,863,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2012/06/07 00:20:55 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavengeui.dll
[2012/06/07 00:20:54 | 003,367,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2012/06/07 00:20:53 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWorkspace.dll
[2012/06/07 00:20:53 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsmf.dll
[2012/06/07 00:20:46 | 002,522,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2012/06/07 00:20:45 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2012/06/07 00:20:44 | 000,260,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpshell.exe
[2012/06/07 00:20:42 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2012/06/07 00:20:39 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpprefcl.dll
[2012/06/07 00:20:35 | 002,151,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2012/06/07 00:20:35 | 000,252,928 | ---- | C] (Microsoft) -- C:\Windows\System32\DShowRdpFilter.dll
[2012/06/07 00:20:34 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2012/06/07 00:20:33 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2012/06/07 00:20:33 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2012/06/07 00:20:32 | 001,792,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2012/06/07 00:20:31 | 000,974,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppobjs.dll
[2012/06/07 00:20:30 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2012/06/07 00:20:29 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe
[2012/06/07 00:20:27 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2012/06/07 00:20:26 | 000,508,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2012/06/07 00:20:26 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2012/06/07 00:20:25 | 001,712,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2012/06/07 00:20:20 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppwinob.dll
[2012/06/07 00:20:19 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
[2012/06/07 00:20:17 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfds.dll
[2012/06/07 00:20:17 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll
[2012/06/07 00:20:17 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpendp.dll
[2012/06/07 00:20:15 | 000,442,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2012/06/07 00:20:15 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2012/06/07 00:20:15 | 000,240,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2012/06/07 00:20:14 | 001,063,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\werconcpl.dll
[2012/06/07 00:20:14 | 000,762,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2012/06/07 00:20:14 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appmgr.dll
[2012/06/07 00:20:14 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpclip.exe
[2012/06/07 00:20:14 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2012/06/07 00:20:11 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2012/06/07 00:20:11 | 000,144,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2012/06/07 00:20:10 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2012/06/07 00:20:10 | 000,508,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2012/06/07 00:20:10 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2012/06/07 00:20:10 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2012/06/07 00:20:10 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpinit.exe
[2012/06/07 00:20:07 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSATAPI.dll
[2012/06/07 00:20:06 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\calc.exe
[2012/06/07 00:20:05 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2012/06/07 00:20:04 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vpnike.dll
[2012/06/07 00:20:02 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2012/06/07 00:20:01 | 000,477,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe
[2012/06/07 00:20:01 | 000,271,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fveapi.dll
[2012/06/07 00:19:59 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tspubwmi.dll
[2012/06/07 00:19:58 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hgprint.dll
[2012/06/07 00:19:57 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prncache.dll
[2012/06/07 00:19:56 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2012/06/07 00:19:55 | 000,458,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2012/06/07 00:19:55 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net1.exe
[2012/06/07 00:19:55 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2012/06/07 00:19:54 | 000,690,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2012/06/07 00:19:54 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2012/06/07 00:19:54 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aitagent.exe
[2012/06/07 00:19:53 | 000,175,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\vmbus.sys
[2012/06/07 00:19:52 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2012/06/07 00:19:50 | 002,504,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2012/06/07 00:19:50 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2012/06/07 00:19:50 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2012/06/07 00:19:50 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSHVHOST.DLL
[2012/06/07 00:19:50 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2012/06/07 00:19:49 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2012/06/07 00:19:48 | 001,750,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2012/06/07 00:19:48 | 000,782,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webservices.dll
[2012/06/07 00:19:48 | 000,464,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrptadm.dll
[2012/06/07 00:19:48 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2012/06/07 00:19:47 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fde.dll
[2012/06/07 00:19:46 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2012/06/07 00:19:46 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netdiagfx.dll
[2012/06/07 00:19:46 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscfgwmi.dll
[2012/06/07 00:19:46 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbGDCoInstaller.dll
[2012/06/07 00:19:45 | 000,907,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdengin2.dll
[2012/06/07 00:19:45 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmicsvc.exe
[2012/06/07 00:19:45 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2012/06/07 00:19:44 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscobj.dll
[2012/06/07 00:19:42 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ENC.DLL
[2012/06/07 00:19:42 | 000,727,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2012/06/07 00:19:41 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcl.exe
[2012/06/07 00:19:40 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2012/06/07 00:19:40 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DXPTaskRingtone.dll
[2012/06/07 00:19:40 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2012/06/07 00:19:40 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2012/06/07 00:19:38 | 001,624,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPEncEn.dll
[2012/06/07 00:19:38 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
[2012/06/07 00:19:36 | 002,217,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootres.dll
[2012/06/07 00:19:36 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Narrator.exe
[2012/06/07 00:19:36 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2012/06/07 00:19:36 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vaultsvc.dll
[2012/06/07 00:19:36 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2012/06/07 00:19:36 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2012/06/07 00:19:35 | 000,194,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\halmacpi.dll
[2012/06/07 00:19:35 | 000,194,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hal.dll
[2012/06/07 00:19:35 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2012/06/07 00:19:35 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\proquota.exe
[2012/06/07 00:19:34 | 000,679,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2012/06/07 00:19:34 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2012/06/07 00:19:34 | 000,303,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2012/06/07 00:19:34 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2012/06/07 00:19:34 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2012/06/07 00:19:33 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2012/06/07 00:19:32 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2012/06/07 00:19:32 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2012/06/07 00:19:32 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2012/06/07 00:19:32 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2012/06/07 00:19:31 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2012/06/07 00:19:31 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedyn.dll
[2012/06/07 00:19:31 | 000,155,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2012/06/07 00:19:30 | 000,665,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll
[2012/06/07 00:19:29 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DXP.dll
[2012/06/07 00:19:29 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL
[2012/06/07 00:19:29 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netid.dll
[2012/06/07 00:19:27 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2012/06/07 00:19:27 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2012/06/07 00:19:26 | 001,131,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2012/06/07 00:19:26 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Vault.dll
[2012/06/07 00:19:26 | 0 |
|
| Back to top |
|
|
MarkC1984
Newbie
Joined: 21 Jun 2012
Last Visit: 23 Jun 2012
Posts: 6
|
| Posted: Fri Jun 22, 2012 2:59 pm Post subject: |
|
|
Extras.txt
OTL Extras logfile created on: 22/06/2012 23:34:36 - Run 1
OTL by OldTimer - Version 3.2.52.0 Folder = C:\Users\Admin\Downloads\Programs
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1.75 Gb Total Physical Memory | 1.01 Gb Available Physical Memory | 57.96% Memory free
3.50 Gb Paging File | 2.13 Gb Available in Paging File | 60.84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 111.72 Gb Free Space | 74.96% Space Free | Partition Type: NTFS
Drive G: | 14.91 Gb Total Space | 4.13 Gb Free Space | 27.68% Space Free | Partition Type: FAT32
Computer Name: ADMIN-PC | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3859188055-2524284707-904069009-1002\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C87986A-F0CE-4296-B08A-608DADE3A493}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0FFE454E-EAF7-4BA0-B377-DE8AF2EC941B}" = lport=137 | protocol=17 | dir=in | app=system |
"{1D9437A2-CC16-40F2-BBF1-543CAD781EBA}" = rport=445 | protocol=6 | dir=out | app=system |
"{2671597B-0108-458D-8824-E77DAAF4526F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{28E8C6E6-F8B7-4FF0-BB62-8FA43C973A12}" = lport=445 | protocol=6 | dir=in | app=system |
"{29739237-72F5-41DC-B1FE-8275910ECFB0}" = lport=10243 | protocol=6 | dir=in | app=system |
"{4535189D-B63E-4685-A5A1-0109EF1A85F5}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{4BCD6F76-7219-404E-9CE7-428C40057D20}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{564AE9BE-7982-4596-BB49-60070737B600}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5E52652B-0ACB-4052-90C5-12DAFCB68C59}" = rport=10243 | protocol=6 | dir=out | app=system |
"{6CAD05A6-9A13-41F0-8A6C-D173BF778574}" = rport=138 | protocol=17 | dir=out | app=system |
"{6D99FC69-2943-47D8-8401-B5E3738BE667}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{6DA27044-D809-4903-9ACF-151DC65B21DF}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7830D44F-A94D-4F0E-9C04-1EC4733D8351}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7F5549BE-2E26-4CFC-BB17-24B4A2C44751}" = rport=137 | protocol=17 | dir=out | app=system |
"{8257B17B-33E1-445E-84CC-ECE6CA7B75C5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{88B02337-D8C5-4D3A-A126-E58A8EE3C3F0}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{88F6FB8A-68EF-4A32-BC52-DFFA5D19B0B8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9CA70F8B-BB46-47EF-83AE-BB414163062B}" = lport=139 | protocol=6 | dir=in | app=system |
"{BEBBC7D0-95DC-4F41-A808-51BEFB0C8FE1}" = lport=138 | protocol=17 | dir=in | app=system |
"{D5E0C8D6-6334-46A8-9778-6A0555EAF575}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DF95840C-FB4C-428C-8C82-0AA2A36800C1}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{DFD7FAE2-694B-48C6-97A7-D630B4C7A90F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F05500C4-A79E-4D81-911E-180446333F95}" = rport=139 | protocol=6 | dir=out | app=system |
"{FA461F57-CBC9-4644-94E0-D057605902B8}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FD5634F9-498F-4287-AB21-84F7AD0DEB3C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{027A0DBD-7F3B-4457-96C2-A3FA778A6FED}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{0BDE486D-E543-4747-B999-A69B669C4E58}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe |
"{0DF09957-3EB3-4BE9-AE0B-C91839EAB12D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{0F43BB2E-5D38-40FE-93B8-E404A752DCB5}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{0FD1EA25-CC7C-4024-8BE2-B27DDC107E43}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{18D837BD-9ECF-4803-9925-7261A313191C}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\football manager 2012 editor\editor.exe |
"{1C26BC43-F64A-43A7-8EB2-5E13ED9211FF}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\football manager 2012\fm.exe |
"{219F5B9C-3F87-407A-A8A4-F61749664CD6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe |
"{2F3545BD-9E55-45D5-8FCE-6D61F5E257B0}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{30418D08-92B3-4A10-97EB-AE7D7C759A0C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{40073187-41FB-4639-8F06-1F153B5C82D6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{420819D5-8C51-4AC0-B835-8A2EDE8A989E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqnrs08.exe |
"{4A181F5E-6DE4-4635-95FA-781A11143385}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4F8464B5-3C94-4B77-8181-A3DCBF66074E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{50181695-0017-41F3-88D0-989733C7459F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxs08.exe |
"{52CA2BFD-408D-40A2-A4DC-A20F7B01ECA8}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqfxt08.exe |
"{568314DC-5DF7-4052-BB77-D6114BFD04C8}" = protocol=6 | dir=out | app=system |
"{5BADC6C5-10B7-4C58-AE82-767721AF06FF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{62C12A69-7CEE-4F44-A211-FAA9EFF71301}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7BB15786-01DF-4F33-8909-0F5BC9C2FD70}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7F6750FB-35DF-4B20-9A2F-ABB5BE0A2F23}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{7FAD6A77-8FAC-4136-84CF-08D359A259F1}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe |
"{8439267C-6951-414B-B717-0FB6D515713C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8921F2EC-3B3A-4C99-B48B-61AB316C2AA8}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{8A7EBC04-F489-4CB5-95DC-03CAFA841894}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe |
"{8D0B2807-F63B-4225-A8CE-01B5D725BF54}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{8E33FD57-F4D9-4197-ACBC-8EC1BF0FC1D9}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |
"{97A4E62E-575C-4F24-BAE9-F6552C89CD08}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\football manager 2012\fm.exe |
"{A41A3613-5A2C-4CE8-89B6-D4C3295B9B47}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe |
"{A70EEB00-8302-42C5-A340-E10FCE8A6468}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A91D7291-8D98-4136-A2CC-9BE5062B05BF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{A9F7DD75-BD60-4015-BCCE-FE237F1A5A5F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{AEA3DD6D-044A-4693-950B-FF04D028D46A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{AF9BC202-7EFC-49DB-BFC8-3D6895CAABA0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B2F4D313-6E4C-4E58-9732-07FBD8A36E1D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{BF2DBAF7-5B41-4BCC-AFED-6D3E5D51C3FD}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{C5DBB64F-8080-43C1-AB2F-A62ABD8413AA}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{D0058272-5A6B-4703-951A-34EDEA079FC6}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{D5855492-1064-40A9-8EB7-79A63AF01C8E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{DA11CE42-6066-41C6-99D6-A7F19E93CEEF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{DFDC63E9-07CF-4EDB-84A8-0AD9532DF533}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{E145B876-25AF-4F2A-8187-FABAB367E8D7}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{E3A6977C-129E-4B67-A77C-8ED129C50DA4}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{E8802F5C-1A39-4896-9CFE-3EAFF05B720B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{ED0A86DC-0451-4D8F-AFF0-EAA411EC983B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe |
"{EF985E60-882F-4F45-B5AF-721E054A9E94}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F148352E-998D-4DDA-8CD8-CCFED0EFE203}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F17A3A03-E3D3-4740-B4A8-5FC535807FE7}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{FBEC7138-353C-4B91-81EB-D4B561161510}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\football manager 2012 editor\editor.exe |
"{FEA7FAE8-1127-4F3D-B43F-5AC71CCE0F18}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02F850ED-FD0E-4ED1-BE0B-5498165BF300}_is1" = AOMEI Partition Assistant Pro Edition 5.0
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{0F842B77-56EA-4AAF-8295-81A022350B5E}" = Microsoft Security Client
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2E87F4AB-99BF-421C-AF7B-365A9C08549A}" = F300
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5CA7899B-FFEC-4254-A05B-448420831F37}" = Championship Manager 2010
"{5E6D6161-5509-4f55-9372-1E01792F843A}" = F300_Help
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63486834-B10B-4DD4-8216-C8D66A157D7E}_is1" = FMRTE 5.2.4
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{75247E38-5C9B-45D6-ADF8-E11CB56B4990}" = Network
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9866E5F0-121F-E018-E2D1-2E1770847ABF}" = Adobe Download Assistant
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.1.19.364
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F6AC5364-2FB7-437a-811A-D645F22AA6AC}" = F300Trb
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Ashampoo Internet Accelerator 3_is1" = Ashampoo Internet Accelerator 3 v.3.20
"Bulk Image Downloader_is1" = Bulk Image Downloader v4.42.0.0
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"FormatFactory" = FormatFactory 2.95
"Freemake Video Downloader_is1" = Freemake Video Downloader
"get_iplayer" = get_iplayer 4.5
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"ImgBurn" = ImgBurn
"Internet Download Manager" = Internet Download Manager
"KLiteCodecPack_is1" = K-Lite Codec Pack 8.8.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.SingleImage" = Microsoft Office Professional 2010
"Shop for HP Supplies" = Shop for HP Supplies
"Steam App 71270" = Football Manager 2012
"Steam App 71400" = Football Manager 2012 Editor
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 2.0.1
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"WinRAR archiver" = WinRAR 4.20 beta 3 (32-bit)
"Xvid Video Codec 1.3.2" = Xvid Video Codec
"Yahoo! Companion" = Yahoo! Toolbar
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3859188055-2524284707-904069009-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"AIM" = AIM for Windows
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 20/06/2012 05:12:55 | Computer Name = Admin-PC | Source = .NET Runtime | ID = 1022
Description =
Error - 20/06/2012 06:20:43 | Computer Name = Admin-PC | Source = .NET Runtime | ID = 1022
Description =
Error - 20/06/2012 06:23:47 | Computer Name = Admin-PC | Source = .NET Runtime | ID = 1022
Description =
Error - 20/06/2012 06:28:26 | Computer Name = Admin-PC | Source = .NET Runtime | ID = 1022
Description =
Error - 20/06/2012 06:30:18 | Computer Name = Admin-PC | Source = .NET Runtime | ID = 1022
Description =
Error - 21/06/2012 05:03:38 | Computer Name = Admin-PC | Source = .NET Runtime | ID = 1022
Description =
Error - 21/06/2012 06:40:22 | Computer Name = Admin-PC | Source = .NET Runtime | ID = 1026
Description =
Error - 21/06/2012 06:40:31 | Computer Name = Admin-PC | Source = Application Error | ID = 1000
Description = Faulting application name: FormatFactory.exe, version: 2.95.0.0, time
stamp: 0x4f848c41 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x00000000 Faulting process id: 0xc8 Faulting application
start time: 0x01cd4f969e694440 Faulting application path: C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe
Faulting
module path: unknown Report Id: 85db6b70-bb8d-11e1-b184-b77f1e5097c0
Error - 21/06/2012 09:13:55 | Computer Name = Admin-PC | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "c:\program files\aomei partition
assistant pro edition 5.0\SetupGreen64.exe".Error in manifest or policy file "c:\program
files\aomei partition assistant pro edition 5.0\Microsoft.VC80.CRT.MANIFEST" on
line 4. Component identity found in manifest does not match the identity of the
component requested. Reference is Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Definition
is Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762".
Please
use sxstrace.exe for detailed diagnosis.
Error - 22/06/2012 02:51:47 | Computer Name = Admin-PC | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "c:\program files\aomei partition
assistant pro edition 5.0\SetupGreen64.exe".Error in manifest or policy file "c:\program
files\aomei partition assistant pro edition 5.0\Microsoft.VC80.CRT.MANIFEST" on
line 4. Component identity found in manifest does not match the identity of the
component requested. Reference is Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Definition
is Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762".
Please
use sxstrace.exe for detailed diagnosis.
[ System Events ]
Error - 19/06/2012 09:56:02 | Computer Name = Admin-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR2.
Error - 19/06/2012 09:56:03 | Computer Name = Admin-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR2.
Error - 19/06/2012 09:56:03 | Computer Name = Admin-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR2.
Error - 19/06/2012 09:56:04 | Computer Name = Admin-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR2.
Error - 20/06/2012 07:28:10 | Computer Name = Admin-PC | Source = cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.
Error - 20/06/2012 07:28:18 | Computer Name = Admin-PC | Source = cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.
Error - 20/06/2012 08:02:18 | Computer Name = Admin-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR2.
Error - 20/06/2012 08:02:19 | Computer Name = Admin-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR2.
Error - 20/06/2012 08:02:19 | Computer Name = Admin-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR2.
Error - 21/06/2012 04:31:49 | Computer Name = Admin-PC | Source = WMPNetworkSvc | ID = 866300
Description =
< End of report >
Just doing the other log now. |
|
| Back to top |
|
|
MarkC1984
Newbie
Joined: 21 Jun 2012
Last Visit: 23 Jun 2012
Posts: 6
|
| Posted: Fri Jun 22, 2012 3:00 pm Post subject: |
|
|
TDSSKiller Log.
23:58:36.0307 1812 TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32
23:58:36.0557 1812 ============================================================
23:58:36.0557 1812 Current date / time: 2012/06/22 23:58:36.0557
23:58:36.0557 1812 SystemInfo:
23:58:36.0557 1812
23:58:36.0557 1812 OS Version: 6.1.7601 ServicePack: 1.0
23:58:36.0557 1812 Product type: Workstation
23:58:36.0557 1812 ComputerName: ADMIN-PC
23:58:36.0557 1812 UserName: Admin
23:58:36.0557 1812 Windows directory: C:\Windows
23:58:36.0557 1812 System windows directory: C:\Windows
23:58:36.0557 1812 Processor architecture: Intel x86
23:58:36.0557 1812 Number of processors: 1
23:58:36.0557 1812 Page size: 0x1000
23:58:36.0557 1812 Boot type: Normal boot
23:58:36.0557 1812 ============================================================
23:58:39.0222 1812 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:58:39.0380 1812 Drive \Device\Harddisk2\DR2 - Size: 0x3BB3FFE00 (14.93 Gb), SectorSize: 0x200, Cylinders: 0x79C, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:58:39.0381 1812 ============================================================
23:58:39.0381 1812 \Device\Harddisk0\DR0:
23:58:39.0433 1812 MBR partitions:
23:58:39.0433 1812 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A18A82
23:58:39.0433 1812 \Device\Harddisk2\DR2:
23:58:39.0434 1812 MBR partitions:
23:58:39.0434 1812 ============================================================
23:58:39.0513 1812 C: <-> \Device\Harddisk0\DR0\Partition0
23:58:39.0513 1812 ============================================================
23:58:39.0513 1812 Initialize success
23:58:39.0513 1812 ============================================================
23:59:22.0041 5704 ============================================================
23:59:22.0041 5704 Scan started
23:59:22.0041 5704 Mode: Manual; TDLFS;
23:59:22.0041 5704 ============================================================
23:59:23.0953 5704 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
23:59:23.0969 5704 1394ohci - ok
23:59:24.0015 5704 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
23:59:24.0031 5704 ACPI - ok
23:59:24.0062 5704 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
23:59:24.0062 5704 AcpiPmi - ok
23:59:24.0187 5704 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
23:59:24.0187 5704 AdobeARMservice - ok
23:59:24.0281 5704 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:59:24.0281 5704 AdobeFlashPlayerUpdateSvc - ok
23:59:24.0359 5704 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
23:59:24.0374 5704 adp94xx - ok
23:59:24.0421 5704 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
23:59:24.0437 5704 adpahci - ok
23:59:24.0468 5704 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
23:59:24.0468 5704 adpu320 - ok
23:59:24.0515 5704 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
23:59:24.0515 5704 AeLookupSvc - ok
23:59:24.0593 5704 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
23:59:24.0608 5704 AFD - ok
23:59:24.0655 5704 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
23:59:24.0671 5704 agp440 - ok
23:59:24.0749 5704 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
23:59:24.0749 5704 aic78xx - ok
23:59:24.0811 5704 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
23:59:24.0811 5704 ALG - ok
23:59:24.0858 5704 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
23:59:24.0858 5704 aliide - ok
23:59:24.0873 5704 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
23:59:24.0889 5704 amdagp - ok
23:59:24.0905 5704 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
23:59:24.0920 5704 amdide - ok
23:59:24.0967 5704 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
23:59:24.0967 5704 AmdK8 - ok
23:59:25.0014 5704 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
23:59:25.0014 5704 AmdPPM - ok
23:59:25.0061 5704 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
23:59:25.0061 5704 amdsata - ok
23:59:25.0092 5704 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
23:59:25.0092 5704 amdsbs - ok
23:59:25.0123 5704 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
23:59:25.0123 5704 amdxata - ok
23:59:25.0248 5704 ampa (47e6301d245ab061b9853b90a46ae55a) C:\Windows\system32\ampa.sys
23:59:25.0248 5704 ampa - ok
23:59:25.0451 5704 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
23:59:25.0497 5704 AppID - ok
23:59:25.0638 5704 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
23:59:25.0685 5704 AppIDSvc - ok
23:59:25.0794 5704 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
23:59:25.0794 5704 Appinfo - ok
23:59:26.0045 5704 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
23:59:26.0049 5704 AppMgmt - ok
23:59:26.0111 5704 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
23:59:26.0114 5704 arc - ok
23:59:26.0171 5704 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
23:59:26.0173 5704 arcsas - ok
23:59:26.0335 5704 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
23:59:26.0352 5704 aspnet_state - ok
23:59:26.0392 5704 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
23:59:26.0395 5704 AsyncMac - ok
23:59:26.0433 5704 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
23:59:26.0434 5704 atapi - ok
23:59:26.0516 5704 athr (614a60aee03a6151fdcbac295854a9cb) C:\Windows\system32\DRIVERS\athr.sys
23:59:26.0549 5704 athr - ok
23:59:26.0627 5704 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
23:59:26.0642 5704 AudioEndpointBuilder - ok
23:59:26.0666 5704 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
23:59:26.0674 5704 Audiosrv - ok
23:59:26.0728 5704 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
23:59:26.0735 5704 AxInstSV - ok
23:59:26.0846 5704 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
23:59:26.0864 5704 b06bdrv - ok
23:59:26.0950 5704 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
23:59:26.0964 5704 b57nd60x - ok
23:59:27.0050 5704 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
23:59:27.0081 5704 BDESVC - ok
23:59:27.0096 5704 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
23:59:27.0112 5704 Beep - ok
23:59:27.0221 5704 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
23:59:27.0237 5704 BFE - ok
23:59:27.0346 5704 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
23:59:27.0362 5704 BITS - ok
23:59:27.0377 5704 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
23:59:27.0393 5704 blbdrive - ok
23:59:27.0440 5704 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
23:59:27.0440 5704 bowser - ok
23:59:27.0502 5704 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:59:27.0518 5704 BrFiltLo - ok
23:59:27.0549 5704 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:59:27.0549 5704 BrFiltUp - ok
23:59:27.0596 5704 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
23:59:27.0596 5704 Browser - ok
23:59:27.0658 5704 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
23:59:27.0674 5704 Brserid - ok
23:59:27.0705 5704 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
23:59:27.0705 5704 BrSerWdm - ok
23:59:27.0720 5704 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
23:59:27.0720 5704 BrUsbMdm - ok
23:59:27.0752 5704 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
23:59:27.0752 5704 BrUsbSer - ok
23:59:27.0783 5704 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
23:59:27.0783 5704 BTHMODEM - ok
23:59:27.0845 5704 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
23:59:27.0861 5704 bthserv - ok
23:59:27.0908 5704 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
23:59:27.0908 5704 cdfs - ok
23:59:28.0001 5704 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
23:59:28.0017 5704 cdrom - ok
23:59:28.0064 5704 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
23:59:28.0064 5704 CertPropSvc - ok
23:59:28.0110 5704 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
23:59:28.0110 5704 circlass - ok
23:59:28.0266 5704 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
23:59:28.0266 5704 CLFS - ok
23:59:28.0500 5704 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:59:28.0500 5704 clr_optimization_v2.0.50727_32 - ok
23:59:28.0610 5704 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:59:28.0610 5704 clr_optimization_v4.0.30319_32 - ok
23:59:28.0719 5704 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
23:59:28.0734 5704 CmBatt - ok
23:59:28.0781 5704 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
23:59:28.0781 5704 cmdide - ok
23:59:28.0859 5704 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
23:59:28.0875 5704 CNG - ok
23:59:29.0015 5704 CnxtHdAudService (dda0cb141150fef87419926790cd26c8) C:\Windows\system32\drivers\CHDRT32.sys
23:59:29.0031 5704 CnxtHdAudService - ok
23:59:29.0078 5704 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
23:59:29.0078 5704 Compbatt - ok
23:59:29.0140 5704 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
23:59:29.0140 5704 CompositeBus - ok
23:59:29.0156 5704 COMSysApp - ok
23:59:29.0187 5704 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
23:59:29.0187 5704 crcdisk - ok
23:59:29.0296 5704 CryptSvc (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
23:59:29.0312 5704 CryptSvc - ok
23:59:29.0358 5704 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
23:59:29.0374 5704 CSC - ok
23:59:29.0468 5704 CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
23:59:29.0499 5704 CscService - ok
23:59:29.0608 5704 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
23:59:29.0639 5704 DcomLaunch - ok
23:59:29.0686 5704 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
23:59:29.0686 5704 defragsvc - ok
23:59:29.0764 5704 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
23:59:29.0764 5704 DfsC - ok
23:59:29.0904 5704 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
23:59:29.0920 5704 Dhcp - ok
23:59:29.0998 5704 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
23:59:29.0998 5704 discache - ok
23:59:30.0279 5704 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
23:59:30.0279 5704 Disk - ok
23:59:30.0450 5704 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
23:59:30.0466 5704 Dnscache - ok
23:59:30.0528 5704 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
23:59:30.0544 5704 dot3svc - ok
23:59:30.0669 5704 Dot4 (b5e479eb83707dd698f66953e922042c) C:\Windows\system32\DRIVERS\Dot4.sys
23:59:30.0684 5704 Dot4 - ok
23:59:30.0747 5704 Dot4Print (caefd09b6a6249c53a67d55a9a9fcabf) C:\Windows\system32\drivers\Dot4Prt.sys
23:59:30.0747 5704 Dot4Print - ok
23:59:30.0794 5704 dot4usb (cf491ff38d62143203c065260567e2f7) C:\Windows\system32\DRIVERS\dot4usb.sys
23:59:30.0794 5704 dot4usb - ok
23:59:30.0840 5704 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
23:59:30.0840 5704 DPS - ok
23:59:30.0903 5704 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
23:59:30.0903 5704 drmkaud - ok
23:59:30.0981 5704 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
23:59:31.0028 5704 DXGKrnl - ok
23:59:31.0137 5704 E1G60 (22ef8965101685add128f03a2b03ce16) C:\Windows\system32\DRIVERS\E1G60I32.sys
23:59:31.0152 5704 E1G60 - ok
23:59:31.0215 5704 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
23:59:31.0215 5704 EapHost - ok
23:59:31.0511 5704 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
23:59:31.0589 5704 ebdrv - ok
23:59:31.0714 5704 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
23:59:31.0730 5704 EFS - ok
23:59:31.0886 5704 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
23:59:31.0917 5704 ehRecvr - ok
23:59:31.0964 5704 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
23:59:31.0964 5704 ehSched - ok
23:59:32.0213 5704 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
23:59:32.0244 5704 elxstor - ok
23:59:32.0276 5704 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
23:59:32.0276 5704 ErrDev - ok
23:59:32.0369 5704 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
23:59:32.0369 5704 EventSystem - ok
23:59:32.0416 5704 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
23:59:32.0432 5704 exfat - ok
23:59:32.0494 5704 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
23:59:32.0494 5704 fastfat - ok
23:59:32.0556 5704 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
23:59:32.0572 5704 Fax - ok
23:59:32.0634 5704 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
23:59:32.0634 5704 fdc - ok
23:59:32.0681 5704 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
23:59:32.0681 5704 fdPHost - ok
23:59:32.0712 5704 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
23:59:32.0712 5704 FDResPub - ok
23:59:32.0837 5704 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
23:59:32.0837 5704 FileInfo - ok
23:59:32.0868 5704 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
23:59:32.0900 5704 Filetrace - ok
23:59:32.0931 5704 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
23:59:32.0946 5704 flpydisk - ok
23:59:33.0009 5704 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
23:59:33.0024 5704 FltMgr - ok
23:59:33.0118 5704 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
23:59:33.0149 5704 FontCache - ok
23:59:33.0227 5704 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
23:59:33.0227 5704 FontCache3.0.0.0 - ok
23:59:33.0336 5704 FreemakeVideoCapture (93b5cd0ac126be95f65b28af3d9542dc) C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
23:59:33.0336 5704 FreemakeVideoCapture - ok
23:59:33.0383 5704 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
23:59:33.0383 5704 FsDepends - ok
23:59:33.0430 5704 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
23:59:33.0446 5704 Fs_Rec - ok
23:59:33.0508 5704 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
23:59:33.0524 5704 fvevol - ok
23:59:33.0570 5704 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
23:59:33.0586 5704 gagp30kx - ok
23:59:33.0633 5704 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
23:59:33.0664 5704 gpsvc - ok
23:59:33.0695 5704 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
23:59:33.0695 5704 hcw85cir - ok
23:59:33.0789 5704 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
23:59:33.0804 5704 HdAudAddService - ok
23:59:33.0851 5704 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
23:59:33.0867 5704 HDAudBus - ok
23:59:33.0914 5704 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
23:59:33.0914 5704 HidBatt - ok
23:59:33.0945 5704 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
23:59:33.0945 5704 HidBth - ok
23:59:34.0116 5704 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
23:59:34.0116 5704 HidIr - ok
23:59:34.0163 5704 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
23:59:34.0163 5704 hidserv - ok
23:59:34.0226 5704 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
23:59:34.0226 5704 HidUsb - ok
23:59:34.0272 5704 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
23:59:34.0272 5704 hkmsvc - ok
23:59:34.0304 5704 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
23:59:34.0319 5704 HomeGroupListener - ok
23:59:34.0350 5704 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
23:59:34.0366 5704 HomeGroupProvider - ok
23:59:34.0475 5704 hpqcxs08 (1dae5c46d42b02a6d5862e1482efb390) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
23:59:34.0491 5704 hpqcxs08 - ok
23:59:34.0522 5704 hpqddsvc (99e8eef42fe2f4af29b08c3355dd7685) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
23:59:34.0538 5704 hpqddsvc - ok
23:59:34.0584 5704 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
23:59:34.0584 5704 HpSAMD - ok
23:59:34.0678 5704 HPSLPSVC (79737e0f7d25de8405cb34d4c9882253) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
23:59:34.0709 5704 HPSLPSVC - ok
23:59:34.0834 5704 HsfXAudioService (210388fd8225b02bd83d77628aae64a9) C:\Windows\system32\XAudio32.dll
23:59:34.0850 5704 HsfXAudioService - ok
23:59:35.0255 5704 HSF_DPV (227c3ba25012752bb7450235392c719f) C:\Windows\system32\DRIVERS\HSX_DPV.sys
23:59:35.0286 5704 HSF_DPV - ok
23:59:35.0364 5704 HSXHWAZL (4df5c76302dc2f8f3465966c8426a292) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
23:59:35.0364 5704 HSXHWAZL - ok
23:59:35.0442 5704 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
23:59:35.0474 5704 HTTP - ok
23:59:35.0489 5704 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
23:59:35.0489 5704 hwpolicy - ok
23:59:35.0552 5704 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
23:59:35.0552 5704 i8042prt - ok
23:59:35.0645 5704 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
23:59:35.0645 5704 iaStorV - ok
23:59:35.0692 5704 IDMWFP (8dc6f8a868b06f7b21c5683053509c8f) C:\Windows\system32\DRIVERS\idmwfp.sys
23:59:35.0708 5704 IDMWFP - ok
23:59:35.0817 5704 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:59:35.0848 5704 idsvc - ok
23:59:35.0910 5704 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
23:59:35.0910 5704 iirsp - ok
23:59:35.0988 5704 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
23:59:36.0004 5704 IKEEXT - ok
23:59:36.0035 5704 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
23:59:36.0035 5704 intelide - ok
23:59:36.0082 5704 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
23:59:36.0082 5704 intelppm - ok
23:59:36.0144 5704 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
23:59:36.0144 5704 IPBusEnum - ok
23:59:36.0176 5704 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:59:36.0191 5704 IpFilterDriver - ok
23:59:36.0269 5704 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
23:59:36.0285 5704 iphlpsvc - ok
23:59:36.0332 5704 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
23:59:36.0347 5704 IPMIDRV - ok
23:59:36.0378 5704 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
23:59:36.0378 5704 IPNAT - ok
23:59:36.0441 5704 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
23:59:36.0441 5704 IRENUM - ok
23:59:36.0472 5704 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
23:59:36.0488 5704 isapnp - ok
23:59:36.0519 5704 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
23:59:36.0534 5704 iScsiPrt - ok
23:59:36.0581 5704 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
23:59:36.0581 5704 kbdclass - ok
23:59:36.0612 5704 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
23:59:36.0612 5704 kbdhid - ok
23:59:36.0659 5704 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
23:59:36.0659 5704 KeyIso - ok
23:59:36.0690 5704 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
23:59:36.0690 5704 KSecDD - ok
23:59:36.0737 5704 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
23:59:36.0737 5704 KSecPkg - ok
23:59:36.0800 5704 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
23:59:36.0831 5704 KtmRm - ok
23:59:36.0893 5704 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
23:59:36.0924 5704 LanmanServer - ok
23:59:36.0971 5704 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
23:59:36.0987 5704 LanmanWorkstation - ok
23:59:37.0049 5704 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
23:59:37.0049 5704 lltdio - ok
23:59:37.0127 5704 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
23:59:37.0143 5704 lltdsvc - ok
23:59:37.0174 5704 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
23:59:37.0174 5704 lmhosts - ok
23:59:37.0236 5704 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
23:59:37.0236 5704 LSI_FC - ok
23:59:37.0268 5704 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
23:59:37.0283 5704 LSI_SAS - ok
23:59:37.0299 5704 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:59:37.0314 5704 LSI_SAS2 - ok
23:59:37.0346 5704 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:59:37.0346 5704 LSI_SCSI - ok
23:59:37.0408 5704 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
23:59:37.0408 5704 luafv - ok
23:59:37.0455 5704 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
23:59:37.0455 5704 MBAMProtector - ok
23:59:37.0595 5704 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
23:59:37.0611 5704 MBAMService - ok
23:59:37.0642 5704 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\Windows\system32\drivers\mbamswissarmy.sys
23:59:37.0642 5704 MBAMSwissArmy - ok
23:59:37.0689 5704 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
23:59:37.0689 5704 Mcx2Svc - ok
23:59:37.0736 5704 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
23:59:37.0736 5704 mdmxsdk - ok
23:59:37.0814 5704 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
23:59:37.0814 5704 megasas - ok
23:59:37.0860 5704 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
23:59:37.0876 5704 MegaSR - ok
23:59:37.0938 5704 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
23:59:37.0938 5704 MMCSS - ok
23:59:37.0970 5704 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
23:59:37.0970 5704 Modem - ok
23:59:38.0032 5704 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
23:59:38.0032 5704 monitor - ok
23:59:38.0079 5704 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
23:59:38.0079 5704 mouclass - ok
23:59:38.0110 5704 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
23:59:38.0110 5704 mouhid - ok
23:59:38.0157 5704 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
23:59:38.0157 5704 mountmgr - ok
23:59:38.0235 5704 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys
23:59:38.0250 5704 MpFilter - ok
23:59:38.0313 5704 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
23:59:38.0313 5704 mpio - ok
23:59:38.0438 5704 MpKsl5b2a2352 - ok
23:59:38.0531 5704 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
23:59:38.0531 5704 mpsdrv - ok
23:59:38.0625 5704 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
23:59:38.0656 5704 MpsSvc - ok
23:59:38.0703 5704 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
23:59:38.0718 5704 MRxDAV - ok
23:59:38.0796 5704 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:59:38.0812 5704 mrxsmb - ok
23:59:38.0859 5704 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:59:38.0874 5704 mrxsmb10 - ok
23:59:38.0921 5704 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:59:38.0921 5704 mrxsmb20 - ok
23:59:38.0968 5704 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
23:59:38.0968 5704 msahci - ok
23:59:39.0015 5704 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
23:59:39.0015 5704 msdsm - ok
23:59:39.0062 5704 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
23:59:39.0077 5704 MSDTC - ok
23:59:39.0140 5704 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
23:59:39.0155 5704 Msfs - ok
23:59:39.0202 5704 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
23:59:39.0202 5704 mshidkmdf - ok
23:59:39.0233 5704 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
23:59:39.0233 5704 msisadrv - ok
23:59:39.0296 5704 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
23:59:39.0296 5704 MSiSCSI - ok
23:59:39.0311 5704 msiserver - ok
23:59:39.0374 5704 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
23:59:39.0374 5704 MSKSSRV - ok
23:59:39.0483 5704 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe
23:59:39.0483 5704 MsMpSvc - ok
23:59:39.0514 5704 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
23:59:39.0514 5704 MSPCLOCK - ok
23:59:39.0545 5704 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
23:59:39.0545 5704 MSPQM - ok
23:59:39.0576 5704 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
23:59:39.0592 5704 MsRPC - ok
23:59:39.0639 5704 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
23:59:39.0639 5704 mssmbios - ok
23:59:39.0654 5704 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
23:59:39.0654 5704 MSTEE - ok
23:59:39.0670 5704 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
23:59:39.0686 5704 MTConfig - ok
23:59:39.0701 5704 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
23:59:39.0701 5704 Mup - ok
23:59:39.0748 5704 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
23:59:39.0764 5704 napagent - ok
23:59:40.0419 5704 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
23:59:40.0466 5704 NativeWifiP - ok
23:59:40.0544 5704 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
23:59:40.0559 5704 NDIS - ok
23:59:40.0606 5704 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
23:59:40.0606 5704 NdisCap - ok
23:59:40.0637 5704 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
23:59:40.0637 5704 NdisTapi - ok
23:59:40.0700 5704 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
23:59:40.0700 5704 Ndisuio - ok
23:59:40.0762 5704 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
23:59:40.0762 5704 NdisWan - ok
23:59:40.0840 5704 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
23:59:40.0856 5704 NDProxy - ok
23:59:40.0918 5704 Net Driver HPZ12 (510c138564486ff926a3f773205c63d1) C:\Windows\system32\HPZinw12.dll
23:59:40.0918 5704 Net Driver HPZ12 - ok
23:59:40.0996 5704 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
23:59:41.0012 5704 NetBIOS - ok
23:59:41.0058 5704 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
23:59:41.0058 5704 NetBT - ok
23:59:41.0105 5704 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
23:59:41.0105 5704 Netlogon - ok
23:59:41.0199 5704 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
23:59:41.0214 5704 Netman - ok
23:59:41.0355 5704 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:59:41.0370 5704 NetMsmqActivator - ok
23:59:41.0386 5704 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:59:41.0386 5704 NetPipeActivator - ok
23:59:41.0464 5704 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
23:59:41.0480 5704 netprofm - ok
23:59:41.0495 5704 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:59:41.0495 5704 NetTcpActivator - ok
23:59:41.0511 5704 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:59:41.0511 5704 NetTcpPortSharing - ok
23:59:41.0589 5704 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
23:59:41.0589 5704 nfrd960 - ok
23:59:41.0714 5704 NisDrv (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
23:59:41.0745 5704 NisDrv - ok
23:59:41.0838 5704 NisSrv (290c0d4c4889398797f8df3be00b9698) c:\Program Files\Microsoft Security Client\NisSrv.exe
23:59:41.0838 5704 NisSrv - ok
23:59:41.0901 5704 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
23:59:41.0932 5704 NlaSvc - ok
23:59:41.0979 5704 npf (b48dc6abcd3aeff8618350ccbdc6b09a) C:\Windows\system32\drivers\npf.sys
23:59:41.0994 5704 npf - ok
23:59:42.0041 5704 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
23:59:42.0057 5704 Npfs - ok
23:59:42.0119 5704 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
23:59:42.0119 5704 nsi - ok
23:59:42.0166 5704 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
23:59:42.0182 5704 nsiproxy - ok
23:59:42.0306 5704 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
23:59:42.0369 5704 Ntfs - ok
23:59:42.0494 5704 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
23:59:42.0494 5704 Null - ok
23:59:42.0603 5704 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS\nvm62x32.sys
23:59:42.0618 5704 NVENETFD - ok
23:59:43.0258 5704 nvlddmkm (9dac05d828e56801fd6ce5fdfced64af) C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:59:43.0523 5704 nvlddmkm - ok
23:59:43.0695 5704 NVNET (1de923088878b495cd4219e47ba34eb8) C:\Windows\system32\DRIVERS\nvmf6232.sys
23:59:43.0710 5704 NVNET - ok
23:59:43.0757 5704 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
23:59:43.0757 5704 nvraid - ok
23:59:43.0788 5704 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
23:59:43.0804 5704 nvstor - ok
23:59:43.0898 5704 nvsvc (51e7f2c26b6ece61c5241f1f731eab2b) C:\Windows\system32\nvvsvc.exe
23:59:43.0913 5704 nvsvc - ok
23:59:43.0976 5704 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
23:59:43.0976 5704 nv_agp - ok
23:59:44.0007 5704 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
23:59:44.0007 5704 ohci1394 - ok
23:59:44.0116 5704 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:59:44.0116 5704 ose - ok
23:59:44.0381 5704 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:59:44.0506 5704 osppsvc - ok
23:59:44.0678 5704 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
23:59:44.0693 5704 p2pimsvc - ok
23:59:44.0740 5704 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
23:59:44.0756 5704 p2psvc - ok
23:59:44.0849 5704 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
23:59:44.0865 5704 Parport - ok
23:59:44.0927 5704 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
23:59:45.0021 5704 partmgr - ok
23:59:45.0068 5704 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
23:59:45.0068 5704 Parvdm - ok
23:59:45.0114 5704 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
23:59:45.0114 5704 PcaSvc - ok
23:59:45.0161 5704 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
23:59:45.0161 5704 pci - ok
23:59:45.0208 5704 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
23:59:45.0208 5704 pciide - ok
23:59:45.0255 5704 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
23:59:45.0286 5704 pcmcia - ok
23:59:45.0317 5704 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
23:59:45.0317 5704 pcw - ok
23:59:45.0395 5704 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
23:59:45.0426 5704 PEAUTH - ok
23:59:45.0567 5704 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
23:59:45.0598 5704 PeerDistSvc - ok
23:59:45.0770 5704 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
23:59:45.0832 5704 pla - ok
23:59:45.0972 5704 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
23:59:46.0004 5704 PlugPlay - ok
23:59:46.0082 5704 Pml Driver HPZ12 (37e5e8ffbad35605daeec3224ea0e465) C:\Windows\system32\HPZipm12.dll
23:59:46.0082 5704 Pml Driver HPZ12 - ok
23:59:46.0128 5704 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
23:59:46.0144 5704 PNRPAutoReg - ok
23:59:46.0206 5704 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
23:59:46.0206 5704 PNRPsvc - ok
23:59:46.0269 5704 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
23:59:46.0284 5704 PolicyAgent - ok
23:59:46.0331 5704 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
23:59:46.0331 5704 Power - ok
23:59:46.0456 5704 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
23:59:46.0456 5704 PptpMiniport - ok
23:59:46.0518 5704 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
23:59:46.0518 5704 Processor - ok
23:59:46.0581 5704 ProfSvc (cadefac453040e370a1bdff3973be00d) C:\Windows\system32\profsvc.dll
23:59:46.0612 5704 ProfSvc - ok
23:59:46.0659 5704 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
23:59:46.0659 5704 ProtectedStorage - ok
23:59:46.0737 5704 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
23:59:46.0737 5704 Psched - ok
23:59:46.0862 5704 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
23:59:46.0893 5704 ql2300 - ok
23:59:47.0080 5704 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
23:59:47.0080 5704 ql40xx - ok
23:59:47.0142 5704 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
23:59:47.0174 5704 QWAVE - ok
23:59:47.0205 5704 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
23:59:47.0205 5704 QWAVEdrv - ok
23:59:47.0236 5704 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
23:59:47.0236 5704 RasAcd - ok
23:59:47.0298 5704 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
23:59:47.0298 5704 RasAgileVpn - ok
23:59:47.0345 5704 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
23:59:47.0345 5704 RasAuto - ok
23:59:47.0392 5704 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:59:47.0392 5704 Rasl2tp - ok
23:59:47.0454 5704 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
23:59:47.0486 5704 RasMan - ok
23:59:47.0532 5704 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
23:59:47.0532 5704 RasPppoe - ok
23:59:47.0564 5704 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
23:59:47.0564 5704 RasSstp - ok
23:59:47.0610 5704 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
23:59:47.0610 5704 rdbss - ok
23:59:47.0642 5704 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
23:59:47.0642 5704 rdpbus - ok
23:59:47.0688 5704 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:59:47.0688 5704 RDPCDD - ok
23:59:47.0735 5704 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
23:59:47.0735 5704 RDPDR - ok
23:59:47.0813 5704 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
23:59:47.0813 5704 RDPENCDD - ok
23:59:47.0844 5704 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
23:59:47.0844 5704 RDPREFMP - ok
23:59:47.0891 5704 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys
23:59:47.0891 5704 RdpVideoMiniport - ok
23:59:47.0954 5704 RDPWD (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
23:59:47.0985 5704 RDPWD - ok
23:59:48.0063 5704 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
23:59:48.0078 5704 rdyboost - ok
23:59:48.0141 5704 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
23:59:48.0141 5704 RemoteAccess - ok
23:59:48.0203 5704 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
23:59:48.0219 5704 RemoteRegistry - ok
23:59:48.0250 5704 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
23:59:48.0266 5704 RpcEptMapper - ok
23:59:48.0312 5704 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
23:59:48.0312 5704 RpcLocator - ok
23:59:48.0390 5704 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
23:59:48.0406 5704 RpcSs - ok
23:59:48.0468 5704 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
23:59:48.0468 5704 rspndr - ok
23:59:48.0500 5704 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
23:59:48.0500 5704 s3cap - ok
23:59:48.0546 5704 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
23:59:48.0546 5704 SamSs - ok
23:59:48.0609 5704 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
23:59:48.0609 5704 sbp2port - ok
23:59:48.0656 5704 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
23:59:48.0671 5704 SCardSvr - ok
23:59:48.0718 5704 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
23:59:48.0718 5704 scfilter - ok
23:59:48.0812 5704 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
23:59:48.0843 5704 Schedule - ok
23:59:48.0905 5704 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
23:59:48.0905 5704 SCPolicySvc - ok
23:59:48.0952 5704 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
23:59:48.0983 5704 SDRSVC - ok
23:59:49.0046 5704 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
23:59:49.0046 5704 secdrv - ok
23:59:49.0077 5704 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
23:59:49.0092 5704 seclogon - ok
23:59:49.0139 5704 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
23:59:49.0139 5704 SENS - ok
23:59:49.0170 5704 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
23:59:49.0186 5704 SensrSvc - ok
23:59:49.0233 5704 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
23:59:49.0233 5704 Serenum - ok
23:59:49.0264 5704 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
23:59:49.0280 5704 Serial - ok
23:59:49.0311 5704 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
23:59:49.0311 5704 sermouse - ok
23:59:49.0373 5704 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
23:59:49.0389 5704 SessionEnv - ok
23:59:49.0420 5704 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
23:59:49.0420 5704 sffdisk - ok
23:59:49.0436 5704 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
23:59:49.0436 5704 sffp_mmc - ok
23:59:49.0467 5704 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
23:59:49.0467 5704 sffp_sd - ok
23:59:49.0514 5704 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
23:59:49.0514 5704 sfloppy - ok
23:59:49.0592 5704 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
23:59:49.0607 5704 SharedAccess - ok
23:59:49.0685 5704 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
23:59:49.0701 5704 ShellHWDetection - ok
23:59:49.0748 5704 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
23:59:49.0748 5704 sisagp - ok
23:59:49.0841 5704 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:59:49.0841 5704 SiSRaid2 - ok
23:59:49.0872 5704 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
23:59:49.0872 5704 SiSRaid4 - ok
23:59:49.0919 5704 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
23:59:49.0919 5704 Smb - ok
23:59:49.0982 5704 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
23:59:49.0982 5704 SNMPTRAP - ok
23:59:50.0013 5704 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
23:59:50.0013 5704 spldr - ok
23:59:50.0091 5704 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
23:59:50.0106 5704 Spooler - ok
23:59:50.0372 5704 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
23:59:50.0465 5704 sppsvc - ok
23:59:50.0637 5704 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
23:59:50.0637 5704 sppuinotify - ok
23:59:50.0730 5704 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
23:59:50.0746 5704 srv - ok
23:59:50.0808 5704 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
23:59:50.0824 5704 srv2 - ok
23:59:50.0902 5704 SrvHsfHDA (e00fdfaff025e94f9821153750c35a6d) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
23:59:50.0918 5704 SrvHsfHDA - ok
23:59:51.0042 5704 SrvHsfV92 (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
23:59:51.0105 5704 SrvHsfV92 - ok
23:59:51.0198 5704 SrvHsfWinac (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
23:59:51.0214 5704 SrvHsfWinac - ok
23:59:51.0292 5704 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
23:59:51.0292 5704 srvnet - ok
23:59:51.0354 5704 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
23:59:51.0370 5704 SSDPSRV - ok
23:59:51.0417 5704 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
23:59:51.0417 5704 SstpSvc - ok
23:59:51.0510 5704 Steam Client Service - ok
23:59:51.0557 5704 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
23:59:51.0573 5704 stexstor - ok
23:59:51.0635 5704 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
23:59:51.0666 5704 StiSvc - ok
23:59:51.0713 5704 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
23:59:51.0713 5704 storflt - ok
23:59:51.0760 5704 StorSvc (0bf669f0a910beda4a32258d363af2a5) C:\Windows\system32\storsvc.dll
23:59:51.0776 5704 StorSvc - ok
23:59:51.0807 5704 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
23:59:51.0807 5704 storvsc - ok
23:59:51.0838 5704 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
23:59:51.0838 5704 swenum - ok
23:59:51.0963 5704 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
23:59:51.0994 5704 SwitchBoard - ok
23:59:52.0088 5704 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
23:59:52.0103 5704 swprv - ok
23:59:52.0166 5704 Synth3dVsc - ok
23:59:52.0244 5704 SynTP (f5d926807bd9bc0af68f9376144de425) C:\Windows\system32\DRIVERS\SynTP.sys
23:59:52.0259 5704 SynTP - ok
23:59:52.0384 5704 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
23:59:52.0431 5704 SysMain - ok
23:59:52.0478 5704 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
23:59:52.0493 5704 TabletInputService - ok
23:59:52.0540 5704 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
23:59:52.0556 5704 TapiSrv - ok
23:59:52.0602 5704 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
23:59:52.0618 5704 TBS - ok
23:59:52.0790 5704 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
23:59:52.0836 5704 Tcpip - ok
23:59:53.0086 5704 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
23:59:53.0102 5704 TCPIP6 - ok
23:59:53.0242 5704 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
23:59:53.0242 5704 tcpipreg - ok
23:59:53.0304 5704 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
23:59:53.0304 5704 TDPIPE - ok
23:59:53.0336 5704 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
23:59:53.0351 5704 TDTCP - ok
23:59:53.0367 5704 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
23:59:53.0382 5704 tdx - ok
23:59:53.0414 5704 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
23:59:53.0414 5704 TermDD - ok
23:59:53.0492 5704 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
23:59:53.0538 5704 TermService - ok
23:59:53.0601 5704 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
23:59:53.0601 5704 Themes - ok
23:59:53.0648 5704 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
23:59:53.0648 5704 THREADORDER - ok
23:59:53.0679 5704 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
23:59:53.0694 5704 TrkWks - ok
23:59:53.0757 5704 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
23:59:53.0772 5704 TrustedInstaller - ok
23:59:53.0804 5704 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:59:53.0804 5704 tssecsrv - ok
23:59:53.0866 5704 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
23:59:53.0866 5704 TsUsbFlt - ok
23:59:53.0882 5704 tsusbhub - ok
23:59:53.0960 5704 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
23:59:53.0960 5704 tunnel - ok
23:59:54.0006 5704 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
23:59:54.0006 5704 uagp35 - ok
23:59:54.0069 5704 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
23:59:54.0084 5704 udfs - ok
23:59:54.0147 5704 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
23:59:54.0147 5704 UI0Detect - ok
23:59:54.0194 5704 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
23:59:54.0209 5704 uliagpkx - ok
23:59:54.0256 5704 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
23:59:54.0256 5704 umbus - ok
23:59:54.0303 5704 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
23:59:54.0303 5704 UmPass - ok
23:59:54.0365 5704 UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
23:59:54.0381 5704 UmRdpService - ok
23:59:54.0459 5704 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
23:59:54.0474 5704 upnphost - ok
23:59:54.0521 5704 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
23:59:54.0521 5704 usbccgp - ok
23:59:54.0568 5704 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
23:59:54.0568 5704 usbcir - ok
23:59:54.0599 5704 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
23:59:54.0599 5704 usbehci - ok
23:59:54.0662 5704 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
23:59:54.0677 5704 usbhub - ok
23:59:54.0708 5704 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys
23:59:54.0708 5704 usbohci - ok
23:59:54.0771 5704 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
23:59:54.0771 5704 usbprint - ok
23:59:54.0818 5704 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
23:59:54.0818 5704 usbscan - ok
23:59:54.0849 5704 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\drivers\USBSTOR.SYS
23:59:54.0864 5704 USBSTOR - ok
23:59:54.0911 5704 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
23:59:54.0911 5704 usbuhci - ok
23:59:55.0005 5704 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
23:59:55.0020 5704 usbvideo - ok
23:59:55.0067 5704 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
23:59:55.0067 5704 UxSms - ok
23:59:55.0114 5704 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
23:59:55.0114 5704 VaultSvc - ok
23:59:55.0161 5704 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
23:59:55.0161 5704 vdrvroot - ok
23:59:55.0242 5704 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
23:59:55.0269 5704 vds - ok
23:59:55.0315 5704 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
23:59:55.0317 5704 vga - ok
23:59:55.0346 5704 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
23:59:55.0349 5704 VgaSave - ok
23:59:55.0372 5704 VGPU - ok
23:59:55.0443 5704 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
23:59:55.0453 5704 vhdmp - ok
23:59:55.0482 5704 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
23:59:55.0485 5704 viaagp - ok
23:59:55.0519 5704 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
23:59:55.0524 5704 ViaC7 - ok
23:59:55.0549 5704 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
23:59:55.0553 5704 viaide - ok
23:59:55.0588 5704 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
23:59:55.0593 5704 vmbus - ok
23:59:55.0618 5704 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
23:59:55.0620 5704 VMBusHID - ok
23:59:55.0662 5704 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
23:59:55.0668 5704 volmgr - ok
23:59:55.0723 5704 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
23:59:55.0739 5704 volmgrx - ok
23:59:55.0775 5704 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
23:59:55.0783 5704 volsnap - ok
23:59:55.0825 5704 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
23:59:55.0832 5704 vsmraid - ok
23:59:55.0911 5704 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
23:59:55.0949 5704 VSS - ok
23:59:55.0970 5704 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
23:59:55.0973 5704 vwifibus - ok
23:59:56.0009 5704 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
23:59:56.0011 5704 vwififlt - ok
23:59:56.0083 5704 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
23:59:56.0098 5704 W32Time - ok
23:59:56.0150 5704 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
23:59:56.0152 5704 WacomPen - ok
23:59:56.0214 5704 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
23:59:56.0216 5704 WANARP - ok
23:59:56.0229 5704 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
23:59:56.0230 5704 Wanarpv6 - ok
23:59:56.0414 5704 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
23:59:56.0457 5704 WatAdminSvc - ok
23:59:56.0625 5704 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
23:59:56.0733 5704 wbengine - ok
23:59:56.0801 5704 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
23:59:56.0823 5704 WbioSrvc - ok
23:59:56.0888 5704 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
23:59:56.0906 5704 wcncsvc - ok
23:59:56.0948 5704 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
23:59:56.0956 5704 WcsPlugInService - ok
23:59:57.0043 5704 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
23:59:57.0045 5704 Wd - ok
23:59:57.0113 5704 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
23:59:57.0133 5704 Wdf01000 - ok
23:59:57.0168 5704 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
23:59:57.0181 5704 WdiServiceHost - ok
23:59:57.0193 5704 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
23:59:57.0198 5704 WdiSystemHost - ok
23:59:57.0255 5704 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
23:59:57.0276 5704 WebClient - ok
23:59:57.0323 5704 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
23:59:57.0336 5704 Wecsvc - ok
23:59:57.0362 5704 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
23:59:57.0378 5704 wercplsupport - ok
23:59:57.0409 5704 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
23:59:57.0409 5704 WerSvc - ok
23:59:57.0456 5704 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
23:59:57.0456 5704 WfpLwf - ok
23:59:57.0471 5704 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
23:59:57.0471 5704 WIMMount - ok
23:59:57.0581 5704 winachsf (8b976d4ca270110111df4f313da0e6e8) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
23:59:57.0612 5704 winachsf - ok
23:59:57.0783 5704 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
23:59:57.0799 5704 WinDefend - ok
23:59:57.0830 5704 WinHttpAutoProxySvc - ok
23:59:58.0127 5704 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
23:59:58.0142 5704 Winmgmt - ok
23:59:58.0220 5704 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
23:59:58.0251 5704 WinRM - ok
23:59:58.0345 5704 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
23:59:58.0376 5704 Wlansvc - ok
23:59:58.0563 5704 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:59:58.0626 5704 wlidsvc - ok
23:59:58.0751 5704 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
23:59:58.0751 5704 WmiAcpi - ok
23:59:58.0860 5704 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
23:59:58.0875 5704 wmiApSrv - ok
23:59:59.0016 5704 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
23:59:59.0078 5704 WMPNetworkSvc - ok
23:59:59.0203 5704 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
23:59:59.0203 5704 WPCSvc - ok
23:59:59.0250 5704 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
23:59:59.0250 5704 WPDBusEnum - ok
23:59:59.0312 5704 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
23:59:59.0312 5704 ws2ifsl - ok
23:59:59.0343 5704 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
23:59:59.0343 5704 wscsvc - ok
23:59:59.0359 5704 WSearch - ok
23:59:59.0484 5704 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
23:59:59.0562 5704 wuauserv - ok
23:59:59.0687 5704 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
23:59:59.0702 5704 WudfPf - ok
23:59:59.0749 5704 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:59:59.0765 5704 WUDFRd - ok
23:59:59.0796 5704 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
23:59:59.0796 5704 wudfsvc - ok
23:59:59.0858 5704 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
23:59:59.0858 5704 WwanSvc - ok
23:59:59.0936 5704 XAudio (894f963be999ba9db5aac3aed55b115d) C:\Windows\system32\DRIVERS\XAudio32.sys
23:59:59.0936 5704 XAudio - ok
23:59:59.0999 5704 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
00:00:00.0373 5704 \Device\Harddisk0\DR0 - ok
00:00:00.0404 5704 MBR (0x1B8) (eba160a82f82e3554bc1fee479275c58) \Device\Harddisk2\DR2
00:00:06.0463 5704 \Device\Harddisk2\DR2 - ok
00:00:06.0478 5704 Boot (0x1200) (204434363b5e7c97fff5ecf1bb844ec9) \Device\Harddisk0\DR0\Partition0
00:00:06.0478 5704 \Device\Harddisk0\DR0\Partition0 - ok
00:00:06.0478 5704 ============================================================
00:00:06.0478 5704 Scan finished
00:00:06.0478 5704 ============================================================
00:00:06.0510 0344 Detected object count: 0
00:00:06.0510 0344 Actual detected object count: 0 |
|
| Back to top |
|
|
Gary R
Moderator
Joined: 03 May 2005
Last Visit: 19 Jun 2013
Posts: 9712
Location: Yorkshire
|
| Posted: Fri Jun 22, 2012 8:54 pm Post subject: |
|
|
- Download MGA Diagnostic Tool to your Desktop.
- Double click MGADiag.exe to launch the programme.
- Click Continue and let the scan run.
- When finished it will have created a log.
- Click Copy.
- Next open Notepad.
- Click Start > Run type Notepad click OK.
- This will open an empty Notepad file.
- Right click in the empty file and choose Paste to copy the log from MGA Diagnostics into it.
- Save the file to your Desktop.
- Close MGA Diagnostic Tool.
- Copy/Paste the log in your next reply please.
Next
Download CKScanner to your Desktop.
- Doubleclick CKScanner.exe to launch it.
- Click Search For Files.
- After a couple minutes a list will appear in the panel to the right.
- Click Save List To File.
- A message box will verify the file saved.
- Close CKScanner.
- Copy/paste the contents of ckfiles.txt in your next reply please (it will be on your Desktop).
- Please run the program once only.
Next
Your OTL.txt was a long one, and got cut off by the forum post size limiter, I need to see the rest of it, so please post the rest of it (using as many posts as necessary).
_________________
Gary R Administrator at Malware Removal University
If you've been helped, please donate to help with the costs of this volunteer site .... Spyware Warrior Donations |
|
| Back to top |
|
|
MarkC1984
Newbie
Joined: 21 Jun 2012
Last Visit: 23 Jun 2012
Posts: 6
|
| Posted: Fri Jun 22, 2012 11:12 pm Post subject: |
|
|
Rest of OTL.txt
[2012/06/07 00:19:26 | 000,132,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2012/06/07 00:19:26 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nci.dll
[2012/06/07 00:19:25 | 001,326,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2012/06/07 00:19:25 | 001,003,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2012/06/07 00:19:24 | 000,098,816 | ---- | C] (Microsoft) -- C:\Windows\System32\Robocopy.exe
[2012/06/07 00:19:23 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DxpTaskSync.dll
[2012/06/07 00:19:23 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Display.dll
[2012/06/07 00:19:23 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2012/06/07 00:19:22 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\termmgr.dll
[2012/06/07 00:19:22 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiobj.dll
[2012/06/07 00:19:22 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sharemediacpl.dll
[2012/06/07 00:19:22 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2012/06/07 00:19:22 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\userinit.exe
[2012/06/07 00:19:21 | 001,188,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DiagCpl.dll
[2012/06/07 00:19:21 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2012/06/07 00:19:21 | 000,140,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\scsiport.sys
[2012/06/07 00:19:21 | 000,043,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\winhv.sys
[2012/06/07 00:19:20 | 001,066,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2012/06/07 00:19:20 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logoncli.dll
[2012/06/07 00:19:20 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2012/06/07 00:19:20 | 000,040,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\vmstorfl.sys
[2012/06/07 00:19:19 | 000,856,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallControlPanel.dll
[2012/06/07 00:19:19 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\biocpl.dll
[2012/06/07 00:19:19 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadefui.dll
[2012/06/07 00:19:19 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msconfig.exe
[2012/06/07 00:19:18 | 000,028,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storvsc.sys
[2012/06/07 00:19:17 | 002,202,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SensorsCpl.dll
[2012/06/07 00:19:17 | 002,157,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2012/06/07 00:19:17 | 000,766,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2012/06/07 00:19:17 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2012/06/07 00:19:16 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscmmc.dll
[2012/06/07 00:19:15 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2012/06/07 00:19:15 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hgcpl.dll
[2012/06/07 00:19:13 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2012/06/07 00:19:13 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localsec.dll
[2012/06/07 00:19:13 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprddm.dll
[2012/06/07 00:19:13 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2012/06/07 00:19:12 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2012/06/07 00:19:12 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll
[2012/06/07 00:19:12 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdsrv.dll
[2012/06/07 00:19:12 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2012/06/07 00:19:11 | 001,644,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2012/06/07 00:19:11 | 000,941,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2012/06/07 00:19:11 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VAN.dll
[2012/06/07 00:19:11 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2012/06/07 00:19:11 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2012/06/07 00:19:11 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2012/06/07 00:19:11 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2012/06/07 00:19:11 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prntvpt.dll
[2012/06/07 00:19:10 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizeng.dll
[2012/06/07 00:19:10 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2012/06/07 00:19:10 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprt.exe
[2012/06/07 00:19:10 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w32tm.exe
[2012/06/07 00:19:09 | 003,727,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2012/06/07 00:19:09 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroleui.dll
[2012/06/07 00:19:09 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2012/06/07 00:19:09 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2012/06/07 00:19:08 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\main.cpl
[2012/06/07 00:19:08 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSAC3ENC.DLL
[2012/06/07 00:19:08 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netjoin.dll
[2012/06/07 00:19:07 | 002,130,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2012/06/07 00:19:07 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbda.dll
[2012/06/07 00:19:07 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2012/06/07 00:19:07 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2012/06/07 00:19:07 | 000,312,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MCEWMDRMNDBootstrap.dll
[2012/06/07 00:19:07 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldp.dll
[2012/06/07 00:19:06 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnfldr.dll
[2012/06/07 00:19:05 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2012/06/07 00:19:05 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionCenter.dll
[2012/06/07 00:19:05 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2012/06/07 00:19:05 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskbarcpl.dll
[2012/06/07 00:19:05 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OnLineIDCpl.dll
[2012/06/07 00:19:04 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2012/06/07 00:19:04 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slui.exe
[2012/06/07 00:19:04 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2012/06/07 00:19:04 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
[2012/06/07 00:19:03 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtrmgr.dll
[2012/06/07 00:19:03 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\defaultlocationcpl.dll
[2012/06/07 00:19:03 | 000,137,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\halacpi.dll
[2012/06/07 00:19:03 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2012/06/07 00:19:03 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2012/06/07 00:19:03 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2012/06/07 00:19:02 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2012/06/07 00:19:01 | 000,577,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2012/06/07 00:19:01 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2012/06/07 00:19:01 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\intl.cpl
[2012/06/07 00:19:01 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\efscore.dll
[2012/06/07 00:19:01 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifsutil.dll
[2012/06/07 00:19:01 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sisbkup.dll
[2012/06/07 00:19:00 | 000,750,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdcpl.dll
[2012/06/07 00:19:00 | 000,537,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionCenterCPL.dll
[2012/06/07 00:19:00 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recovery.dll
[2012/06/07 00:18:59 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabletPC.cpl
[2012/06/07 00:18:59 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceCenter.dll
[2012/06/07 00:18:59 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdedit.exe
[2012/06/07 00:18:59 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2012/06/07 00:18:58 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2012/06/07 00:18:58 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppnp.dll
[2012/06/07 00:18:58 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSTPager.ax
[2012/06/07 00:18:57 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OobeFldr.dll
[2012/06/07 00:18:57 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2012/06/07 00:18:57 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2012/06/07 00:18:57 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recdisc.exe
[2012/06/07 00:18:57 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2012/06/07 00:18:57 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2012/06/07 00:18:57 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpsign.exe
[2012/06/07 00:18:56 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshwfp.dll
[2012/06/07 00:18:56 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2012/06/07 00:18:56 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2012/06/07 00:18:56 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fvecpl.dll
[2012/06/07 00:18:56 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdboot.exe
[2012/06/07 00:18:54 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2012/06/07 00:18:53 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksproxy.ax
[2012/06/07 00:18:53 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPHLPR.DLL
[2012/06/07 00:18:52 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll
[2012/06/07 00:18:52 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpsrcwp.dll
[2012/06/07 00:18:52 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll
[2012/06/07 00:18:52 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\migisol.dll
[2012/06/07 00:18:52 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll
[2012/06/07 00:18:51 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll
[2012/06/07 00:18:51 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2012/06/07 00:18:50 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2012/06/07 00:18:50 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshipsec.dll
[2012/06/07 00:18:50 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe
[2012/06/07 00:18:50 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wavemsp.dll
[2012/06/07 00:18:50 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\isoburn.exe
[2012/06/07 00:18:49 | 000,586,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgui.exe
[2012/06/07 00:18:49 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2012/06/07 00:18:49 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3ui.dll
[2012/06/07 00:18:49 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ReAgent.dll
[2012/06/07 00:18:48 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wvc.dll
[2012/06/07 00:18:48 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll
[2012/06/07 00:18:48 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2012/06/07 00:18:48 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzutil.exe
[2012/06/07 00:18:47 | 000,438,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AdmTmpl.dll
[2012/06/07 00:18:47 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wimgapi.dll
[2012/06/07 00:18:46 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2012/06/07 00:18:46 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcap.dll
[2012/06/07 00:18:46 | 000,051,200 | ---- | C] (Twain Working Group) -- C:\Windows\twain_32.dll
[2012/06/07 00:18:45 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qasf.dll
[2012/06/07 00:18:45 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupugc.exe
[2012/06/07 00:18:44 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2012/06/07 00:18:44 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssText3d.scr
[2012/06/07 00:18:44 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationSettings.exe
[2012/06/07 00:18:44 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uxlib.dll
[2012/06/07 00:18:43 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srrstr.dll
[2012/06/07 00:18:42 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanconn.dll
[2012/06/07 00:18:42 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2012/06/07 00:18:42 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2012/06/07 00:18:41 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2012/06/07 00:18:40 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2012/06/07 00:18:40 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2012/06/07 00:18:40 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingFolder.dll
[2012/06/07 00:18:39 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wimserv.exe
[2012/06/07 00:18:39 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2012/06/07 00:18:39 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfmon.exe
[2012/06/07 00:18:39 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\acppage.dll
[2012/06/07 00:18:38 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2012/06/07 00:18:38 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2012/06/07 00:18:38 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetapi.dll
[2012/06/07 00:18:38 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UserAccountControlSettings.dll
[2012/06/07 00:18:38 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPCRYPT.DLL
[2012/06/07 00:18:37 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onexui.dll
[2012/06/07 00:18:37 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nltest.exe
[2012/06/07 00:18:37 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vpnikeapi.dll
[2012/06/07 00:18:36 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iTVData.dll
[2012/06/07 00:18:36 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2012/06/07 00:18:36 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpdwcn.dll
[2012/06/07 00:18:36 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsbas.dll
[2012/06/07 00:18:36 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe
[2012/06/07 00:18:36 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\runonce.exe
[2012/06/07 00:18:35 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2012/06/07 00:18:34 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2012/06/07 00:18:34 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFPlay.dll
[2012/06/07 00:18:34 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2012/06/07 00:18:33 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmdev.dll
[2012/06/07 00:18:33 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2012/06/07 00:18:33 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll
[2012/06/07 00:18:33 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2012/06/07 00:18:32 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Bubbles.scr
[2012/06/07 00:18:32 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlcese30.dll
[2012/06/07 00:18:32 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsadmin.exe
[2012/06/07 00:18:32 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tabcal.exe
[2012/06/07 00:18:32 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdmat.dll
[2012/06/07 00:18:32 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpd3d.dll
[2012/06/07 00:18:32 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsium.dll
[2012/06/07 00:18:32 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsmproxy.dll
[2012/06/07 00:18:31 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2012/06/07 00:18:31 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceSyncProvider.dll
[2012/06/07 00:18:31 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kstvtune.ax
[2012/06/07 00:18:31 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2012/06/07 00:18:30 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceStatus.dll
[2012/06/07 00:18:30 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2012/06/07 00:18:30 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mystify.scr
[2012/06/07 00:18:30 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Ribbons.scr
[2012/06/07 00:18:30 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2012/06/07 00:18:30 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercfg.cpl
[2012/06/07 00:18:30 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MdSched.exe
[2012/06/07 00:18:30 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSVRMGMT.DLL
[2012/06/07 00:18:30 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olethk32.dll
[2012/06/07 00:18:30 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpremove.exe
[2012/06/07 00:18:30 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2012/06/07 00:18:30 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\djoin.exe
[2012/06/07 00:18:30 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanprotdim.dll
[2012/06/07 00:18:30 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2012/06/07 00:18:29 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2012/06/07 00:18:29 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionQueue.dll
[2012/06/07 00:18:29 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CscMig.dll
[2012/06/07 00:18:29 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapistub.dll
[2012/06/07 00:18:29 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapi32.dll
[2012/06/07 00:18:28 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOD.DLL
[2012/06/07 00:18:28 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2012/06/07 00:18:28 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiavideo.dll
[2012/06/07 00:18:28 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax
[2012/06/07 00:18:28 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fphc.dll
[2012/06/07 00:18:28 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\takeown.exe
[2012/06/07 00:18:28 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\utildll.dll
[2012/06/07 00:18:27 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2012/06/07 00:18:27 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmnet.dll
[2012/06/07 00:18:27 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VBICodec.ax
[2012/06/07 00:18:27 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
[2012/06/07 00:18:26 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdv.dll
[2012/06/07 00:18:26 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2012/06/07 00:18:26 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
[2012/06/07 00:18:26 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppinst.dll
[2012/06/07 00:18:25 | 000,567,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2012/06/07 00:18:25 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattend.dll
[2012/06/07 00:18:25 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelPost.exe
[2012/06/07 00:18:25 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstp.exe
[2012/06/07 00:18:25 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QCLIPROV.DLL
[2012/06/07 00:18:25 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cca.dll
[2012/06/07 00:18:25 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qprocess.exe
[2012/06/07 00:18:24 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2012/06/07 00:18:24 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcln.dll
[2012/06/07 00:18:24 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MuiUnattend.exe
[2012/06/07 00:18:24 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vfwwdm32.dll
[2012/06/07 00:18:24 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2012/06/07 00:18:24 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdhui.dll
[2012/06/07 00:18:24 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basesrv.dll
[2012/06/07 00:18:23 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msorcl32.dll
[2012/06/07 00:18:23 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\umb.dll
[2012/06/07 00:18:23 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AzSqlExt.dll
[2012/06/07 00:18:23 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msg.exe
[2012/06/07 00:18:22 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\desk.cpl
[2012/06/07 00:18:22 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2012/06/07 00:18:22 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\relog.exe
[2012/06/07 00:18:22 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PrintIsolationProxy.dll
[2012/06/07 00:18:22 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qwinsta.exe
[2012/06/07 00:18:22 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chglogon.exe
[2012/06/07 00:18:21 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsicli.exe
[2012/06/07 00:18:21 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BdeHdCfg.exe
[2012/06/07 00:18:21 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amstream.dll
[2012/06/07 00:18:21 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spbcd.dll
[2012/06/07 00:18:21 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wkscli.dll
[2012/06/07 00:18:21 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WavDest.dll
[2012/06/07 00:18:21 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2012/06/07 00:18:20 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\itircl.dll
[2012/06/07 00:18:20 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2012/06/07 00:18:20 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2012/06/07 00:18:20 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MultiDigiMon.exe
[2012/06/07 00:18:20 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netbtugc.exe
[2012/06/07 00:18:20 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quser.exe
[2012/06/07 00:18:19 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2012/06/07 00:18:19 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertPolEng.dll
[2012/06/07 00:18:19 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2012/06/07 00:18:19 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksxbar.ax
[2012/06/07 00:18:19 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syssetup.dll
[2012/06/07 00:18:19 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nrpsrv.dll
[2012/06/07 00:18:18 | 001,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2012/06/07 00:18:18 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSTIFF.dll
[2012/06/07 00:18:18 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpps.dll
[2012/06/07 00:18:18 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chgport.exe
[2012/06/07 00:18:18 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qappsrv.exe
[2012/06/07 00:18:18 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chgusr.exe
[2012/06/07 00:18:17 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsdiscon.exe
[2012/06/07 00:18:17 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscon.exe
[2012/06/07 00:18:16 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2012/06/07 00:18:16 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2012/06/07 00:18:16 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tlscsp.dll
[2012/06/07 00:18:16 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2012/06/07 00:18:16 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2012/06/07 00:18:16 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tskill.exe
[2012/06/07 00:18:16 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ReAgentc.exe
[2012/06/07 00:18:16 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logoff.exe
[2012/06/07 00:18:16 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rwinsta.exe
[2012/06/07 00:18:15 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2012/06/07 00:18:15 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciqtz32.dll
[2012/06/07 00:18:15 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiarpc.dll
[2012/06/07 00:18:14 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shadow.exe
[2012/06/07 00:18:13 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppc.dll
[2012/06/07 00:18:13 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2012/06/07 00:18:13 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdi.sys
[2012/06/07 00:18:13 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spopk.dll
[2012/06/07 00:18:13 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\muifontsetup.dll
[2012/06/07 00:18:12 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\manage-bde.exe
[2012/06/07 00:18:12 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\repair-bde.exe
[2012/06/07 00:18:12 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\luainstall.dll
[2012/06/07 00:18:12 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe
[2012/06/07 00:18:12 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdiasqmmodule.dll
[2012/06/07 00:18:12 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbrpm.sys
[2012/06/07 00:18:12 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll
[2012/06/07 00:18:11 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmicres.dll
[2012/06/07 00:18:11 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetmib1.dll
[2012/06/07 00:18:11 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\g711codc.ax
[2012/06/07 00:18:11 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmstorfltres.dll
[2012/06/07 00:18:11 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbisurf.ax
[2012/06/07 00:18:11 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll
[2012/06/07 00:18:11 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe
[2012/06/07 00:18:11 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdprefdrvapi.dll
[2012/06/07 00:18:11 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reset.exe
[2012/06/07 00:18:11 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\change.exe
[2012/06/07 00:18:11 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\query.exe
[2012/06/07 00:18:10 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmbusres.dll
[2012/06/07 00:18:10 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll
[2012/06/07 00:18:10 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2012/06/07 00:18:10 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2012/06/07 00:18:10 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\profprov.dll
[2012/06/07 00:18:09 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2012/06/07 00:18:09 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfts.dll
[2012/06/07 00:18:08 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSMON.dll
[2012/06/07 00:18:07 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPENCDD.dll
[2012/06/07 00:18:07 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\elsTrans.dll
[2012/06/07 00:18:07 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TRAPI.dll
[2012/06/07 00:18:07 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsperf.dll
[2012/06/07 00:18:07 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schedcli.dll
[2012/06/07 00:18:06 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napdsnap.dll
[2012/06/07 00:18:06 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsauth.dll
[2012/06/07 00:18:05 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sscore.dll
[2012/06/07 00:18:04 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2012/06/07 00:18:04 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll
[2012/06/07 00:18:04 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll
[2012/06/07 00:18:03 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\VMBusHID.sys
[2012/06/07 00:18:03 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcfgex.dll
[2012/06/07 00:18:01 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshirda.dll
[2012/06/07 00:17:59 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2012/06/07 00:17:59 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2012/06/07 00:17:59 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmbuspipe.dll
[2012/06/07 00:17:58 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VmbusCoinstaller.dll
[2012/06/07 00:17:58 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VmdCoinstall.dll
[2012/06/07 00:17:58 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IcCoinstall.dll
[2012/06/07 00:17:58 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmictimeprovider.dll
[2012/06/07 00:17:58 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2012/06/07 00:17:57 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPREFDD.dll
[2012/06/07 00:17:57 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\C_ISCII.DLL
[2012/06/07 00:17:57 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2012/06/07 00:17:56 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shunimpl.dll
[2012/06/07 00:17:56 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2012/06/07 00:17:55 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2012/06/07 00:17:54 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbdlk41a.dll
[2012/06/07 00:17:54 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTUQ.DLL
[2012/06/07 00:17:54 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDSF.DLL
[2012/06/07 00:17:54 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDNEPR.DLL
[2012/06/07 00:17:54 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINBEN.DLL
[2012/06/07 00:17:54 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGR1.DLL
[2012/06/07 00:17:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDUS.DLL
[2012/06/07 00:17:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDUGHR1.DLL
[2012/06/07 00:17:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTURME.DLL
[2012/06/07 00:17:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTAJIK.DLL
[2012/06/07 00:17:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDMON.DLL
[2012/06/07 00:17:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDMAORI.DLL
[2012/06/07 00:17:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDLT1.DLL
[2012/06/07 00:17:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINTEL.DLL
[2012/06/07 00:17:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINTAM.DLL
[2012/06/07 00:17:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINORI.DLL
[2012/06/07 00:17:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINMAR.DLL
[2012/06/07 00:17:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINKAN.DLL
[2012/06/07 00:17:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINHIN.DLL
[2012/06/07 00:17:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBULG.DLL
[2012/06/07 00:17:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBLR.DLL
[2012/06/07 00:17:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBASH.DLL
[2012/06/07 00:17:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGEO.DLL
[2012/06/07 00:17:53 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlsbres.dll
[2012/06/07 00:17:53 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BlbEvents.dll
[2012/06/07 00:17:53 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pifmgr.dll
[2012/06/07 00:17:53 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizres.dll
[2012/06/07 00:17:53 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDSG.DLL
[2012/06/07 00:17:53 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDCZ1.DLL
[2012/06/07 00:17:53 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTUF.DLL
[2012/06/07 00:17:53 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDPO.DLL
[2012/06/07 00:17:53 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGKL.DLL
[2012/06/07 00:17:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\vms3cap.sys
[2012/06/07 00:17:53 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnaddr.dll
[2012/06/07 00:17:40 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2012/06/07 00:17:11 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll
[2012/06/07 00:16:50 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqmapi.dll
[2012/06/06 23:32:50 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2012/06/06 23:32:49 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2012/06/06 23:32:39 | 000,148,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys
[2012/06/06 23:32:37 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe
[2012/06/06 23:19:47 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2012/06/06 23:19:19 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
[2012/06/06 23:19:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
[2012/06/06 23:19:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Freemake
[2012/06/06 23:18:56 | 000,000,000 | ---D | C] -- C:\Program Files\Freemake
[2012/06/06 19:29:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012/06/06 19:24:15 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Microsoft Games
[2012/06/06 19:22:22 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games
[2012/06/06 17:40:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012/06/06 17:38:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2012/06/06 17:34:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2012/06/06 17:33:34 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Microsoft Help
[2012/06/06 17:33:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012/06/06 17:33:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012/06/06 17:15:31 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\MicrosoftStore
[2012/06/06 16:37:44 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ashampoo
[2012/06/06 16:37:38 | 000,000,000 | ---D | C] -- C:\Program Files\Ashampoo
[2012/06/06 16:07:29 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\WinRAR
[2012/06/06 16:07:29 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/06/06 16:07:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/06/06 16:07:15 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012/06/06 15:45:18 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/06/06 15:45:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012/06/06 15:45:13 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Download Assistant
[2012/06/06 15:45:10 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012/06/06 15:45:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2012/06/06 15:42:46 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Adobe
[2012/06/06 15:24:24 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{1E988BDA-DD1D-47A7-BD96-92856D0E7E3E}
[2012/06/06 15:24:00 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{40B78BA0-315D-4803-837A-BB69A0ABEF66}
[2012/06/06 15:23:54 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Windows Live Writer
[2012/06/06 15:23:54 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Windows Live Writer
[2012/06/06 15:23:36 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{7492F546-4C44-4FBE-9EEB-F115C8751A0D}
[2012/06/06 15:23:20 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{81FD6315-0D86-4A65-9E01-CA76AB0264BD}
[2012/06/06 15:23:00 | 000,000,000 | ---D | C] -- C:\Users\Admin\Tracing
[2012/06/06 15:19:25 | 000,000,000 | ---D | C] -- C:\Windows\en
[2012/06/06 15:17:17 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2012/06/06 15:14:36 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012/06/06 15:13:41 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2012/06/06 15:12:35 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2012/06/06 15:12:34 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2012/06/06 15:12:34 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2012/06/06 15:11:28 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2012/06/06 15:10:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/06/06 15:10:08 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012/06/06 15:02:54 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Windows Live
[2012/06/06 15:02:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2012/06/06 14:04:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2012/06/06 14:04:43 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2012/06/06 13:50:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012/06/06 12:52:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/06/06 12:33:15 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\vlc
[2012/06/06 12:31:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/06/06 12:30:48 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2012/06/06 12:12:42 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/06/06 12:11:45 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Google
[2012/06/06 12:11:35 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Deployment
[2012/06/06 12:11:35 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Apps
[2012/06/06 12:06:37 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012/06/06 11:37:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\get_iplayer
[2012/06/06 11:37:30 | 000,000,000 | ---D | C] -- C:\Users\Admin\.get_iplayer
[2012/06/06 11:37:16 | 000,000,000 | ---D | C] -- C:\Program Files\get_iplayer
[2012/06/06 11:18:16 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012/06/06 11:18:11 | 000,604,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvuninst.exe
[2012/06/06 11:16:20 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2012/06/06 11:14:55 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll
[2012/06/06 11:14:55 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpudd.dll
[2012/06/06 11:14:55 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdpvideominiport.sys
[2012/06/06 11:14:37 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2012/06/06 11:14:37 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2012/06/06 11:14:36 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2012/06/06 11:14:36 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2012/06/06 11:14:36 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2012/06/06 11:14:35 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2012/06/06 11:14:27 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll.bak
[2012/06/06 11:14:24 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2012/06/06 11:14:24 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012/06/06 11:14:24 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2012/06/06 11:14:24 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2012/06/06 11:14:24 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2012/06/06 11:14:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/06/06 11:14:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2012/06/06 11:14:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2012/06/06 11:14:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2012/06/06 11:14:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/06/06 11:14:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2012/06/06 11:14:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/06/06 11:14:23 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2012/06/06 11:14:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2012/06/06 11:14:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2012/06/06 11:14:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2012/06/06 11:14:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/06/06 11:14:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/06/06 11:14:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2012/06/06 11:14:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2012/06/06 11:14:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2012/06/06 11:14:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2012/06/06 11:14:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2012/06/06 11:14:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2012/06/06 11:14:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2012/06/06 11:14:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/06/06 11:14:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2012/06/06 11:14:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2012/06/06 11:14:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2012/06/06 11:14:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2012/06/06 11:14:21 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/06/06 11:14:20 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/06/06 11:14:12 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012/06/06 11:14:02 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2012/06/06 11:14:02 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2012/06/06 11:14:01 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2012/06/06 11:13:53 | 000,187,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2012/06/06 11:13:51 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012/06/06 11:13:49 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
[2012/06/06 11:13:49 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2012/06/06 11:13:43 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012/06/06 11:13:42 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2012/06/06 11:13:42 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012/06/06 11:13:40 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2012/06/06 11:13:34 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2012/06/06 11:13:32 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2012/06/06 11:13:32 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2012/06/06 11:13:32 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2012/06/06 11:13:32 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2012/06/06 11:13:32 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2012/06/06 11:13:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012/06/06 11:13:15 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012/06/06 11:13:15 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012/06/06 11:13:14 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2012/06/06 11:13:13 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll
[2012/06/06 11:13:13 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll
[2012/06/06 11:13:13 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2012/06/06 11:13:13 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll
[2012/06/06 11:13:13 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll
[2012/06/06 11:13:06 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012/06/06 11:12:57 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2012/06/06 11:12:48 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012/06/06 11:12:46 | 000,802,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WFS.exe
[2012/06/06 11:12:46 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOVER.exe
[2012/06/06 11:12:41 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2012/06/06 11:12:23 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2012/06/06 11:12:20 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012/06/06 11:12:07 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
[2012/06/06 11:12:05 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2012/06/06 11:12:05 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2012/06/06 11:11:55 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2012/06/06 11:11:52 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2012/06/06 10:57:32 | 000,219,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2012/06/06 10:57:32 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2012/06/06 10:53:14 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Macromedia
[2012/06/06 10:53:13 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Adobe
[2012/06/06 10:51:53 | 000,419,488 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/06/06 10:51:53 | 000,070,304 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/06/06 10:51:52 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2012/06/06 10:37:08 | 000,000,000 | R--D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/06/06 10:37:08 | 000,000,000 | R--D | C] -- C:\Users\Admin\Searches
[2012/06/06 10:37:08 | 000,000,000 | R--D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/06/06 10:37:08 | 000,000,000 | -H-D | C] -- C:\Users\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/06/06 10:36:56 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Identities
[2012/06/06 10:36:53 | 000,000,000 | R--D | C] -- C:\Users\Admin\Contacts
[2012/06/06 10:36:39 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\VirtualStore
[2012/06/06 10:36:37 | 000,000,000 | --SD | C] -- C:\Users\Admin\AppData\Roaming\Microsoft
[2012/06/06 10:36:37 | 000,000,000 | R--D | C] -- C:\Users\Admin\Videos
[2012/06/06 10:36:37 | 000,000,000 | R--D | C] -- C:\Users\Admin\Saved Games
[2012/06/06 10:36:37 | 000,000,000 | R--D | C] -- C:\Users\Admin\Pictures
[2012/06/06 10:36:37 | 000,000,000 | R--D | C] -- C:\Users\Admin\Music
[2012/06/06 10:36:37 | 000,000,000 | R--D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/06/06 10:36:37 | 000,000,000 | R--D | C] -- C:\Users\Admin\Links
[2012/06/06 10:36:37 | 000,000,000 | R--D | C] -- C:\Users\Admin\Favorites
[2012/06/06 10:36:37 | 000,000,000 | R--D | C] -- C:\Users\Admin\Downloads
[2012/06/06 10:36:37 | 000,000,000 | R--D | C] -- C:\Users\Admin\Documents
[2012/06/06 10:36:37 | 000,000,000 | R--D | C] -- C:\Users\Admin\Desktop
[2012/06/06 10:36:37 | 000,000,000 | R--D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/06/06 10:36:37 | 000,000,000 | -HSD | C] -- C:\Users\Admin\AppData\Local\Temporary Internet Files
[2012/06/06 10:36:37 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Templates
[2012/06/06 10:36:37 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Start Menu
[2012/06/06 10:36:37 | 000,000,000 | -HSD | C] -- C:\Users\Admin\SendTo
[2012/06/06 10:36:37 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Recent
[2012/06/06 10:36:37 | 000,000,000 | -HSD | C] -- C:\Users\Admin\PrintHood
[2012/06/06 10:36:37 | 000,000,000 | -HSD | C] -- C:\Users\Admin\NetHood
[2012/06/06 10:36:37 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Documents\My Videos
[2012/06/06 10:36:37 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Documents\My Pictures
[2012/06/06 10:36:37 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Documents\My Music
[2012/06/06 10:36:37 | 000,000,000 | -HSD | C] -- C:\Users\Admin\My Documents
[2012/06/06 10:36:37 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Local Settings
[2012/06/06 10:36:37 | 000,000,000 | -HSD | C] -- C:\Users\Admin\AppData\Local\History
[2012/06/06 10:36:37 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Cookies
[2012/06/06 10:36:37 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Application Data
[2012/06/06 10:36:37 | 000,000,000 | -HSD | C] -- C:\Users\Admin\AppData\Local\Application Data
[2012/06/06 10:36:37 | 000,000,000 | -H-D | C] -- C:\Users\Admin\AppData
[2012/06/06 10:36:37 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Temp
[2012/06/06 10:36:37 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Microsoft
[2012/06/06 10:36:37 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Media Center Programs
[2012/06/06 10:36:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Templates
[2012/06/06 10:36:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Start Menu
[2012/06/06 10:36:12 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Videos
[2012/06/06 10:36:12 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Pictures
[2012/06/06 10:36:12 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Music
[2012/06/06 10:36:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favorites
[2012/06/06 10:36:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documents
[2012/06/06 10:36:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop
[2012/06/06 10:36:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Application Data
[2012/06/06 10:24:02 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/06/06 10:21:27 | 000,000,000 | ---D | C] -- C:\Windows\CSC
[2012/06/05 22:31:34 | 000,000,000 | ---D | C] -- C:\inetpub
[2012/06/03 08:40:20 | 000,000,000 | RHSD | C] -- C:\Leawo_Video_Cache
[2012/06/01 13:18:04 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\BID Stuff
========== Files - Modified Within 30 Days ==========
[2012/06/22 23:20:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/06/22 23:16:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3859188055-2524284707-904069009-1002UA.job
[2012/06/22 19:37:04 | 000,015,056 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/22 19:37:04 | 000,015,056 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/22 19:31:43 | 000,666,200 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/06/22 19:31:43 | 000,125,804 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/06/22 12:16:01 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3859188055-2524284707-904069009-1002Core.job
[2012/06/22 06:53:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/22 06:53:36 | 1408,045,056 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/21 17:02:37 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012/06/21 14:53:54 | 000,028,160 | ---- | M] (Netscape Communications Corporation) -- C:\Windows\plc4.dll
[2012/06/21 14:53:53 | 000,781,272 | ---- | M] (sqlite.org) -- C:\Windows\mozsqlite3.dll
[2012/06/21 14:53:53 | 000,163,840 | ---- | M] (Netscape Communications Corporation) -- C:\Windows\nspr4.dll
[2012/06/21 14:53:53 | 000,087,544 | ---- | M] (Mozilla Foundation) -- C:\Windows\nssutil3.dll
[2012/06/21 14:53:52 | 000,719,832 | ---- | M] (Mozilla Foundation) -- C:\Windows\mozcrt19.dll
[2012/06/21 14:53:52 | 000,043,960 | ---- | M] (Mozilla Foundation) -- C:\Windows\mozglue.dll
[2012/06/19 07:42:28 | 000,001,057 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\vso_ts_preview.xml
[2012/06/16 23:59:00 | 000,000,132 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2012/06/13 15:23:01 | 000,008,192 | ---- | M] () -- C:\bootsect.lxe.bak
[2012/06/13 15:22:59 | 000,383,592 | RHS- | M] () -- C:\gdrop
[2012/06/13 15:22:59 | 000,171,136 | RHS- | M] () -- C:\xeldr
[2012/06/12 21:53:55 | 000,409,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\systemcplx86.dll
[2012/06/12 21:53:55 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2012/06/12 12:20:49 | 000,000,355 | ---- | M] () -- C:\Homegroup - Shortcut.lnk
[2012/06/10 12:26:21 | 000,000, |
|
| Back to top |
|
|
MarkC1984
Newbie
Joined: 21 Jun 2012
Last Visit: 23 Jun 2012
Posts: 6
|
| Posted: Fri Jun 22, 2012 11:18 pm Post subject: |
|
|
[2012/06/10 12:26:21 | 000,000,184 | ---- | M] () -- C:\Windows\AutoKMS.ini
[2012/06/09 09:53:48 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msclmd.dll
[2012/06/09 09:40:56 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2012/06/08 13:23:31 | 000,221,500 | ---- | M] () -- C:\Windows\hpoins19.dat
[2012/06/07 08:57:52 | 000,001,416 | ---- | M] () -- C:\Users\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/06/07 00:47:25 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012/06/07 00:47:25 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012/06/07 00:47:25 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012/06/07 00:47:25 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012/06/07 00:47:25 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012/06/07 00:47:25 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012/06/07 00:47:24 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012/06/07 00:47:24 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012/06/07 00:47:24 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012/06/07 00:47:24 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012/06/07 00:47:24 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012/06/07 00:47:24 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012/06/07 00:47:24 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012/06/07 00:47:23 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012/06/07 00:47:23 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/06/07 00:47:23 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012/06/07 00:47:23 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012/06/07 00:47:23 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012/06/07 00:47:23 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012/06/07 00:47:23 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012/06/07 00:47:23 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012/06/07 00:47:23 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012/06/07 00:47:23 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012/06/07 00:47:23 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012/06/07 00:47:23 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012/06/07 00:47:22 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012/06/07 00:47:22 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012/06/07 00:47:22 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012/06/07 00:47:22 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012/06/07 00:47:22 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012/06/07 00:47:22 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012/06/06 19:18:49 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2012/06/06 13:02:53 | 000,000,228 | ---- | M] () -- C:\Users\Admin\.swfinfo
[2012/06/06 12:55:44 | 000,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/06/06 10:51:53 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/06/06 10:51:53 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/06/06 10:25:05 | 000,000,619 | ---- | M] () -- C:\Windows\System32\license.rtf
[2012/06/06 10:23:05 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/06/02 23:19:33 | 000,045,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012/06/02 23:19:32 | 000,035,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012/06/02 23:19:23 | 000,577,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012/06/02 23:12:32 | 002,422,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012/06/02 23:12:13 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2012/06/02 15:19:42 | 000,171,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012/06/02 15:12:20 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012/05/25 20:11:02 | 001,427,384 | ---- | M] () -- C:\Windows\ampa.exe
========== Files Created - No Company Name ==========
[2012/06/20 11:27:49 | 000,012,728 | ---- | C] () -- C:\Windows\System32\ampa.sys
[2012/06/20 11:27:48 | 001,427,384 | ---- | C] () -- C:\Windows\ampa.exe
[2012/06/14 11:48:51 | 000,001,832 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
[2012/06/13 21:30:19 | 000,001,057 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\vso_ts_preview.xml
[2012/06/13 15:23:01 | 000,008,192 | ---- | C] () -- C:\bootsect.lxe.bak
[2012/06/12 21:58:01 | 000,000,132 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2012/06/12 12:20:49 | 000,000,355 | ---- | C] () -- C:\Homegroup - Shortcut.lnk
[2012/06/12 08:55:28 | 000,645,632 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2012/06/12 08:55:28 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2012/06/12 08:55:28 | 000,153,088 | ---- | C] () -- C:\Windows\System32\xvid.ax
[2012/06/10 12:26:21 | 000,000,184 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2012/06/09 10:04:52 | 000,011,164 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2012/06/09 09:40:56 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2012/06/08 20:49:19 | 000,001,174 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk
[2012/06/08 20:47:15 | 000,001,136 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
[2012/06/08 20:43:34 | 000,001,320 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
[2012/06/08 20:43:19 | 000,001,486 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
[2012/06/08 13:16:38 | 000,001,024 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
[2012/06/08 13:07:51 | 000,221,500 | ---- | C] () -- C:\Windows\hpoins19.dat
[2012/06/08 13:07:51 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2012/06/07 10:24:10 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/06/07 00:47:23 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012/06/07 00:21:48 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2012/06/07 00:21:14 | 000,146,852 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2012/06/07 00:19:19 | 000,193,536 | ---- | C] () -- C:\Windows\System32\sppcomapi.dll
[2012/06/07 00:18:16 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2012/06/07 00:18:08 | 000,010,429 | ---- | C] () -- C:\Windows\System32\ScavengeSpace.xml
[2012/06/07 00:17:51 | 000,105,559 | ---- | C] () -- C:\Windows\System32\RacRules.xml
[2012/06/06 15:45:14 | 000,001,022 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk
[2012/06/06 15:18:09 | 000,001,260 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2012/06/06 15:17:34 | 000,001,329 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2012/06/06 15:16:36 | 000,001,413 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2012/06/06 15:15:59 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2012/06/06 14:04:51 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2012/06/06 13:02:53 | 000,000,228 | ---- | C] () -- C:\Users\Admin\.swfinfo
[2012/06/06 12:55:44 | 000,002,154 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012/06/06 12:53:47 | 000,001,924 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/06/06 12:11:49 | 000,000,908 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3859188055-2524284707-904069009-1002UA.job
[2012/06/06 12:11:46 | 000,000,856 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3859188055-2524284707-904069009-1002Core.job
[2012/06/06 11:38:28 | 000,002,075 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VLC Media Player.lnk
[2012/06/06 10:51:54 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/06/06 10:40:29 | 000,001,416 | ---- | C] () -- C:\Users\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/06/06 10:37:09 | 000,001,422 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/06/06 10:36:37 | 000,000,290 | ---- | C] () -- C:\Users\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/06/06 10:36:37 | 000,000,272 | ---- | C] () -- C:\Users\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/06/06 10:23:05 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/05/28 13:11:31 | 1408,045,056 | -HS- | C] () -- C:\hiberfil.sys
[2011/02/11 22:23:34 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2005/10/13 01:13:58 | 000,002,559 | -H-- | C] () -- C:\Users\Admin\AppData\Roaming\Adminlog.dat
========== LOP Check ==========
[2012/06/11 17:27:52 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\BID
[2012/06/06 15:45:18 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/06/22 22:40:15 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DMCache
[2012/06/15 14:42:32 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\FMRTEv5
[2012/06/22 06:56:47 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\IDM
[2012/06/14 14:56:40 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\ImgBurn
[2012/06/15 14:46:39 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Sports Interactive
[2012/06/22 13:01:18 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Vso
[2012/06/06 15:23:54 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Windows Live Writer
[2009/07/14 05:53:46 | 000,009,054 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report > |
|
| Back to top |
|
|
MarkC1984
Newbie
Joined: 21 Jun 2012
Last Visit: 23 Jun 2012
Posts: 6
|
| Posted: Fri Jun 22, 2012 11:22 pm Post subject: |
|
|
ckfiles.txt
CKScanner - Additional Security Risks - These are not necessarily bad
c:\windows\system32\slmgr.vbs.removewat
hosts 127.0.0.1 activate.adobe.com
hosts 127.0.0.1 practivate.adobe.com
scanner sequence 3.AB.11.GNNAHN
----- EOF ----- |
|
| Back to top |
|
|
MarkC1984
Newbie
Joined: 21 Jun 2012
Last Visit: 23 Jun 2012
Posts: 6
|
| Posted: Fri Jun 22, 2012 11:22 pm Post subject: |
|
|
Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Code: 0
Cached Online Validation Code: N/A, hr = 0xc004f012
Windows Product Key: *****-*****-X92GV-V7DCV-P4K27
Windows Product Key Hash: aU2z1/fnhnLHmhBm699qYZT2E6s=
Windows Product ID: 00426-OEM-8992662-00400
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 6.1.7601.2.00010100.1.0.001
ID: {8AD50B59-42C2-4E62-AFE0-4BC17AB73E01}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Enterprise
Architecture: 0x00000000
Build lab: 7601.win7sp1_gdr.120330-1504
TTS Error:
Validation Diagnostic:
Resolution Status: N/A
Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002
OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002
OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3
Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed
File Scan Data-->
File Mismatch: C:\Windows\system32\sppcomapi.dll[Hr = 0x80070005]
File Mismatch: C:\Windows\system32\en-US\user32.dll.mui[6.1.7601.17514], Hr = 0x800b0100
Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{8AD50B59-42C2-4E62-AFE0-4BC17AB73E01}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.001</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-P4K27</PKey><PID>00426-OEM-8992662-00400</PID><PIDType>2</PIDType><SID>S-1-5-21-3859188055-2524284707-904069009</SID><SYSTEM><Manufacturer>Hewlett-Packard</Manufacturer><Model>Compaq Presario CQ60 Notebook PC</Model></SYSTEM><BIOS><Manufacturer>Hewlett-Packard</Manufacturer><Version>F.54</Version><SMBIOSVersion major="2" minor="4"/><Date>20090818000000.000000+000</Date></BIOS><HWID>81B53807018400F6</HWID><UserLCID>0809</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>GMT Standard Time(GMT+00:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>LENOVO</OEMID><OEMTableID>TP-7X </OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>
Spsys.log Content: 0x80070002
Licensing Data-->
Input Error: Can not find script file "C:\Windows\system32\slmgr.vbs".
Windows Activation Technologies-->
HrOffline: 0x00000000
HrOnline: N/A
HealthStatus: 0x0000000000000000
Event Time Stamp: N/A
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Not Registered - 0x80070005
HealthStatus Bitmask Output:
HWID Data-->
HWID Hash Current: MgAAAAEABAABAAEAAAACAAAAAQABAAEAJJRYleJhlpJWECC1HvLiUBSWgjLgtnagDh4=
OEM Activation 1.0 Data-->
N/A
OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes
Windows marker version: 0x20001
OEMID and OEMTableID Consistent: yes
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC HPQOEM SLIC-MPC
FACP HPQOEM SLIC-MPC
HPET HPQOEM SLIC-MPC
BOOT HPQOEM SLIC-MPC
MCFG HPQOEM SLIC-MPC
SLIC LENOVO TP-7X
SSDT HPQOEM SLIC-MP |
|
| Back to top |
|
|
Gary R
Moderator
Joined: 03 May 2005
Last Visit: 19 Jun 2013
Posts: 9712
Location: Yorkshire
|
| Posted: Sat Jun 23, 2012 12:58 am Post subject: |
|
|
You appear to have a counterfeit OEM SLP copy of W7 Ultimate that was released solely for Dell computers, yours is Hewlett-Packard.
You also appear to be using cracked Adobe products.
This forum does not support the use of illegal software, so I'm sorry, we can't help you further.
This topic is now closed.
_________________
Gary R Administrator at Malware Removal University
If you've been helped, please donate to help with the costs of this volunteer site .... Spyware Warrior Donations |
|
| Back to top |
|
|
|
|
You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group
|
