1 result 024 - desktop component0: (no name - (no file) and keeps coming back, should I be worried?
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421
Run by Sol at 8:22:13 on 2012-01-21
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3455.1366 [GMT -5:00]
.
AV: Norton Business Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Business Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Business Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
c:\program files\idt\v114_ecs_d_6207.2v7_6099.8xp_g2.0v_rc_sdc\wdm\STacSV.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Nuance\dgnsvc.exe
C:\Program Files\DYMO\DYMO Label Software\DymoPnpService.exe
C:\Windows\system32\Ati2evxx.exe
C:\Program Files\GlidePoint\glidesvc.exe
C:\Program Files\Norton Business Suite\Engine\5.1.0.29\ccSvcHst.exe
C:\Program Files\GlidePoint\glidesvc.exe
C:\Program Files\PortReporter\portreporter.exe
C:\Program Files\ThreatFire\TFService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Norton Business Suite\Engine\5.1.0.29\ccSvcHst.exe
C:\Program Files\Snappy Fax Version 5\sfpagent.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\BillP Studios\Task Catcher\TaskTrap.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\ThreatFire\TFTray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Snappy Fax Version 5\SF5.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files\AMS Services\TransactNOW\OALaunch.exe
C:\Program Files\Webcetera\EzPDFUploadSetup_Win7x86\EzPDFUploadConsole.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Users\Sol\AppData\Local\AMS Services, Inc\AMS 360\WorkstationCoordinator.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\prevhost.exe
C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton business suite\engine\5.1.0.29\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton business suite\engine\5.1.0.29\ips\IPSBHO.DLL
BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton business suite\engine\5.1.0.29\coIEPlg.dll
TB: {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - No File
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [Snappy Fax Version 5] c:\program files\snappy fax version 5\SF5.exe
uRun: [ISUSPM] c:\programdata\flexnet\connect\11\ISUSPM.exe -scheduler
uRun: [dms] c:\program files\mercury insurance\mercury agent application\MAA40.exe
uRun: [HijackThis startup scan] c:\program files\trend micro\hijackthis\HijackThis.exe /startupscan
uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\9dbe996c-a8d6-48f3-8d01-bc09c68acf93.com
mRun: [FJTWAIN Setup] c:\windows\twain_32\fjscan32\FjtwSetup.exe /Reconstruct
mRun: [Snappy Fax Printer virtual printer agent] "c:\program files\snappy fax version 5\sfpagent.exe"
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
mRun: [DNS7reminder] "c:\program files\nuance\naturallyspeaking11\ereg\ereg.exe" -r "c:\programdata\nuance\naturallyspeaking11\Ereg.ini
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe"
mRun: [<NO NAME>]
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [Task Catcher] c:\program files\billp studios\task catcher\tasktrap.exe
mRun: [ThreatFire] c:\program files\threatfire\TFTray.exe
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot
mRun: [TEAM-UP Download Scheduler] c:\teamup\download\tudlsched.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
StartupFolder: c:\users\sol\appdata\roaming\micros~1\windows\startm~1\programs\startup\ezpdfu~1.lnk - c:\windows\installer\{f7abb138-9222-468c-b025-229c14e6686f}\_54D63B019984DCF9C84188.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\transa~1.lnk - c:\program files\ams services\transactnow\OALaunch.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
mPolicies-system: EnableLinkedConnections = 1 (0x1)
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Customize Menu - file://c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000
IE: Fill Forms - file://c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: Save Forms - file://c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: Show RoboForm Toolbar - file://c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~1\office12\ONBttnIE.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\roboform.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\roboform.dll
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office12\REFIEBAR.DLL
Trusted Zone: ams-benefits.com
Trusted Zone: ams-services.com
Trusted Zone: ams-support.com
Trusted Zone: ams360.com
Trusted Zone: ams360.com\www
Trusted Zone: amsservices.com
Trusted Zone: fnicproducer.com\www
Trusted Zone: foragentsonly.com\sbr5
Trusted Zone: foragentsonly.com\www1
Trusted Zone: njcrib.com\www
Trusted Zone: prevailnetwork.com
Trusted Zone: psiauto.com\www
Trusted Zone: silverplume.com\rating
Trusted Zone: standardfunding.com\www
Trusted Zone: transactnow.com\ams
Trusted Zone: travelers.com
Trusted Zone: travelerspc.com
Trusted Zone: vertafore.com
Trusted Zone: AMSSetWrite.com
Trusted Zone: silverplume.com
Trusted Zone: travelers.com
Trusted Zone: travelerspc.com
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net ... plugin.cab
DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} - hxxp://www.psiauto.com/is/root//controls/ScriptX.cab
DPF: {5852F5ED-8BF4-11D4-A245-0080C6F74284} - hxxp://javadl-esd.sun.com/update/1.6.0/ ... s-i586.cab
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/Shar ... /cabsa.cab
DPF: {77DAB859-DDE3-4C49-A86B-FAFEA51039FB} - hxxp://download.connectivesupport.com/t ... USched.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CA9DABAF-EE22-4B29-9C60-91F85E81A894} - hxxps://webfnol.firemansfund.com:446/AI ... leSize.CAB
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://akamaicdn.webex.com/client/WBXc ... atgpc1.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1 10.1.10.1
TCP: Interfaces\{36A2D3E4-5D4D-4414-8DCF-CB275DF843AC} : DhcpNameServer = 192.168.1.1 10.1.10.1
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0501000.01d\symds.sys [2011-9-15 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0501000.01d\symefa.sys [2011-9-15 744568]
R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [2011-11-23 51984]
R0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [2011-11-23 69392]
R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\definitions\bashdefs\20111223.001\BHDrvx86.sys [2011-11-30 820344]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\definitions\ipsdefs\20120120.002\IDSvix86.sys [2012-1-21 368248]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0501000.01d\ironx86.sys [2011-9-15 136312]
R1 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\n360\0501000.01d\symnets.sys [2011-9-15 299640]
R1 VWiFiFlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2011-7-18 116608]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928]
R2 DragonSvc;Dragon Service;c:\program files\common files\nuance\dgnsvc.exe [2010-7-23 296808]
R2 DymoPnpService;DYMO PnP Service;c:\program files\dymo\dymo label software\DymoPnpService.exe [2011-1-28 32336]
R2 GlidePoint;GlidePoint Touchpad Client;c:\program files\glidepoint\glidesvc.exe [2009-6-4 193832]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-12-30 652872]
R2 N360;Norton Business Suite;c:\program files\norton business suite\engine\5.1.0.29\ccsvchst.exe [2011-9-15 130008]
R2 PortReporter;Port Reporter;c:\program files\portreporter\PortReporter.exe [2011-12-30 90183]
R2 ThreatFire;ThreatFire;c:\program files\threatfire\tfservice.exe service --> c:\program files\threatfire\TFService.exe service [?]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-1-4 106104]
R3 glidehid;GlidePoint HID Touchpad Minidriver;c:\windows\system32\drivers\glidehid.sys [2009-6-4 60840]
R3 glideps2;GlidePoint PS/2 Touchpad Filter;c:\windows\system32\drivers\glideps2.sys [2009-6-4 25384]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-7 20464]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-6-10 394856]
R3 scsiscan;SCSI Scanner Driver;c:\windows\system32\drivers\scsiscan.sys [2009-7-13 14848]
R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [2011-11-23 33552]
R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2011-2-24 30392]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 4238;4238;c:\windows\system32\drivers\4238 [2011-8-3 9072]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 ECSIoDriver_1_1_0_0;ECSIoDriver_1_1_0_0;c:\program files\ecs motherboard utility\eblu\ECSIoDriver.sys [2011-3-29 14528]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-1-20 40776]
S3 netr28u;Linksys USB Wireless LAN Card Driver for Vista;c:\windows\system32\drivers\netr28u.sys [2010-1-15 841504]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-3-1 52224]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-13 14336]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-1-30 1343400]
S4 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
.
=============== Created Last 30 ================
.
2012-01-20 21:13:02 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-01-10 16:31:10 -------- d-----w- C:\SQLEXPRESS
2012-01-03 13:10:44 182672 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
2012-01-02 15:34:48 -------- d-----w- c:\programdata\Symantec
2011-12-30 20:37:29 -------- d-----w- c:\program files\PortReporter
2011-12-30 19:44:12 -------- d-----w- C:\PortQryUI
2011-12-30 19:14:45 -------- d-----w- c:\program files\Microsoft
2011-12-30 19:13:28 -------- d-----w- C:\portrptr
2011-12-30 19:08:45 -------- d-----w- C:\promqryui
2011-12-28 18:08:46 -------- d-----w- c:\program files\GlidePoint
2011-12-27 18:00:50 -------- d-----w- c:\users\sol\appdata\local\Thunderbird
2011-12-26 19:26:45 -------- d-----w- c:\program files\Starfield
2011-12-26 16:34:03 -------- d-----w- c:\windows\system32\%LOCALAPPDATA%
2011-12-22 21:55:00 -------- d-----w- c:\windows\Microsoft Antimalware
2011-12-22 21:54:57 -------- d-----w- c:\windows\Windows Defender Offline
.
==================== Find3M ====================
.
2011-12-10 20:24:06 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-24 04:25:27 2342912 ----a-w- c:\windows\system32\win32k.sys
2011-11-19 14:01:00 67072 ----a-w- c:\windows\system32\packager.dll
2011-11-17 21:26:29 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-17 05:41:52 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2011-11-17 05:41:51 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2011-11-17 05:39:24 369352 ----a-w- c:\windows\system32\drivers\cng.sys
2011-11-17 05:38:39 1288472 ----a-w- c:\windows\system32\ntdll.dll
2011-11-17 05:35:02 314880 ----a-w- c:\windows\system32\webio.dll
2011-11-17 05:34:55 15872 ----a-w- c:\windows\system32\sspisrv.dll
2011-11-17 05:34:55 100352 ----a-w- c:\windows\system32\sspicli.dll
2011-11-17 05:34:52 224768 ----a-w- c:\windows\system32\schannel.dll
2011-11-17 05:34:52 22016 ----a-w- c:\windows\system32\secur32.dll
2011-11-17 05:32:51 1038848 ----a-w- c:\windows\system32\lsasrv.dll
2011-11-17 05:29:50 22528 ----a-w- c:\windows\system32\lsass.exe
2011-11-10 16:44:33 110456 ----a-w- c:\users\sol\g2ax_customer_downloadhelper_win32_x86.exe
2011-11-10 10:54:13 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-11-09 22:45:34 0 ----a-w- c:\windows\system32\usbuvexe.dll
2011-11-09 22:45:34 0 ----a-w- c:\windows\system32\polewget.dll
2011-11-09 22:45:34 0 ----a-w- c:\windows\system32\gifantbl.dll
2011-11-09 22:45:34 0 ----a-w- c:\windows\system32\drivers\bmpostxt.sys
2011-11-09 22:45:34 0 ----a-w- c:\windows\system32\calesvga.exe
2011-11-09 22:45:34 0 ----a-w- c:\windows\system32\bmpostxt.dll
2011-11-08 17:23:50 72080 ----a-w- c:\users\sol\g2mdlhlpx.exe
2011-11-05 04:26:03 2048 ----a-w- c:\windows\system32\tzres.dll
2011-11-03 22:47:42 1798144 ----a-w- c:\windows\system32\jscript9.dll
2011-11-03 22:40:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-03 22:39:47 1127424 ----a-w- c:\windows\system32\wininet.dll
2011-11-03 22:31:57 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-10-26 04:47:40 3967856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-26 04:47:40 3912560 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-26 04:32:11 514560 ----a-w- c:\windows\system32\qdvd.dll
2011-10-26 04:32:11 1328128 ----a-w- c:\windows\system32\quartz.dll
2011-10-26 04:28:12 38912 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-24 19:29:02 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 19:29:02 69632 ----a-w- c:\windows\system32\QuickTime.qts
.
============= FINISH: 8:24:43.48 ===============