seems more bios hack related than virus related.
I am posting the dds logs as per the rules anyway.
In short I have tried numerous ways to fix the problems that my computer has been having. About 3 mths ago I noted my antivirus picked up on shadow copy malware which I presumed it had deleted as my settings were such that on any file that is suspicious the file should be deleted completely from the system. Since that time My computer has been doing all sorts of strange things.. ie when doing netstat to connections it seems as if I am being connected to myself first then a channel and then to the https connections.. On going through my computer I noticed space missing that shouldn't be missing and found areas on the hard drive that are inaccessible nor deleteable. I thought maybe just put another drive in . and did so but noticed that even after crossing the cmos jumpers and resetting the bios that at the beginning of the start up there was a vista boot up and I was using windows 7.. I then paid particular attention to the bios by trying to re flash it with the proper asus flash utility. the flash would not take as it it showed there was a block in the bios that was stopping it from finishing completely.
ie the flash gets to 3 quarters done and appears to finish but goes no further up the graph than 3 quarters,
there are a number of other anomalies in the whole thing as all 3 of my computers suffer the same problems. I am hoping to get just this one clean as I believe I will be able to resolve the others once I get to the bottom of what ails this one.
I am a bit hamstrung to give examples of what happens when using netstat commands because I seem to have lost the ability to copy anything in the command window using normal methods. I now take screen shots of the netstat searches ..instead.
I have a little knowledge on how to get rid of virus's and have always been able to clean my own ( which has been a very rare occurrence ) but this one has defeated the Norton virus team and I think malware bytes.
Anyway I will wait and see what you folk have to say on the logs before I post any further.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16453
Run by Peter at 20:04:30 on 2013-01-31
#Option Extended Search is enabled.
Microsoft Windows 8 Pro with Media Center 6.2.9200.0.1252.61.2057.18.8191.6705 [GMT 10.5:30]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\dwm.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Windows\system32\taskhostex.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.1 Home Edition\bin\EpmNews.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\system32\taskhost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\SpecialBroadcastingServic.SBSOnDemand_1.2.0.86_x64__tkrs5w3k6x932\SBSOnDemand.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://ninemsn.com.au/
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
mRun: [EaseUS EPM tray] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.1 Home Edition\bin\EpmNews.exe
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{05DA4901-6120-4717-A92F-EBD067461CCE} : DHCPNameServer = 192.168.0.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-RunOnce: [131_1730627354005] "C:\Users\Peter\AppData\Local\LOGMEI~1\LMIR0001.tmp_r.bat"
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\xcp5jq3b.default\
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
FF - ExtSQL: 2013-01-26 21:46; {DDC359D1-844A-42a7-9AA1-88A850A938A8}; C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\xcp5jq3b.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 NBVol;Nero Backup Volume Filter Driver;C:\Windows\System32\Drivers\NBVol.sys [2013-1-26 72240]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver;C:\Windows\System32\Drivers\NBVolUp.sys [2013-1-26 15920]
R2 Fabs;FABS - Helping agent for MAGIX media database;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2011-5-24 1840128]
R3 athur;Qualcomm Atheros AR9271 Wireless Network Adapter Service;C:\Windows\System32\Drivers\athuw8x.sys [2013-1-26 3744256]
S3 epmntdrv;epmntdrv;C:\Windows\System32\epmntdrv.sys [2013-1-30 17480]
S3 EuGdiDrv;EuGdiDrv;C:\Windows\System32\EuGdiDrv.sys [2013-1-30 9800]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-4-26 2702848]
S3 pwdrvio;pwdrvio;C:\Windows\System32\pwdrvio.sys [2013-1-29 19032]
S3 pwdspio;pwdspio;C:\Windows\System32\pwdspio.sys [2013-1-29 12384]
S3 vmbusr;Virtual Machine Bus Provider;C:\Windows\System32\Drivers\vmbusr.sys [2012-7-26 117248]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]
.
=============== Created Last 60 ================
.
2013-01-31 07:02:09 -------- d-----w- C:\Users\Peter\AppData\Local\LogMeIn Rescue Applet
2013-01-31 07:02:06 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4957EDFA-2F06-48C6-8F44-74F508023E89}\offreg.dll
2013-01-31 02:49:21 42776 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM-3\StartResources.dll
2013-01-31 02:34:58 48648 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2013-01-31 02:34:53 42776 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2013-01-31 02:22:20 -------- d-----w- C:\Program Files\PlayReady
2013-01-31 02:21:48 48648 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2013-01-31 02:21:36 42776 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2013-01-31 02:21:34 710992 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-01-31 01:33:54 -------- d-----w- C:\Windows\ehome
2013-01-31 00:06:00 -------- d-----w- C:\Users\Peter\AppData\Local\ElevatedDiagnostics
2013-01-30 22:16:00 35712 ----a-w- C:\Windows\SysWow64\drivers\8JI3fFXX.sys
2013-01-30 19:21:30 9161176 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4957EDFA-2F06-48C6-8F44-74F508023E89}\mpengine.dll
2013-01-30 17:41:41 9161176 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-01-30 16:12:02 -------- d-----w- C:\Users\Peter\AppData\Roaming\GHISLER
2013-01-30 16:12:02 -------- d-----w- C:\totalcmd
2013-01-30 15:42:50 -------- d-----w- C:\ProgramData\Malwarebytes
2013-01-30 10:06:58 9800 ----a-w- C:\Windows\System32\EuGdiDrv.sys
2013-01-30 10:06:58 87112 ----a-w- C:\Windows\SysWow64\setupempdrv03.exe
2013-01-30 10:06:58 3376640 ----a-w- C:\Windows\System32\BootMan.exe
2013-01-30 10:06:58 3316736 ----a-w- C:\Windows\System32\¸´¼þ BootMan.exe
2013-01-30 10:06:58 2468520 ----a-w- C:\Windows\SysWow64\BootMan.exe
2013-01-30 10:06:58 19840 ----a-w- C:\Windows\SysWow64\EuEpmGdi.dll
2013-01-30 10:06:58 17480 ----a-w- C:\Windows\System32\epmntdrv.sys
2013-01-30 10:06:58 16256 ----a-w- C:\Windows\System32\EuEpmGdi.dll
2013-01-30 10:06:58 100936 ----a-w- C:\Windows\System32\setupempdrvx64.exe
2013-01-30 10:06:57 9160 ----a-w- C:\Windows\SysWow64\EuGdiDrv.sys
2013-01-30 10:06:57 14920 ----a-w- C:\Windows\SysWow64\epmntdrv.sys
2013-01-30 10:06:49 -------- d-----w- C:\Program Files (x86)\EaseUS
2013-01-30 09:09:15 -------- d-----w- C:\Users\Peter\AppData\Local\Macromedia
2013-01-30 01:30:49 -------- d-----w- C:\Users\Peter\AppData\Local\CrashDumps
2013-01-30 00:32:07 35712 ----a-w- C:\Windows\SysWow64\drivers\2Acu24A8.sys
2013-01-30 00:18:14 -------- d-----w- C:\Users\Peter\AppData\Local\NPE
2013-01-30 00:18:14 -------- d-----w- C:\ProgramData\Norton
2013-01-29 22:48:55 -------- d-----w- C:\Users\Peter\AppData\Roaming\abelhadigital.com
2013-01-29 22:48:55 -------- d-----w- C:\ProgramData\abelhadigital.com
2013-01-29 22:48:51 -------- d-----w- C:\Program Files (x86)\HostsMan
2013-01-29 21:19:42 210624 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10191.bin
2013-01-29 11:24:27 -------- d-sh--w- C:\Boot
2013-01-29 03:11:41 -------- d-----w- C:\Temp
2013-01-28 13:58:34 3055808 ----a-w- C:\Windows\System32\pwNative.exe
2013-01-28 13:58:34 19032 ------w- C:\Windows\System32\pwdrvio.sys
2013-01-28 13:58:34 12384 ------w- C:\Windows\System32\pwdspio.sys
2013-01-27 22:53:59 77824 ----a-w- C:\Windows\System32\taskhost.exe
2013-01-27 22:52:59 816128 ----a-w- C:\Windows\System32\SearchIndexer.exe
2013-01-27 22:51:58 1027152 ----a-w- C:\Windows\SysWow64\Taskmgr.exe
2013-01-27 22:50:59 3964416 ----a-w- C:\Windows\System32\WinSAT.exe
2013-01-27 22:49:59 92672 ----a-w- C:\Windows\System32\drvinst.exe
2013-01-27 14:20:00 -------- d-----w- C:\Windows\System32\appmgmt
2013-01-27 12:20:49 -------- d-----w- C:\Users\Peter\AppData\Roaming\Ashampoo
2013-01-27 12:20:40 -------- d-----w- C:\Users\Peter\AppData\Local\ashampoo
2013-01-27 12:20:38 -------- d-----w- C:\ProgramData\Ashampoo
2013-01-27 12:20:34 -------- d-----w- C:\Program Files (x86)\Ashampoo
2013-01-27 12:19:56 -------- d-----w- C:\Users\Peter\AppData\Local\Programs
2013-01-27 11:30:04 50784 ----a-w- C:\ProgramData\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2013-01-27 11:30:03 18528 ----a-w- C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm2.bin
2013-01-27 11:20:11 16114176 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-01-27 11:20:10 15541248 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-01-27 11:03:47 17888 ----a-w- C:\Windows\System32\msvcr100_clr0400.dll
2013-01-27 11:03:36 17888 ----a-w- C:\Windows\SysWow64\msvcr100_clr0400.dll
2013-01-27 10:58:40 144384 ----a-w- C:\Windows\System32\tssdisai.dll
2013-01-27 10:58:39 135680 ----a-w- C:\Windows\System32\appserverai.dll
2013-01-27 10:58:39 126976 ----a-w- C:\Windows\System32\RDWebAI.dll
2013-01-27 10:58:39 122880 ----a-w- C:\Windows\System32\VmHostAI.dll
2013-01-27 10:58:37 148480 ----a-w- C:\Windows\System32\poqexec.exe
2013-01-27 10:58:37 132608 ----a-w- C:\Windows\SysWow64\poqexec.exe
2013-01-27 10:58:34 94208 ----a-w- C:\Windows\System32\synceng.dll
2013-01-27 10:58:34 72192 ----a-w- C:\Windows\SysWow64\synceng.dll
2013-01-27 10:58:33 86016 ----a-w- C:\Windows\System32\ncryptsslp.dll
2013-01-27 10:58:33 71168 ----a-w- C:\Windows\SysWow64\ncryptsslp.dll
2013-01-27 10:58:05 2893824 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2013-01-27 10:58:04 2400256 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2013-01-26 18:37:13 -------- d-----w- C:\Windows\en
2013-01-26 18:36:55 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-01-26 18:36:43 -------- d-----w- C:\Windows\PCHEALTH
2013-01-26 18:34:55 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
2013-01-26 12:52:30 -------- d-----w- C:\Users\Peter\AppData\Roaming\simplitec
2013-01-26 12:10:28 273840 ------w- C:\Windows\System32\MpSigStub.exe
2013-01-26 11:10:43 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2013-01-26 11:10:29 63336 ----a-w- C:\Windows\System32\nvshext.dll
2013-01-26 11:10:29 3293544 ----a-w- C:\Windows\System32\nvsvc64.dll
2013-01-26 11:10:28 891240 ----a-w- C:\Windows\System32\nvvsvc.exe
2013-01-26 11:10:28 6200680 ----a-w- C:\Windows\System32\nvcpl.dll
2013-01-26 11:10:28 2557800 ----a-w- C:\Windows\System32\nvsvcr.dll
2013-01-26 11:10:28 118120 ----a-w- C:\Windows\System32\nvmctray.dll
2013-01-26 11:10:05 60776 ----a-w- C:\Windows\System32\OpenCL.dll
2013-01-26 11:10:05 52584 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2013-01-26 11:09:50 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2013-01-26 11:09:44 -------- d-----w- C:\Program Files\NVIDIA Corporation
2013-01-26 10:59:04 3744256 ----a-w- C:\Windows\System32\drivers\athuw8x.sys
2013-01-26 10:52:05 -------- d-----w- C:\Users\Peter\AppData\Roaming\MAGIX
2013-01-26 10:52:05 -------- d-----w- C:\ProgramData\MAGIX
2013-01-26 10:37:04 -------- d-----r- C:\Users\Peter\Searches
2013-01-26 10:36:30 -------- d-----w- C:\Users\Peter\AppData\Local\VirtualStore
2013-01-26 10:36:24 -------- d-----w- C:\Users\Peter\AppData\Local\Packages
2013-01-26 10:36:24 -------- d-----w- C:\ProgramData\PRICache
2013-01-26 10:22:22 -------- d--h--w- C:\Users\Peter\AppData
2013-01-26 10:22:22 -------- d-----w- C:\Users\Peter\AppData\Local\Temp
2013-01-26 10:22:22 -------- d-----w- C:\Users\Peter\AppData\Local\Microsoft
2013-01-26 10:18:41 -------- d-----w- C:\Windows.old
2013-01-26 05:32:21 15920 ----a-w- C:\Windows\System32\drivers\NBVolUp.sys
2013-01-26 05:32:20 72240 ----a-w- C:\Windows\System32\drivers\NBVol.sys
2013-01-26 05:32:20 -------- d-----w- C:\Program Files (x86)\Nero
2013-01-26 05:28:01 778856 ----a-w- C:\Windows\SysWow64\PresentationNative_v0300.dll
2013-01-26 05:28:01 35400 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
2013-01-26 05:28:01 102528 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2013-01-26 05:28:00 35400 ----a-w- C:\Windows\System32\TsWpfWrp.exe
2013-01-26 05:28:00 124040 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2013-01-26 05:28:00 1166440 ----a-w- C:\Windows\System32\PresentationNative_v0300.dll
2013-01-26 04:58:12 -------- d-----w- C:\Program Files (x86)\Verbatim
2013-01-26 04:07:23 -------- d-----w- C:\Users\Peter\AppData\Local\Adobe
2013-01-26 03:28:47 -------- d-----w- C:\Program Files (x86)\MAGIX
2013-01-26 03:28:44 -------- d-----w- C:\ProgramData\simplitec
2013-01-26 03:28:39 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2013-01-26 03:28:35 -------- d-----w- C:\Program Files (x86)\Common Files\MAGIX Services
2013-01-25 23:22:18 -------- d-----w- C:\Windows\Panther
2013-01-25 01:48:02 -------- d-----w- C:\NVIDIA
2013-01-18 23:15:15 -------- d-----r- C:\Users\Peter\Contacts
2013-01-18 23:14:35 -------- d-----r- C:\Users\Peter\Videos
2013-01-18 23:14:35 -------- d-----r- C:\Users\Peter\Saved Games
2013-01-18 23:14:35 -------- d-----r- C:\Users\Peter\Pictures
2013-01-18 23:14:35 -------- d-----r- C:\Users\Peter\Music
2013-01-18 23:14:35 -------- d-----r- C:\Users\Peter\Links
2013-01-18 23:14:35 -------- d-----r- C:\Users\Peter\Downloads
2013-01-18 23:14:35 -------- d-----r- C:\Users\Peter\Documents
2013-01-15 08:51:22 -------- d-sh--w- C:\Recovery
.
==================== Find6M ====================
.
2013-01-26 03:29:55 120200 ----a-w- C:\Windows\SysWow64\DLLDEV32i.dll
2012-12-18 23:32:58 80728 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-18 23:32:58 695640 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-12-16 08:28:20 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 08:20:01 35328 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-16 08:08:33 362496 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 07:57:09 300032 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-06 04:23:00 170496 ----a-w- C:\Windows\System32\TimeBrokerServer.dll
2012-12-06 04:22:59 178176 ----a-w- C:\Windows\System32\SystemEventsBrokerServer.dll
2012-12-04 04:21:42 368640 ----a-w- C:\Windows\System32\sppwinob.dll
2012-12-04 03:59:08 4055552 ----a-w- C:\Windows\System32\win32k.sys
2012-11-29 05:05:57 707584 ----a-w- C:\Windows\System32\AppXDeploymentExtensions.dll
2012-11-29 05:05:57 1131520 ----a-w- C:\Windows\System32\AppXDeploymentServer.dll
2012-11-28 04:21:17 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll
2012-11-28 04:20:59 53760 ----a-w- C:\Windows\System32\UXInit.dll
2012-11-27 07:00:32 194280 ----a-w- C:\Windows\System32\drivers\sdbus.sys
2012-11-27 07:00:29 124648 ----a-w- C:\Windows\System32\drivers\dumpsd.sys
2012-11-27 06:59:13 329960 ----a-w- C:\Windows\System32\drivers\storport.sys
2012-11-27 06:39:46 1122768 ----a-w- C:\Windows\System32\Taskmgr.exe
2012-11-27 04:20:50 1048064 ----a-w- C:\Windows\SysWow64\mstsc.exe
2012-11-27 04:20:42 179200 ----a-w- C:\Windows\SysWow64\wpnapps.dll
2012-11-27 04:20:35 891904 ----a-w- C:\Windows\SysWow64\winmde.dll
2012-11-27 04:20:31 798208 ----a-w- C:\Windows\SysWow64\WebcamUi.dll
2012-11-27 04:20:29 46592 ----a-w- C:\Windows\SysWow64\vds_ps.dll
2012-11-27 04:20:28 560128 ----a-w- C:\Windows\SysWow64\UserLanguagesCpl.dll
2012-11-27 04:20:23 1217536 ----a-w- C:\Windows\SysWow64\storagewmi.dll
2012-11-27 04:20:15 680960 ----a-w- C:\Windows\System32\vds.exe
2012-11-27 04:20:07 702464 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2012-11-27 04:20:07 1123840 ----a-w- C:\Windows\System32\mstsc.exe
2012-11-27 04:18:59 888832 ----a-w- C:\Windows\System32\nshwfp.dll
2012-11-27 04:18:39 5974528 ----a-w- C:\Windows\System32\mstscax.dll
2012-11-27 04:18:25 1146880 ----a-w- C:\Windows\System32\mcmde.dll
2012-11-27 04:18:13 1071104 ----a-w- C:\Windows\System32\IKEEXT.DLL
2012-11-27 04:18:06 378880 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2012-11-27 04:17:32 718848 ----a-w- C:\Windows\System32\BFE.DLL
2012-11-27 04:17:31 2302464 ----a-w- C:\Windows\System32\authui.dll
2012-11-27 03:57:32 18432 ----a-w- C:\Windows\System32\drivers\BtaMPM.sys
2012-11-27 03:56:29 31104 ----a-w- C:\Windows\System32\drivers\BthAvrcpTg.sys
2012-11-27 03:55:44 29952 ----a-w- C:\Windows\System32\drivers\BthhfHid.sys
2012-11-20 08:00:23 6971624 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-11-20 05:24:19 1164800 ----a-w- C:\Windows\SysWow64\Display.dll
2012-11-20 05:24:17 36352 ----a-w- C:\Windows\SysWow64\DevDispItemProvider.dll
2012-11-20 05:17:23 1184256 ----a-w- C:\Windows\System32\Display.dll
2012-11-20 05:17:20 49152 ----a-w- C:\Windows\System32\DevDispItemProvider.dll
2012-11-20 05:02:46 6656 ----a-w- C:\Windows\SysWow64\KBDKURD.DLL
2012-11-20 04:59:26 7168 ----a-w- C:\Windows\System32\KBDKURD.DLL
2012-11-20 04:56:27 27136 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2012-11-20 04:56:11 83456 ----a-w- C:\Windows\System32\drivers\hidclass.sys
2012-11-20 04:54:31 39936 ----a-w- C:\Windows\System32\drivers\hidi2c.sys
2012-11-15 06:08:41 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-15 06:06:34 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-11-13 04:20:30 1120768 ----a-w- C:\Windows\System32\msctf.dll
2012-11-13 04:19:23 890880 ----a-w- C:\Windows\SysWow64\msctf.dll
2012-11-09 04:49:51 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-11-09 04:03:48 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-11-08 04:25:36 523776 ----a-w- C:\Windows\SysWow64\WSShared.dll
2012-11-08 04:25:36 143872 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.dll
2012-11-08 04:25:36 124928 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2012-11-08 04:25:35 1775104 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-11-08 04:24:27 2881536 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-11-08 04:24:22 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2012-11-08 04:24:22 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2012-11-08 04:24:19 75776 ----a-w- C:\Windows\SysWow64\fontsub.dll
2012-11-08 04:24:06 10752 ----a-w- C:\Windows\SysWow64\dciman32.dll
2012-11-08 04:22:21 641536 ----a-w- C:\Windows\System32\WSShared.dll
2012-11-08 04:22:20 198656 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.dll
2012-11-08 04:22:20 163840 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2012-11-08 04:22:19 2246656 ----a-w- C:\Windows\System32\wininet.dll
2012-11-08 04:22:12 907776 ----a-w- C:\Windows\System32\uxtheme.dll
2012-11-08 04:21:00 3966464 ----a-w- C:\Windows\System32\jscript9.dll
2012-11-08 04:20:56 67072 ----a-w- C:\Windows\System32\iesetup.dll
2012-11-08 04:20:56 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2012-11-08 04:20:50 96256 ----a-w- C:\Windows\System32\fontsub.dll
2012-11-08 04:20:37 14336 ----a-w- C:\Windows\System32\dciman32.dll
2012-11-08 04:02:16 3072 ----a-w- C:\Windows\System32\lpk.dll
2012-11-08 04:01:40 3072 ----a-w- C:\Windows\SysWow64\lpk.dll
2012-11-08 01:56:52 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll
2012-11-08 00:59:12 1402312 ----a-w- C:\Windows\SysWow64\msxml4.dll
2012-11-06 07:52:07 445160 ----a-w- C:\Windows\System32\drivers\USBHUB3.SYS
2012-11-06 07:52:04 277736 ----a-w- C:\Windows\System32\drivers\msiscsi.sys
2012-11-06 07:36:23 69864 ----a-w- C:\Windows\System32\drivers\pdc.sys
2012-11-06 07:33:46 522640 ----a-w- C:\Windows\System32\AUDIOKSE.dll
2012-11-06 07:33:46 253512 ----a-w- C:\Windows\System32\audiodg.exe
2012-11-06 07:33:45 490064 ----a-w- C:\Windows\System32\AudioEng.dll
2012-11-06 07:33:45 447792 ----a-w- C:\Windows\System32\AudioSes.dll
2012-11-06 07:33:30 1566432 ----a-w- C:\Windows\System32\ole32.dll
2012-11-06 05:00:06 463768 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll
2012-11-06 05:00:06 427568 ----a-w- C:\Windows\SysWow64\AudioEng.dll
2012-11-06 05:00:06 324344 ----a-w- C:\Windows\SysWow64\AudioSes.dll
2012-11-06 04:54:13 2205696 ----a-w- C:\Windows\SysWow64\PrintConfig.dll
2012-11-06 04:48:27 1150160 ----a-w- C:\Windows\SysWow64\ole32.dll
2012-11-06 04:19:59 470016 ----a-w- C:\Windows\System32\wlanmsm.dll
2012-11-06 04:18:58 84992 ----a-w- C:\Windows\SysWow64\fdWCN.dll
2012-11-06 04:17:58 110080 ----a-w- C:\Windows\System32\dafWCN.dll
2012-11-06 04:17:42 785920 ----a-w- C:\Windows\System32\audiosrv.dll
2012-11-06 04:17:41 169472 ----a-w- C:\Windows\System32\AudioEndpointBuilder.dll
2012-11-06 04:17:35 2146816 ----a-w- C:\Windows\System32\actxprxy.dll
2012-11-06 04:17:32 212992 ----a-w- C:\Windows\System32\bthprops.cpl
2012-11-06 04:00:44 99328 ----a-w- C:\Windows\System32\wushareduxresources.dll
2012-11-06 04:00:17 16384 ----a-w- C:\Windows\System32\iscsilog.dll
.
============= FINISH: 20:05:04.56 ===============