Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Help Please!!

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Help Please!!

Unread postby juansalazar » May 27th, 2011, 11:50 pm

Hi there, i have been experiencing very slow performance in my computer. THe cpu usage keeps increasing to high levels especially whe i use my Blackberry desktop software. I noticed that on the resource monitor, i could right clock on the process and analyize wait chain and something about svchost.exe was showing. i personally dont havve a clue what it is. SO after some research on the web i got pointed to you guys as you could probabably help meclear any malware !!! i couldnt run dds so here it is the logs as you instruct from hijack this. THank you very much.



HijackThis.log

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:33:37 PM, on 28/05/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files\ltmoh\ltmoh.exe
C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files (x86)\TOSHIBA\Bluetooth Monitor\BtMon2.exe
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
C:\Program Files (x86)\AVG\AVG10\avgtray.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\TOSHIBA\HDMICtrlMan\HCMSoundChanger.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files (x86)\Winamp\winamp.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: vShare Toolbar - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: vShare Toolbar - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [TUSBSleepChargeSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
O4 - HKLM\..\Run: [TWebCamera] "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKCU\..\Run: [MyTOSHIBA] "C:\Program Files (x86)\TOSHIBA\My Toshiba\MyToshiba.exe" /AUTO
O4 - HKCU\..\Run: [Google Update] "C:\Users\Night Walker\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [hmod70twindl.exe] C:\Users\Night Walker\AppData\Roaming\B24F7AB1090EA4205E1C81AEDA1D1E8E\hmod70twindl.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [osk.exe] osk.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [osk.exe] osk.exe (User 'Default user')
O4 - Startup: Antimalware Doctor.lnk = Night Walker\AppData\Roaming\B24F7AB1090EA4205E1C81AEDA1D1E8E\hmod70twindl.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Bluetooth Monitor.lnk = ?
O4 - Global Startup: Google Calendar Sync.lnk = C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} (SysInfo Class) - http://content.systemrequirementslab.co ... .3.1.0.cab
O16 - DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} (P3DActiveX Control) - http://panda-plugin.disney.go.com/plugi ... ctivex.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files (x86)\vShare\vshare_toolbar.dll
O20 - AppInit_DLLs: acaptuser32.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Gadget Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: TOSHIBA Modem region select service (RSELSVC) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\rselect\RSelSvc.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: TOSHIBA HDD Protection (Thpsrv) - Unknown owner - C:\windows\system32\ThpSrv.exe (file missing)
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16093 bytes

uninstall_list.txt

Update for Microsoft Office 2007 (KB2508958)
Update for Microsoft Office 2007 (KB2508958)
Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
Adobe Community Help
Adobe Community Help
Adobe Flash Player 10 ActiveX
Adobe Reader 9.4.4
Belarc Advisor 8.1
BlackBerry Desktop Software 6.0.2
BlackBerry Desktop Software 6.0.2
Bluetooth Monitor 4
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
Compatibility Pack for the 2007 Office system
Coupon Printer for Windows
D3DX10
Dark Water Screensaver
dBpoweramp DSP Effects
dBpoweramp Music Converter
Direct DiscRecorder
DVD MovieFactory for TOSHIBA
Foxit PDF Editor
Free PDF to Word Doc Converter v1.1
Google Calendar Sync
Google Earth
Google Talk Plugin
Google Update Helper
HDMI Control Manager
HiJackThis
HP Deskjet 2050 J510 series Help
HP Photo Creations
HP Update
IconPackager
IconPackager
IrfanView (remove only)
Java(TM) 6 Update 24
LogMeIn Hamachi
LogMeIn Hamachi
Microsoft Default Manager
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office Home and Student 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
MSVC80_x86_v2
MSVC90_x86
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MyToshiba
Nero 8
NetZero Launcher
Picasa 3
Quickbooks Financial Center
Realtek 8136 8168 8169 Ethernet Driver
Realtek High Definition Audio Driver
Realtek WLAN Driver
RICOH R5U230 Media Driver ver.2.06.03.02
SecureW2 Enterprise Client 3.5.0
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2466156)
Security Update for 2007 Microsoft Office System (KB2466156)
Security Update for 2007 Microsoft Office System (KB2509488)
Security Update for 2007 Microsoft Office System (KB2509488)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2464583)
Security Update for Microsoft Office Excel 2007 (KB2464583)
Security Update for Microsoft Office Groove 2007 (KB2494047)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Microsoft Office Word 2007 (KB2344993)
Skype Launcher
Skype Toolbars
Skype™ 5.3
System Requirements Lab
Toshiba Application Installer
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA DVD PLAYER
TOSHIBA eco Utility
TOSHIBA Extended Tiles for Windows Mobility Center
TOSHIBA Face Recognition
TOSHIBA Hardware Setup
TOSHIBA HDD/SSD Alert
TOSHIBA HDD/SSD Alert
TOSHIBA Internal Modem Region Select Utility
Toshiba Online Backup
Toshiba Quality Application
TOSHIBA Service Station
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password
TOSHIBA USB Sleep and Charge Utility
TOSHIBA Value Added Package
TOSHIBA Web Camera Application
ToshibaRegistration
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2509470)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2536413)
Visual C++ 8.0 Runtime Setup Package (x64)
Visual Studio 2008 x64 Redistributables
VLC media player 1.0.1
vShare Plugin
Vuze
Winamp
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Installer
Windows Live Messenger
Windows Live Messenger
Windows Live Photo Common
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
juansalazar
Active Member
 
Posts: 10
Joined: May 27th, 2011, 11:40 pm
Advertisement
Register to Remove

Re: Help Please!!

Unread postby Carolyn » May 30th, 2011, 8:49 am

I see you are posting for help for a "Business" computer.

May I draw your attention to THIS topic, which you should have read before posting for help.

The section Posting for help for business machines explains why we do not offer help for such computers.

This topic is now closed


Edit: Topic was archived in error - Carolyn
User avatar
Carolyn
MRU Emeritus
MRU Emeritus
 
Posts: 4701
Joined: April 18th, 2007, 9:36 am
Location: Maine

Re: Help Please!!

Unread postby Carolyn » May 31st, 2011, 11:32 am

Hello and Welcome to the forums!

My name is Carolyn and I'll be glad to help you with your computer problems.

Please do not run any other tool until instructed to do so!
Please reply to this thread, do not start another!
Please tell me about any problems that have occurred during the fix.
Please tell me of any other symptoms you may be having as these can help also.
Please try as much as possible not to run anything while executing a fix.

If you follow these instructions, everything should go smoothly.

=============================

Before we begin: Please be aware that removing Malware is a hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

In light of this it would be wise for you to back up any files and folders that you don't want to lose before we start.

=============================

Windows 7 Advice: Please run all tools by right-clicking the program icon and selecting "Run as administrator".

=============================

Remove P2P Programs

  • I notice there are signs of one or more P2P (Person to Person) File Sharing Programs on your computer.

    Vuze


  • Please read the Guidelines for P2P Programs where we explain why it's not a good idea to have them.

  • Note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.


  • Click on Start > All programs > Accessories > Run.
  • In the open text box copy/paste appwiz.cpl Then click Ok.
  • Uninstall the programs listed above (in red) and any other P2P you have installed NOW.
  • Take care when answering any questions posed by an uninstaller. Some questions may be worded to deceive you into keeping the program.

=============================

TDSSKiller

Please download TDSSKiller.exe and save it to your Desktop.
  • Double click on TDSSKiller.exe to launch it.
  • Click on Start Scan, the scan will run.
  • When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
  • Now click on Report to open the log file created by TDSSKiller in your root directory C:\
  • To find the log go to Start > Computer > C:
  • Post the contents of that log in your next reply please.
  • DO NOT TRY TO FIX ANYTHING AT THIS POINT

=============================

Please download OTL by Old Timer and save it to your Desktop.
  • Right click on OTL.exe And select Run as administrator to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTListIt.txt <-- Will be opened
      Extra.txt <-- Will be minimized
  • Please post the contents of these 2 Notepad files in your next reply.

=============================

Please post the following in your next reply:
  • The TDSKiller log
  • The contents of OTL.txt
  • The contents of Extra.txt
=============================
User avatar
Carolyn
MRU Emeritus
MRU Emeritus
 
Posts: 4701
Joined: April 18th, 2007, 9:36 am
Location: Maine

Re: Help Please!!

Unread postby Carolyn » June 2nd, 2011, 6:09 am

This topic will be closed due to inactivity unless you reply within 24 hours.
User avatar
Carolyn
MRU Emeritus
MRU Emeritus
 
Posts: 4701
Joined: April 18th, 2007, 9:36 am
Location: Maine

Re: Help Please!!

Unread postby juansalazar » June 2nd, 2011, 11:21 am

Hi Carolyn, I apologsie for the late reply, i have been qkinda of busy lately but here it is the info you requested....
Now i had to post each report in a different reply because it said i exceed the number of characters I could use on every post...

TDSKilles.text


2011/06/03 01:03:19.0198 9292 TDSS rootkit removing tool 2.5.3.0 May 25 2011 07:09:24
2011/06/03 01:03:20.0773 9292 ================================================================================
2011/06/03 01:03:20.0773 9292 SystemInfo:
2011/06/03 01:03:20.0773 9292
2011/06/03 01:03:20.0773 9292 OS Version: 6.1.7601 ServicePack: 1.0
2011/06/03 01:03:20.0773 9292 Product type: Workstation
2011/06/03 01:03:20.0773 9292 ComputerName: TOSH
2011/06/03 01:03:20.0773 9292 UserName: Night Walker
2011/06/03 01:03:20.0773 9292 Windows directory: C:\windows
2011/06/03 01:03:20.0773 9292 System windows directory: C:\windows
2011/06/03 01:03:20.0773 9292 Running under WOW64
2011/06/03 01:03:20.0773 9292 Processor architecture: Intel x64
2011/06/03 01:03:20.0773 9292 Number of processors: 2
2011/06/03 01:03:20.0773 9292 Page size: 0x1000
2011/06/03 01:03:20.0774 9292 Boot type: Normal boot
2011/06/03 01:03:20.0774 9292 ================================================================================
2011/06/03 01:03:22.0798 9292 Initialize success
2011/06/03 01:03:28.0994 7532 ================================================================================
2011/06/03 01:03:28.0994 7532 Scan started
2011/06/03 01:03:28.0994 7532 Mode: Manual;
2011/06/03 01:03:28.0994 7532 ================================================================================
2011/06/03 01:03:54.0262 7532 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
2011/06/03 01:03:54.0631 7532 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
2011/06/03 01:03:55.0065 7532 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
2011/06/03 01:03:55.0433 7532 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
2011/06/03 01:03:55.0853 7532 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
2011/06/03 01:03:56.0156 7532 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
2011/06/03 01:03:56.0487 7532 AFD (d31dc7a16dea4a9baf179f3d6fbdb38c) C:\windows\system32\drivers\afd.sys
2011/06/03 01:03:56.0858 7532 AgereSoftModem (c98356d813b581e9c425b42a5d146ce0) C:\windows\system32\DRIVERS\agrsm64.sys
2011/06/03 01:03:57.0326 7532 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
2011/06/03 01:03:57.0476 7532 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
2011/06/03 01:03:57.0618 7532 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
2011/06/03 01:03:57.0724 7532 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
2011/06/03 01:03:57.0884 7532 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
2011/06/03 01:03:58.0072 7532 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
2011/06/03 01:03:58.0383 7532 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
2011/06/03 01:03:58.0517 7532 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
2011/06/03 01:03:58.0636 7532 ApfiltrService (1661f9c9e4b0049fa0a5e30264375a87) C:\windows\system32\DRIVERS\Apfiltr.sys
2011/06/03 01:03:58.0751 7532 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
2011/06/03 01:03:58.0887 7532 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
2011/06/03 01:03:59.0000 7532 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
2011/06/03 01:03:59.0109 7532 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
2011/06/03 01:03:59.0234 7532 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
2011/06/03 01:03:59.0774 7532 atikmdag (3efd964d52221360af0673cd61c2f4f5) C:\windows\system32\drivers\atikmdag.sys
2011/06/03 01:04:00.0015 7532 AVGIDSDriver (eee718457f24f2154f23a7fad1a0cea3) C:\windows\system32\DRIVERS\AVGIDSDriver.Sys
2011/06/03 01:04:00.0120 7532 AVGIDSEH (1553b388e0f0462c25ad8f30c3c29e83) C:\windows\system32\DRIVERS\AVGIDSEH.Sys
2011/06/03 01:04:00.0178 7532 AVGIDSFilter (dca426a66739e75f51a72160dfb945ad) C:\windows\system32\DRIVERS\AVGIDSFilter.Sys
2011/06/03 01:04:00.0311 7532 Avgldx64 (ff7383388a7d2283dae5831abc2b0720) C:\windows\system32\DRIVERS\avgldx64.sys
2011/06/03 01:04:00.0435 7532 Avgmfx64 (997d002827d3e3dcbbb25bf46db161ab) C:\windows\system32\DRIVERS\avgmfx64.sys
2011/06/03 01:04:00.0542 7532 Avgrkx64 (bccfe3374c887075cde2ac8fdb1cb2f8) C:\windows\system32\DRIVERS\avgrkx64.sys
2011/06/03 01:04:00.0664 7532 Avgtdia (0d49adcebe243b79366ea523b647519a) C:\windows\system32\DRIVERS\avgtdia.sys
2011/06/03 01:04:00.0830 7532 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
2011/06/03 01:04:00.0979 7532 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
2011/06/03 01:04:01.0091 7532 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
2011/06/03 01:04:01.0239 7532 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
2011/06/03 01:04:01.0362 7532 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
2011/06/03 01:04:01.0443 7532 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
2011/06/03 01:04:01.0485 7532 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
2011/06/03 01:04:01.0545 7532 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
2011/06/03 01:04:01.0623 7532 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
2011/06/03 01:04:01.0656 7532 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
2011/06/03 01:04:01.0697 7532 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
2011/06/03 01:04:01.0822 7532 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\windows\system32\drivers\BthEnum.sys
2011/06/03 01:04:01.0915 7532 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
2011/06/03 01:04:02.0009 7532 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\windows\system32\DRIVERS\bthpan.sys
2011/06/03 01:04:02.0079 7532 BTHPORT (a51fa9d0e85d5adabef72e67f386309c) C:\windows\system32\Drivers\BTHport.sys
2011/06/03 01:04:02.0183 7532 BTHUSB (f740b9a16b2c06700f2130e19986bf3b) C:\windows\system32\Drivers\BTHUSB.sys
2011/06/03 01:04:02.0254 7532 btusbflt (2641a3fe3d7b0646308f33b67f3b5300) C:\windows\system32\drivers\btusbflt.sys
2011/06/03 01:04:02.0368 7532 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
2011/06/03 01:04:02.0507 7532 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\drivers\cdrom.sys
2011/06/03 01:04:02.0623 7532 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
2011/06/03 01:04:02.0690 7532 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
2011/06/03 01:04:02.0842 7532 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
2011/06/03 01:04:02.0923 7532 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
2011/06/03 01:04:03.0049 7532 CNG (d5fea92400f12412b3922087c09da6a5) C:\windows\system32\Drivers\cng.sys
2011/06/03 01:04:03.0162 7532 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
2011/06/03 01:04:03.0276 7532 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
2011/06/03 01:04:03.0364 7532 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
2011/06/03 01:04:03.0512 7532 dc3d (76e02db615a03801d698199a2bc4a06a) C:\windows\system32\DRIVERS\dc3d.sys
2011/06/03 01:04:03.0656 7532 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
2011/06/03 01:04:03.0759 7532 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
2011/06/03 01:04:03.0865 7532 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
2011/06/03 01:04:03.0984 7532 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
2011/06/03 01:04:04.0110 7532 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
2011/06/03 01:04:04.0312 7532 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
2011/06/03 01:04:04.0524 7532 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
2011/06/03 01:04:04.0628 7532 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
2011/06/03 01:04:04.0778 7532 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
2011/06/03 01:04:04.0861 7532 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
2011/06/03 01:04:04.0973 7532 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
2011/06/03 01:04:05.0033 7532 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
2011/06/03 01:04:05.0166 7532 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
2011/06/03 01:04:05.0276 7532 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
2011/06/03 01:04:05.0391 7532 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
2011/06/03 01:04:05.0508 7532 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
2011/06/03 01:04:05.0551 7532 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys
2011/06/03 01:04:05.0689 7532 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
2011/06/03 01:04:05.0798 7532 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
2011/06/03 01:04:05.0979 7532 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\windows\system32\DRIVERS\hamachi.sys
2011/06/03 01:04:06.0122 7532 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
2011/06/03 01:04:06.0278 7532 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
2011/06/03 01:04:06.0457 7532 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
2011/06/03 01:04:06.0513 7532 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
2011/06/03 01:04:06.0589 7532 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
2011/06/03 01:04:06.0675 7532 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
2011/06/03 01:04:06.0834 7532 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\drivers\hidusb.sys
2011/06/03 01:04:07.0043 7532 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
2011/06/03 01:04:07.0169 7532 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
2011/06/03 01:04:07.0300 7532 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
2011/06/03 01:04:07.0385 7532 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys
2011/06/03 01:04:07.0522 7532 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\windows\system32\DRIVERS\iaStor.sys
2011/06/03 01:04:07.0667 7532 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
2011/06/03 01:04:08.0029 7532 igfx (3c3f27002abc69c5afe29cbe6cf7addf) C:\windows\system32\DRIVERS\igdkmd64.sys
2011/06/03 01:04:08.0304 7532 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
2011/06/03 01:04:08.0486 7532 IntcAzAudAddService (0c3cf4b3bae28e121a1689e3538f8712) C:\windows\system32\drivers\RTKVHD64.sys
2011/06/03 01:04:08.0698 7532 IntcHdmiAddService (88a20fa54c73ded4e8dac764e9130ae9) C:\windows\system32\drivers\IntcHdmi.sys
2011/06/03 01:04:08.0847 7532 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
2011/06/03 01:04:08.0927 7532 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
2011/06/03 01:04:09.0035 7532 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
2011/06/03 01:04:09.0146 7532 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
2011/06/03 01:04:09.0246 7532 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
2011/06/03 01:04:09.0306 7532 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
2011/06/03 01:04:09.0393 7532 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
2011/06/03 01:04:09.0502 7532 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
2011/06/03 01:04:09.0649 7532 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\drivers\kbdclass.sys
2011/06/03 01:04:09.0746 7532 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
2011/06/03 01:04:09.0899 7532 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\windows\system32\Drivers\ksecdd.sys
2011/06/03 01:04:09.0995 7532 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\windows\system32\Drivers\ksecpkg.sys
2011/06/03 01:04:10.0104 7532 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
2011/06/03 01:04:10.0257 7532 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
2011/06/03 01:04:10.0390 7532 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
2011/06/03 01:04:10.0505 7532 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
2011/06/03 01:04:10.0618 7532 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
2011/06/03 01:04:10.0732 7532 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
2011/06/03 01:04:10.0845 7532 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
2011/06/03 01:04:10.0924 7532 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
2011/06/03 01:04:11.0023 7532 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
2011/06/03 01:04:11.0254 7532 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
2011/06/03 01:04:11.0396 7532 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
2011/06/03 01:04:11.0519 7532 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\drivers\mouclass.sys
2011/06/03 01:04:11.0665 7532 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
2011/06/03 01:04:11.0760 7532 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
2011/06/03 01:04:11.0930 7532 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
2011/06/03 01:04:11.0997 7532 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
2011/06/03 01:04:12.0120 7532 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
2011/06/03 01:04:12.0219 7532 mrxsmb (c2b4651001a867ff3f8865863b592991) C:\windows\system32\DRIVERS\mrxsmb.sys
2011/06/03 01:04:12.0298 7532 mrxsmb10 (7e79946afc5f799ab62982282be5ac13) C:\windows\system32\DRIVERS\mrxsmb10.sys
2011/06/03 01:04:12.0479 7532 mrxsmb20 (5fb954100cea2bfec6446fbbecaa3f79) C:\windows\system32\DRIVERS\mrxsmb20.sys
2011/06/03 01:04:12.0588 7532 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
2011/06/03 01:04:12.0668 7532 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
2011/06/03 01:04:12.0799 7532 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
2011/06/03 01:04:12.0902 7532 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
2011/06/03 01:04:12.0990 7532 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
2011/06/03 01:04:13.0116 7532 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
2011/06/03 01:04:13.0186 7532 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
2011/06/03 01:04:13.0263 7532 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
2011/06/03 01:04:13.0366 7532 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
2011/06/03 01:04:13.0523 7532 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
2011/06/03 01:04:13.0589 7532 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
2011/06/03 01:04:13.0660 7532 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
2011/06/03 01:04:13.0762 7532 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
2011/06/03 01:04:13.0818 7532 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
2011/06/03 01:04:13.0957 7532 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
2011/06/03 01:04:14.0076 7532 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
2011/06/03 01:04:14.0170 7532 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
2011/06/03 01:04:14.0300 7532 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
2011/06/03 01:04:14.0381 7532 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
2011/06/03 01:04:14.0490 7532 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
2011/06/03 01:04:14.0626 7532 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
2011/06/03 01:04:14.0753 7532 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
2011/06/03 01:04:14.0891 7532 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
2011/06/03 01:04:15.0005 7532 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
2011/06/03 01:04:15.0064 7532 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
2011/06/03 01:04:15.0232 7532 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
2011/06/03 01:04:15.0362 7532 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
2011/06/03 01:04:15.0468 7532 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
2011/06/03 01:04:15.0562 7532 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
2011/06/03 01:04:15.0676 7532 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
2011/06/03 01:04:15.0824 7532 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
2011/06/03 01:04:15.0983 7532 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
2011/06/03 01:04:16.0066 7532 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\windows\system32\drivers\partmgr.sys
2011/06/03 01:04:16.0246 7532 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
2011/06/03 01:04:16.0336 7532 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
2011/06/03 01:04:16.0398 7532 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
2011/06/03 01:04:16.0492 7532 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
2011/06/03 01:04:16.0546 7532 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
2011/06/03 01:04:16.0701 7532 PGEffect (663962900e7fea522126ba287715bb4a) C:\windows\system32\DRIVERS\pgeffect.sys
2011/06/03 01:04:16.0763 7532 PMCF (60795ae1e34bcf4ff731f55a6cda9a86) C:\windows\system32\drivers\PMCF.sys
2011/06/03 01:04:16.0978 7532 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
2011/06/03 01:04:17.0037 7532 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
2011/06/03 01:04:17.0178 7532 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
2011/06/03 01:04:17.0318 7532 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
2011/06/03 01:04:17.0463 7532 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
2011/06/03 01:04:17.0545 7532 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
2011/06/03 01:04:17.0608 7532 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
2011/06/03 01:04:17.0713 7532 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
2011/06/03 01:04:17.0851 7532 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
2011/06/03 01:04:17.0972 7532 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
2011/06/03 01:04:18.0081 7532 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
2011/06/03 01:04:18.0205 7532 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
2011/06/03 01:04:18.0312 7532 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
2011/06/03 01:04:18.0358 7532 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
2011/06/03 01:04:18.0464 7532 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
2011/06/03 01:04:18.0556 7532 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
2011/06/03 01:04:18.0655 7532 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\windows\system32\drivers\RDPWD.sys
2011/06/03 01:04:18.0796 7532 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
2011/06/03 01:04:18.0922 7532 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\windows\system32\DRIVERS\rfcomm.sys
2011/06/03 01:04:19.0031 7532 rimspci (e20b1907fc72a3664ece21e3c20fc63d) C:\windows\system32\DRIVERS\rimspe64.sys
2011/06/03 01:04:19.0241 7532 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\windows\system32\DRIVERS\RimSerial_AMD64.sys
2011/06/03 01:04:19.0377 7532 risdpcie (7dda2e5cf452dad24b1be704225c18ee) C:\windows\system32\DRIVERS\risdpe64.sys
2011/06/03 01:04:19.0490 7532 rixdpcie (6a1cd4674505e6791390a1ab71da1fbe) C:\windows\system32\DRIVERS\rixdpe64.sys
2011/06/03 01:04:19.0585 7532 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\windows\system32\Drivers\RootMdm.sys
2011/06/03 01:04:19.0731 7532 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
2011/06/03 01:04:19.0858 7532 RTL8167 (b49dc435ae3695bac5623dd94b05732d) C:\windows\system32\DRIVERS\Rt64win7.sys
2011/06/03 01:04:20.0051 7532 rtl8192se (a8ed9726734d403217a4861a6788b144) C:\windows\system32\DRIVERS\rtl8192se.sys
2011/06/03 01:04:20.0246 7532 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
2011/06/03 01:04:20.0366 7532 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
2011/06/03 01:04:20.0512 7532 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\windows\system32\drivers\sdbus.sys
2011/06/03 01:04:20.0638 7532 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
2011/06/03 01:04:20.0752 7532 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
2011/06/03 01:04:20.0879 7532 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
2011/06/03 01:04:20.0995 7532 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
2011/06/03 01:04:21.0088 7532 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
2011/06/03 01:04:21.0185 7532 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
2011/06/03 01:04:21.0270 7532 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
2011/06/03 01:04:21.0370 7532 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
2011/06/03 01:04:21.0504 7532 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
2011/06/03 01:04:21.0555 7532 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
2011/06/03 01:04:21.0657 7532 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
2011/06/03 01:04:21.0802 7532 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
2011/06/03 01:04:22.0021 7532 sptd (602884696850c86434530790b110e8eb) C:\windows\system32\Drivers\sptd.sys
2011/06/03 01:04:22.0516 7532 Suspicious file (NoAccess): C:\windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
2011/06/03 01:04:22.0567 7532 sptd - detected LockedFile.Multi.Generic (1)
2011/06/03 01:04:22.0687 7532 srv (65bbf4920148c2ee279055da7228fc7b) C:\windows\system32\DRIVERS\srv.sys
2011/06/03 01:04:22.0855 7532 srv2 (da939f762a1ccc2d77428621ddbd40a7) C:\windows\system32\DRIVERS\srv2.sys
2011/06/03 01:04:23.0189 7532 srvnet (3f847c9dc87299516f7dc82fb6572865) C:\windows\system32\DRIVERS\srvnet.sys
2011/06/03 01:04:23.0435 7532 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
2011/06/03 01:04:23.0581 7532 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
2011/06/03 01:04:23.0776 7532 Tcpip (509383e505c973ed7534a06b3d19688d) C:\windows\system32\drivers\tcpip.sys
2011/06/03 01:04:23.0993 7532 TCPIP6 (509383e505c973ed7534a06b3d19688d) C:\windows\system32\DRIVERS\tcpip.sys
2011/06/03 01:04:24.0085 7532 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
2011/06/03 01:04:24.0186 7532 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys
2011/06/03 01:04:24.0247 7532 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
2011/06/03 01:04:24.0345 7532 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\windows\system32\drivers\tdtcp.sys
2011/06/03 01:04:24.0475 7532 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
2011/06/03 01:04:24.0605 7532 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
2011/06/03 01:04:24.0708 7532 Thpdrv (c013f6acaa9761f571bd28dada7c157d) C:\windows\system32\DRIVERS\thpdrv.sys
2011/06/03 01:04:24.0771 7532 Thpevm (b4e609047434ed948af7bdef2fa66e38) C:\windows\system32\DRIVERS\Thpevm.SYS
2011/06/03 01:04:24.0922 7532 tosporte (8021f63311797085949fa387f7c83583) C:\windows\system32\DRIVERS\tosporte.sys
2011/06/03 01:04:25.0031 7532 tosrfbd (71bb669bfcade1580fdce010abc76310) C:\windows\system32\DRIVERS\tosrfbd.sys
2011/06/03 01:04:25.0135 7532 tosrfbnp (62512b5277d88600f8bd4b7aec43569d) C:\windows\system32\Drivers\tosrfbnp.sys
2011/06/03 01:04:25.0245 7532 Tosrfcom (c523a9186c39d65cc9adebb2e1b93ccd) C:\windows\system32\Drivers\tosrfcom.sys
2011/06/03 01:04:25.0384 7532 tosrfec (11699d47b3491d86249c168496d55c92) C:\windows\system32\DRIVERS\tosrfec.sys
2011/06/03 01:04:25.0971 7532 Tosrfhid (451b8c1815c6cc39650af916c2a382cd) C:\windows\system32\DRIVERS\Tosrfhid.sys
2011/06/03 01:04:26.0069 7532 tosrfnds (b6fdc3c76ffe9c5171eea9c37ea367c2) C:\windows\system32\DRIVERS\tosrfnds.sys
2011/06/03 01:04:26.0126 7532 TosRfSnd (e1e045240c1184fa6628f3c7e7ff85d8) C:\windows\system32\drivers\tosrfsnd.sys
2011/06/03 01:04:26.0252 7532 Tosrfusb (da7aa562448e29ca895895920bff8946) C:\windows\system32\DRIVERS\tosrfusb.sys
2011/06/03 01:04:26.0329 7532 tos_sps64 (09ff7b0b1b5c3d225495cb6f5a9b39f8) C:\windows\system32\DRIVERS\tos_sps64.sys
2011/06/03 01:04:26.0521 7532 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
2011/06/03 01:04:26.0667 7532 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
2011/06/03 01:04:26.0798 7532 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
2011/06/03 01:04:26.0863 7532 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS
2011/06/03 01:04:26.0993 7532 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\windows\system32\DRIVERS\TVALZFL.sys
2011/06/03 01:04:27.0115 7532 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
2011/06/03 01:04:27.0225 7532 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
2011/06/03 01:04:27.0376 7532 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
2011/06/03 01:04:27.0520 7532 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\drivers\umbus.sys
2011/06/03 01:04:27.0604 7532 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
2011/06/03 01:04:27.0707 7532 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
2011/06/03 01:04:27.0832 7532 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
2011/06/03 01:04:27.0893 7532 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys
2011/06/03 01:04:28.0030 7532 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
2011/06/03 01:04:28.0145 7532 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys
2011/06/03 01:04:28.0247 7532 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
2011/06/03 01:04:28.0380 7532 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\windows\system32\DRIVERS\usbscan.sys
2011/06/03 01:04:28.0490 7532 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
2011/06/03 01:04:28.0626 7532 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\DRIVERS\usbuhci.sys
2011/06/03 01:04:28.0749 7532 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\System32\Drivers\usbvideo.sys
2011/06/03 01:04:28.0879 7532 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
2011/06/03 01:04:28.0992 7532 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
2011/06/03 01:04:29.0034 7532 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
2011/06/03 01:04:29.0154 7532 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
2011/06/03 01:04:29.0235 7532 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
2011/06/03 01:04:29.0332 7532 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
2011/06/03 01:04:29.0427 7532 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
2011/06/03 01:04:29.0554 7532 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
2011/06/03 01:04:29.0664 7532 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
2011/06/03 01:04:29.0774 7532 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
2011/06/03 01:04:29.0811 7532 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
2011/06/03 01:04:29.0931 7532 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
2011/06/03 01:04:30.0029 7532 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
2011/06/03 01:04:30.0117 7532 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
2011/06/03 01:04:30.0150 7532 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
2011/06/03 01:04:30.0355 7532 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
2011/06/03 01:04:30.0488 7532 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
2011/06/03 01:04:30.0660 7532 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
2011/06/03 01:04:30.0777 7532 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
2011/06/03 01:04:31.0013 7532 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
2011/06/03 01:04:31.0151 7532 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
2011/06/03 01:04:31.0298 7532 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
2011/06/03 01:04:31.0449 7532 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
2011/06/03 01:04:31.0588 7532 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
2011/06/03 01:04:31.0730 7532 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
2011/06/03 01:04:31.0743 7532 ================================================================================
2011/06/03 01:04:31.0743 7532 Scan finished
2011/06/03 01:04:31.0743 7532 ================================================================================
2011/06/03 01:04:31.0759 9304 Detected object count: 1
2011/06/03 01:04:31.0759 9304 Actual detected object count: 1
2011/06/03 01:05:32.0571 9304 LockedFile.Multi.Generic(sptd) - User select action: Skip
juansalazar
Active Member
 
Posts: 10
Joined: May 27th, 2011, 11:40 pm

Re: Help Please!!

Unread postby juansalazar » June 2nd, 2011, 11:22 am

Hi Carolyn, I apologsie for the late reply, i have been qkinda of busy lately but here it is the info you requested....
Now i had to post each report in a different reply because it said i exceed the number of characters I could use on every post...

TDSKilles.text


2011/06/03 01:03:19.0198 9292 TDSS rootkit removing tool 2.5.3.0 May 25 2011 07:09:24
2011/06/03 01:03:20.0773 9292 ================================================================================
2011/06/03 01:03:20.0773 9292 SystemInfo:
2011/06/03 01:03:20.0773 9292
2011/06/03 01:03:20.0773 9292 OS Version: 6.1.7601 ServicePack: 1.0
2011/06/03 01:03:20.0773 9292 Product type: Workstation
2011/06/03 01:03:20.0773 9292 ComputerName: TOSH
2011/06/03 01:03:20.0773 9292 UserName: Night Walker
2011/06/03 01:03:20.0773 9292 Windows directory: C:\windows
2011/06/03 01:03:20.0773 9292 System windows directory: C:\windows
2011/06/03 01:03:20.0773 9292 Running under WOW64
2011/06/03 01:03:20.0773 9292 Processor architecture: Intel x64
2011/06/03 01:03:20.0773 9292 Number of processors: 2
2011/06/03 01:03:20.0773 9292 Page size: 0x1000
2011/06/03 01:03:20.0774 9292 Boot type: Normal boot
2011/06/03 01:03:20.0774 9292 ================================================================================
2011/06/03 01:03:22.0798 9292 Initialize success
2011/06/03 01:03:28.0994 7532 ================================================================================
2011/06/03 01:03:28.0994 7532 Scan started
2011/06/03 01:03:28.0994 7532 Mode: Manual;
2011/06/03 01:03:28.0994 7532 ================================================================================
2011/06/03 01:03:54.0262 7532 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
2011/06/03 01:03:54.0631 7532 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
2011/06/03 01:03:55.0065 7532 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
2011/06/03 01:03:55.0433 7532 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
2011/06/03 01:03:55.0853 7532 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
2011/06/03 01:03:56.0156 7532 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
2011/06/03 01:03:56.0487 7532 AFD (d31dc7a16dea4a9baf179f3d6fbdb38c) C:\windows\system32\drivers\afd.sys
2011/06/03 01:03:56.0858 7532 AgereSoftModem (c98356d813b581e9c425b42a5d146ce0) C:\windows\system32\DRIVERS\agrsm64.sys
2011/06/03 01:03:57.0326 7532 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
2011/06/03 01:03:57.0476 7532 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
2011/06/03 01:03:57.0618 7532 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
2011/06/03 01:03:57.0724 7532 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
2011/06/03 01:03:57.0884 7532 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
2011/06/03 01:03:58.0072 7532 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
2011/06/03 01:03:58.0383 7532 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
2011/06/03 01:03:58.0517 7532 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
2011/06/03 01:03:58.0636 7532 ApfiltrService (1661f9c9e4b0049fa0a5e30264375a87) C:\windows\system32\DRIVERS\Apfiltr.sys
2011/06/03 01:03:58.0751 7532 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
2011/06/03 01:03:58.0887 7532 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
2011/06/03 01:03:59.0000 7532 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
2011/06/03 01:03:59.0109 7532 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
2011/06/03 01:03:59.0234 7532 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
2011/06/03 01:03:59.0774 7532 atikmdag (3efd964d52221360af0673cd61c2f4f5) C:\windows\system32\drivers\atikmdag.sys
2011/06/03 01:04:00.0015 7532 AVGIDSDriver (eee718457f24f2154f23a7fad1a0cea3) C:\windows\system32\DRIVERS\AVGIDSDriver.Sys
2011/06/03 01:04:00.0120 7532 AVGIDSEH (1553b388e0f0462c25ad8f30c3c29e83) C:\windows\system32\DRIVERS\AVGIDSEH.Sys
2011/06/03 01:04:00.0178 7532 AVGIDSFilter (dca426a66739e75f51a72160dfb945ad) C:\windows\system32\DRIVERS\AVGIDSFilter.Sys
2011/06/03 01:04:00.0311 7532 Avgldx64 (ff7383388a7d2283dae5831abc2b0720) C:\windows\system32\DRIVERS\avgldx64.sys
2011/06/03 01:04:00.0435 7532 Avgmfx64 (997d002827d3e3dcbbb25bf46db161ab) C:\windows\system32\DRIVERS\avgmfx64.sys
2011/06/03 01:04:00.0542 7532 Avgrkx64 (bccfe3374c887075cde2ac8fdb1cb2f8) C:\windows\system32\DRIVERS\avgrkx64.sys
2011/06/03 01:04:00.0664 7532 Avgtdia (0d49adcebe243b79366ea523b647519a) C:\windows\system32\DRIVERS\avgtdia.sys
2011/06/03 01:04:00.0830 7532 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
2011/06/03 01:04:00.0979 7532 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
2011/06/03 01:04:01.0091 7532 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
2011/06/03 01:04:01.0239 7532 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
2011/06/03 01:04:01.0362 7532 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
2011/06/03 01:04:01.0443 7532 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
2011/06/03 01:04:01.0485 7532 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
2011/06/03 01:04:01.0545 7532 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
2011/06/03 01:04:01.0623 7532 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
2011/06/03 01:04:01.0656 7532 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
2011/06/03 01:04:01.0697 7532 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
2011/06/03 01:04:01.0822 7532 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\windows\system32\drivers\BthEnum.sys
2011/06/03 01:04:01.0915 7532 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
2011/06/03 01:04:02.0009 7532 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\windows\system32\DRIVERS\bthpan.sys
2011/06/03 01:04:02.0079 7532 BTHPORT (a51fa9d0e85d5adabef72e67f386309c) C:\windows\system32\Drivers\BTHport.sys
2011/06/03 01:04:02.0183 7532 BTHUSB (f740b9a16b2c06700f2130e19986bf3b) C:\windows\system32\Drivers\BTHUSB.sys
2011/06/03 01:04:02.0254 7532 btusbflt (2641a3fe3d7b0646308f33b67f3b5300) C:\windows\system32\drivers\btusbflt.sys
2011/06/03 01:04:02.0368 7532 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
2011/06/03 01:04:02.0507 7532 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\drivers\cdrom.sys
2011/06/03 01:04:02.0623 7532 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
2011/06/03 01:04:02.0690 7532 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
2011/06/03 01:04:02.0842 7532 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
2011/06/03 01:04:02.0923 7532 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
2011/06/03 01:04:03.0049 7532 CNG (d5fea92400f12412b3922087c09da6a5) C:\windows\system32\Drivers\cng.sys
2011/06/03 01:04:03.0162 7532 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
2011/06/03 01:04:03.0276 7532 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
2011/06/03 01:04:03.0364 7532 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
2011/06/03 01:04:03.0512 7532 dc3d (76e02db615a03801d698199a2bc4a06a) C:\windows\system32\DRIVERS\dc3d.sys
2011/06/03 01:04:03.0656 7532 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
2011/06/03 01:04:03.0759 7532 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
2011/06/03 01:04:03.0865 7532 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
2011/06/03 01:04:03.0984 7532 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
2011/06/03 01:04:04.0110 7532 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
2011/06/03 01:04:04.0312 7532 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
2011/06/03 01:04:04.0524 7532 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
2011/06/03 01:04:04.0628 7532 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
2011/06/03 01:04:04.0778 7532 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
2011/06/03 01:04:04.0861 7532 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
2011/06/03 01:04:04.0973 7532 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
2011/06/03 01:04:05.0033 7532 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
2011/06/03 01:04:05.0166 7532 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
2011/06/03 01:04:05.0276 7532 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
2011/06/03 01:04:05.0391 7532 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
2011/06/03 01:04:05.0508 7532 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
2011/06/03 01:04:05.0551 7532 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys
2011/06/03 01:04:05.0689 7532 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
2011/06/03 01:04:05.0798 7532 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
2011/06/03 01:04:05.0979 7532 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\windows\system32\DRIVERS\hamachi.sys
2011/06/03 01:04:06.0122 7532 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
2011/06/03 01:04:06.0278 7532 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
2011/06/03 01:04:06.0457 7532 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
2011/06/03 01:04:06.0513 7532 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
2011/06/03 01:04:06.0589 7532 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
2011/06/03 01:04:06.0675 7532 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
2011/06/03 01:04:06.0834 7532 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\drivers\hidusb.sys
2011/06/03 01:04:07.0043 7532 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
2011/06/03 01:04:07.0169 7532 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
2011/06/03 01:04:07.0300 7532 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
2011/06/03 01:04:07.0385 7532 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys
2011/06/03 01:04:07.0522 7532 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\windows\system32\DRIVERS\iaStor.sys
2011/06/03 01:04:07.0667 7532 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
2011/06/03 01:04:08.0029 7532 igfx (3c3f27002abc69c5afe29cbe6cf7addf) C:\windows\system32\DRIVERS\igdkmd64.sys
2011/06/03 01:04:08.0304 7532 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
2011/06/03 01:04:08.0486 7532 IntcAzAudAddService (0c3cf4b3bae28e121a1689e3538f8712) C:\windows\system32\drivers\RTKVHD64.sys
2011/06/03 01:04:08.0698 7532 IntcHdmiAddService (88a20fa54c73ded4e8dac764e9130ae9) C:\windows\system32\drivers\IntcHdmi.sys
2011/06/03 01:04:08.0847 7532 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
2011/06/03 01:04:08.0927 7532 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
2011/06/03 01:04:09.0035 7532 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
2011/06/03 01:04:09.0146 7532 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
2011/06/03 01:04:09.0246 7532 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
2011/06/03 01:04:09.0306 7532 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
2011/06/03 01:04:09.0393 7532 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
2011/06/03 01:04:09.0502 7532 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
2011/06/03 01:04:09.0649 7532 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\drivers\kbdclass.sys
2011/06/03 01:04:09.0746 7532 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
2011/06/03 01:04:09.0899 7532 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\windows\system32\Drivers\ksecdd.sys
2011/06/03 01:04:09.0995 7532 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\windows\system32\Drivers\ksecpkg.sys
2011/06/03 01:04:10.0104 7532 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
2011/06/03 01:04:10.0257 7532 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
2011/06/03 01:04:10.0390 7532 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
2011/06/03 01:04:10.0505 7532 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
2011/06/03 01:04:10.0618 7532 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
2011/06/03 01:04:10.0732 7532 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
2011/06/03 01:04:10.0845 7532 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
2011/06/03 01:04:10.0924 7532 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
2011/06/03 01:04:11.0023 7532 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
2011/06/03 01:04:11.0254 7532 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
2011/06/03 01:04:11.0396 7532 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
2011/06/03 01:04:11.0519 7532 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\drivers\mouclass.sys
2011/06/03 01:04:11.0665 7532 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
2011/06/03 01:04:11.0760 7532 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
2011/06/03 01:04:11.0930 7532 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
2011/06/03 01:04:11.0997 7532 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
2011/06/03 01:04:12.0120 7532 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
2011/06/03 01:04:12.0219 7532 mrxsmb (c2b4651001a867ff3f8865863b592991) C:\windows\system32\DRIVERS\mrxsmb.sys
2011/06/03 01:04:12.0298 7532 mrxsmb10 (7e79946afc5f799ab62982282be5ac13) C:\windows\system32\DRIVERS\mrxsmb10.sys
2011/06/03 01:04:12.0479 7532 mrxsmb20 (5fb954100cea2bfec6446fbbecaa3f79) C:\windows\system32\DRIVERS\mrxsmb20.sys
2011/06/03 01:04:12.0588 7532 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
2011/06/03 01:04:12.0668 7532 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
2011/06/03 01:04:12.0799 7532 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
2011/06/03 01:04:12.0902 7532 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
2011/06/03 01:04:12.0990 7532 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
2011/06/03 01:04:13.0116 7532 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
2011/06/03 01:04:13.0186 7532 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
2011/06/03 01:04:13.0263 7532 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
2011/06/03 01:04:13.0366 7532 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
2011/06/03 01:04:13.0523 7532 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
2011/06/03 01:04:13.0589 7532 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
2011/06/03 01:04:13.0660 7532 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
2011/06/03 01:04:13.0762 7532 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
2011/06/03 01:04:13.0818 7532 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
2011/06/03 01:04:13.0957 7532 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
2011/06/03 01:04:14.0076 7532 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
2011/06/03 01:04:14.0170 7532 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
2011/06/03 01:04:14.0300 7532 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
2011/06/03 01:04:14.0381 7532 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
2011/06/03 01:04:14.0490 7532 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
2011/06/03 01:04:14.0626 7532 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
2011/06/03 01:04:14.0753 7532 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
2011/06/03 01:04:14.0891 7532 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
2011/06/03 01:04:15.0005 7532 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
2011/06/03 01:04:15.0064 7532 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
2011/06/03 01:04:15.0232 7532 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
2011/06/03 01:04:15.0362 7532 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
2011/06/03 01:04:15.0468 7532 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
2011/06/03 01:04:15.0562 7532 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
2011/06/03 01:04:15.0676 7532 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
2011/06/03 01:04:15.0824 7532 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
2011/06/03 01:04:15.0983 7532 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
2011/06/03 01:04:16.0066 7532 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\windows\system32\drivers\partmgr.sys
2011/06/03 01:04:16.0246 7532 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
2011/06/03 01:04:16.0336 7532 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
2011/06/03 01:04:16.0398 7532 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
2011/06/03 01:04:16.0492 7532 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
2011/06/03 01:04:16.0546 7532 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
2011/06/03 01:04:16.0701 7532 PGEffect (663962900e7fea522126ba287715bb4a) C:\windows\system32\DRIVERS\pgeffect.sys
2011/06/03 01:04:16.0763 7532 PMCF (60795ae1e34bcf4ff731f55a6cda9a86) C:\windows\system32\drivers\PMCF.sys
2011/06/03 01:04:16.0978 7532 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
2011/06/03 01:04:17.0037 7532 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
2011/06/03 01:04:17.0178 7532 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
2011/06/03 01:04:17.0318 7532 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
2011/06/03 01:04:17.0463 7532 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
2011/06/03 01:04:17.0545 7532 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
2011/06/03 01:04:17.0608 7532 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
2011/06/03 01:04:17.0713 7532 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
2011/06/03 01:04:17.0851 7532 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
2011/06/03 01:04:17.0972 7532 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
2011/06/03 01:04:18.0081 7532 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
2011/06/03 01:04:18.0205 7532 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
2011/06/03 01:04:18.0312 7532 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
2011/06/03 01:04:18.0358 7532 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
2011/06/03 01:04:18.0464 7532 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
2011/06/03 01:04:18.0556 7532 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
2011/06/03 01:04:18.0655 7532 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\windows\system32\drivers\RDPWD.sys
2011/06/03 01:04:18.0796 7532 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
2011/06/03 01:04:18.0922 7532 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\windows\system32\DRIVERS\rfcomm.sys
2011/06/03 01:04:19.0031 7532 rimspci (e20b1907fc72a3664ece21e3c20fc63d) C:\windows\system32\DRIVERS\rimspe64.sys
2011/06/03 01:04:19.0241 7532 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\windows\system32\DRIVERS\RimSerial_AMD64.sys
2011/06/03 01:04:19.0377 7532 risdpcie (7dda2e5cf452dad24b1be704225c18ee) C:\windows\system32\DRIVERS\risdpe64.sys
2011/06/03 01:04:19.0490 7532 rixdpcie (6a1cd4674505e6791390a1ab71da1fbe) C:\windows\system32\DRIVERS\rixdpe64.sys
2011/06/03 01:04:19.0585 7532 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\windows\system32\Drivers\RootMdm.sys
2011/06/03 01:04:19.0731 7532 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
2011/06/03 01:04:19.0858 7532 RTL8167 (b49dc435ae3695bac5623dd94b05732d) C:\windows\system32\DRIVERS\Rt64win7.sys
2011/06/03 01:04:20.0051 7532 rtl8192se (a8ed9726734d403217a4861a6788b144) C:\windows\system32\DRIVERS\rtl8192se.sys
2011/06/03 01:04:20.0246 7532 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
2011/06/03 01:04:20.0366 7532 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
2011/06/03 01:04:20.0512 7532 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\windows\system32\drivers\sdbus.sys
2011/06/03 01:04:20.0638 7532 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
2011/06/03 01:04:20.0752 7532 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
2011/06/03 01:04:20.0879 7532 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
2011/06/03 01:04:20.0995 7532 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
2011/06/03 01:04:21.0088 7532 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
2011/06/03 01:04:21.0185 7532 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
2011/06/03 01:04:21.0270 7532 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
2011/06/03 01:04:21.0370 7532 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
2011/06/03 01:04:21.0504 7532 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
2011/06/03 01:04:21.0555 7532 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
2011/06/03 01:04:21.0657 7532 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
2011/06/03 01:04:21.0802 7532 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
2011/06/03 01:04:22.0021 7532 sptd (602884696850c86434530790b110e8eb) C:\windows\system32\Drivers\sptd.sys
2011/06/03 01:04:22.0516 7532 Suspicious file (NoAccess): C:\windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
2011/06/03 01:04:22.0567 7532 sptd - detected LockedFile.Multi.Generic (1)
2011/06/03 01:04:22.0687 7532 srv (65bbf4920148c2ee279055da7228fc7b) C:\windows\system32\DRIVERS\srv.sys
2011/06/03 01:04:22.0855 7532 srv2 (da939f762a1ccc2d77428621ddbd40a7) C:\windows\system32\DRIVERS\srv2.sys
2011/06/03 01:04:23.0189 7532 srvnet (3f847c9dc87299516f7dc82fb6572865) C:\windows\system32\DRIVERS\srvnet.sys
2011/06/03 01:04:23.0435 7532 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
2011/06/03 01:04:23.0581 7532 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
2011/06/03 01:04:23.0776 7532 Tcpip (509383e505c973ed7534a06b3d19688d) C:\windows\system32\drivers\tcpip.sys
2011/06/03 01:04:23.0993 7532 TCPIP6 (509383e505c973ed7534a06b3d19688d) C:\windows\system32\DRIVERS\tcpip.sys
2011/06/03 01:04:24.0085 7532 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
2011/06/03 01:04:24.0186 7532 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys
2011/06/03 01:04:24.0247 7532 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
2011/06/03 01:04:24.0345 7532 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\windows\system32\drivers\tdtcp.sys
2011/06/03 01:04:24.0475 7532 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
2011/06/03 01:04:24.0605 7532 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
2011/06/03 01:04:24.0708 7532 Thpdrv (c013f6acaa9761f571bd28dada7c157d) C:\windows\system32\DRIVERS\thpdrv.sys
2011/06/03 01:04:24.0771 7532 Thpevm (b4e609047434ed948af7bdef2fa66e38) C:\windows\system32\DRIVERS\Thpevm.SYS
2011/06/03 01:04:24.0922 7532 tosporte (8021f63311797085949fa387f7c83583) C:\windows\system32\DRIVERS\tosporte.sys
2011/06/03 01:04:25.0031 7532 tosrfbd (71bb669bfcade1580fdce010abc76310) C:\windows\system32\DRIVERS\tosrfbd.sys
2011/06/03 01:04:25.0135 7532 tosrfbnp (62512b5277d88600f8bd4b7aec43569d) C:\windows\system32\Drivers\tosrfbnp.sys
2011/06/03 01:04:25.0245 7532 Tosrfcom (c523a9186c39d65cc9adebb2e1b93ccd) C:\windows\system32\Drivers\tosrfcom.sys
2011/06/03 01:04:25.0384 7532 tosrfec (11699d47b3491d86249c168496d55c92) C:\windows\system32\DRIVERS\tosrfec.sys
2011/06/03 01:04:25.0971 7532 Tosrfhid (451b8c1815c6cc39650af916c2a382cd) C:\windows\system32\DRIVERS\Tosrfhid.sys
2011/06/03 01:04:26.0069 7532 tosrfnds (b6fdc3c76ffe9c5171eea9c37ea367c2) C:\windows\system32\DRIVERS\tosrfnds.sys
2011/06/03 01:04:26.0126 7532 TosRfSnd (e1e045240c1184fa6628f3c7e7ff85d8) C:\windows\system32\drivers\tosrfsnd.sys
2011/06/03 01:04:26.0252 7532 Tosrfusb (da7aa562448e29ca895895920bff8946) C:\windows\system32\DRIVERS\tosrfusb.sys
2011/06/03 01:04:26.0329 7532 tos_sps64 (09ff7b0b1b5c3d225495cb6f5a9b39f8) C:\windows\system32\DRIVERS\tos_sps64.sys
2011/06/03 01:04:26.0521 7532 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
2011/06/03 01:04:26.0667 7532 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
2011/06/03 01:04:26.0798 7532 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
2011/06/03 01:04:26.0863 7532 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS
2011/06/03 01:04:26.0993 7532 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\windows\system32\DRIVERS\TVALZFL.sys
2011/06/03 01:04:27.0115 7532 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
2011/06/03 01:04:27.0225 7532 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
2011/06/03 01:04:27.0376 7532 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
2011/06/03 01:04:27.0520 7532 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\drivers\umbus.sys
2011/06/03 01:04:27.0604 7532 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
2011/06/03 01:04:27.0707 7532 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
2011/06/03 01:04:27.0832 7532 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
2011/06/03 01:04:27.0893 7532 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys
2011/06/03 01:04:28.0030 7532 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
2011/06/03 01:04:28.0145 7532 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys
2011/06/03 01:04:28.0247 7532 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
2011/06/03 01:04:28.0380 7532 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\windows\system32\DRIVERS\usbscan.sys
2011/06/03 01:04:28.0490 7532 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
2011/06/03 01:04:28.0626 7532 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\DRIVERS\usbuhci.sys
2011/06/03 01:04:28.0749 7532 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\System32\Drivers\usbvideo.sys
2011/06/03 01:04:28.0879 7532 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
2011/06/03 01:04:28.0992 7532 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
2011/06/03 01:04:29.0034 7532 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
2011/06/03 01:04:29.0154 7532 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
2011/06/03 01:04:29.0235 7532 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
2011/06/03 01:04:29.0332 7532 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
2011/06/03 01:04:29.0427 7532 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
2011/06/03 01:04:29.0554 7532 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
2011/06/03 01:04:29.0664 7532 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
2011/06/03 01:04:29.0774 7532 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
2011/06/03 01:04:29.0811 7532 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
2011/06/03 01:04:29.0931 7532 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
2011/06/03 01:04:30.0029 7532 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
2011/06/03 01:04:30.0117 7532 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
2011/06/03 01:04:30.0150 7532 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
2011/06/03 01:04:30.0355 7532 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
2011/06/03 01:04:30.0488 7532 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
2011/06/03 01:04:30.0660 7532 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
2011/06/03 01:04:30.0777 7532 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
2011/06/03 01:04:31.0013 7532 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
2011/06/03 01:04:31.0151 7532 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
2011/06/03 01:04:31.0298 7532 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
2011/06/03 01:04:31.0449 7532 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
2011/06/03 01:04:31.0588 7532 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
2011/06/03 01:04:31.0730 7532 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
2011/06/03 01:04:31.0743 7532 ================================================================================
2011/06/03 01:04:31.0743 7532 Scan finished
2011/06/03 01:04:31.0743 7532 ================================================================================
2011/06/03 01:04:31.0759 9304 Detected object count: 1
2011/06/03 01:04:31.0759 9304 Actual detected object count: 1
2011/06/03 01:05:32.0571 9304 LockedFile.Multi.Generic(sptd) - User select action: Skip
juansalazar
Active Member
 
Posts: 10
Joined: May 27th, 2011, 11:40 pm

Re: Help Please!!

Unread postby juansalazar » June 2nd, 2011, 11:25 am

THe OTL.text file seems to be too big so i divided in two :S

OTL logfile created on: 6/3/2011 1:07:48 AM - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Night Walker\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

3.96 Gb Total Physical Memory | 0.98 Gb Available Physical Memory | 24.73% Memory free
7.93 Gb Paging File | 3.54 Gb Available in Paging File | 44.72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.94 Gb Total Space | 13.35 Gb Free Space | 4.67% Space Free | Partition Type: NTFS
Drive D: | 4.29 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: TOSH | User Name: Night Walker | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Night Walker\Desktop\tdsskiller.exe (Kaspersky Lab ZAO)
PRC - C:\Users\Night Walker\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\Night Walker\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe (Google)
PRC - C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe (Google)
PRC - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
PRC - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
PRC - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe ()
PRC - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
PRC - C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\TOSHIBA\HDMICtrlMan\HCMSoundChanger.exe (TOSHIBA Corporation.)
PRC - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files (x86)\TOSHIBA\Bluetooth Monitor\BtMon2.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosAVRC.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files\ltmoh\ltmoh.exe (LSI Corp.)
PRC - C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)


========== Modules (SafeList) ==========

MOD - C:\Users\Night Walker\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV:64bit: - (TOSHIBA HDD SSD Alert Service) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe (TOSHIBA Corporation)
SRV:64bit: - (TOSHIBA eco Utility Service) -- C:\Program Files\TOSHIBA\TECO\TecoService.exe (TOSHIBA Corporation)
SRV:64bit: - (TosCoSrv) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
SRV:64bit: - (TPCHSrv) -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe (TOSHIBA Corporation)
SRV:64bit: - (TODDSrv) -- C:\Windows\SysNative\TODDSrv.exe (TOSHIBA Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (Thpsrv) -- C:\Windows\SysNative\ThpSrv.exe (TOSHIBA Corporation)
SRV:64bit: - (RSELSVC) -- C:\Program Files\TOSHIBA\rselect\RSelSvc.exe (TOSHIBA Corporation)
SRV:64bit: - (AgereModemAudio) -- C:\Program Files\LSI SoftModem\agr64svc.exe (LSI Corporation)
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (TMachInfo) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (cfWiMAXService) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe (TOSHIBA CORPORATION)
SRV - (TOSHIBA Bluetooth Service) -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (ConfigFree Gadget Service) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe (TOSHIBA CORPORATION)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ConfigFree Service) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)


========== Driver Services (SafeList) ==========

DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSEH) -- C:\Windows\SysNative\drivers\AVGIDSEH.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (AVGIDSFilter) -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)
DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.)
DRV:64bit: - (rtl8192se) -- C:\Windows\SysNative\drivers\rtl8192se.sys (Realtek Semiconductor Corporation )
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (Tosrfusb) -- C:\Windows\SysNative\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV:64bit: - (TosRfSnd) -- C:\Windows\SysNative\drivers\TosRfSnd.sys (TOSHIBA Corporation)
DRV:64bit: - (tdcmdpst) -- C:\Windows\SysNative\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV:64bit: - (risdpcie) -- C:\Windows\SysNative\drivers\risdpe64.sys (REDC)
DRV:64bit: - (PMCF) -- C:\Windows\SysNative\drivers\PMCF.sys ()
DRV:64bit: - (Tosrfcom) -- C:\Windows\SysNative\drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV:64bit: - (tos_sps64) -- C:\Windows\SysNative\drivers\tos_sps64.sys (TOSHIBA Corporation)
DRV:64bit: - (tosrfnds) -- C:\Windows\SysNative\drivers\tosrfnds.sys (TOSHIBA Corporation.)
DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corporation)
DRV:64bit: - (TVALZ) -- C:\Windows\SysNative\drivers\TVALZ_O.SYS (TOSHIBA Corporation)
DRV:64bit: - (tosrfec) -- C:\Windows\SysNative\drivers\tosrfec.sys (TOSHIBA Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ROOTMODEM) -- C:\Windows\SysNative\drivers\rootmdm.sys (Microsoft Corporation)
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (IntcHdmiAddService) Intel(R) -- C:\Windows\SysNative\drivers\IntcHdmi.sys (Intel(R) Corporation)
DRV:64bit: - (tosrfbd) -- C:\Windows\SysNative\drivers\tosrfbd.sys (TOSHIBA CORPORATION)
DRV:64bit: - (rixdpcie) -- C:\Windows\SysNative\drivers\rixdpe64.sys (REDC)
DRV:64bit: - (rimspci) -- C:\Windows\SysNative\drivers\rimspe64.sys (REDC)
DRV:64bit: - (Thpevm) -- C:\Windows\SysNative\drivers\Thpevm.sys (TOSHIBA Corporation)
DRV:64bit: - (Thpdrv) -- C:\Windows\SysNative\drivers\thpdrv.sys (TOSHIBA Corporation)
DRV:64bit: - (PGEffect) -- C:\Windows\SysNative\drivers\PGEffect.sys (TOSHIBA Corporation)
DRV:64bit: - (TVALZFL) -- C:\Windows\SysNative\drivers\TVALZFL.sys (TOSHIBA Corporation)
DRV:64bit: - (Tosrfhid) -- C:\Windows\SysNative\drivers\Tosrfhid.sys (TOSHIBA Corporation.)
DRV:64bit: - (tosrfbnp) -- C:\Windows\SysNative\drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV:64bit: - (tosporte) -- C:\Windows\SysNative\drivers\tosporte.sys (TOSHIBA Corporation)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (RimVSerPort) -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys (Research in Motion Ltd)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=TSZZ
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain ... &bmod=TSZZ


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3805827440-2575277382-1516481298-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=TSNA
IE - HKU\S-1-5-21-3805827440-2575277382-1516481298-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-3805827440-2575277382-1516481298-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-3805827440-2575277382-1516481298-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain ... &bmod=TSNA
IE - HKU\S-1-5-21-3805827440-2575277382-1516481298-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-3805827440-2575277382-1516481298-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-3805827440-2575277382-1516481298-1001\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-3805827440-2575277382-1516481298-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG10\Firefox4\ [2011/05/11 16:05:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011/04/06 14:57:19 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009/06/11 07:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (vShare Toolbar) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (vShare Toolbar) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-3805827440-2575277382-1516481298-1001\..\Toolbar\WebBrowser: (vShare Toolbar) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
O3 - HKU\S-1-5-21-3805827440-2575277382-1516481298-1001\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe (TOSHIBA Corporation.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [LtMoh] C:\Program Files\ltmoh\ltmoh.exe (LSI Corp.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [ThpSrv] C:\windows\SysNative\thpsrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe (Toshiba)
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TUSBSleepChargeSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe (TOSHIBA)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3805827440-2575277382-1516481298-1001..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-3805827440-2575277382-1516481298-1001..\Run: [hmod70twindl.exe] File not found
O4 - HKU\S-1-5-21-3805827440-2575277382-1516481298-1001..\Run: [MyTOSHIBA] C:\Program Files (x86)\TOSHIBA\My Toshiba\MyToshiba.exe (TOSHIBA)
O4 - HKU\.DEFAULT..\RunOnce: [osk.exe] C:\windows\SysWow64\osk.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [osk.exe] C:\windows\SysWow64\osk.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O4 - Startup: C:\Users\Night Walker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Antimalware Doctor.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 3
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} http://content.systemrequirementslab.co ... .3.1.0.cab (SysInfo Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} http://panda-plugin.disney.go.com/plugi ... ctivex.cab (P3DActiveX Control)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1 192.168.0.1
O18:64bit: - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - Reg Error: Key error. File not found
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
O20:64bit: - AppInit_DLLs: (acaptuser64.dll) - C:\windows\SysNative\acaptuser64.dll (Adobe Systems, Inc.)
O20 - AppInit_DLLs: (acaptuser32.dll) - C:\windows\SysWow64\acaptuser32.dll (Adobe Systems, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files (x86)\Stardock\Object Desktop\IconPackager\iprepair.dll (Stardock.net, Inc)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2021184d-d0f0-11df-b5b6-90e6ba02d78b}\Shell - "" = AutoRun
O33 - MountPoints2\{2021184d-d0f0-11df-b5b6-90e6ba02d78b}\Shell\AutoRun\command - "" = "E:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{88c02a27-fd42-11df-a0d5-90e6ba02d78b}\Shell - "" = AutoRun
O33 - MountPoints2\{88c02a27-fd42-11df-a0d5-90e6ba02d78b}\Shell\AutoRun\command - "" = E:\Autoplay.exe -auto
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgchsva.exe /sync) - C:\Program Files (x86)\AVG\AVG10\avgchsva.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart) - C:\Program Files (x86)\AVG\AVG10\avgrsa.exe (AVG Technologies CZ, s.r.o.)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/03 01:01:27 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Night Walker\Desktop\OTL.exe
[2011/06/03 01:01:14 | 001,431,344 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Night Walker\Desktop\tdsskiller.exe
[2011/05/29 14:30:17 | 000,000,000 | ---D | C] -- C:\Users\Night Walker\AppData\Roaming\go
[2011/05/29 14:30:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Easybits GO
[2011/05/28 13:02:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2011/05/28 13:02:05 | 000,000,000 | ---D | C] -- C:\Users\Night Walker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011/05/28 12:46:22 | 000,000,000 | ---D | C] -- C:\Users\Night Walker\AppData\Local\PackageAware
[2011/05/28 12:30:30 | 000,000,000 | ---D | C] -- C:\Users\Night Walker\AppData\Local\ElevatedDiagnostics
[2011/05/28 12:07:14 | 000,000,000 | ---D | C] -- C:\Users\Night Walker\AppData\Local\{ECA1F56B-0393-479C-B2A9-D5D9E6F23D90}
[2011/05/28 12:03:56 | 000,000,000 | ---D | C] -- C:\Users\Night Walker\AppData\Roaming\Research In Motion
[2011/05/28 12:02:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlackBerry
[2011/05/28 12:02:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Research In Motion
[2011/05/28 12:02:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Research In Motion
[2011/05/28 12:02:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Research In Motion
[2011/05/27 14:53:35 | 000,000,000 | ---D | C] -- C:\Users\Night Walker\AppData\Roaming\IrfanView
[2011/05/27 14:53:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IrfanView
[2011/05/26 21:00:53 | 001,987,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\authui.dll
[2011/05/26 20:55:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Devil Design
[2011/05/26 20:55:55 | 016,825,224 | ---- | C] (Axialis Software) -- C:\windows\SysNative\Dark Water.scr
[2011/05/26 20:55:40 | 000,000,000 | ---D | C] -- C:\Users\Night Walker\AppData\Local\Axialis
[2011/05/26 17:42:31 | 000,000,000 | ---D | C] -- C:\Users\Night Walker\AppData\Local\{16437C3E-D728-4139-9837-3FD1338E024D}
[2011/05/26 13:23:53 | 000,000,000 | ---D | C] -- C:\Users\Night Walker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Program Icon Changer
[2011/05/26 13:23:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ExeIcon
[2011/05/26 10:28:14 | 000,000,000 | -H-D | C] -- C:\ProgramData\{1C533CDB-BAC7-4600-B3DE-0B628D9AC643}
[2011/05/26 10:27:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
[2011/05/26 10:27:50 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Stardock
[2011/05/26 10:27:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Stardock
[2011/05/26 10:13:57 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\windows\explorer_edit_w7sbc.exe
[2011/05/26 10:13:57 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\windows\explorer_backup_w7sbc.exe
[2011/05/26 10:13:57 | 002,388,992 | ---- | C] (Microsoft Corporation) -- C:\windows\explorer.exe
[2011/05/26 10:13:57 | 000,000,000 | ---D | C] -- C:\windows\W7SBC
[2011/05/26 09:44:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\W7SBC
[2011/05/26 08:18:15 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\uxtheme.dll.backup
[2011/05/26 08:18:13 | 002,851,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\themeui.dll.backup
[2011/05/25 06:08:35 | 000,000,000 | ---D | C] -- C:\Users\Night Walker\AppData\Local\{40533259-F2E3-44C0-8C18-911439CDAF9A}
[2011/05/25 05:51:31 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Diskdump.sys
[2011/05/25 05:34:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Cached Installations
[2011/05/24 10:15:57 | 000,000,000 | ---D | C] -- C:\Users\Night Walker\AppData\Local\{4DBCB71E-DA59-48DE-9A2D-97A074B65EEE}
[2011/05/22 07:41:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011/05/21 00:20:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype Extras
[2011/05/21 00:19:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2011/05/20 04:15:47 | 000,000,000 | ---D | C] -- C:\windows\SysNative\SPReview
[2011/05/20 04:14:02 | 000,000,000 | ---D | C] -- C:\windows\SysNative\EventProviders
[2011/05/20 04:09:14 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dfshim.dll
[2011/05/20 04:09:14 | 000,048,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netfxperf.dll
[2011/05/20 04:09:00 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dfshim.dll
[2011/05/20 04:08:54 | 003,715,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstscax.dll
[2011/05/20 04:08:54 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\TsUsbFlt.sys
[2011/05/20 04:08:54 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2011/05/20 04:08:53 | 001,838,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10warp.dll
[2011/05/20 04:08:48 | 003,215,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstscax.dll
[2011/05/20 04:08:39 | 001,171,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d10warp.dll
[2011/05/20 04:08:38 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc40.dll
[2011/05/20 04:08:38 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc40u.dll
[2011/05/20 04:08:29 | 002,314,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tquery.dll
[2011/05/20 04:08:28 | 014,633,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmp.dll
[2011/05/20 04:08:25 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssrch.dll
[2011/05/20 04:08:23 | 003,205,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mmcndmgr.dll
[2011/05/20 04:08:23 | 001,731,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll
[2011/05/20 04:08:19 | 004,120,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mf.dll
[2011/05/20 04:08:19 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc_isv.dll
[2011/05/20 04:08:17 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate_isv.exe
[2011/05/20 04:08:16 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc_isv.dll
[2011/05/20 04:08:16 | 000,359,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate.exe
[2011/05/20 04:08:15 | 003,008,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xpsservices.dll
[2011/05/20 04:08:15 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc.dll
[2011/05/20 04:08:10 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc.dll
[2011/05/20 04:08:10 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate_isv.exe
[2011/05/20 04:08:09 | 001,219,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rpcrt4.dll
[2011/05/20 04:08:06 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate.exe
[2011/05/20 04:08:05 | 002,086,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ole32.dll
[2011/05/20 04:08:04 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spwizui.dll
[2011/05/20 04:08:02 | 001,556,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RacEngn.dll
[2011/05/20 04:08:02 | 001,340,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\diagperf.dll
[2011/05/20 04:08:02 | 001,197,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskschd.dll
[2011/05/20 04:08:01 | 003,207,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mf.dll
[2011/05/20 04:08:01 | 001,866,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ExplorerFrame.dll
[2011/05/20 04:08:00 | 001,753,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vssapi.dll
[2011/05/20 04:07:59 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssrch.dll
[2011/05/20 04:07:59 | 001,334,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\CertEnroll.dll
[2011/05/20 04:07:59 | 001,326,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\NaturalLanguage6.dll
[2011/05/20 04:07:59 | 000,299,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mcupdate_GenuineIntel.dll
[2011/05/20 04:07:58 | 003,860,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UIRibbon.dll
[2011/05/20 04:07:57 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmp.dll
[2011/05/20 04:07:55 | 003,027,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMVCORE.DLL
[2011/05/20 04:07:55 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PresentationHost.exe
[2011/05/20 04:07:55 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PresentationHostProxy.dll
[2011/05/20 04:07:54 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PresentationHost.exe
[2011/05/20 04:07:54 | 000,109,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PresentationHostProxy.dll
[2011/05/20 04:07:53 | 003,957,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WinSAT.exe
[2011/05/20 04:07:53 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\CertEnroll.dll
[2011/05/20 04:07:53 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spinstall.exe
[2011/05/20 04:07:53 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spreview.exe
[2011/05/20 04:07:53 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpdd.dll
[2011/05/20 04:07:52 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tquery.dll
[2011/05/20 04:07:51 | 002,067,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d9.dll
[2011/05/20 04:07:51 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMVDECOD.DLL
[2011/05/20 04:07:49 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AuthFWSnapin.dll
[2011/05/20 04:07:49 | 001,115,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RacEngn.dll
[2011/05/20 04:07:49 | 000,867,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SearchFolder.dll
[2011/05/20 04:07:48 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AuthFWSnapin.dll
[2011/05/20 04:07:48 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll
[2011/05/20 04:07:47 | 003,391,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dbgeng.dll
[2011/05/20 04:07:47 | 001,632,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dwmcore.dll
[2011/05/20 04:07:45 | 001,456,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\crypt32.dll
[2011/05/20 04:07:44 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ExplorerFrame.dll
[2011/05/20 04:07:44 | 000,958,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\actxprxy.dll
[2011/05/20 04:07:43 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[2011/05/20 04:07:43 | 000,750,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TSWorkspace.dll
[2011/05/20 04:07:43 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll
[2011/05/20 04:07:41 | 001,116,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstsc.exe
[2011/05/20 04:07:41 | 000,244,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sqmapi.dll
[2011/05/20 04:07:40 | 001,244,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imapi2fs.dll
[2011/05/20 04:07:40 | 000,787,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d11.dll
[2011/05/20 04:07:40 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netlogon.dll
[2011/05/20 04:07:39 | 001,900,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\setupapi.dll
[2011/05/20 04:07:39 | 001,828,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d9.dll
[2011/05/20 04:07:39 | 001,212,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\propsys.dll
[2011/05/20 04:07:39 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\taskschd.dll
[2011/05/20 04:07:38 | 001,281,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\werconcpl.dll
[2011/05/20 04:07:38 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbc32.dll
[2011/05/20 04:07:38 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskeng.exe
[2011/05/20 04:07:37 | 001,049,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstsc.exe
[2011/05/20 04:07:37 | 001,008,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\user32.dll
[2011/05/20 04:07:37 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\oleaut32.dll
[2011/05/20 04:07:36 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\certmgr.dll
[2011/05/20 04:07:36 | 000,376,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\netio.sys
[2011/05/20 04:07:35 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\webio.dll
[2011/05/20 04:07:35 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wer.dll
[2011/05/20 04:07:35 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scavengeui.dll
[2011/05/20 04:07:34 | 000,955,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\localspl.dll
[2011/05/20 04:07:34 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PortableDeviceApi.dll
[2011/05/20 04:07:34 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\certcli.dll
[2011/05/20 04:07:34 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tsmf.dll
[2011/05/20 04:07:33 | 001,509,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdtctm.dll
[2011/05/20 04:07:33 | 001,371,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dwmcore.dll
[2011/05/20 04:07:33 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdrm.dll
[2011/05/20 04:07:33 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shlwapi.dll
[2011/05/20 04:07:33 | 000,295,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\framedynos.dll
[2011/05/20 04:07:33 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncsi.dll
[2011/05/20 04:07:32 | 002,652,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netshell.dll
[2011/05/20 04:07:32 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbc32.dll
[2011/05/20 04:07:31 | 001,572,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\quartz.dll
[2011/05/20 04:07:31 | 000,800,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usp10.dll
[2011/05/20 04:07:31 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netcfgx.dll
[2011/05/20 04:07:31 | 000,390,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winlogon.exe
[2011/05/20 04:07:31 | 000,297,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ws2_32.dll
[2011/05/20 04:07:31 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tcpmonui.dll
[2011/05/20 04:07:30 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\quartz.dll
[2011/05/20 04:07:30 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxgi.dll
[2011/05/20 04:07:30 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\comdlg32.dll
[2011/05/20 04:07:30 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsm.exe
[2011/05/20 04:07:30 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1core.dll
[2011/05/20 04:07:29 | 002,055,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Query.dll
[2011/05/20 04:07:29 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\TSWorkspace.dll
[2011/05/20 04:07:29 | 000,481,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpps.dll
[2011/05/20 04:07:29 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\apphelp.dll
[2011/05/20 04:07:28 | 002,543,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpdshext.dll
[2011/05/20 04:07:28 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tsmf.dll
[2011/05/20 04:07:28 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dot3api.dll
[2011/05/20 04:07:27 | 000,897,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\azroles.dll
[2011/05/20 04:07:27 | 000,266,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\QAGENT.DLL
[2011/05/20 04:07:26 | 001,098,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Vault.dll
[2011/05/20 04:07:26 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\samsrv.dll
[2011/05/20 04:07:26 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cmd.exe
[2011/05/20 04:07:26 | 000,281,600 | ---- | C] (Microsoft) -- C:\windows\SysNative\DShowRdpFilter.dll
[2011/05/20 04:07:25 | 002,522,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dbgeng.dll
[2011/05/20 04:07:25 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssvp.dll
[2011/05/20 04:07:25 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32spl.dll
[2011/05/20 04:07:25 | 000,653,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lpksetup.exe
[2011/05/20 04:07:24 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d11.dll
[2011/05/20 04:07:23 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netcfgx.dll
[2011/05/20 04:07:22 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMVDECOD.DLL
[2011/05/20 04:07:22 | 001,190,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecs.dll
[2011/05/20 04:07:22 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\webio.dll
[2011/05/20 04:07:21 | 001,363,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Query.dll
[2011/05/20 04:07:21 | 000,582,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sxs.dll
[2011/05/20 04:07:21 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskcomp.dll
[2011/05/20 04:07:21 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfds.dll
[2011/05/20 04:07:21 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Wldap32.dll
[2011/05/20 04:07:21 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mcbuilder.exe
[2011/05/20 04:07:20 | 001,808,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pnidui.dll
[2011/05/20 04:07:20 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\upnp.dll
[2011/05/20 04:07:19 | 002,151,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mmcndmgr.dll
[2011/05/20 04:07:19 | 001,158,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\webservices.dll
[2011/05/20 04:07:19 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ipsmsnap.dll
[2011/05/20 04:07:19 | 000,252,928 | ---- | C] (Microsoft) -- C:\windows\SysWow64\DShowRdpFilter.dll
[2011/05/20 04:07:19 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hgprint.dll
[2011/05/20 04:07:19 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netfxperf.dll
[2011/05/20 04:07:17 | 001,792,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\authui.dll
[2011/05/20 04:07:17 | 000,933,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sqlsrv32.dll
[2011/05/20 04:07:17 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\imapi2fs.dll
[2011/05/20 04:07:17 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fveapi.dll
[2011/05/20 04:07:17 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msdrm.dll
[2011/05/20 04:07:17 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsta.dll
[2011/05/20 04:07:16 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PortableDeviceApi.dll
[2011/05/20 04:07:16 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dot3api.dll
[2011/05/20 04:07:15 | 001,243,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMNetMgr.dll
[2011/05/20 04:07:15 | 001,009,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mcmde.dll
[2011/05/20 04:07:15 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gdi32.dll
[2011/05/20 04:07:15 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSNP.ax
[2011/05/20 04:07:15 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\schtasks.exe
[2011/05/20 04:07:15 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mcbuilder.exe
[2011/05/20 04:07:15 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\prncache.dll
[2011/05/20 04:07:14 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\certmgr.dll
[2011/05/20 04:07:14 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlanpref.dll
[2011/05/20 04:07:14 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapi.dll
[2011/05/20 04:07:13 | 001,712,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xpsservices.dll
[2011/05/20 04:07:13 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vpnike.dll
[2011/05/20 04:07:13 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wintrust.dll
[2011/05/20 04:07:13 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d10_1core.dll
[2011/05/20 04:07:13 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\userenv.dll
[2011/05/20 04:07:12 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\evr.dll
[2011/05/20 04:07:12 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\photowiz.dll
[2011/05/20 04:07:11 | 002,262,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SyncCenter.dll
[2011/05/20 04:07:11 | 001,082,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppobjs.dll
[2011/05/20 04:07:11 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpmde.dll
[2011/05/20 04:07:11 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpeffects.dll
[2011/05/20 04:07:11 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2011/05/20 04:07:11 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cmd.exe
[2011/05/20 04:07:11 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AudioSes.dll
[2011/05/20 04:07:11 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\framedyn.dll
[2011/05/20 04:07:10 | 002,072,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMPEncEn.dll
[2011/05/20 04:07:10 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfreadwrite.dll
[2011/05/20 04:07:09 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\win32spl.dll
[2011/05/20 04:07:09 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[2011/05/20 04:07:09 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\framedynos.dll
[2011/05/20 04:07:09 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fde.dll
[2011/05/20 04:07:08 | 000,503,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imapi2.dll
[2011/05/20 04:07:08 | 000,501,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WinSATAPI.dll
[2011/05/20 04:07:08 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfds.dll
[2011/05/20 04:07:08 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\stobject.dll
[2011/05/20 04:07:07 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\localsec.dll
[2011/05/20 04:07:07 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netdiagfx.dll
[2011/05/20 04:07:07 | 000,298,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bcryptprimitives.dll
[2011/05/20 04:07:07 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\credui.dll
[2011/05/20 04:07:07 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cdd.dll
[2011/05/20 04:07:06 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetpp.dll
[2011/05/20 04:07:06 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netid.dll
[2011/05/20 04:07:05 | 000,762,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\azroles.dll
[2011/05/20 04:07:05 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\biocpl.dll
[2011/05/20 04:07:05 | 000,253,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tcpipcfg.dll
[2011/05/20 04:07:05 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spp.dll
[2011/05/20 04:07:05 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\QSHVHOST.DLL
[2011/05/20 04:07:05 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ncsi.dll
[2011/05/20 04:07:05 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\davclnt.dll
[2011/05/20 04:07:03 | 002,755,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\themeui.dll
[2011/05/20 04:07:03 | 002,746,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gameux.dll
[2011/05/20 04:07:03 | 001,050,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\printui.dll
[2011/05/20 04:07:03 | 000,571,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mspbda.dll
[2011/05/20 04:07:03 | 000,378,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msinfo32.exe
[2011/05/20 04:07:03 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scansetting.dll
[2011/05/20 04:07:02 | 000,477,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PhotoScreensaver.scr
[2011/05/20 04:07:02 | 000,337,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe
[2011/05/20 04:07:02 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\credui.dll
[2011/05/20 04:07:02 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\splwow64.exe
[2011/05/20 04:07:01 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdri.dll
[2011/05/20 04:07:01 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wusa.exe
[2011/05/20 04:07:01 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IPHLPAPI.DLL
[2011/05/20 04:07:01 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aitagent.exe
[2011/05/20 04:06:59 | 000,934,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FirewallControlPanel.dll
[2011/05/20 04:06:59 | 000,854,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dbghelp.dll
[2011/05/20 04:06:59 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mscms.dll
[2011/05/20 04:06:59 | 000,508,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dxgi.dll
[2011/05/20 04:06:59 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winspool.drv
[2011/05/20 04:06:59 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfreadwrite.dll
[2011/05/20 04:06:59 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rpchttp.dll
[2011/05/20 04:06:59 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wintrust.dll
[2011/05/20 04:06:59 | 000,144,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\basecsp.dll
[2011/05/20 04:06:58 | 003,211,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msi.dll
[2011/05/20 04:06:58 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wisptis.exe
[2011/05/20 04:06:58 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsRasterService.dll
[2011/05/20 04:06:58 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ocsetup.exe
[2011/05/20 04:06:57 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\evr.dll
[2011/05/20 04:06:57 | 000,418,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppwinob.dll
[2011/05/20 04:06:57 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WinSATAPI.dll
[2011/05/20 04:06:57 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\taskcomp.dll
[2011/05/20 04:06:56 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcore.dll
[2011/05/20 04:06:56 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\calc.exe
[2011/05/20 04:06:56 | 000,459,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DXP.dll
[2011/05/20 04:06:56 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cfgmgr32.dll
[2011/05/20 04:06:56 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ocsetapi.dll
[2011/05/20 04:06:54 | 000,780,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ci.dll
[2011/05/20 04:06:54 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sqlsrv32.dll
[2011/05/20 04:06:54 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntshrui.dll
[2011/05/20 04:06:54 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\eapp3hst.dll
[2011/05/20 04:06:53 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UIRibbon.dll
[2011/05/20 04:06:53 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mmsys.cpl
[2011/05/20 04:06:53 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\eapphost.dll
[2011/05/20 04:06:53 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\upnp.dll
[2011/05/20 04:06:53 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mprapi.dll
[2011/05/20 04:06:53 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\t2embed.dll
[2011/05/20 04:06:53 | 000,128,000 | ---- | C] (Microsoft) -- C:\windows\SysNative\Robocopy.exe
[2011/05/20 04:06:52 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\thumbcache.dll
[2011/05/20 04:06:52 | 000,078,720 | ---- | C] (Hewlett-Packard Company) -- C:\windows\SysNative\drivers\HpSAMD.sys
[2011/05/20 04:06:51 | 002,494,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netshell.dll
[2011/05/20 04:06:51 | 001,457,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DxpTaskSync.dll
[2011/05/20 04:06:51 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSMPEG2ENC.DLL
[2011/05/20 04:06:51 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PerfCenterCPL.dll
[2011/05/20 04:06:51 | 000,263,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hal.dll
[2011/05/20 04:06:51 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scecli.dll
[2011/05/20 04:06:51 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dwmredir.dll
[2011/05/20 04:06:50 | 000,179,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Classpnp.sys
[2011/05/20 04:06:50 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspicli.dll
[2011/05/20 04:06:50 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msasn1.dll
[2011/05/20 04:06:49 | 002,851,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\themeui.dll
[2011/05/20 04:06:49 | 002,341,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msi.dll
[2011/05/20 04:06:49 | 000,932,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\printui.dll
[2011/05/20 04:06:49 | 000,675,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DXPTaskRingtone.dll
[2011/05/20 04:06:49 | 000,429,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\puiobj.dll
[2011/05/20 04:06:49 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\onex.dll
[2011/05/20 04:06:49 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\prncache.dll
[2011/05/20 04:06:48 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpeffects.dll
[2011/05/20 04:06:48 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aaclient.dll
[2011/05/20 04:06:48 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\net1.exe
[2011/05/20 04:06:47 | 001,363,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wdc.dll
[2011/05/20 04:06:47 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll
[2011/05/20 04:06:47 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rpchttp.dll
[2011/05/20 04:06:46 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scesrv.dll
[2011/05/20 04:06:46 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\scansetting.dll
[2011/05/20 04:06:45 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sdengin2.dll
[2011/05/20 04:06:45 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msftedit.dll
[2011/05/20 04:06:45 | 000,691,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\VAN.dll
[2011/05/20 04:06:45 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\StructuredQuery.dll
[2011/05/20 04:06:45 | 000,475,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlangpui.dll
[2011/05/20 04:06:45 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wiadefui.dll
[2011/05/20 04:06:44 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netcenter.dll
[2011/05/20 04:06:44 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SndVol.exe
[2011/05/20 04:06:44 | 000,239,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dskquoui.dll
[2011/05/20 04:06:44 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MMDevAPI.dll
[2011/05/20 04:06:44 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\davclnt.dll
[2011/05/20 04:06:44 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\samcli.dll
[2011/05/20 04:06:44 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wscapi.dll
[2011/05/20 04:06:43 | 002,621,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wucltux.dll
[2011/05/20 04:06:43 | 002,504,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMVCORE.DLL
[2011/05/20 04:06:43 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlangpui.dll
[2011/05/20 04:06:43 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srchadmin.dll
[2011/05/20 04:06:43 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\QSHVHOST.DLL
[2011/05/20 04:06:43 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\aaclient.dll
[2011/05/20 04:06:43 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\consent.exe
[2011/05/20 04:06:43 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\QUTIL.DLL
[2011/05/20 04:06:43 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\regapi.dll
[2011/05/20 04:06:42 | 002,311,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wpdshext.dll
[2011/05/20 04:06:42 | 001,750,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pnidui.dll
[2011/05/20 04:06:42 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\t2embed.dll
[2011/05/20 04:06:41 | 000,782,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\webservices.dll
[2011/05/20 04:06:41 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\timedate.cpl
[2011/05/20 04:06:41 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wksprt.exe
[2011/05/20 04:06:41 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fde.dll
[2011/05/20 04:06:41 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\setupcl.exe
[2011/05/20 04:06:40 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rastls.dll
[2011/05/20 04:06:40 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netdiagfx.dll
[2011/05/20 04:06:40 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskhost.exe
[2011/05/20 04:06:39 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SyncCenter.dll
[2011/05/20 04:06:39 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appwiz.cpl
[2011/05/20 04:06:39 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TabletPC.cpl
[2011/05/20 04:06:39 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wscapi.dll
[2011/05/20 04:06:38 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapi.dll
[2011/05/20 04:06:37 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hgcpl.dll
[2011/05/20 04:06:37 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msconfig.exe
[2011/05/20 04:06:37 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netiohlp.dll
[2011/05/20 04:06:37 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WinSCard.dll
[2011/05/20 04:06:37 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mimefilt.dll
[2011/05/20 04:06:35 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSMPEG2ENC.DLL
[2011/05/20 04:06:35 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdpcore.dll
[2011/05/20 04:06:35 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AuxiliaryDisplayCpl.dll
[2011/05/20 04:06:35 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mtxclu.dll
[2011/05/20 04:06:35 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\clusapi.dll
[2011/05/20 04:06:35 | 000,166,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\basecsp.dll
[2011/05/20 04:06:35 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\winsta.dll
[2011/05/20 04:06:35 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fdeploy.dll
[2011/05/20 04:06:35 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsmproxy.dll
[2011/05/20 04:06:35 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TsUsbGDCoInstaller.dll
[2011/05/20 04:06:34 | 000,633,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\riched20.dll
[2011/05/20 04:06:34 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\imapi2.dll
[2011/05/20 04:06:33 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\gameux.dll
[2011/05/20 04:06:33 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\DXPTaskRingtone.dll
[2011/05/20 04:06:33 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dnscmmc.dll
[2011/05/20 04:06:33 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RpcRtRemote.dll
[2011/05/20 04:06:32 | 001,624,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMPEncEn.dll
[2011/05/20 04:06:32 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\powercpl.dll
[2011/05/20 04:06:32 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\onex.dll
[2011/05/20 04:06:32 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\logoncli.dll
[2011/05/20 04:06:31 | 002,250,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SensorsCpl.dll
[2011/05/20 04:06:31 | 002,193,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\themecpl.dll
[2011/05/20 04:06:31 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Narrator.exe
[2011/05/20 04:06:31 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssvp.dll
[2011/05/20 04:06:31 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\autofmt.exe
[2011/05/20 04:06:31 | 000,359,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\eudcedit.exe
[2011/05/20 04:06:31 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sharemediacpl.dll
[2011/05/20 04:06:31 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Faultrep.dll
[2011/05/20 04:06:31 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netjoin.dll
[2011/05/20 04:06:31 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nci.dll
[2011/05/20 04:06:31 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\hbaapi.dll
[2011/05/20 04:06:30 | 000,668,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\autochk.exe
[2011/05/20 04:06:30 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netiohlp.dll
[2011/05/20 04:06:29 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\comctl32.dll
[2011/05/20 04:06:29 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppcomapi.dll
[2011/05/20 04:06:29 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\IPHLPAPI.DLL
[2011/05/20 04:06:29 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vpnikeapi.dll
[2011/05/20 04:06:29 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\proquota.exe
[2011/05/20 04:06:28 | 000,777,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\autochk.exe
[2011/05/20 04:06:28 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msutb.dll
[2011/05/20 04:06:28 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cabview.dll
[2011/05/20 04:06:27 | 000,763,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\autofmt.exe
[2011/05/20 04:06:27 | 000,679,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\autoconv.exe
[2011/05/20 04:06:27 | 000,303,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msinfo32.exe
[2011/05/20 04:06:27 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AudioSes.dll
[2011/05/20 04:06:25 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\autoconv.exe
[2011/05/20 04:06:25 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpd_ci.dll
[2011/05/20 04:06:25 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nshipsec.dll
[2011/05/20 04:06:25 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\powercpl.dll
[2011/05/20 04:06:25 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ipsmsnap.dll
[2011/05/20 04:06:25 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\srchadmin.dll
[2011/05/20 04:06:25 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\eapphost.dll
[2011/05/20 04:06:25 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tcpipcfg.dll
[2011/05/20 04:06:25 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\schtasks.exe
[2011/05/20 04:06:25 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bcdsrv.dll
[2011/05/20 04:06:25 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shsetup.dll
[2011/05/20 04:06:25 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\audiodg.exe
[2011/05/20 04:06:25 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\windows\SysNative\fms.dll
[2011/05/20 04:06:25 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\regapi.dll
[2011/05/20 04:06:25 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mimefilt.dll
[2011/05/20 04:06:24 | 001,264,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sdclt.exe
[2011/05/20 04:06:24 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlanui.dll
[2011/05/20 04:06:24 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msihnd.dll
[2011/05/20 04:06:24 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wwanconn.dll
[2011/05/20 04:06:24 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\framedyn.dll
[2011/05/20 04:06:24 | 000,171,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\scsiport.sys
[2011/05/20 04:06:24 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\prntvpt.dll
[2011/05/20 04:06:24 | 000,155,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscorier.dll
[2011/05/20 04:06:24 | 000,154,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mscorier.dll
[2011/05/20 04:06:23 | 000,905,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mmsys.cpl
[2011/05/20 04:06:23 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fontext.dll
[2011/05/20 04:06:23 | 000,665,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AuxiliaryDisplayCpl.dll
[2011/05/20 04:06:23 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\timedate.cpl
[2011/05/20 04:06:23 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\QAGENT.DLL
[2011/05/20 04:06:23 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netid.dll
[2011/05/20 04:06:22 | 001,066,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Display.dll
[2011/05/20 04:06:22 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qedit.dll
[2011/05/20 04:06:22 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mprddm.dll
[2011/05/20 04:06:21 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSNP.ax
[2011/05/20 04:06:21 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\hidclass.sys
[2011/05/20 04:06:20 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wdc.dll
[2011/05/20 04:06:20 | 000,749,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\batmeter.dll
[2011/05/20 04:06:19 | 001,326,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlanpref.dll
[2011/05/20 04:06:19 | 001,202,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DiagCpl.dll
[2011/05/20 04:06:19 | 000,957,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mblctr.exe
[2011/05/20 04:06:19 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Vault.dll
[2011/05/20 04:06:19 | 000,372,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rastls.dll
[2011/05/20 04:06:19 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\untfs.dll
[2011/05/20 04:06:19 | 000,307,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\scesrv.dll
[2011/05/20 04:06:19 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpsrcwp.dll
[2011/05/20 04:06:19 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nci.dll
[2011/05/20 04:06:18 | 001,003,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMNetMgr.dll
[2011/05/20 04:06:18 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usercpl.dll
[2011/05/20 04:06:18 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rtutils.dll
[2011/05/20 04:06:17 | 002,217,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bootres.dll
[2011/05/20 04:06:17 | 000,812,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpccpl.dll
[2011/05/20 04:06:17 | 000,433,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MCEWMDRMNDBootstrap.dll
[2011/05/20 04:06:17 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ksproxy.ax
[2011/05/20 04:06:17 | 000,098,816 | ---- | C] (Microsoft) -- C:\windows\SysWow64\Robocopy.exe
[2011/05/20 04:06:17 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSTPager.ax
[2011/05/20 04:06:16 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\DxpTaskSync.dll
[2011/05/20 04:06:16 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rasppp.dll
[2011/05/20 04:06:15 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Display.dll
[2011/05/20 04:06:15 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mtxclu.dll
[2011/05/20 04:06:15 | 000,279,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxdiagn.dll
[2011/05/20 04:06:15 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\taskmgr.exe
[2011/05/20 04:06:15 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SndVolSSO.dll
[2011/05/20 04:06:15 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssphtb.dll
[2011/05/20 04:06:15 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dot3cfg.dll
[2011/05/20 04:06:14 | 000,416,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\prnfldr.dll
[2011/05/20 04:06:14 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\termmgr.dll
[2011/05/20 04:06:14 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\puiobj.dll
[2011/05/20 04:06:14 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskmgr.exe
[2011/05/20 04:06:14 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shdocvw.dll
[2011/05/20 04:06:14 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsRasterService.dll
[2011/05/20 04:06:14 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hbaapi.dll
[2011/05/20 04:06:13 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\untfs.dll
[2011/05/20 04:06:13 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pdh.dll
[2011/05/20 04:06:13 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\eudcedit.exe
[2011/05/20 04:06:13 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSAC3ENC.DLL
[2011/05/20 04:06:13 | 000,155,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\ataport.sys
[2011/05/20 04:06:13 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\logoncli.dll
[2011/05/20 04:06:13 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WPDShServiceObj.dll
[2011/05/20 04:06:13 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\proquota.exe
[2011/05/20 04:06:12 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wiadefui.dll
[2011/05/20 04:06:12 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sppcomapi.dll
[2011/05/20 04:06:12 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rasppp.dll
[2011/05/20 04:06:12 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cabview.dll
[2011/05/20 04:06:12 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\shsetup.dll
[2011/05/20 04:06:11 | 003,745,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\accessibilitycpl.dll
[2011/05/20 04:06:11 | 000,856,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\FirewallControlPanel.dll
[2011/05/20 04:06:11 | 000,649,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\appwiz.cpl
[2011/05/20 04:06:11 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorekmts.dll
[2011/05/20 04:06:10 | 002,202,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SensorsCpl.dll
[2011/05/20 04:06:10 | 002,157,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\themecpl.dll
[2011/05/20 04:06:10 | 000,349,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\slui.exe
[2011/05/20 04:06:10 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\FWPUCLNT.DLL
[2011/05/20 04:06:09 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PhotoScreensaver.scr
[2011/05/20 04:06:09 | 000,366,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\zipfldr.dll
[2011/05/20 04:06:09 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msieftp.dll
[2011/05/20 04:06:09 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\hgcpl.dll
[2011/05/20 04:06:09 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\defaultlocationcpl.dll
[2011/05/20 04:06:09 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dnscmmc.dll
[2011/05/20 04:06:08 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Mpeg2Data.ax
[2011/05/20 04:06:07 | 002,146,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\networkmap.dll
[2011/05/20 04:06:07 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fontext.dll
[2011/05/20 04:06:07 | 000,769,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sud.dll
[2011/05/20 04:06:07 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DeviceCenter.dll
[2011/05/20 04:06:07 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscms.dll
[2011/05/20 04:06:07 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\localsec.dll
[2011/05/20 04:06:07 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mprddm.dll
[2011/05/20 04:06:07 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\scecli.dll
[2011/05/20 04:06:07 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\psisrndr.ax
[2011/05/20 04:06:07 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscories.dll
[2011/05/20 04:06:06 | 001,065,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptui.dll
[2011/05/20 04:06:06 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskbarcpl.dll
[2011/05/20 04:06:06 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\OnLineIDCpl.dll
[2011/05/20 04:06:06 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SndVolSSO.dll
[2011/05/20 04:06:05 | 000,780,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ActionCenter.dll
[2011/05/20 04:06:05 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PerfCenterCPL.dll
[2011/05/20 04:06:05 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\usercpl.dll
[2011/05/20 04:06:05 | 000,503,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srcore.dll
[2011/05/20 04:06:05 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlanui.dll
[2011/05/20 04:06:05 | 000,373,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\intl.cpl
[2011/05/20 04:06:05 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qdvd.dll
[2011/05/20 04:06:05 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\twext.dll
[2011/05/20 04:06:04 | 001,644,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netcenter.dll
[2011/05/20 04:06:04 | 000,740,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\batmeter.dll
[2011/05/20 04:06:04 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\VAN.dll
[2011/05/20 04:06:04 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qedit.dll
[2011/05/20 04:06:04 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\prntvpt.dll
[2011/05/20 04:06:04 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpwsx.dll
[2011/05/20 04:06:03 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qdvd.dll
[2011/05/20 04:06:02 | 000,898,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\OobeFldr.dll
[2011/05/20 04:06:02 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\azroleui.dll
[2011/05/20 04:06:02 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bcdedit.exe
[2011/05/20 04:06:02 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SndVol.exe
[2011/05/20 04:06:02 | 000,288,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\FWPKCLNT.SYS
[2011/05/20 04:06:02 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\uxlib.dll
[2011/05/20 04:06:02 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\recovery.dll
[2011/05/20 04:06:02 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\w32tm.exe
[2011/05/20 04:06:01 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dsuiext.dll
[2011/05/20 04:06:01 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\spwizeng.dll
[2011/05/20 04:06:01 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MediaMetadataHandler.dll
[2011/05/20 04:06:01 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\azroleui.dll
[2011/05/20 04:06:01 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cca.dll
[2011/05/20 04:06:01 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\isoburn.exe
[2011/05/20 04:06:01 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sisbkup.dll
[2011/05/20 04:06:00 | 003,727,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\accessibilitycpl.dll
[2011/05/20 04:06:00 | 000,304,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\efscore.dll
[2011/05/20 04:06:00 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tzutil.exe
[2011/05/20 04:05:59 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sdcpl.dll
[2011/05/20 04:05:59 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bthprops.cpl
[2011/05/20 04:05:59 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\main.cpl
[2011/05/20 04:05:59 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\systemcpl.dll
[2011/05/20 04:05:59 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\zipfldr.dll
[2011/05/20 04:05:59 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\recdisc.exe
[2011/05/20 04:05:59 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSAC3ENC.DLL
[2011/05/20 04:05:59 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\syncui.dll
[2011/05/20 04:05:59 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\VBICodec.ax
[2011/05/20 04:05:59 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netplwiz.dll
[2011/05/20 04:05:59 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\sdbus.sys
[2011/05/20 04:05:59 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fdeploy.dll
[2011/05/20 04:05:59 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\httpapi.dll
[2011/05/20 04:05:58 | 001,003,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cryptui.dll
[2011/05/20 04:05:58 | 000,451,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shwebsvc.dll
[2011/05/20 04:05:58 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\adsldp.dll
[2011/05/20 04:05:58 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netjoin.dll
[2011/05/20 04:05:58 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\autoplay.dll
[2011/05/20 04:05:58 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspisrv.dll
[2011/05/20 04:05:57 | 002,130,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\networkmap.dll
[2011/05/20 04:05:57 | 000,549,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ActionCenterCPL.dll
[2011/05/20 04:05:57 | 000,460,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\certcli.dll
[2011/05/20 04:05:57 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlanmsm.dll
[2011/05/20 04:05:57 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Faultrep.dll
[2011/05/20 04:05:57 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wusa.exe
[2011/05/20 04:05:57 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sysclass.dll
[2011/05/20 04:05:57 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncryptui.dll
[2011/05/20 04:05:56 | 000,312,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MCEWMDRMNDBootstrap.dll
[2011/05/20 04:05:56 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AuxiliaryDisplayServices.dll
[2011/05/20 04:05:56 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ksxbar.ax
[2011/05/20 04:05:55 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sud.dll
juansalazar
Active Member
 
Posts: 10
Joined: May 27th, 2011, 11:40 pm

Re: Help Please!!

Unread postby juansalazar » June 2nd, 2011, 11:26 am

OTLS.text Continued......

[2011/05/20 04:05:55 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ActionCenter.dll
[2011/05/20 04:05:55 | 000,474,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sysmon.ocx
[2011/05/20 04:05:55 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spwizeng.dll
[2011/05/20 04:05:55 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\termmgr.dll
[2011/05/20 04:05:55 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\prnfldr.dll
[2011/05/20 04:05:55 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msieftp.dll
[2011/05/20 04:05:55 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\photowiz.dll
[2011/05/20 04:05:55 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MediaMetadataHandler.dll
[2011/05/20 04:05:55 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MFPlay.dll
[2011/05/20 04:05:55 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\OnLineIDCpl.dll
[2011/05/20 04:05:55 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vdsutil.dll
[2011/05/20 04:05:54 | 000,641,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msscp.dll
[2011/05/20 04:05:54 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sysmon.ocx
[2011/05/20 04:05:54 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rstrui.exe
[2011/05/20 04:05:54 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sethc.exe
[2011/05/20 04:05:54 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iprtrmgr.dll
[2011/05/20 04:05:54 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbccp32.dll
[2011/05/20 04:05:53 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\bthprops.cpl
[2011/05/20 04:05:53 | 000,446,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sqlcese30.dll
[2011/05/20 04:05:53 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\shwebsvc.dll
[2011/05/20 04:05:53 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\intl.cpl
[2011/05/20 04:05:53 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ReAgent.dll
[2011/05/20 04:05:53 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iprtrmgr.dll
[2011/05/20 04:05:53 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\defaultlocationcpl.dll
[2011/05/20 04:05:53 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SmartcardCredentialProvider.dll
[2011/05/20 04:05:53 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ifsutil.dll
[2011/05/20 04:05:53 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntlanman.dll
[2011/05/20 04:05:53 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dot3cfg.dll
[2011/05/20 04:05:53 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpd3d.dll
[2011/05/20 04:05:53 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wwanprotdim.dll
[2011/05/20 04:05:53 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tsgqec.dll
[2011/05/20 04:05:53 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ftp.exe
[2011/05/20 04:05:53 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sisbkup.dll
[2011/05/20 04:05:52 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\unimdm.tsp
[2011/05/20 04:05:52 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbcjt32.dll
[2011/05/20 04:05:52 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbctrac.dll
[2011/05/20 04:05:52 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\efscore.dll
[2011/05/20 04:05:52 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UserAccountControlSettings.dll
[2011/05/20 04:05:52 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secur32.dll
[2011/05/20 04:05:51 | 000,781,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmdrmsdk.dll
[2011/05/20 04:05:51 | 000,537,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ActionCenterCPL.dll
[2011/05/20 04:05:51 | 000,495,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drmmgrtn.dll
[2011/05/20 04:05:51 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ssText3d.scr
[2011/05/20 04:05:51 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iTVData.dll
[2011/05/20 04:05:51 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\syncui.dll
[2011/05/20 04:05:51 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\autoplay.dll
[2011/05/20 04:05:51 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\slwga.dll
[2011/05/20 04:05:50 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpmde.dll
[2011/05/20 04:05:50 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\DeviceCenter.dll
[2011/05/20 04:05:50 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dskquoui.dll
[2011/05/20 04:05:50 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srvcli.dll
[2011/05/20 04:05:50 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntlanman.dll
[2011/05/20 04:05:49 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\OobeFldr.dll
[2011/05/20 04:05:49 | 000,255,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wavemsp.dll
[2011/05/20 04:05:49 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nslookup.exe
[2011/05/20 04:05:49 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WSTPager.ax
[2011/05/20 04:05:49 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rtutils.dll
[2011/05/20 04:05:48 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\systemcpl.dll
[2011/05/20 04:05:48 | 000,344,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntprint.dll
[2011/05/20 04:05:48 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DevicePairingFolder.dll
[2011/05/20 04:05:48 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\NAPHLPR.DLL
[2011/05/20 04:05:48 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\acppage.dll
[2011/05/20 04:05:47 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\blackbox.dll
[2011/05/20 04:05:47 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nshwfp.dll
[2011/05/20 04:05:47 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\riched20.dll
[2011/05/20 04:05:47 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntprint.dll
[2011/05/20 04:05:47 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srrstr.dll
[2011/05/20 04:05:47 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sethc.exe
[2011/05/20 04:05:47 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\activeds.dll
[2011/05/20 04:05:47 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ksproxy.ax
[2011/05/20 04:05:47 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpsrcwp.dll
[2011/05/20 04:05:47 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netplwiz.dll
[2011/05/20 04:05:47 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bcdboot.exe
[2011/05/20 04:05:47 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\powercfg.cpl
[2011/05/20 04:05:47 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SmartcardCredentialProvider.dll
[2011/05/20 04:05:47 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\NAPHLPR.DLL
[2011/05/20 04:05:47 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppnp.dll
[2011/05/20 04:05:47 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\migisol.dll
[2011/05/20 04:05:47 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\windows\SysWow64\fms.dll
[2011/05/20 04:05:46 | 001,672,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\networkexplorer.dll
[2011/05/20 04:05:46 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cdosys.dll
[2011/05/20 04:05:46 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\remotepg.dll
[2011/05/20 04:05:46 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cabinet.dll
[2011/05/20 04:05:46 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wkscli.dll
[2011/05/20 04:05:46 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\httpapi.dll
[2011/05/20 04:05:45 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cdosys.dll
[2011/05/20 04:05:45 | 000,685,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dsuiext.dll
[2011/05/20 04:05:45 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dfrgui.exe
[2011/05/20 04:05:45 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msftedit.dll
[2011/05/20 04:05:45 | 000,586,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dfrgui.exe
[2011/05/20 04:05:45 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlanmsm.dll
[2011/05/20 04:05:45 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpdxm.dll
[2011/05/20 04:05:45 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nshipsec.dll
[2011/05/20 04:05:45 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dot3ui.dll
[2011/05/20 04:05:45 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ReAgent.dll
[2011/05/20 04:05:45 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wavemsp.dll
[2011/05/20 04:05:45 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WinSCard.dll
[2011/05/20 04:05:45 | 000,178,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuwebv.dll
[2011/05/20 04:05:45 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuwebv.dll
[2011/05/20 04:05:45 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\net1.exe
[2011/05/20 04:05:45 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kstvtune.ax
[2011/05/20 04:05:45 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\isoburn.exe
[2011/05/20 04:05:45 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wsnmp32.dll
[2011/05/20 04:05:45 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ftp.exe
[2011/05/20 04:05:44 | 000,840,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\blackbox.dll
[2011/05/20 04:05:44 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmdrmdev.dll
[2011/05/20 04:05:44 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wvc.dll
[2011/05/20 04:05:44 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wsqmcons.exe
[2011/05/20 04:05:44 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tzutil.exe
[2011/05/20 04:05:43 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wvc.dll
[2011/05/20 04:05:43 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wimgapi.dll
[2011/05/20 04:05:43 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\unimdm.tsp
[2011/05/20 04:05:43 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dxgmms1.sys
[2011/05/20 04:05:43 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstask.dll
[2011/05/20 04:05:43 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfps.dll
[2011/05/20 04:05:43 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ocsetup.exe
[2011/05/20 04:05:43 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\twext.dll
[2011/05/20 04:05:43 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wtsapi32.dll
[2011/05/20 04:05:43 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WerFaultSecure.exe
[2011/05/20 04:05:42 | 000,899,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Bubbles.scr
[2011/05/20 04:05:42 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mapistub.dll
[2011/05/20 04:05:42 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mapi32.dll
[2011/05/20 04:05:42 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2011/05/20 04:05:41 | 001,911,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\OpcServices.dll
[2011/05/20 04:05:41 | 000,497,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\main.cpl
[2011/05/20 04:05:41 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qasf.dll
[2011/05/20 04:05:41 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qcap.dll
[2011/05/20 04:05:41 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFPlatform.dll
[2011/05/20 04:05:41 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setupugc.exe
[2011/05/20 04:05:41 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\unimdmat.dll
[2011/05/20 04:05:41 | 000,051,200 | ---- | C] (Twain Working Group) -- C:\windows\twain_32.dll
[2011/05/20 04:05:41 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iscsium.dll
[2011/05/20 04:05:40 | 000,363,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\diskraid.exe
[2011/05/20 04:05:40 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ifsutil.dll
[2011/05/20 04:05:40 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\uxlib.dll
[2011/05/20 04:05:40 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\slwga.dll
[2011/05/20 04:05:39 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ssText3d.scr
[2011/05/20 04:05:39 | 000,242,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Mystify.scr
[2011/05/20 04:05:39 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Ribbons.scr
[2011/05/20 04:05:39 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msvfw32.dll
[2011/05/20 04:05:38 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmdrmsdk.dll
[2011/05/20 04:05:38 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\audiodev.dll
[2011/05/20 04:05:38 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nslookup.exe
[2011/05/20 04:05:38 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mciavi32.dll
[2011/05/20 04:05:38 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\muifontsetup.dll
[2011/05/20 04:05:37 | 001,087,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dbghelp.dll
[2011/05/20 04:05:37 | 000,573,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10level9.dll
[2011/05/20 04:05:37 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msscp.dll
[2011/05/20 04:05:37 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wimserv.exe
[2011/05/20 04:05:37 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsAnytimeUpgradeResults.exe
[2011/05/20 04:05:37 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\diskraid.exe
[2011/05/20 04:05:37 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qasf.dll
[2011/05/20 04:05:37 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\clusapi.dll
[2011/05/20 04:05:37 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpencom.dll
[2011/05/20 04:05:37 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\DevicePairingFolder.dll
[2011/05/20 04:05:37 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdpencom.dll
[2011/05/20 04:05:37 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\perfmon.exe
[2011/05/20 04:05:37 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpshell.dll
[2011/05/20 04:05:37 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tlscsp.dll
[2011/05/20 04:05:37 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\umb.dll
[2011/05/20 04:05:37 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\NAPCRYPT.DLL
[2011/05/20 04:05:37 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\acppage.dll
[2011/05/20 04:05:37 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AzSqlExt.dll
[2011/05/20 04:05:37 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netutils.dll
[2011/05/20 04:05:36 | 000,623,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FXSAPI.dll
[2011/05/20 04:05:36 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ActionQueue.dll
[2011/05/20 04:05:36 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\perfmon.exe
[2011/05/20 04:05:36 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\remotepg.dll
[2011/05/20 04:05:36 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\windows\bfsvc.exe
[2011/05/20 04:05:36 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\runonce.exe
[2011/05/20 04:05:35 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\drmmgrtn.dll
[2011/05/20 04:05:35 | 000,337,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\raschap.dll
[2011/05/20 04:05:35 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\raschap.dll
[2011/05/20 04:05:35 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\QUTIL.DLL
[2011/05/20 04:05:34 | 001,232,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMADMOD.DLL
[2011/05/20 04:05:34 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpdwcn.dll
[2011/05/20 04:05:34 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\input.dll
[2011/05/20 04:05:34 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wiavideo.dll
[2011/05/20 04:05:34 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbccp32.dll
[2011/05/20 04:05:34 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\NAPCRYPT.DLL
[2011/05/20 04:05:34 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\syssetup.dll
[2011/05/20 04:05:33 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\onexui.dll
[2011/05/20 04:05:33 | 000,666,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMVSDECD.DLL
[2011/05/20 04:05:33 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpdxm.dll
[2011/05/20 04:05:33 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstask.dll
[2011/05/20 04:05:33 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iTVData.dll
[2011/05/20 04:05:33 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dxdiagn.dll
[2011/05/20 04:05:33 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wpdwcn.dll
[2011/05/20 04:05:33 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vdsbas.dll
[2011/05/20 04:05:33 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ocsetapi.dll
[2011/05/20 04:05:33 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\vdsbas.dll
[2011/05/20 04:05:33 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MdSched.exe
[2011/05/20 04:05:33 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Kswdmcap.ax
[2011/05/20 04:05:33 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UserAccountControlSettings.dll
[2011/05/20 04:05:33 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\runonce.exe
[2011/05/20 04:05:33 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PrintIsolationProxy.dll
[2011/05/20 04:05:33 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\vpnikeapi.dll
[2011/05/20 04:05:32 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nltest.exe
[2011/05/20 04:05:32 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bitsadmin.exe
[2011/05/20 04:05:32 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\rmcast.sys
[2011/05/20 04:05:32 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\logagent.exe
[2011/05/20 04:05:31 | 000,527,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmdrmnet.dll
[2011/05/20 04:05:31 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmdrmdev.dll
[2011/05/20 04:05:31 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d10level9.dll
[2011/05/20 04:05:31 | 000,431,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WPDSp.dll
[2011/05/20 04:05:31 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\eapp3hst.dll
[2011/05/20 04:05:31 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\bitsadmin.exe
[2011/05/20 04:05:31 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qcap.dll
[2011/05/20 04:05:31 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MFPlay.dll
[2011/05/20 04:05:31 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shacct.dll
[2011/05/20 04:05:31 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\QSVRMGMT.DLL
[2011/05/20 04:05:31 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc_ssp_isv.dll
[2011/05/20 04:05:31 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\shacct.dll
[2011/05/20 04:05:31 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpshell.dll
[2011/05/20 04:05:31 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\logman.exe
[2011/05/20 04:05:31 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tabcal.exe
[2011/05/20 04:05:31 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vss_ps.dll
[2011/05/20 04:05:31 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cscapi.dll
[2011/05/20 04:05:31 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\lsmproxy.dll
[2011/05/20 04:05:30 | 000,978,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMSPDMOD.DLL
[2011/05/20 04:05:30 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msnetobj.dll
[2011/05/20 04:05:30 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssphtb.dll
[2011/05/20 04:05:30 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wudriver.dll
[2011/05/20 04:05:30 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wudriver.dll
[2011/05/20 04:05:30 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\unimdmat.dll
[2011/05/20 04:05:29 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\OpcServices.dll
[2011/05/20 04:05:29 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Bubbles.scr
[2011/05/20 04:05:29 | 000,435,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PortableDeviceStatus.dll
[2011/05/20 04:05:29 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sqlcese30.dll
[2011/05/20 04:05:29 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qdv.dll
[2011/05/20 04:05:29 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pdh.dll
[2011/05/20 04:05:29 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PortableDeviceSyncProvider.dll
[2011/05/20 04:05:29 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PortableDeviceSyncProvider.dll
[2011/05/20 04:05:29 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mprapi.dll
[2011/05/20 04:05:29 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc_ssp.dll
[2011/05/20 04:05:29 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\kstvtune.ax
[2011/05/20 04:05:29 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\logman.exe
[2011/05/20 04:05:29 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spbcd.dll
[2011/05/20 04:05:29 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ncryptui.dll
[2011/05/20 04:05:29 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdpd3d.dll
[2011/05/20 04:05:29 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iscsium.dll
[2011/05/20 04:05:28 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WPDSp.dll
[2011/05/20 04:05:28 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dot3ui.dll
[2011/05/20 04:05:28 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fphc.dll
[2011/05/20 04:05:28 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\olethk32.dll
[2011/05/20 04:05:27 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMADMOD.DLL
[2011/05/20 04:05:27 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PortableDeviceStatus.dll
[2011/05/20 04:05:27 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMPhoto.dll
[2011/05/20 04:05:27 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMPhoto.dll
[2011/05/20 04:05:27 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Mystify.scr
[2011/05/20 04:05:27 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Ribbons.scr
[2011/05/20 04:05:27 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbctrac.dll
[2011/05/20 04:05:27 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\powercfg.cpl
[2011/05/20 04:05:27 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\desk.cpl
[2011/05/20 04:05:27 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dot3msm.dll
[2011/05/20 04:05:27 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wiavideo.dll
[2011/05/20 04:05:27 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Kswdmcap.ax
[2011/05/20 04:05:27 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\QSVRMGMT.DLL
[2011/05/20 04:05:27 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fphc.dll
[2011/05/20 04:05:27 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\avifil32.dll
[2011/05/20 04:05:27 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\amstream.dll
[2011/05/20 04:05:27 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mapistub.dll
[2011/05/20 04:05:27 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mapi32.dll
[2011/05/20 04:05:27 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Mpeg2Data.ax
[2011/05/20 04:05:27 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\takeown.exe
[2011/05/20 04:05:27 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PnPUnattend.exe
[2011/05/20 04:05:27 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\takeown.exe
[2011/05/20 04:05:27 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tsgqec.dll
[2011/05/20 04:05:27 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\utildll.dll
[2011/05/20 04:05:26 | 001,148,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IMJP10.IME
[2011/05/20 04:05:26 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMVSDECD.DLL
[2011/05/20 04:05:26 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmdrmnet.dll
[2011/05/20 04:05:26 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sqmapi.dll
[2011/05/20 04:05:26 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\VBICodec.ax
[2011/05/20 04:05:26 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\EhStorAPI.dll
[2011/05/20 04:05:26 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\HotStartUserAgent.dll
[2011/05/20 04:05:25 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qdv.dll
[2011/05/20 04:05:25 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msnetobj.dll
[2011/05/20 04:05:25 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFHost.exe
[2011/05/20 04:05:25 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\imagehlp.dll
[2011/05/20 04:05:25 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\EhStorAPI.dll
[2011/05/20 04:05:25 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cmstp.exe
[2011/05/20 04:05:25 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\QCLIPROV.DLL
[2011/05/20 04:05:25 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\psisrndr.ax
[2011/05/20 04:05:25 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netapi32.dll
[2011/05/20 04:05:25 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\CertPolEng.dll
[2011/05/20 04:05:25 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\djoin.exe
[2011/05/20 04:05:25 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shimgvw.dll
[2011/05/20 04:05:25 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nrpsrv.dll
[2011/05/20 04:05:24 | 000,681,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFx.dll
[2011/05/20 04:05:24 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sppinst.dll
[2011/05/20 04:05:24 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSDvbNP.ax
[2011/05/20 04:05:24 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\QCLIPROV.DLL
[2011/05/20 04:05:24 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WavDest.dll
[2011/05/20 04:05:23 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMSPDMOD.DLL
[2011/05/20 04:05:23 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msorcl32.dll
[2011/05/20 04:05:23 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\diskpart.exe
[2011/05/20 04:05:23 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iscsicli.exe
[2011/05/20 04:05:23 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mydocs.dll
[2011/05/20 04:05:23 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\desk.cpl
[2011/05/20 04:05:23 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setupcln.dll
[2011/05/20 04:05:23 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mobsync.exe
[2011/05/20 04:05:23 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cmstp.exe
[2011/05/20 04:05:23 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fdProxy.dll
[2011/05/20 04:05:23 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MuiUnattend.exe
[2011/05/20 04:05:23 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cca.dll
[2011/05/20 04:05:23 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\g711codc.ax
[2011/05/20 04:05:23 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\vfwwdm32.dll
[2011/05/20 04:05:23 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wsnmp32.dll
[2011/05/20 04:05:23 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MultiDigiMon.exe
[2011/05/20 04:05:23 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuauclt.exe
[2011/05/20 04:05:23 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pdhui.dll
[2011/05/20 04:05:23 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\relog.exe
[2011/05/20 04:05:23 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\relog.exe
[2011/05/20 04:05:23 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AzSqlExt.dll
[2011/05/20 04:05:23 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\BWUnpairElevated.dll
[2011/05/20 04:05:23 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sscore.dll
[2011/05/20 04:05:22 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate_ssp_isv.exe
[2011/05/20 04:05:22 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\itircl.dll
[2011/05/20 04:05:22 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iscsicli.exe
[2011/05/20 04:05:22 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mydocs.dll
[2011/05/20 04:05:22 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dot3msm.dll
[2011/05/20 04:05:22 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\amstream.dll
[2011/05/20 04:05:22 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\spbcd.dll
[2011/05/20 04:05:22 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wkscli.dll
[2011/05/20 04:05:22 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbisurf.ax
[2011/05/20 04:05:22 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdmo.dll
[2011/05/20 04:05:22 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netiougc.exe
[2011/05/20 04:05:21 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate_ssp.exe
[2011/05/20 04:05:21 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\diskpart.exe
[2011/05/20 04:05:21 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc_ssp_isv.dll
[2011/05/20 04:05:21 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\resutils.dll
[2011/05/20 04:05:21 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rastapi.dll
[2011/05/20 04:05:21 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\browcli.dll
[2011/05/20 04:05:21 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netbtugc.exe
[2011/05/20 04:05:20 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\itircl.dll
[2011/05/20 04:05:18 | 001,027,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\IMJP10.IME
[2011/05/20 04:05:18 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc_ssp.dll
[2011/05/20 04:05:18 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\CertPolEng.dll
[2011/05/20 04:05:18 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ksxbar.ax
[2011/05/20 04:05:18 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapp.exe
[2011/05/20 04:05:18 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\syssetup.dll
[2011/05/20 04:05:17 | 000,434,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FXSTIFF.dll
[2011/05/20 04:05:17 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate_ssp_isv.exe
[2011/05/20 04:05:17 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpps.dll
[2011/05/20 04:05:17 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\eappgnui.dll
[2011/05/20 04:05:17 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\eappgnui.dll
[2011/05/20 04:05:17 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imagehlp.dll
[2011/05/20 04:05:17 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\findstr.exe
[2011/05/20 04:05:17 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tlscsp.dll
[2011/05/20 04:05:17 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\findstr.exe
[2011/05/20 04:05:17 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\luainstall.dll
[2011/05/20 04:05:17 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mciqtz32.dll
[2011/05/20 04:05:17 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\choice.exe
[2011/05/20 04:05:17 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapp.exe
[2011/05/20 04:05:17 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WerFaultSecure.exe
[2011/05/20 04:05:17 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ReAgentc.exe
[2011/05/20 04:05:16 | 001,080,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\onexui.dll
[2011/05/20 04:05:16 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate_ssp.exe
[2011/05/20 04:05:16 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppc.dll
[2011/05/20 04:05:16 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mciqtz32.dll
[2011/05/20 04:05:15 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RDPENCDD.dll
[2011/05/20 04:05:15 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sppc.dll
[2011/05/20 04:05:15 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mobsync.exe
[2011/05/20 04:05:15 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\windows\SysWow64\iccvid.dll
[2011/05/20 04:05:15 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\manage-bde.exe
[2011/05/20 04:05:15 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cabinet.dll
[2011/05/20 04:05:15 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetmib1.dll
[2011/05/20 04:05:15 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSDvbNP.ax
[2011/05/20 04:05:15 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbcconf.dll
[2011/05/20 04:05:15 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\repair-bde.exe
[2011/05/20 04:05:15 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFCoinstaller.dll
[2011/05/20 04:05:15 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\luainstall.dll
[2011/05/20 04:05:15 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wdiasqmmodule.dll
[2011/05/20 04:05:15 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\shimgvw.dll
[2011/05/20 04:05:15 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\unlodctr.exe
[2011/05/20 04:05:15 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\vbisurf.ax
[2011/05/20 04:05:15 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\profprov.dll
[2011/05/20 04:05:15 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msdmo.dll
[2011/05/20 04:05:15 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\schedcli.dll
[2011/05/20 04:05:15 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdprefdrvapi.dll
[2011/05/20 04:05:15 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\spopk.dll
[2011/05/20 04:05:15 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spopk.dll
[2011/05/20 04:05:15 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fixmapi.exe
[2011/05/20 04:05:15 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\muifontsetup.dll
[2011/05/20 04:05:14 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetmib1.dll
[2011/05/20 04:05:14 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\g711codc.ax
[2011/05/20 04:05:14 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FXSMON.dll
[2011/05/20 04:05:14 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\browcli.dll
[2011/05/20 04:05:14 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbcconf.dll
[2011/05/20 04:05:14 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\elsTrans.dll
[2011/05/20 04:05:13 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UIRibbonRes.dll
[2011/05/20 04:05:13 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UIRibbonRes.dll
[2011/05/20 04:05:12 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wups.dll
[2011/05/20 04:05:12 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\tdi.sys
[2011/05/20 04:05:12 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TRAPI.dll
[2011/05/20 04:05:11 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\perfts.dll
[2011/05/20 04:05:10 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\napdsnap.dll
[2011/05/20 04:05:10 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dsauth.dll
[2011/05/20 04:05:10 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\LogonUI.exe
[2011/05/20 04:05:09 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imkr80.ime
[2011/05/20 04:05:09 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\napdsnap.dll
[2011/05/20 04:05:09 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups2.dll
[2011/05/20 04:05:09 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbrpm.sys
[2011/05/20 04:05:09 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dsauth.dll
[2011/05/20 04:05:09 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cscdll.dll
[2011/05/20 04:05:09 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bitsperf.dll
[2011/05/20 04:05:09 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdprefdrvapi.dll
[2011/05/20 04:05:09 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\elsTrans.dll
[2011/05/20 04:05:09 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\TRAPI.dll
[2011/05/20 04:05:09 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\bitsperf.dll
[2011/05/20 04:05:09 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FXSUNATD.exe
[2011/05/20 04:05:09 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\schedcli.dll
[2011/05/20 04:05:08 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups.dll
[2011/05/20 04:05:08 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wsdchngr.dll
[2011/05/20 04:05:08 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sscore.dll
[2011/05/20 04:05:06 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shgina.dll
[2011/05/20 04:05:05 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\imkr80.ime
[2011/05/20 04:05:05 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64win.dll
[2011/05/20 04:05:05 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\USBCAMD2.sys
[2011/05/20 04:05:05 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wsdchngr.dll
[2011/05/20 04:05:05 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\shgina.dll
[2011/05/20 04:05:05 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\riched32.dll
[2011/05/20 04:05:04 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wshirda.dll
[2011/05/20 04:05:04 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64cpu.dll
[2011/05/20 04:05:01 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wshirda.dll
[2011/05/20 04:05:01 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcfgex.dll
[2011/05/20 04:05:00 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\riched32.dll
[2011/05/20 04:04:59 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spwmp.dll
[2011/05/20 04:04:58 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\C_ISCII.DLL
[2011/05/20 04:04:58 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\spwmp.dll
[2011/05/20 04:04:57 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shunimpl.dll
[2011/05/20 04:04:57 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\C_ISCII.DLL
[2011/05/20 04:04:57 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\shunimpl.dll
[2011/05/20 04:04:57 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDTUQ.DLL
[2011/05/20 04:04:57 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDTUF.DLL
[2011/05/20 04:04:57 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDSG.DLL
[2011/05/20 04:04:57 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kbdlk41a.dll
[2011/05/20 04:04:57 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDGKL.DLL
[2011/05/20 04:04:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDTUQ.DLL
[2011/05/20 04:04:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDTUF.DLL
[2011/05/20 04:04:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDSG.DLL
[2011/05/20 04:04:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDSF.DLL
[2011/05/20 04:04:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDPO.DLL
[2011/05/20 04:04:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDNEPR.DLL
[2011/05/20 04:04:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\kbdlk41a.dll
[2011/05/20 04:04:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDINTAM.DLL
[2011/05/20 04:04:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDINBEN.DLL
[2011/05/20 04:04:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDGR1.DLL
[2011/05/20 04:04:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDGR1.DLL
[2011/05/20 04:04:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDGKL.DLL
[2011/05/20 04:04:57 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdxm.ocx
[2011/05/20 04:04:57 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxmasf.dll
[2011/05/20 04:04:57 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msdxm.ocx
[2011/05/20 04:04:57 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dxmasf.dll
[2011/05/20 04:04:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-ums-l1-1-0.dll
[2011/05/20 04:04:56 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmploc.DLL
[2011/05/20 04:04:56 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmploc.DLL
[2011/05/20 04:04:56 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDCZ1.DLL
[2011/05/20 04:04:56 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDINHIN.DLL
[2011/05/20 04:04:56 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDUS.DLL
[2011/05/20 04:04:56 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDTURME.DLL
[2011/05/20 04:04:56 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDTAJIK.DLL
[2011/05/20 04:04:56 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDMON.DLL
[2011/05/20 04:04:56 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDINTEL.DLL
[2011/05/20 04:04:56 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDGEO.DLL
[2011/05/20 04:04:56 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDGEO.DLL
[2011/05/20 04:04:56 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDBLR.DLL
[2011/05/20 04:04:55 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nlsbres.dll
[2011/05/20 04:04:55 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nlsbres.dll
[2011/05/20 04:04:55 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\BlbEvents.dll
[2011/05/20 04:04:55 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pifmgr.dll
[2011/05/20 04:04:55 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pifmgr.dll
[2011/05/20 04:04:55 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDCZ1.DLL
[2011/05/20 04:04:55 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\spwizres.dll
[2011/05/20 04:04:55 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spwizres.dll
[2011/05/20 04:04:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDUS.DLL
[2011/05/20 04:04:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDUGHR1.DLL
[2011/05/20 04:04:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDTURME.DLL
[2011/05/20 04:04:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDTAJIK.DLL
[2011/05/20 04:04:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDSF.DLL
[2011/05/20 04:04:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDPO.DLL
[2011/05/20 04:04:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDNEPR.DLL
[2011/05/20 04:04:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDMON.DLL
[2011/05/20 04:04:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDMAORI.DLL
[2011/05/20 04:04:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDLT1.DLL
[2011/05/20 04:04:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDINTEL.DLL
[2011/05/20 04:04:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDINTAM.DLL
[2011/05/20 04:04:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDINORI.DLL
[2011/05/20 04:04:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDINORI.DLL
[2011/05/20 04:04:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDINMAR.DLL
[2011/05/20 04:04:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDINMAR.DLL
[2011/05/20 04:04:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDINKAN.DLL
[2011/05/20 04:04:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDINKAN.DLL
[2011/05/20 04:04:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDINHIN.DLL
[2011/05/20 04:04:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDINBEN.DLL
[2011/05/20 04:04:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDBULG.DLL
[2011/05/20 04:04:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDBLR.DLL
[2011/05/20 04:04:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDBASH.DLL
[2011/05/20 04:04:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDUGHR1.DLL
[2011/05/20 04:04:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDMAORI.DLL
[2011/05/20 04:04:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDLT1.DLL
[2011/05/20 04:04:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDBULG.DLL
[2011/05/20 04:04:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDBASH.DLL
[2011/05/20 04:04:55 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnaddr.dll
[2011/05/20 04:04:55 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnaddr.dll
[2011/05/20 04:04:24 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PkgMgr.exe
[2011/05/20 04:04:24 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wdscore.dll
[2011/05/20 04:03:32 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\drvstore.dll
[2011/05/20 04:03:32 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpx.dll
[2011/05/20 03:58:41 | 000,529,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wbemcomn.dll
[2011/05/20 03:58:41 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmicmiplugin.dll
[2011/05/20 03:58:39 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SmiEngine.dll
[2011/05/20 03:58:37 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PkgMgr.exe
[2011/05/20 03:58:08 | 000,422,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drvstore.dll
[2011/05/20 03:58:08 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpx.dll
[2011/05/20 03:12:15 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2011/05/20 03:12:14 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msls31.dll
[2011/05/20 03:12:13 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9.dll
[2011/05/20 03:12:13 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2011/05/20 03:12:13 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2011/05/20 03:12:12 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2011/05/20 03:12:12 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2011/05/20 03:12:11 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll
[2011/05/20 03:12:09 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieakeng.dll
[2011/05/20 03:12:07 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2011/05/20 03:12:07 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe
[2011/05/20 03:12:07 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll
[2011/05/20 03:12:06 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2011/05/20 03:12:05 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2011/05/20 03:12:05 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dxtrans.dll
[2011/05/20 03:12:05 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx
[2011/05/20 03:12:04 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat
[2011/05/20 03:12:04 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2011/05/20 03:12:04 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dxtmsft.dll
[2011/05/20 03:12:03 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2011/05/20 03:12:03 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2011/05/20 03:12:03 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ie4uinit.exe
[2011/05/20 03:12:03 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2011/05/20 03:11:59 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2011/05/20 03:11:59 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll
[2011/05/20 03:11:59 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2011/05/20 03:11:57 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe
[2011/05/20 03:11:57 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll
[2011/05/20 03:11:56 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe
[2011/05/20 03:11:55 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2011/05/20 03:11:54 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeeds.dll
[2011/05/20 03:11:54 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll
[2011/05/20 03:11:50 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieaksie.dll
[2011/05/20 03:11:50 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieakui.dll
[2011/05/20 03:11:50 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2011/05/20 03:11:50 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll
[2011/05/20 03:11:50 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\admparse.dll
[2011/05/20 03:11:50 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\imgutil.dll
[2011/05/20 03:11:46 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll
[2011/05/20 03:11:46 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2011/05/20 03:11:44 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2011/05/20 03:11:41 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2011/05/20 03:11:40 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieaksie.dll
[2011/05/20 03:11:40 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieakui.dll
[2011/05/20 03:11:40 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll
[2011/05/20 03:11:40 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\admparse.dll
[2011/05/20 03:11:40 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll
[2011/05/20 03:11:40 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe
[2011/05/20 03:11:39 | 002,303,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2011/05/20 03:11:39 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2011/05/20 03:11:39 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2011/05/20 03:11:39 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll
[2011/05/20 03:11:39 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll
[2011/05/20 03:11:39 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2011/05/20 03:11:38 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2011/05/20 03:11:38 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieakeng.dll
[2011/05/20 03:11:38 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2011/05/20 03:11:38 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe
[2011/05/20 03:11:38 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx
[2011/05/20 03:11:38 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll
[2011/05/20 03:11:37 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat
[2011/05/20 03:11:37 | 001,492,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2011/05/20 03:11:37 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2011/05/20 03:11:37 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2011/05/20 03:11:37 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2011/05/20 03:11:37 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2011/05/20 03:11:37 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2011/05/20 03:11:37 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2011/05/20 03:11:37 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2011/05/20 03:11:37 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll
[2011/05/20 03:11:37 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2011/05/20 03:11:37 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2011/05/20 03:11:36 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2011/05/20 03:11:36 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2011/05/20 03:11:36 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe
[2011/05/20 03:11:36 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe
[2011/05/20 03:11:36 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll
[2011/05/20 03:11:36 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2011/05/19 17:53:32 | 000,028,709 | ---- | C] (Novell, Inc.) -- C:\windows\SysWow64\nippzppd.dll
[2011/05/19 17:53:31 | 000,098,341 | ---- | C] (Novell, Inc.) -- C:\windows\SysWow64\nippdzip.dll
[2011/05/19 17:53:31 | 000,077,852 | ---- | C] (Novell, Inc.) -- C:\windows\SysWow64\zlib.dll
[2011/05/19 17:53:31 | 000,057,381 | ---- | C] (Novell, Inc.) -- C:\windows\SysWow64\nippdrvi.dll
[2011/05/19 17:53:31 | 000,045,091 | ---- | C] (Novell, Inc.) -- C:\windows\SysWow64\nipped.dll
[2011/05/19 17:53:31 | 000,032,805 | ---- | C] (Novell, Inc.) -- C:\windows\SysWow64\nippzlib.dll
[2011/05/19 17:40:53 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\iprint
[2011/05/19 17:40:51 | 000,000,000 | ---D | C] -- C:\windows\SysNative\iprint
[2011/05/19 17:37:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Novell iPrint
[2011/05/19 17:37:46 | 000,000,000 | ---D | C] -- C:\NDPS
[2011/05/18 09:19:49 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\poqexec.exe
[2011/05/18 09:19:49 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\poqexec.exe
[2011/05/17 07:36:11 | 000,000,000 | ---D | C] -- C:\Users\Night Walker\AppData\Roaming\vlc
[2011/05/17 07:23:40 | 000,000,000 | ---D | C] -- C:\Users\Night Walker\Documents\Graboid
[2011/05/17 07:19:39 | 000,000,000 | ---D | C] -- C:\Users\Night Walker\AppData\Local\Graboid_Inc
[2011/05/17 07:19:37 | 000,000,000 | ---D | C] -- C:\Users\Night Walker\AppData\Local\Graboid
[2011/05/17 07:19:36 | 000,000,000 | ---D | C] -- C:\Users\Night Walker\AppData\Local\Geckofx
[2011/05/17 07:18:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Graboid Video
[2011/05/17 07:15:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Graboid
[2011/05/14 00:46:50 | 000,000,000 | ---D | C] -- C:\Users\Night Walker\AppData\Local\{8B7E4E84-D60F-410D-8F04-3D4B7F2143F5}
[2011/05/13 06:46:22 | 000,000,000 | ---D | C] -- C:\Users\Night Walker\AppData\Local\{9ABFBFE3-E718-47DD-ABE4-0D8C515DF83D}
[2011/05/11 18:28:29 | 005,562,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2011/05/11 18:28:26 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2011/05/11 18:28:26 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2011/05/11 18:28:14 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbport.sys
[2011/05/11 18:28:13 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbd.sys
[2011/05/11 16:38:04 | 000,000,000 | ---D | C] -- C:\Users\Night Walker\AppData\Roaming\Mozilla
[2011/05/11 15:50:33 | 000,000,000 | ---D | C] -- C:\windows\Minidump
[2011/05/11 03:29:22 | 000,000,000 | ---D | C] -- C:\ProgramData\pdf995
[2011/05/11 03:29:21 | 000,320,512 | ---- | C] (TODO: <Company name>) -- C:\windows\SysNative\pdfmona64.dll
[2011/05/11 03:29:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software995
[2011/05/11 03:28:56 | 000,000,000 | ---D | C] -- C:\pdf995
[2011/05/10 16:20:26 | 000,000,000 | ---D | C] -- C:\Users\Night Walker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011/05/06 16:05:30 | 000,000,000 | ---D | C] -- C:\Users\Night Walker\AppData\Local\{76C6D822-9DF7-4A95-A67B-B2549F9A233C}
[2011/05/06 04:04:54 | 000,000,000 | ---D | C] -- C:\Users\Night Walker\AppData\Local\{EFD21521-5A00-44B6-8A18-B129D85A3483}
[2011/05/05 16:04:19 | 000,000,000 | ---D | C] -- C:\Users\Night Walker\AppData\Local\{92500575-68C2-4A7C-A000-2649FB9B5E61}
[2011/05/05 03:48:13 | 000,000,000 | ---D | C] -- C:\Users\Night Walker\AppData\Local\{ACE203BA-79C2-4A06-AEE9-86958D0912C2}
[2011/05/04 15:47:52 | 000,000,000 | ---D | C] -- C:\Users\Night Walker\AppData\Local\{B58EB023-49A1-4E9D-A6DA-1C028A04168B}
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\Users\Night Walker\Documents\*.tmp files -> C:\Users\Night Walker\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/03 01:01:38 | 001,431,344 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Night Walker\Desktop\tdsskiller.exe
[2011/06/03 01:01:30 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Night Walker\Desktop\OTL.exe
[2011/06/03 00:43:00 | 000,000,936 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3805827440-2575277382-1516481298-1001UA.job
[2011/06/03 00:16:01 | 000,000,910 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/02 18:00:01 | 000,000,480 | ---- | M] () -- C:\windows\tasks\ParetoLogic Registration.job
[2011/06/02 17:43:00 | 000,000,884 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3805827440-2575277382-1516481298-1001Core.job
[2011/06/02 16:06:42 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011/06/02 11:01:46 | 116,877,987 | ---- | M] () -- C:\windows\SysNative\drivers\AVG\incavi.avm
[2011/06/02 02:16:01 | 000,000,906 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/01 12:07:44 | 000,015,792 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/01 12:07:44 | 000,015,792 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/01 11:55:33 | 3192,262,656 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/30 08:32:45 | 000,730,384 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2011/05/30 08:32:45 | 000,631,364 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2011/05/30 08:32:45 | 000,111,456 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2011/05/28 14:02:57 | 000,007,612 | ---- | M] () -- C:\Users\Night Walker\AppData\Local\Resmon.ResmonCfg
[2011/05/28 13:02:05 | 000,003,007 | ---- | M] () -- C:\Users\Night Walker\Desktop\HiJackThis.lnk
[2011/05/27 17:22:28 | 000,163,840 | ---- | M] () -- C:\Users\Night Walker\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/26 20:56:49 | 000,000,049 | ---- | M] () -- C:\windows\NeroDigital.ini
[2011/05/26 20:55:56 | 016,825,224 | ---- | M] (Axialis Software) -- C:\windows\SysNative\Dark Water.scr
[2011/05/26 13:23:55 | 000,001,904 | ---- | M] () -- C:\Users\Night Walker\Application Data\Microsoft\Internet Explorer\Quick Launch\Program Icon Changer.lnk
[2011/05/26 13:23:53 | 000,000,022 | ---- | M] () -- C:\windows\SysWow64\ms_xml_2.pic
[2011/05/26 13:16:10 | 020,216,832 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\imageres.dll
[2011/05/26 08:43:48 | 000,000,059 | ---- | M] () -- C:\windows\wpd99.drv
[2011/05/26 08:43:10 | 000,000,187 | ---- | M] () -- C:\windows\wininit.ini
[2011/05/26 08:18:15 | 000,332,288 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\uxtheme.dll
[2011/05/26 08:18:13 | 002,851,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\themeui.dll
[2011/05/25 05:41:35 | 000,000,224 | ---- | M] () -- C:\windows\SysWow64\9B13A86D.plf
[2011/05/21 23:14:34 | 001,987,072 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\authui.dll
[2011/05/20 08:19:46 | 005,008,152 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2011/05/20 04:36:13 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msclmd.dll
[2011/05/20 04:36:12 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msclmd.dll
[2011/05/20 03:23:42 | 000,001,452 | ---- | M] () -- C:\Users\Night Walker\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/05/20 03:12:15 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2011/05/20 03:12:14 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msls31.dll
[2011/05/20 03:12:13 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9.dll
[2011/05/20 03:12:13 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2011/05/20 03:12:13 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2011/05/20 03:12:12 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2011/05/20 03:12:12 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll
[2011/05/20 03:12:12 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2011/05/20 03:12:09 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieakeng.dll
[2011/05/20 03:12:07 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2011/05/20 03:12:07 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe
[2011/05/20 03:12:07 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll
[2011/05/20 03:12:06 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2011/05/20 03:12:05 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2011/05/20 03:12:05 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\dxtrans.dll
[2011/05/20 03:12:05 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx
[2011/05/20 03:12:04 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat
[2011/05/20 03:12:04 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2011/05/20 03:12:04 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\dxtmsft.dll
[2011/05/20 03:12:04 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ie4uinit.exe
[2011/05/20 03:12:03 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2011/05/20 03:12:03 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2011/05/20 03:12:03 | 000,072,822 | ---- | M] () -- C:\windows\SysWow64\ieuinit.inf
[2011/05/20 03:12:03 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2011/05/20 03:12:01 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2011/05/20 03:11:59 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll
[2011/05/20 03:11:59 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2011/05/20 03:11:57 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe
[2011/05/20 03:11:57 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll
[2011/05/20 03:11:56 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe
[2011/05/20 03:11:55 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msfeeds.dll
[2011/05/20 03:11:55 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2011/05/20 03:11:54 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll
[2011/05/20 03:11:50 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieaksie.dll
[2011/05/20 03:11:50 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieakui.dll
[2011/05/20 03:11:50 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2011/05/20 03:11:50 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll
[2011/05/20 03:11:50 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\admparse.dll
[2011/05/20 03:11:50 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\imgutil.dll
[2011/05/20 03:11:46 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll
[2011/05/20 03:11:46 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2011/05/20 03:11:45 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2011/05/20 03:11:41 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2011/05/20 03:11:41 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll
[2011/05/20 03:11:40 | 002,303,488 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2011/05/20 03:11:40 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieaksie.dll
[2011/05/20 03:11:40 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieakui.dll
[2011/05/20 03:11:40 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\admparse.dll
[2011/05/20 03:11:40 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll
[2011/05/20 03:11:40 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe
[2011/05/20 03:11:39 | 000,818,176 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2011/05/20 03:11:39 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2011/05/20 03:11:39 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll
[2011/05/20 03:11:39 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll
[2011/05/20 03:11:39 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2011/05/20 03:11:38 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2011/05/20 03:11:38 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieakeng.dll
[2011/05/20 03:11:38 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2011/05/20 03:11:38 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe
[2011/05/20 03:11:38 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx
[2011/05/20 03:11:38 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll
[2011/05/20 03:11:37 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat
[2011/05/20 03:11:37 | 001,492,992 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2011/05/20 03:11:37 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2011/05/20 03:11:37 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2011/05/20 03:11:37 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2011/05/20 03:11:37 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2011/05/20 03:11:37 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2011/05/20 03:11:37 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2011/05/20 03:11:37 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2011/05/20 03:11:37 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll
[2011/05/20 03:11:37 | 000,072,822 | ---- | M] () -- C:\windows\SysNative\ieuinit.inf
[2011/05/20 03:11:37 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2011/05/20 03:11:37 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2011/05/20 03:11:36 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2011/05/20 03:11:36 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2011/05/20 03:11:36 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe
[2011/05/20 03:11:36 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe
[2011/05/20 03:11:36 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll
[2011/05/20 03:11:36 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2011/05/11 03:29:21 | 000,047,616 | ---- | M] () -- C:\windows\SysWow64\pdf995mon64.dll
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\Users\Night Walker\Documents\*.tmp files -> C:\Users\Night Walker\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/28 13:02:05 | 000,003,007 | ---- | C] () -- C:\Users\Night Walker\Desktop\HiJackThis.lnk
[2011/05/26 20:56:11 | 000,000,049 | ---- | C] () -- C:\windows\NeroDigital.ini
[2011/05/26 13:23:55 | 000,001,904 | ---- | C] () -- C:\Users\Night Walker\Application Data\Microsoft\Internet Explorer\Quick Launch\Program Icon Changer.lnk
[2011/05/26 13:23:53 | 000,000,022 | ---- | C] () -- C:\windows\SysWow64\ms_xml_2.pic
[2011/05/26 08:43:10 | 000,000,187 | ---- | C] () -- C:\windows\wininit.ini
[2011/05/25 05:41:35 | 000,000,224 | ---- | C] () -- C:\windows\SysWow64\9B13A86D.plf
[2011/05/25 05:36:36 | 000,000,480 | ---- | C] () -- C:\windows\tasks\ParetoLogic Registration.job
[2011/05/20 04:07:55 | 000,347,904 | ---- | C] () -- C:\windows\SysNative\systemsf.ebd
[2011/05/20 04:05:15 | 000,010,429 | ---- | C] () -- C:\windows\SysNative\ScavengeSpace.xml
[2011/05/20 04:04:52 | 000,105,559 | ---- | C] () -- C:\windows\SysWow64\RacRules.xml
[2011/05/20 04:04:52 | 000,105,559 | ---- | C] () -- C:\windows\SysNative\RacRules.xml
[2011/05/20 04:04:24 | 000,001,041 | ---- | C] () -- C:\windows\SysWow64\tcpbidi.xml
[2011/05/20 03:23:42 | 000,001,424 | ---- | C] () -- C:\Users\Night Walker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011/05/20 03:12:03 | 000,072,822 | ---- | C] () -- C:\windows\SysWow64\ieuinit.inf
[2011/05/20 03:11:37 | 000,072,822 | ---- | C] () -- C:\windows\SysNative\ieuinit.inf
[2011/05/11 03:29:22 | 000,000,059 | ---- | C] () -- C:\windows\wpd99.drv
[2011/05/11 03:29:21 | 000,047,616 | ---- | C] () -- C:\windows\SysWow64\pdf995mon64.dll
[2011/05/11 03:29:21 | 000,047,616 | ---- | C] () -- C:\windows\SysNative\pdf995mon64.dll
[2011/05/11 03:29:21 | 000,011,264 | ---- | C] () -- C:\windows\SysNative\pdf995mon64ui.dll
[2011/03/09 01:30:10 | 000,007,612 | ---- | C] () -- C:\Users\Night Walker\AppData\Local\Resmon.ResmonCfg
[2011/02/16 02:23:43 | 000,000,000 | ---- | C] () -- C:\ProgramData\TEMP
[2011/01/19 00:44:37 | 000,012,502 | ---- | C] () -- C:\windows\SysWow64\SpoonUninstall-dBpoweramp DSP Effects.dat
[2011/01/19 00:44:32 | 003,835,624 | ---- | C] () -- C:\windows\SysWow64\SpoonUninstall.exe
[2011/01/19 00:44:32 | 000,015,613 | ---- | C] () -- C:\windows\SysWow64\SpoonUninstall-dBpoweramp Music Converter.dat
[2010/11/30 16:22:13 | 000,269,128 | ---- | C] () -- C:\windows\SysWow64\PnkBstrB.exe
[2010/11/30 16:22:05 | 000,075,136 | ---- | C] () -- C:\windows\SysWow64\PnkBstrA.exe
[2010/11/14 20:53:06 | 000,163,840 | ---- | C] () -- C:\Users\Night Walker\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/31 14:12:56 | 000,722,802 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2010/10/29 14:36:46 | 000,002,623 | ---- | C] () -- C:\windows\Irremote.ini
[2010/09/27 11:19:15 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/09/23 15:02:53 | 000,000,000 | ---- | C] () -- C:\windows\NDSTray.INI
[2010/09/23 00:27:43 | 000,000,016 | RHS- | C] () -- C:\windows\SysWow64\drivers\fbd.sys
[2009/09/05 16:32:40 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2009/08/28 01:05:12 | 000,982,220 | ---- | C] () -- C:\windows\SysWow64\igkrng500.bin
[2009/08/28 01:05:12 | 000,439,300 | ---- | C] () -- C:\windows\SysWow64\igcompkrng500.bin
[2009/08/28 01:05:12 | 000,134,592 | ---- | C] () -- C:\windows\SysWow64\igfcg500.bin
[2009/08/28 01:05:12 | 000,092,216 | ---- | C] () -- C:\windows\SysWow64\igfcg500m.bin
[2009/07/14 15:38:36 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/14 12:35:51 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2009/07/14 12:34:42 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2009/07/14 10:10:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/14 09:42:10 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2009/07/14 07:03:59 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2009/06/11 07:26:10 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat

========== Alternate Data Streams ==========

@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:C8B8CEBD

< End of report >
juansalazar
Active Member
 
Posts: 10
Joined: May 27th, 2011, 11:40 pm

Re: Help Please!!

Unread postby juansalazar » June 2nd, 2011, 11:30 am

ANd finally Extras.text!!!! I must say, this is really impressive... you understanding all this amount of data!!! thank you for putting the time and effort on helping me! :)



OTL Extras logfile created on: 6/3/2011 1:07:48 AM - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Night Walker\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

3.96 Gb Total Physical Memory | 0.98 Gb Available Physical Memory | 24.73% Memory free
7.93 Gb Paging File | 3.54 Gb Available in Paging File | 44.72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.94 Gb Total Space | 13.35 Gb Free Space | 4.67% Space Free | Partition Type: NTFS
Drive D: | 4.29 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: TOSH | User Name: Night Walker | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{20387B45-18A4-4D48-ABD9-A23D2CBE42B3}" = Dolby Control Center
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{63DA1F6A-2E65-4367-99B9-9E39FADEC446}" = HDMI Control Manager
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F7D66C-777D-473B-AA11-319C0F190EAC}" = TOSHIBA Internal Modem Region Select Utility
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{94A90C69-71C1-470A-88F5-AA47ECC96B40}" = TOSHIBA HDD Protection
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1" = PDF-Viewer
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{AC76BA86-1033-0000-0064-0003D0000004}" = Adobe Acrobat 9 Pro Extended 64-bit Add-On
"{B032D0EC-CD13-4886-A478-3AD49CF1093A}" = AVG 2011
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{DC7333D1-596A-404D-876D-446E6D27BA20}" = AVG 2011
"{EF48631A-7F45-430A-8AD3-B41CFB1D7596}" = HP Deskjet 2050 J510 series Product Improvement Study
"{F2C07BE3-0F88-4D0C-957B-3557699981E9}" = HP Deskjet 2050 J510 series Basic Device Software
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"AVG" = AVG 2011
"CutePDF Writer Installation" = CutePDF Writer 2.8
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"LTMOH" = LSI V92 MOH Application
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{01250B8F-D947-4F8A-9408-FE8E3EE2EC92}" = MyToshiba
"{022CBB38-CEF0-42BA-906A-A49BEFAE0BEE}" = RICOH R5U230 Media Driver ver.2.06.03.02
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0FB630AB-7BD8-40AE-B223-60397D57C3C9}" = Realtek WLAN Driver
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = TOSHIBA Assist
"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 24
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{3B843B38-04B1-4CE6-8888-586273E0F289}" = Quickbooks Financial Center
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{491DFBAA-77EF-4B06-8676-2FC66EEE049A}" = LogMeIn Hamachi
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4DE938F7-C196-43D7-8EEB-411CDE0A96B1}" = System Requirements Lab
"{50F68032-B5B7-4513-9116-C978DBD8F27A}" = DVD MovieFactory for TOSHIBA
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{5AF550B4-BB67-4E7E-82F1-2C4300279050}" = ToshibaRegistration
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{61539202-097E-487E-9237-B291AB56D54C}" = Bluetooth Monitor 4
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63DA1F6A-2E65-4367-99B9-9E39FADEC446}" = HDMI Control Manager
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6BF04C63-EAC0-4F19-9E88-9A745493E7BF}" = IconPackager
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}" = HP Deskjet 2050 J510 series Help
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87DF5956-A327-4304-8338-8E2B0AAB843E}" = BlackBerry Desktop Software 6.0.2
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8AEA4BE2-2B52-41C0-BB7D-9F2D17AF1033}" = Nero 8
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = Toshiba Application Installer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AEAF9CC-390B-49C0-8F7F-14092BF163B6}" = NetZero Launcher
"{9FE10246-A876-4979-B345-CADE6863BD8E}" = TOSHIBA Supervisor Password
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.4
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Toshiba Online Backup
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF0EDB56-BBF6-3C9F-9C50-2E3B3D444641}" = Google Talk Plugin
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5D8637D-FA1C-4CAD-91FC-4ADB1C284A21}" = TOSHIBA Hardware Setup
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA84ECBF-4B79-47F2-B34C-95C38484C058}" = Skype Launcher
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E487EE7D-EAAA-4E2A-9116-E3B477D8A74F}" = TOSHIBA USB Sleep and Charge Utility
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E69992ED-A7F6-406C-9280-1C156417BC49}" = Toshiba Quality Application
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}" = Direct DiscRecorder
"{F3529665-D75E-4D6D-98F0-745C78C68E9B}" = TOSHIBA ConfigFree
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Belarc Advisor" = Belarc Advisor 8.1
"BlackBerry_Desktop" = BlackBerry Desktop Software 6.0.2
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"Dark Water Screensaver" = Dark Water Screensaver
"dBpoweramp DSP Effects" = dBpoweramp DSP Effects
"dBpoweramp Music Converter" = dBpoweramp Music Converter
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Foxit PDF Editor" = Foxit PDF Editor
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"Google Calendar Sync" = Google Calendar Sync
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Photo Creations" = HP Photo Creations
"IconPackager" = IconPackager
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}" = DVD MovieFactory for TOSHIBA
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{63DA1F6A-2E65-4367-99B9-9E39FADEC446}" = HDMI Control Manager
"InstallShield_{89F7D66C-777D-473B-AA11-319C0F190EAC}" = TOSHIBA Internal Modem Region Select Utility
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}" = Direct DiscRecorder
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"IrfanView" = IrfanView (remove only)
"LogMeIn Hamachi" = LogMeIn Hamachi
"Picasa 3" = Picasa 3
"SecureW2 Enterprise Client" = SecureW2 Enterprise Client 3.5.0
"VLC media player" = VLC media player 1.0.1
"vShare" = vShare Plugin
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3805827440-2575277382-1516481298-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"ExeIcon" = ExeIcon (remove only)
"Google Chrome" = Google Chrome
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >
juansalazar
Active Member
 
Posts: 10
Joined: May 27th, 2011, 11:40 pm

Re: Help Please!!

Unread postby Carolyn » June 3rd, 2011, 8:20 am

Hello again,

Hi Carolyn, I apologsie for the late reply, i have been qkinda of busy lately but here it is the info you requested....


No problem. Just be mindful that the forum has a 3 day inactivity rule.

=======================

Vista/Windows 7 Advice
As you're using Vista or Windows7, it will be necessary to right click all tools we use and select "Run as Administrator".

=======================

Remove Outdated Programs
You can install current versions after your computer is clean.
  • Go to start > control panel > programs and features.
  • Right click on Java(TM) 6 Update 24
  • Click Uninstall & then follow the prompts to remove it.
  • Repeat for Adobe Reader 9.4.4

=======================

Drive C: | 285.94 Gb Total Space | 13.35 Gb Free Space | 4.67% Space Free | Partition Type: NTFS


Your computer is dangerously low on disk space! The system drive needs 15% free space for the system to operate properly.

Insufficient disk space can cause your computer to bog down and run slowly, even crash.

Go to Start, Computer
Right-click on the hard-drive letter for the system, (usually C: )
Uncheck the box labeled "Allow Indexing Service to index this disk for fast file searching"
If it asks whether to apply to all files and folders, answer Yes.
You may have to wait while it resets the file attributes.

Move any files (documents, photos, movies, etc.) that you do not need to access regularly to removable media, such as a thumb drive or DVDs.

If there are any programs that you no longer use, uninstall them now.

=======================

Create a System Restore Point
  1. Right-click on Computer ... select Properties.
  2. In the left pane under Tasks ... click System protection.
    If UAC prompts for an administrator password or approval, type the password or give your "permission to continue".
  3. Select System Protection ...then choose Create.
  4. In the System Restore dialog box, type a description for the restore point ... click Create, again.
    A window will pop up with "The Restore Point was created successfully" confirmation message.
  5. Click OK ...then close the System Restore dialog.

=======================

Disable AVG 2011

  • Please open the AVG 2011 Control Center, by right clicking on the AVG icon on task bar.
  • Click on Open AVG User Interface.
  • On the Menu Bar, click on Tools.
  • Click Advanced Settings.
  • In the new screen which opens, scroll down to Temporarily disable AVG protection. Click on it to highlight it.
  • In the right hand pane, tick the box for Temporarily disable AVG protection.
  • Click Apply.
  • In the next screen which opens, select 180 minutes from the drop down menu, then click the Disable real time protection button.
  • Click OK.
  • Note: Don't forget to re-enable it after the fix.

=======================

Run OTL Script

We need to run an OTL Fix

  • Double-click OTL.exe to start the program.
  • Copy and Paste the following code into the Image textbox. Do not include the word Code
    Code: Select all
    :OTL
    O2 - BHO: (vShare Toolbar) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (vShare Toolbar) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKU\S-1-5-21-3805827440-2575277382-1516481298-1001\..\Toolbar\WebBrowser: (vShare Toolbar) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
    O4:64bit: - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [] File not found
    O4 - HKU\S-1-5-21-3805827440-2575277382-1516481298-1001..\Run: [hmod70twindl.exe] File not found
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
    O4 - Startup: C:\Users\Night Walker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Antimalware Doctor.lnk = File not found
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
    O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
    O18:64bit: - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - Reg Error: Key error. File not found
    O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
    
    :Files
    C:\Users\Night Walker\AppData\Roaming\B24F7AB1090EA4205E1C81AEDA1D1E8E\hmod70twindl.exe
    C:\Program Files (x86)\vShare\vshare_toolbar.dll
    C:\ProgramData\Easybits GO
    @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:C8B8CEBD
    
    :Commands
    [emptytemp]
    [emptyflash]
    [Reboot]
    

  • Then click the Run Fix button at the top.
  • Click Image.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

=======================


ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Vista/Windows 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

  • Please go here to run the scan.
    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • Select the option YES, I accept the Terms of Use then click on: Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on: Image
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan!

=======================

Please post the following in your next reply:
  • The OTL log
  • The ESET log
  • A description of how your computer is now behaving
User avatar
Carolyn
MRU Emeritus
MRU Emeritus
 
Posts: 4701
Joined: April 18th, 2007, 9:36 am
Location: Maine

Re: Help Please!!

Unread postby juansalazar » June 7th, 2011, 11:42 am

dear Carolyn,

I have run the OTL fix and the other scan.
Unfortunately i closed the OTL log by accident.
I tried looking for the file but had no luck.

Find bellow the ESET log


ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK



thanks
juansalazar
Active Member
 
Posts: 10
Joined: May 27th, 2011, 11:40 pm

Re: Help Please!!

Unread postby Carolyn » June 8th, 2011, 7:33 am

Hello,

Please click on Start, then copy/paste the following ling in the search window:
Code: Select all
C:\_OTL


Click once on _OTL, then double click the MovedFiles folder. You will find the OTL log there. Please post it in your next reply.

===============

Disable AVG 2011

  • Please open the AVG 2011 Control Center, by right clicking on the AVG icon on task bar.
  • Click on Open AVG User Interface.
  • On the Menu Bar, click on Tools.
  • Click Advanced Settings.
  • In the new screen which opens, scroll down to Temporarily disable AVG protection. Click on it to highlight it.
  • In the right hand pane, tick the box for Temporarily disable AVG protection.
  • Click Apply.
  • In the next screen which opens, select 180 minutes from the drop down menu, then click the Disable real time protection button.
  • Click OK.
  • Note: Don't forget to re-enable it after the fix.

===============

Panda ActiveScan
Vista - W7 users:
Close your browser, right-click on the IE icon on the Start Menu or Quick Launch and select "Run as Administrator".

Please go to Panda ActiveScan © Panda Security... to perform a free online scan.
You must use Internet Explorer as the scan requires ActiveX.
  1. Click on the Scan your PC now button.
    A new window will open.
  2. Make sure the "Full scan" scan type is CHECKED.
  3. Press the "Scan Now" button.
  4. You will be prompted to install an ActiveX module. Please allow it.
    If your browser blocks pop-ups, you may see a bar at the top of the window asking you to click, to allow ... please allow it.
    Panda Active scan will update itself... this may also be a pop-up...please allow also.
  5. Once the program is updated, it will begin to scan your computer. This will take a long time, so be patient, let it run.
  6. Once done, click on Export to:... save it to your Desktop.
  7. A file named "ActiveScan.txt" will be created on your desktop.
  8. Please copy and paste the contents of the ActiveScan.txt file in your next reply.

===============

Please post the following:
  • The OTL log
  • The Panda ActiveScan log
  • A description of how your computer is now behaving
User avatar
Carolyn
MRU Emeritus
MRU Emeritus
 
Posts: 4701
Joined: April 18th, 2007, 9:36 am
Location: Maine

Re: Help Please!!

Unread postby juansalazar » June 8th, 2011, 1:11 pm

As requested here it is the OTL.log



All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{043C5167-00BB-4324-AF7E-62013FAEDACF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{043C5167-00BB-4324-AF7E-62013FAEDACF}\ deleted successfully.
C:\Program Files (x86)\vShare\vshare_toolbar.dll moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{043C5167-00BB-4324-AF7E-62013FAEDACF} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{043C5167-00BB-4324-AF7E-62013FAEDACF}\ not found.
File C:\Program Files (x86)\vShare\vshare_toolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3805827440-2575277382-1516481298-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{043C5167-00BB-4324-AF7E-62013FAEDACF} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{043C5167-00BB-4324-AF7E-62013FAEDACF}\ not found.
File C:\Program Files (x86)\vShare\vshare_toolbar.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3805827440-2575277382-1516481298-1001\Software\Microsoft\Windows\CurrentVersion\Run\\hmod70twindl.exe deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
C:\Users\Night Walker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Antimalware Doctor.lnk moved successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\belarc\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6318E0AB-2E93-11D1-B8ED-00608CC9A71F}\ not found.
File {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88FED34C-F0CA-4636-A375-3CB6248B04CD}\ not found.
File {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ not found.
File {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-itss\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A9007C0-4076-11D3-8789-0000F8105754}\ not found.
File {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}\ not found.
File {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}\ not found.
File {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\vsharechrome\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484}\ not found.
File {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - Reg Error: Key error. File not found not found.
File C:\Program Files (x86)\vShare\vshare_toolbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\vsharechrome\ not found.
File C:\Program Files (x86)\vShare\vshare_toolbar.dll not found.
========== FILES ==========
File\Folder C:\Users\Night Walker\AppData\Roaming\B24F7AB1090EA4205E1C81AEDA1D1E8E\hmod70twindl.exe not found.
File\Folder C:\Program Files (x86)\vShare\vshare_toolbar.dll not found.
C:\ProgramData\Easybits GO\Svc\x64 folder moved successfully.
C:\ProgramData\Easybits GO\Svc\x32 folder moved successfully.
C:\ProgramData\Easybits GO\Svc folder moved successfully.
C:\ProgramData\Easybits GO\News folder moved successfully.
C:\ProgramData\Easybits GO\MLS folder moved successfully.
C:\ProgramData\Easybits GO\Local Cache folder moved successfully.
C:\ProgramData\Easybits GO\HTML\startup folder moved successfully.
C:\ProgramData\Easybits GO\HTML\mls folder moved successfully.
C:\ProgramData\Easybits GO\HTML folder moved successfully.
C:\ProgramData\Easybits GO\Games\53F537B72987463CB06D78F5541A3239\MLS folder moved successfully.
C:\ProgramData\Easybits GO\Games\53F537B72987463CB06D78F5541A3239 folder moved successfully.
C:\ProgramData\Easybits GO\Games\454EB22F4CF24AD0B14FBA4A4C21E879\help\enu\images folder moved successfully.
C:\ProgramData\Easybits GO\Games\454EB22F4CF24AD0B14FBA4A4C21E879\help\enu folder moved successfully.
C:\ProgramData\Easybits GO\Games\454EB22F4CF24AD0B14FBA4A4C21E879\help folder moved successfully.
C:\ProgramData\Easybits GO\Games\454EB22F4CF24AD0B14FBA4A4C21E879 folder moved successfully.
C:\ProgramData\Easybits GO\Games\4136746E049B4E648BAE5299828AAC2B folder moved successfully.
C:\ProgramData\Easybits GO\Games\0C99AA2DA06E4F6BA61B15297AA0DBEF\help\enu\images folder moved successfully.
C:\ProgramData\Easybits GO\Games\0C99AA2DA06E4F6BA61B15297AA0DBEF\help\enu folder moved successfully.
C:\ProgramData\Easybits GO\Games\0C99AA2DA06E4F6BA61B15297AA0DBEF\help folder moved successfully.
C:\ProgramData\Easybits GO\Games\0C99AA2DA06E4F6BA61B15297AA0DBEF folder moved successfully.
C:\ProgramData\Easybits GO\Games folder moved successfully.
C:\ProgramData\Easybits GO folder moved successfully.
ADS C:\ProgramData\TEMP:C8B8CEBD deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Night Walker
->Temp folder emptied: 3557095258 bytes
->Temporary Internet Files folder emptied: 324660887 bytes
->Java cache emptied: 652986 bytes
->Google Chrome cache emptied: 239896327 bytes
->Flash cache emptied: 93269 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 31231970 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50333 bytes
RecycleBin emptied: 168756 bytes

Total Files Cleaned = 3,961.00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Night Walker
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.23.0 log created on 06072011_222708

Files\Folders moved on Reboot...
C:\Users\Night Walker\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...








And also the Panda Active Scan Log


Panda Antivirus Pro 2011 incident report
Filter selected:Virus detected, Suspicious file, Dangerous file, Script execution, Phone connection, Connection attempt, Port scan attack, Denial of service attack, Spoofing, Attacking IP address blocked, Enabled, Disabled, Update, Scan started, Scan complete, Date: All
INCIDENT NOTIFIED BY DATE-TIME RESULT ADDITIONAL INFORMATION
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Scan complete On-demand antivirus scan 9/06/2011 1:38:35 AM Scan: Scanning the whole system
Scan complete On-demand antivirus scan 9/06/2011 1:26:33 AM Scan:
Scan started On-demand antivirus scan 9/06/2011 1:19:27 AM Scan:
Update Updates system 9/06/2011 1:19:11 AM Correct File: Threat signatures
Update Updates system 9/06/2011 12:38:... Correct Type: Identity protection
Suspicious file On-demand antivirus scan 9/06/2011 12:28:... Moved to quarantine File: c:\users\night walker\appdata\local\microsoft\windows\temporary internet files\low\content.ie5\wlsnwuhk\onlinescanner[1].cab[onlinescanneruninstaller.exe]
Virus detected: Trj/Downloader.YBP On-demand antivirus scan 9/06/2011 12:27:... Notified Path: c:\users\night walker\documents\vuze downloads\foxit pdf editor v2.2.0.0205 pro\foxit.pdf.editor.v2.2.0.0205.cracked-eat.exe[²öç\1nltestb.exe]
Spyware detected: Cookie/Serving-sys On-demand antivirus scan 9/06/2011 12:23:... Deleted Path: c:\users\night walker\appdata\roaming\microsoft\windows\cookies\night_walker@serving-sys[3].txt
Spyware detected: Cookie/Serving-sys On-demand antivirus scan 9/06/2011 12:23:... Deleted Path: c:\users\night walker\appdata\roaming\microsoft\windows\cookies\night_walker@serving-sys[2].txt
Spyware detected: Cookie/QuestionMarket On-demand antivirus scan 9/06/2011 12:23:... Deleted Path: c:\users\night walker\appdata\roaming\microsoft\windows\cookies\night_walker@questionmarket[1].txt
Spyware detected: Cookie/Serving-sys On-demand antivirus scan 9/06/2011 12:23:... Deleted Path: c:\users\night walker\appdata\roaming\microsoft\windows\cookies\night_walker@bs.serving-sys[2].txt
Spyware detected: Cookie/Doubleclick On-demand antivirus scan 9/06/2011 12:23:... Deleted Path: c:\users\night walker\appdata\roaming\microsoft\windows\cookies\night_walker@doubleclick[2].txt
Spyware detected: Cookie/Atwola On-demand antivirus scan 9/06/2011 12:23:... Deleted Path: c:\users\night walker\appdata\roaming\microsoft\windows\cookies\night_walker@atwola[1].txt
Spyware detected: Cookie/Atlas DMT On-demand antivirus scan 9/06/2011 12:23:... Deleted Path: c:\users\night walker\appdata\roaming\microsoft\windows\cookies\night_walker@atdmt[1].txt
Spyware detected: Cookie/Advertising On-demand antivirus scan 9/06/2011 12:23:... Deleted Path: c:\users\night walker\appdata\roaming\microsoft\windows\cookies\night_walker@advertising[2].txt
Spyware detected: Cookie/Adtech On-demand antivirus scan 9/06/2011 12:23:... Deleted Path: c:\users\night walker\appdata\roaming\microsoft\windows\cookies\night_walker@adtech[1].txt
Spyware detected: Cookie/YieldManager On-demand antivirus scan 9/06/2011 12:23:... Deleted Path: c:\users\night walker\appdata\roaming\microsoft\windows\cookies\night_walker@ad.yieldmanager[2].txt
Spyware detected: Cookie/Serving-sys On-demand antivirus scan 9/06/2011 12:23:... Deleted Path: c:\users\night walker\appdata\roaming\microsoft\windows\cookies\low\night_walker@serving-sys[2].txt
Spyware detected: Cookie/Azjmp On-demand antivirus scan 9/06/2011 12:23:... Deleted Path: c:\users\night walker\appdata\roaming\microsoft\windows\cookies\low\night_walker@azjmp[2].txt
Spyware detected: Cookie/Atlas DMT On-demand antivirus scan 9/06/2011 12:23:... Deleted Path: c:\users\night walker\appdata\roaming\microsoft\windows\cookies\low\night_walker@atdmt[1].txt
Spyware detected: Cookie/Doubleclick On-demand antivirus scan 9/06/2011 12:23:... Deleted Path: c:\users\night walker\appdata\roaming\microsoft\windows\cookies\low\night_walker@doubleclick[2].txt
Spyware detected: Cookie/Serving-sys On-demand antivirus scan 9/06/2011 12:23:... Deleted Path: c:\users\night walker\appdata\roaming\microsoft\windows\cookies\low\night_walker@bs.serving-sys[1].txt
Spyware detected: Cookie/Com.com On-demand antivirus scan 9/06/2011 12:23:... Deleted Path: c:\users\night walker\appdata\roaming\microsoft\windows\cookies\low\night_walker@com[1].txt
Spyware detected: Cookie/Go On-demand antivirus scan 9/06/2011 12:23:... Deleted Path: c:\users\night walker\appdata\roaming\microsoft\windows\cookies\low\night_walker@go[1].txt
Spyware detected: Cookie/Mediaplex On-demand antivirus scan 9/06/2011 12:23:... Deleted Path: c:\users\night walker\appdata\roaming\microsoft\windows\cookies\low\night_walker@mediaplex[2].txt
Spyware detected: Cookie/Apmebf On-demand antivirus scan 9/06/2011 12:23:... Deleted Path: c:\users\night walker\appdata\roaming\microsoft\windows\cookies\low\night_walker@apmebf[1].txt
Scan complete On-demand antivirus scan 8/06/2011 11:41:... Scan: Scanning System
Scan started On-demand antivirus scan 8/06/2011 11:36:... Scan: Scanning System
Scan started On-demand antivirus scan 8/06/2011 11:33:... Scan: Scanning the whole system
Update Updates system 8/06/2011 11:22:... Correct Type: Identity protection
Update Updates system 8/06/2011 11:22:... Correct File modification signatures
Scan started On-demand antivirus scan 8/06/2011 11:22:... Scan:
Update Updates system 8/06/2011 11:22:... Correct Type: autofix hft101007s24
Update Updates system 8/06/2011 11:22:... Correct Type: autofix hft101007s8
Update Updates system 8/06/2011 11:21:... Correct File: Threat signatures
juansalazar
Active Member
 
Posts: 10
Joined: May 27th, 2011, 11:40 pm

Re: Help Please!!

Unread postby Carolyn » June 11th, 2011, 1:52 pm

I apologize for taking so long to reply.

Please download Malwarebytes' Anti-Malware and save it to a convenient location.
  1. Right click on mbam-setup.exe and select Run as administrator
  2. Before clicking the Finish button, make sure that these 2 boxes are checked (ticked):
      Update Malwarebytes' Anti-Malware
      Launch Malwarebytes' Anti-Malware
  3. Malwarebytes' Anti-Malware will now check for updates. If your firewall prompts, please allow it. If you can't update it, select the Update tab. Under Update Mirror, select one of the websites and click on Check for Updates.
  4. Select the Scanner tab. Click on Perform full scan, then click on Scan.
  5. Leave the default options as it is and click on Start Scan.
  6. When done, you will be prompted. Click OK, then click on Show Results.
  7. Check (tick) all items except items in the C:\System Volume Information folder and click on Remove Selected.
  8. After it has removed the items, Notepad will open. Please post this log in your next reply. You can also find the log in the Logs tab. The bottom most log is the latest.

=================================

Scan again with OTL
  • Right click on OTL.exe and select "Run as administrator" to run it.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened
    • Extras.txt <-- Will be minimized
  • Please post the contents of these 2 Notepad files in your next reply.

Please post the following:
  • The Malwarebytes' log
  • The OTL.txt logfile
  • The Extras.txt logfile
  • A description of how your computer is behaving
User avatar
Carolyn
MRU Emeritus
MRU Emeritus
 
Posts: 4701
Joined: April 18th, 2007, 9:36 am
Location: Maine

Re: Help Please!!

Unread postby juansalazar » June 14th, 2011, 4:34 am

As requested i have run the tests.
I also have noticed that the process Rim.Transcoder.exe is the cause of cpu usage going crazy!!!
Once that process appears the CPU usage wont drop from 100%..

MALWAREBYTES LOG

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6851

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

14/06/2011 5:01:22 PM
mbam-log-2011-06-14 (17-01-22).txt

Scan type: Full scan (C:\|)
Objects scanned: 312818
Time elapsed: 49 minute(s), 19 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 17
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 8
Files Infected: 4

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Antimalware Doctor Inc (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
c:\program files (x86)\funwebproducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\funwebproducts\screensaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\funwebproducts\screensaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Users\night walker\AppData\Roaming\microsoft\Windows\start menu\Programs\antimalware doctor (Rogue.AntiMalwareDoctor) -> Quarantined and deleted successfully.

Files Infected:
c:\Users\night walker\AppData\Roaming\microsoft\internet explorer\quick launch\antimalware doctor.lnk (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Users\night walker\AppData\Roaming\microsoft\Windows\start menu\Programs\antimalware doctor\antimalware doctor.lnk (Rogue.AntiMalwareDoctor) -> Quarantined and deleted successfully.
c:\Users\night walker\AppData\Roaming\microsoft\Windows\start menu\Programs\antimalware doctor\uninstall.lnk (Rogue.AntiMalwareDoctor) -> Quarantined and deleted successfully.



EXTRAS LOG

OTL Extras logfile created on: 6/14/2011 6:22:57 PM - Run 2
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Night Walker\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

3.96 Gb Total Physical Memory | 1.89 Gb Available Physical Memory | 47.64% Memory free
7.93 Gb Paging File | 5.55 Gb Available in Paging File | 70.04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.94 Gb Total Space | 39.97 Gb Free Space | 13.98% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: TOSH | User Name: Night Walker | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{20387B45-18A4-4D48-ABD9-A23D2CBE42B3}" = Dolby Control Center
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{481A433E-2DB0-4650-9CEC-BE02413DF815}" = AVG 2011
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{63DA1F6A-2E65-4367-99B9-9E39FADEC446}" = HDMI Control Manager
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F7D66C-777D-473B-AA11-319C0F190EAC}" = TOSHIBA Internal Modem Region Select Utility
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{94A90C69-71C1-470A-88F5-AA47ECC96B40}" = TOSHIBA HDD Protection
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1" = PDF-Viewer
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{AC76BA86-1033-0000-0064-0003D0000004}" = Adobe Acrobat 9 Pro Extended 64-bit Add-On
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BB4F0BE4-3DCB-4C5C-8B2B-C07CC916A6B5}" = AVG 2011
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{EF48631A-7F45-430A-8AD3-B41CFB1D7596}" = HP Deskjet 2050 J510 series Product Improvement Study
"{F2C07BE3-0F88-4D0C-957B-3557699981E9}" = HP Deskjet 2050 J510 series Basic Device Software
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"AVG" = AVG 2011
"CutePDF Writer Installation" = CutePDF Writer 2.8
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"LTMOH" = LSI V92 MOH Application
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{01250B8F-D947-4F8A-9408-FE8E3EE2EC92}" = MyToshiba
"{022CBB38-CEF0-42BA-906A-A49BEFAE0BEE}" = RICOH R5U230 Media Driver ver.2.06.03.02
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0FB630AB-7BD8-40AE-B223-60397D57C3C9}" = Realtek WLAN Driver
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = TOSHIBA Assist
"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{3B843B38-04B1-4CE6-8888-586273E0F289}" = Quickbooks Financial Center
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4DE938F7-C196-43D7-8EEB-411CDE0A96B1}" = System Requirements Lab
"{50F68032-B5B7-4513-9116-C978DBD8F27A}" = DVD MovieFactory for TOSHIBA
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{5AF550B4-BB67-4E7E-82F1-2C4300279050}" = ToshibaRegistration
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{61539202-097E-487E-9237-B291AB56D54C}" = Bluetooth Monitor 4
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63DA1F6A-2E65-4367-99B9-9E39FADEC446}" = HDMI Control Manager
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6BF04C63-EAC0-4F19-9E88-9A745493E7BF}" = IconPackager
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}" = HP Deskjet 2050 J510 series Help
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87DF5956-A327-4304-8338-8E2B0AAB843E}" = BlackBerry Desktop Software
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8AEA4BE2-2B52-41C0-BB7D-9F2D17AF1033}" = Nero 8
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = Toshiba Application Installer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AEAF9CC-390B-49C0-8F7F-14092BF163B6}" = NetZero Launcher
"{9FE10246-A876-4979-B345-CADE6863BD8E}" = TOSHIBA Supervisor Password
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Toshiba Online Backup
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF0EDB56-BBF6-3C9F-9C50-2E3B3D444641}" = Google Talk Plugin
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5D8637D-FA1C-4CAD-91FC-4ADB1C284A21}" = TOSHIBA Hardware Setup
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA84ECBF-4B79-47F2-B34C-95C38484C058}" = Skype Launcher
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E487EE7D-EAAA-4E2A-9116-E3B477D8A74F}" = TOSHIBA USB Sleep and Charge Utility
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E69992ED-A7F6-406C-9280-1C156417BC49}" = Toshiba Quality Application
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{EEF985E8-8B36-4230-B174-117A2381C17F}" = LogMeIn Hamachi
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}" = Direct DiscRecorder
"{F3529665-D75E-4D6D-98F0-745C78C68E9B}" = TOSHIBA ConfigFree
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Belarc Advisor" = Belarc Advisor 8.1
"BlackBerry_Desktop" = BlackBerry Desktop Software
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"Dark Water Screensaver" = Dark Water Screensaver
"dBpoweramp DSP Effects" = dBpoweramp DSP Effects
"dBpoweramp Music Converter" = dBpoweramp Music Converter
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Foxit PDF Editor" = Foxit PDF Editor
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"Google Calendar Sync" = Google Calendar Sync
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Photo Creations" = HP Photo Creations
"IconPackager" = IconPackager
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}" = DVD MovieFactory for TOSHIBA
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{63DA1F6A-2E65-4367-99B9-9E39FADEC446}" = HDMI Control Manager
"InstallShield_{89F7D66C-777D-473B-AA11-319C0F190EAC}" = TOSHIBA Internal Modem Region Select Utility
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}" = Direct DiscRecorder
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"IrfanView" = IrfanView (remove only)
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200
"Picasa 3" = Picasa 3
"SecureW2 Enterprise Client" = SecureW2 Enterprise Client 3.5.0
"VLC media player" = VLC media player 1.0.1
"vShare" = vShare Plugin
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3805827440-2575277382-1516481298-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"ExeIcon" = ExeIcon (remove only)
"Google Chrome" = Google Chrome
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >
juansalazar
Active Member
 
Posts: 10
Joined: May 27th, 2011, 11:40 pm
Advertisement
Register to Remove

Next

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: pgmigg and 33 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware