frustratedtotheex

OK. Sorry to bother you all again, but I now have my son's computer. He cannot install microsoft office. The admin account will only log in as a temporary profile. Most everything done in that account is undone, but it's still giving admin privelages. I had to a system restore to a week ago because when I went online, I couldn't see any text in IE--just a white screen. His taskbar goes to Windows basic and he cannot undo it unless he does a system restore. Graphics user interface no longer works--as soon as you log into an account it pops up saying it's not working. Here's the mbam scan: Malwarebytes Anti-Malware (Trial) 1.60.0.1800 www.malwarebytes.org Database version: v2012.01.11.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Niklas :: NIKLAS-PC [limited] Protection: Enabled 1/11/2012 7:36:15 PM mbam-log-2012-01-11 (19-36-15).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 169794 Time elapsed: 3 minute(s), 39 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)

Thanks so much. Unfortnately, he is in IB and needs his work that is on there. I will start a new thread to try and clean his computer and flash drive. Thanks for your help. I feel better knowing that it really is clean. My husband said it wouldn't be which is why I was on here.

Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 9:19:53 AM, on 1/11/2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Synaptics\SynTP\SynToshiba.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Mary\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- End of file - 3619 bytes Here's the hijack file. I did a complete out of box restore before I did posted to you all and did the combofix. That is when my husband said that it was probably a rootkit considering the issues that were going on before the restore and combofix (programs starting admin passing up, IE not working). Thanks for working with me.

Yea--atleast I'm doing something right.

Checkup Results of screen317's Security Check version 0.99.30 Windows Vista Service Pack 2 x86 (UAC is enabled) Internet Explorer 9 `````````````````````````````` Antivirus/Firewall Check: Windows Firewall Enabled! Microsoft Security Essentials WMI entry may not exist for antivirus; attempting automatic update. ``````````````````````````````` Anti-malware/Other Utilities Check: Java 6 Update 30 Java SE Runtime Environment 6 ```````````````````````````````` Process Check: objlist.exe by Laurent Windows Defender MSMpEng.exe Malwarebytes' Anti-Malware mbamservice.exe Malwarebytes' Anti-Malware mbamgui.exe Microsoft Security Essentials msseces.exe Microsoft Security Client Antimalware MsMpEng.exe ``````````End of Log````````````

Extras OTL Extras logfile created on: 1/10/2012 8:56:49 PM - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Mary\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1.87 Gb Total Physical Memory | 0.91 Gb Available Physical Memory | 48.79% Memory free 3.99 Gb Paging File | 2.99 Gb Available in Paging File | 74.94% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 147.58 Gb Total Space | 105.94 Gb Free Space | 71.78% Space Free | Partition Type: NTFS Computer Name: MARY-PC | User Name: Mary | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{32A194E1-F3FE-4D8A-9B27-14F59CBD3D7E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{C49EB975-B66D-49A2-AE4D-A8DC1F20A0A2}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{004AFB1B-202C-4CE9-2F0A-AC2C254B7474}" = Catalyst Control Center Core Implementation "{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware "{0F8BA4A0-40C2-5EDD-208E-44F9D99AF66A}" = ccc-utility "{12396D22-A3C5-BE0E-4BE9-40925B547124}" = Catalyst Control Center Localization French "{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver "{12B0D089-0C76-1138-BF98-AA3764B95B3C}" = Catalyst Control Center Graphics Previews Vista "{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works "{1B9E9846-F9F9-108F-7101-3F04C1ECF7F4}" = CCC Help Norwegian "{22543949-70E8-45D0-A938-F38143EB8BF8}" = Catalyst Control Center - Branding "{25E3424B-E50A-A739-E7BC-28D51257EB3D}" = Catalyst Control Center Localization Japanese "{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java 6 Update 30 "{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program "{2B81D384-C464-A647-E0BC-2F0B0A259101}" = CCC Help Polish "{2D9720C9-68DC-E26F-556C-0E187F7F75B5}" = Skins "{2DBD54E4-60FF-5C22-8A4F-07CE91D4BCA9}" = CCC Help Czech "{306583FF-1018-9418-5165-4323FE79297E}" = ccc-core-static "{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java SE Runtime Environment 6 "{40ACD261-6346-22D6-9E35-7A0AF351A5A0}" = CCC Help Chinese Traditional "{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}" = ATI Catalyst Install Manager "{462D573C-5652-07A8-81BB-A6F06A8DF6D6}" = CCC Help Thai "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{518CFBF4-6D36-3BD6-1261-4BB2E7B66592}" = Catalyst Control Center Localization Norwegian "{5334052F-BCE7-09B0-760A-C07C0C95165A}" = CCC Help Chinese Standard "{5452824A-9D54-D448-7D83-A9F06BC82B08}" = Catalyst Control Center Localization Dutch "{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client "{57B461F1-B9A6-A755-D44D-35B30265F55B}" = Catalyst Control Center Localization Turkish "{5B0DEC51-454B-7A22-1344-C0667D7EE297}" = Catalyst Control Center Localization Hungarian "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{68076F84-541F-A160-CA5A-5D495BC2774A}" = Catalyst Control Center Graphics Light "{6F7A4C02-81A3-52CC-F146-BF341B6B6F66}" = CCC Help Italian "{7000D045-5626-577C-37D7-4340CBDBF1F5}" = CCC Help German "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{73265757-21E0-F0B4-BA10-AE041A4D0A66}" = CCC Help Swedish "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{77523838-39A6-CE90-A73B-83B78852D0BA}" = CCC Help French "{77ABDB01-BB12-6C05-1FC7-1D000DD01BF2}" = CCC Help Portuguese "{7D7FFF01-953A-DC52-F32A-043C7EA9DA8A}" = Catalyst Control Center Graphics Full Existing "{84610568-58EC-B9C7-604B-F336384CD41C}" = Catalyst Control Center Localization German "{87D3F51A-BB3B-6780-F5BD-B68085D7243E}" = Catalyst Control Center Localization Chinese Traditional "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A6B3ADA-8F72-ECEB-AD49-7DD1B2FDEAEA}" = Catalyst Control Center Localization Czech "{8B119FA0-443D-992E-F390-0372263B4634}" = Catalyst Control Center Localization Polish "{8F6497B5-8570-F8F5-0BC3-4EB466DF348C}" = Catalyst Control Center Graphics Full New "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{90C8F4D6-8479-C80D-9BD1-2EBAF6BF71E6}" = CCC Help Finnish "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English) "{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer "{A56F5DFC-AB11-EE35-DBEC-DA491E31EB45}" = Catalyst Control Center Localization Italian "{A6A8B5E4-60FE-EAAB-3A17-425979599B5D}" = Catalyst Control Center Localization Spanish "{A7ED90ED-0FCF-1477-59C5-DEAFBF600A05}" = CCC Help Hungarian "{AB1DC37B-800F-7DBD-ADC7-1F39F77B6139}" = Catalyst Control Center Localization Thai "{B038E6F8-412A-87C2-D629-130748480DB6}" = Catalyst Control Center Localization Portuguese "{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser "{B7C328ED-447B-4881-A404-5778E3CD0BE4}" = CCC Help Dutch "{C121A2E8-0487-5CDD-7D2F-6F1E894ED570}" = CCC Help Japanese "{C4C5B527-1EB2-642C-A2A0-E3010F2B1ACC}" = CCC Help Korean "{C4DDCEFB-BB7A-0743-9E0B-FA8F2FB9CD85}" = Catalyst Control Center Localization Russian "{C7CDD6EC-2144-4AA3-AEC8-4E4BE596A382}" = Catalyst Control Center Localization Swedish "{C7D2A2C1-48A3-9DC3-A2EB-EF3C8EF4E1F0}" = CCC Help Turkish "{C8650C9A-F3DC-77F7-D162-AE15407A3F12}" = Catalyst Control Center Localization Chinese Standard "{C941DC8B-7DEE-B47D-233D-9921B74808E5}" = CCC Help Russian "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba "{CF844630-B4B6-FD54-A983-D9CF69EE47D3}" = Catalyst Control Center Localization Greek "{D7B3C832-1DEA-7F3A-1BF3-FE3661248DDC}" = Catalyst Control Center Localization Danish "{D947631B-933E-5F26-AB61-24EA0BF6BCD6}" = Catalyst Control Center Localization Korean "{DB780B85-B4B5-4864-A49C-9B706B169C93}" = TIPCI "{E2DC4C9A-43CF-8F23-8EEA-2D0C76C96A2D}" = CCC Help Greek "{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series "{E7FB56B1-F318-0AEF-8696-7C715219B190}" = Catalyst Control Center Localization Finnish "{EA8B703F-43F2-9BC9-CE76-BB0E527F3DA6}" = CCC Help English "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F648E1F9-3835-46EA-44A6-0A7F13FB75D3}" = CCC Help Spanish "{FBEDF075-637E-8C96-9B2C-13B1B0F43F4C}" = CCC Help Danish "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "ERUNT_is1" = ERUNT 1.1j "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "InstallShield_{DB780B85-B4B5-4864-A49C-9B706B169C93}" = Texas Instruments PCIxx21/x515/xx12 drivers. "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.0.1800 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft Security Client" = Microsoft Security Essentials "Revo Uninstaller" = Revo Uninstaller 1.93 "SynTPDeinstKey" = Synaptics Pointing Device Driver "Windows Media Encoder 9" = Windows Media Encoder 9 Series ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 1/4/2007 9:23:58 AM | Computer Name = Mary-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 1/4/2007 9:23:58 AM | Computer Name = Mary-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 1/4/2007 9:24:01 AM | Computer Name = Mary-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 1/4/2007 9:24:01 AM | Computer Name = Mary-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 1/4/2007 9:24:02 AM | Computer Name = Mary-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 1/4/2007 9:24:02 AM | Computer Name = Mary-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 1/4/2007 9:24:02 AM | Computer Name = Mary-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 1/4/2007 9:24:02 AM | Computer Name = Mary-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 1/4/2007 9:24:02 AM | Computer Name = Mary-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 1/4/2007 9:24:02 AM | Computer Name = Mary-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = [ System Events ] Error - 1/1/2012 8:45:52 PM | Computer Name = Mary-PC | Source = Microsoft-Windows-Servicing | ID = 4385 Description = Error - 1/1/2012 8:45:52 PM | Computer Name = Mary-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 1/1/2012 8:45:52 PM | Computer Name = Mary-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 1/1/2012 8:45:52 PM | Computer Name = Mary-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 1/1/2012 8:45:52 PM | Computer Name = Mary-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 1/1/2012 8:45:52 PM | Computer Name = Mary-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 1/1/2012 8:45:52 PM | Computer Name = Mary-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 1/1/2012 8:45:52 PM | Computer Name = Mary-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 1/1/2012 8:45:52 PM | Computer Name = Mary-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 1/1/2012 8:54:52 PM | Computer Name = Mary-PC | Source = DCOM | ID = 10010 Description = < End of report >

Final OTL ========== Files Created - No Company Name ========== [2012/01/10 20:56:20 | 000,879,683 | ---- | C] () -- C:\Users\Mary\Desktop\SecurityCheck.exe [2012/01/10 19:27:59 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf [2012/01/10 18:51:45 | 000,000,924 | ---- | C] () -- C:\Users\Mary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk [2012/01/10 18:51:26 | 000,000,744 | ---- | C] () -- C:\Users\Mary\Desktop\NTREGOPT.lnk [2012/01/10 18:51:26 | 000,000,725 | ---- | C] () -- C:\Users\Mary\Desktop\ERUNT.lnk [2012/01/10 18:35:52 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs [2012/01/10 18:35:52 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml [2012/01/10 18:35:52 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl [2012/01/02 09:00:04 | 000,000,680 | ---- | C] () -- C:\Users\Mary\AppData\Local\d3d9caps.dat [2012/01/02 08:41:19 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2012/01/02 07:55:00 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf [2012/01/02 07:20:10 | 000,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf [2012/01/02 07:20:05 | 000,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml [2012/01/02 07:20:05 | 000,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml [2012/01/02 07:19:47 | 000,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf [2012/01/02 07:19:42 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2012/01/02 07:19:40 | 000,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf [2012/01/02 07:18:40 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex [2012/01/02 07:18:33 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF [2012/01/02 07:18:13 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2012/01/02 07:18:13 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2012/01/02 07:18:06 | 000,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs [2012/01/02 07:18:03 | 000,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man [2012/01/02 07:17:54 | 000,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd [2012/01/01 20:00:36 | 000,145,455 | ---- | C] () -- C:\Windows\System32\perfmon.msc [2012/01/01 19:59:24 | 000,144,909 | ---- | C] () -- C:\Windows\System32\fsmgmt.msc [2012/01/01 19:59:20 | 000,012,198 | ---- | C] () -- C:\Windows\System32\gatherWiredInfo.vbs [2012/01/01 19:52:31 | 000,196,608 | ---- | C] () -- C:\Windows\SPInstall.etl [2012/01/01 18:52:34 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf [2012/01/01 18:52:30 | 000,015,181 | ---- | C] () -- C:\Windows\System32\gatherWirelessInfo.vbs [2012/01/01 17:55:29 | 031,326,208 | ---- | C] () -- C:\Windows\ocsetup_install_NetFx3.etl [2012/01/01 17:55:29 | 000,196,608 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf [2012/01/01 17:55:29 | 000,065,536 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx [2012/01/01 17:15:28 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01007.Wdf [2012/01/01 17:15:18 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf [2012/01/01 17:14:53 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01007_Inbox_Critical.Wdf [2012/01/01 17:03:21 | 000,001,820 | ---- | C] () -- C:\Windows\System32\rasctrnm.h [2012/01/01 17:00:18 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif [2012/01/01 17:00:05 | 000,001,779 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk [2012/01/01 15:30:13 | 000,001,028 | ---- | C] () -- C:\Users\Mary\Desktop\Revo Uninstaller.lnk [2012/01/01 14:53:22 | 000,000,067 | ---- | C] () -- C:\Windows\swupdate.INI [2011/12/28 12:06:12 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf [2011/12/28 12:03:59 | 000,089,991 | ---- | C] () -- C:\Windows\System32\netathr.inf [2011/12/28 12:03:59 | 000,030,578 | ---- | C] () -- C:\Windows\System32\athrext.cat [2011/12/28 12:02:18 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ2.dat [2011/12/28 12:02:18 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat [2011/12/28 12:02:18 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat [2011/12/28 11:47:05 | 000,001,924 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2007.lnk [2011/12/28 11:46:44 | 000,000,987 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works Task Launcher.lnk [2011/12/28 09:18:16 | 000,000,960 | ---- | C] () -- C:\Users\Mary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2011/12/28 09:18:13 | 000,000,955 | ---- | C] () -- C:\Users\Mary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [2011/12/28 09:18:00 | 000,000,926 | ---- | C] () -- C:\Users\Mary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk [2011/12/28 09:17:36 | 000,000,258 | ---- | C] () -- C:\Users\Mary\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk [2011/12/28 09:17:36 | 000,000,240 | ---- | C] () -- C:\Users\Mary\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk [2007/08/16 17:56:19 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2007/08/16 14:28:39 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI [2007/07/14 01:52:00 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2007/07/14 01:29:00 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat [2007/02/20 19:39:10 | 000,144,773 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2007/01/03 08:34:51 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2007/01/03 08:34:51 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2007/01/03 08:34:51 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2007/01/03 08:34:51 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2007/01/03 08:34:51 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2007/01/03 05:47:50 | 000,023,624 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro36.sys [2006/12/05 15:05:04 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll [2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006/11/02 07:47:37 | 000,326,088 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 05:33:01 | 000,595,684 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006/11/02 05:33:01 | 000,101,350 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2005/07/22 23:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll ========== LOP Check ========== [2012/01/02 08:59:16 | 000,000,000 | ---D | M] -- C:\Users\Mary\AppData\Roaming\TOSHIBA [2012/01/02 08:55:51 | 000,000,000 | ---D | M] -- C:\Users\Mary\AppData\Roaming\WinBatch [2012/01/10 19:29:02 | 000,020,228 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report >

OTL Again [2012/01/01 19:58:30 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\utildll.dll [2012/01/01 19:58:30 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga64k.dll [2012/01/01 19:58:29 | 001,298,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TMM.dll [2012/01/01 19:58:29 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tracerpt.exe [2012/01/01 19:58:29 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\verifier.dll [2012/01/01 19:58:29 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsbas.dll [2012/01/01 19:58:29 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\verifier.exe [2012/01/01 19:58:29 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TpmInit.exe [2012/01/01 19:58:29 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vfwwdm32.dll [2012/01/01 19:58:29 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmredir.dll [2012/01/01 19:58:29 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vds_ps.dll [2012/01/01 19:58:29 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsldr.exe [2012/01/01 19:58:27 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsddd.dll [2012/01/01 19:58:26 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\termmgr.dll [2012/01/01 19:58:26 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TimeDateMUICallback.dll [2012/01/01 19:58:25 | 002,588,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIHub.dll [2012/01/01 19:58:25 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\umb.dll [2012/01/01 19:58:24 | 000,736,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unbcl.dll [2012/01/01 19:58:24 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattend.dll [2012/01/01 19:58:24 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\txflog.dll [2012/01/01 19:58:24 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ucsvc.exe [2012/01/01 19:58:24 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe [2012/01/01 19:58:24 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattendedjoin.exe [2012/01/01 19:58:24 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\txfw32.dll [2012/01/01 19:58:23 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ufat.dll [2012/01/01 19:58:23 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uexfat.dll [2012/01/01 18:59:52 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll [2012/01/01 18:55:12 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\polstore.dll [2012/01/01 18:52:35 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll [2012/01/01 18:52:34 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll [2012/01/01 18:52:34 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll [2012/01/01 18:52:33 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll [2012/01/01 18:52:33 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll [2012/01/01 18:51:25 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll [2012/01/01 18:51:24 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll [2012/01/01 18:48:28 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe [2012/01/01 18:48:27 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe [2012/01/01 18:48:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll [2012/01/01 18:48:26 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL [2012/01/01 18:39:07 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll [2012/01/01 18:39:07 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll [2012/01/01 18:23:55 | 001,793,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0045.dll [2012/01/01 18:23:54 | 001,808,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0046.dll [2012/01/01 18:23:54 | 001,558,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0049.dll [2012/01/01 18:23:54 | 001,411,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0047.dll [2012/01/01 18:23:54 | 001,236,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0020.dll [2012/01/01 18:23:53 | 005,499,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0022.dll [2012/01/01 18:23:53 | 002,136,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0021.dll [2012/01/01 18:23:53 | 001,782,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0039.dll [2012/01/01 18:23:52 | 007,964,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0024.dll [2012/01/01 18:23:52 | 005,791,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0026.dll [2012/01/01 18:23:51 | 006,224,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0027.dll [2012/01/01 18:23:51 | 004,175,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0010.dll [2012/01/01 18:23:50 | 002,466,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0011.dll [2012/01/01 18:23:49 | 004,981,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0013.dll [2012/01/01 18:23:49 | 003,331,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0018.dll [2012/01/01 18:23:48 | 011,722,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0001.dll [2012/01/01 18:23:48 | 006,781,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0019.dll [2012/01/01 18:23:47 | 004,164,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0002.dll [2012/01/01 18:23:47 | 001,452,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0003.dll [2012/01/01 18:23:45 | 004,093,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004c.dll [2012/01/01 18:23:45 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004a.dll [2012/01/01 18:23:45 | 001,702,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004b.dll [2012/01/01 18:23:44 | 004,045,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons003e.dll [2012/01/01 18:23:44 | 001,972,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004e.dll [2012/01/01 18:23:44 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons002a.dll [2012/01/01 18:23:43 | 006,014,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001a.dll [2012/01/01 18:23:42 | 006,585,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001b.dll [2012/01/01 18:23:41 | 006,346,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001d.dll [2012/01/01 18:23:40 | 009,892,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000a.dll [2012/01/01 18:23:40 | 006,237,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000c.dll [2012/01/01 18:23:40 | 001,722,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000d.dll [2012/01/01 18:23:39 | 005,654,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000f.dll [2012/01/01 18:23:39 | 004,616,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0414.dll [2012/01/01 18:23:38 | 005,090,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0416.dll [2012/01/01 18:23:38 | 005,031,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0816.dll [2012/01/01 18:23:37 | 007,042,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons081a.dll [2012/01/01 18:23:37 | 005,071,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsModels0011.dll [2012/01/01 18:23:36 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0046.dll [2012/01/01 18:23:36 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0045.dll [2012/01/01 18:23:35 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0049.dll [2012/01/01 18:23:35 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0047.dll [2012/01/01 18:23:34 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0039.dll [2012/01/01 18:23:34 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0020.dll [2012/01/01 18:23:34 | 001,801,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0021.dll [2012/01/01 18:23:33 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0026.dll [2012/01/01 18:23:33 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0024.dll [2012/01/01 18:23:33 | 001,801,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0022.dll [2012/01/01 18:23:32 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0010.dll [2012/01/01 18:23:32 | 001,966,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0027.dll [2012/01/01 18:23:31 | 003,466,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0013.dll [2012/01/01 18:23:31 | 002,657,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0011.dll [2012/01/01 18:23:31 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0018.dll [2012/01/01 18:23:30 | 004,497,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0019.dll [2012/01/01 18:23:30 | 001,523,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0000.dll [2012/01/01 18:23:29 | 002,599,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0001.dll [2012/01/01 18:23:29 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0003.dll [2012/01/01 18:23:29 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0002.dll [2012/01/01 18:23:28 | 004,875,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0009.dll [2012/01/01 18:23:28 | 002,243,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0007.dll [2012/01/01 18:23:27 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004c.dll [2012/01/01 18:23:27 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004b.dll [2012/01/01 18:23:27 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004a.dll [2012/01/01 18:23:26 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004e.dll [2012/01/01 18:23:26 | 001,801,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData003e.dll [2012/01/01 18:23:25 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001b.dll [2012/01/01 18:23:25 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001a.dll [2012/01/01 18:23:25 | 001,801,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData002a.dll [2012/01/01 18:23:24 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001d.dll [2012/01/01 18:23:23 | 009,847,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000a.dll [2012/01/01 18:23:23 | 002,643,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000c.dll [2012/01/01 18:23:23 | 002,342,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000d.dll [2012/01/01 18:23:22 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0414.dll [2012/01/01 18:23:22 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000f.dll [2012/01/01 18:23:21 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0816.dll [2012/01/01 18:23:21 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0416.dll [2012/01/01 18:23:20 | 006,917,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0c1a.dll [2012/01/01 18:23:20 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData081a.dll [2012/01/01 18:23:19 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0c1a.dll [2012/01/01 18:18:20 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll [2012/01/01 17:34:10 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll [2012/01/01 17:27:27 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll [2012/01/01 17:24:09 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll [2012/01/01 17:14:53 | 000,035,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys [2012/01/01 17:00:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client [2012/01/01 16:59:18 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl [2012/01/01 16:56:10 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hcrstco.dll [2012/01/01 16:56:10 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hccoin.dll [2012/01/01 16:52:48 | 000,000,000 | ---D | C] -- C:\Users\Mary\AppData\Local\Microsoft Help [2012/01/01 16:48:21 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe [2012/01/01 16:48:21 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe [2012/01/01 16:48:21 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll [2012/01/01 16:48:21 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll [2012/01/01 16:48:21 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll [2012/01/01 16:48:20 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe [2012/01/01 16:48:20 | 000,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe [2012/01/01 16:48:20 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll [2012/01/01 16:48:20 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll [2012/01/01 16:46:02 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe [2012/01/01 16:46:01 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll [2012/01/01 16:46:00 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx [2012/01/01 16:46:00 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll [2012/01/01 16:05:10 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll [2012/01/01 16:05:10 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll [2012/01/01 16:05:09 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll [2012/01/01 16:04:13 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL [2012/01/01 15:57:49 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll [2012/01/01 15:57:49 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE [2012/01/01 15:57:49 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE [2012/01/01 15:57:49 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE [2012/01/01 15:57:49 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE [2012/01/01 15:57:49 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe [2012/01/01 15:57:49 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE [2012/01/01 15:51:35 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb [2012/01/01 15:51:35 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb [2012/01/01 15:50:27 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm [2012/01/01 15:50:27 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm [2012/01/01 15:30:12 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group [2012/01/01 15:30:12 | 000,000,000 | ---D | C] -- C:\Users\Mary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller [2012/01/01 15:25:57 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2011/12/28 12:07:04 | 000,000,000 | ---D | C] -- C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3} [2011/12/28 12:06:55 | 000,000,000 | ---D | C] -- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites [2011/12/28 12:05:58 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics [2011/12/28 12:03:59 | 000,737,280 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\athr.sys [2011/12/28 12:03:59 | 000,000,000 | ---D | C] -- C:\Program Files\Atheros [2011/12/28 12:03:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros [2011/12/28 12:03:07 | 000,269,096 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RTKVADDA.EXE [2011/12/28 12:02:55 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM [2011/12/28 12:02:19 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll [2011/12/28 12:02:17 | 004,669,440 | ---- | C] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe [2011/12/28 12:02:17 | 002,048,000 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll [2011/12/28 12:02:17 | 001,191,936 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlUpd.exe [2011/12/28 12:02:17 | 000,563,712 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll [2011/12/28 12:02:17 | 000,532,480 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl [2011/12/28 12:02:17 | 000,339,968 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll [2011/12/28 12:02:17 | 000,266,240 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll [2011/12/28 12:02:17 | 000,185,776 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll [2011/12/28 12:02:17 | 000,167,936 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll [2011/12/28 12:02:17 | 000,135,168 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll [2011/12/28 12:02:17 | 000,126,976 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\maxxaudioapo.dll [2011/12/28 12:02:17 | 000,017,408 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll [2011/12/28 12:02:04 | 000,520,192 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll [2011/12/28 12:02:04 | 000,315,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\HideWin.exe [2011/12/28 12:00:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center [2011/12/28 11:58:20 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2011/12/28 11:56:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Install Manager [2011/12/28 11:56:55 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2011/12/28 11:56:47 | 000,007,680 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\AtiPcie.sys [2011/12/28 11:51:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2011/12/28 11:51:26 | 000,031,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msonpmon.dll [2011/12/28 11:50:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2011/12/28 11:50:28 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2011/12/28 11:50:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2011/12/28 11:48:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2011/12/28 11:47:36 | 000,000,000 | R--D | C] -- C:\MSOCache [2011/12/28 11:47:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2011/12/28 11:46:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works [2011/12/28 11:46:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works [2011/12/28 11:44:39 | 000,000,000 | ---D | C] -- C:\WORKSSETUP [2011/12/28 11:38:23 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2011/12/28 11:35:25 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2011/12/28 09:18:51 | 000,000,000 | ---D | C] -- C:\Users\Mary\AppData\Roaming\ATI [2011/12/28 09:18:51 | 000,000,000 | ---D | C] -- C:\Users\Mary\AppData\Local\ATI [2011/12/28 09:18:51 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2011/12/28 09:18:47 | 000,000,000 | ---D | C] -- C:\Users\Mary\AppData\Local\Toshiba [2011/12/28 09:18:43 | 000,000,000 | ---D | C] -- C:\Users\Mary\Documents\My Google Gadgets [2011/12/28 09:18:39 | 000,000,000 | ---D | C] -- C:\Users\Mary\AppData\Local\Google [2011/12/28 09:18:14 | 000,000,000 | R--D | C] -- C:\Users\Mary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2011/12/28 09:18:14 | 000,000,000 | R--D | C] -- C:\Users\Mary\Searches [2011/12/28 09:18:14 | 000,000,000 | R--D | C] -- C:\Users\Mary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2011/12/28 09:18:04 | 000,000,000 | ---D | C] -- C:\Users\Mary\AppData\Roaming\Identities [2011/12/28 09:18:01 | 000,000,000 | R--D | C] -- C:\Users\Mary\Contacts [2011/12/28 09:17:44 | 000,000,000 | ---D | C] -- C:\Users\Mary\AppData\Local\VirtualStore [2011/12/28 09:17:36 | 000,000,000 | --SD | C] -- C:\Users\Mary\AppData\Roaming\Microsoft [2011/12/28 09:17:36 | 000,000,000 | R--D | C] -- C:\Users\Mary\Videos [2011/12/28 09:17:36 | 000,000,000 | R--D | C] -- C:\Users\Mary\Saved Games [2011/12/28 09:17:36 | 000,000,000 | R--D | C] -- C:\Users\Mary\Pictures [2011/12/28 09:17:36 | 000,000,000 | R--D | C] -- C:\Users\Mary\Music [2011/12/28 09:17:36 | 000,000,000 | R--D | C] -- C:\Users\Mary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2011/12/28 09:17:36 | 000,000,000 | R--D | C] -- C:\Users\Mary\Links [2011/12/28 09:17:36 | 000,000,000 | R--D | C] -- C:\Users\Mary\Favorites [2011/12/28 09:17:36 | 000,000,000 | R--D | C] -- C:\Users\Mary\Downloads [2011/12/28 09:17:36 | 000,000,000 | R--D | C] -- C:\Users\Mary\Documents [2011/12/28 09:17:36 | 000,000,000 | R--D | C] -- C:\Users\Mary\Desktop [2011/12/28 09:17:36 | 000,000,000 | R--D | C] -- C:\Users\Mary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2011/12/28 09:17:36 | 000,000,000 | -HSD | C] -- C:\Users\Mary\AppData\Local\Temporary Internet Files [2011/12/28 09:17:36 | 000,000,000 | -HSD | C] -- C:\Users\Mary\Templates [2011/12/28 09:17:36 | 000,000,000 | -HSD | C] -- C:\Users\Mary\Start Menu [2011/12/28 09:17:36 | 000,000,000 | -HSD | C] -- C:\Users\Mary\SendTo [2011/12/28 09:17:36 | 000,000,000 | -HSD | C] -- C:\Users\Mary\Recent [2011/12/28 09:17:36 | 000,000,000 | -HSD | C] -- C:\Users\Mary\PrintHood [2011/12/28 09:17:36 | 000,000,000 | -HSD | C] -- C:\Users\Mary\NetHood [2011/12/28 09:17:36 | 000,000,000 | -HSD | C] -- C:\Users\Mary\Documents\My Videos [2011/12/28 09:17:36 | 000,000,000 | -HSD | C] -- C:\Users\Mary\Documents\My Pictures [2011/12/28 09:17:36 | 000,000,000 | -HSD | C] -- C:\Users\Mary\Documents\My Music [2011/12/28 09:17:36 | 000,000,000 | -HSD | C] -- C:\Users\Mary\My Documents [2011/12/28 09:17:36 | 000,000,000 | -HSD | C] -- C:\Users\Mary\Local Settings [2011/12/28 09:17:36 | 000,000,000 | -HSD | C] -- C:\Users\Mary\AppData\Local\History [2011/12/28 09:17:36 | 000,000,000 | -HSD | C] -- C:\Users\Mary\Cookies [2011/12/28 09:17:36 | 000,000,000 | -HSD | C] -- C:\Users\Mary\Application Data [2011/12/28 09:17:36 | 000,000,000 | -HSD | C] -- C:\Users\Mary\AppData\Local\Application Data [2011/12/28 09:17:36 | 000,000,000 | -H-D | C] -- C:\Users\Mary\AppData [2011/12/28 09:17:36 | 000,000,000 | ---D | C] -- C:\Users\Mary\AppData\Local\Microsoft [2011/12/28 09:17:36 | 000,000,000 | ---D | C] -- C:\Users\Mary\AppData\Roaming\Media Center Programs [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/01/10 20:56:20 | 000,879,683 | ---- | M] () -- C:\Users\Mary\Desktop\SecurityCheck.exe [2012/01/10 20:53:59 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Mary\Desktop\OTL.exe [2012/01/10 19:39:10 | 000,595,684 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012/01/10 19:39:10 | 000,101,350 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012/01/10 19:32:10 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012/01/10 19:32:10 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012/01/10 19:31:09 | 000,326,088 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012/01/10 19:31:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/01/10 19:30:22 | 2011,217,920 | -HS- | M] () -- C:\hiberfil.sys [2012/01/10 19:27:59 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf [2012/01/10 18:57:35 | 000,000,512 | ---- | M] () -- C:\Users\Mary\Desktop\MBR.dat [2012/01/10 18:54:38 | 001,972,528 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Mary\Desktop\tdsskiller.exe [2012/01/10 18:53:00 | 004,713,472 | ---- | M] (AVAST Software) -- C:\Users\Mary\Desktop\aswMBR.exe [2012/01/10 18:51:45 | 000,000,924 | ---- | M] () -- C:\Users\Mary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk [2012/01/10 18:51:26 | 000,000,744 | ---- | M] () -- C:\Users\Mary\Desktop\NTREGOPT.lnk [2012/01/10 18:51:26 | 000,000,725 | ---- | M] () -- C:\Users\Mary\Desktop\ERUNT.lnk [2012/01/02 09:17:05 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2012/01/02 09:17:05 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2012/01/02 09:17:05 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2012/01/02 09:17:04 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2012/01/02 09:00:05 | 000,000,680 | ---- | M] () -- C:\Users\Mary\AppData\Local\d3d9caps.dat [2012/01/02 08:47:00 | 000,000,954 | ---- | M] () -- C:\Users\Mary\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2012/01/02 08:41:33 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat [2012/01/02 08:41:33 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat [2012/01/02 08:41:22 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2012/01/02 08:41:21 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2012/01/02 08:41:21 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2012/01/02 08:41:21 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2012/01/02 08:41:21 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2012/01/02 08:41:21 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2012/01/02 08:41:20 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2012/01/02 08:41:20 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2012/01/02 08:41:20 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2012/01/02 08:41:20 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012/01/02 08:41:20 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2012/01/02 08:41:19 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2012/01/02 08:41:19 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2012/01/02 08:41:19 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2012/01/02 08:41:19 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2012/01/02 08:41:19 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012/01/02 08:41:19 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2012/01/02 08:41:19 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2012/01/02 08:41:19 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf [2012/01/02 08:41:19 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2012/01/02 08:41:19 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2012/01/02 08:41:18 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2012/01/02 08:41:18 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2012/01/02 08:41:18 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2012/01/02 08:41:18 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2012/01/02 08:41:17 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012/01/02 08:41:17 | 001,798,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2012/01/02 08:41:17 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2012/01/02 08:41:17 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2012/01/02 08:41:17 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2012/01/02 08:41:17 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2012/01/02 08:41:17 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2012/01/02 08:41:17 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2012/01/02 08:41:17 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2012/01/02 08:41:15 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2012/01/02 08:41:15 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2012/01/02 08:41:15 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2012/01/02 08:41:14 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2012/01/02 08:39:31 | 002,873,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mf.dll [2012/01/02 08:39:31 | 000,979,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll [2012/01/02 08:39:31 | 000,357,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll [2012/01/02 08:39:31 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll [2012/01/02 08:39:31 | 000,261,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll [2012/01/02 08:39:31 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll [2012/01/02 08:39:30 | 000,209,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll [2012/01/02 08:39:24 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll [2012/01/02 08:39:23 | 000,683,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll [2012/01/02 08:39:23 | 000,486,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll [2012/01/02 08:39:22 | 001,172,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll [2012/01/02 08:39:22 | 001,029,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll [2012/01/02 08:39:22 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll [2012/01/02 08:39:22 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll [2012/01/02 08:39:22 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll [2012/01/02 08:39:22 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll [2012/01/02 08:39:21 | 000,847,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll [2012/01/02 08:39:21 | 000,667,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe [2012/01/02 08:39:21 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll [2012/01/02 08:39:21 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll [2012/01/02 08:39:20 | 001,554,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll [2012/01/02 08:35:05 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\dxgkrnl.sys.mui [2012/01/02 08:35:03 | 000,519,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll [2012/01/02 08:35:03 | 000,369,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll [2012/01/02 08:35:03 | 000,252,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe [2012/01/02 08:35:03 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll [2012/01/02 08:35:02 | 000,321,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll [2012/01/02 08:35:02 | 000,189,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll [2012/01/02 07:55:00 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf [2012/01/01 20:31:21 | 000,101,888 | ---- | M] (Infineon Technologies AG) -- C:\Windows\System32\ifxcardm.dll [2012/01/01 20:31:09 | 000,082,432 | ---- | M] (Gemalto, Inc.) -- C:\Windows\System32\axaltocm.dll [2012/01/01 20:23:19 | 000,196,608 | ---- | M] () -- C:\Windows\SPInstall.etl [2012/01/01 18:59:52 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll [2012/01/01 18:55:12 | 000,272,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\polstore.dll [2012/01/01 18:52:35 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll [2012/01/01 18:52:34 | 002,501,921 | ---- | M] () -- C:\Windows\System32\wlan.tmf [2012/01/01 18:52:34 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll [2012/01/01 18:52:34 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll [2012/01/01 18:52:33 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll [2012/01/01 18:52:33 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll [2012/01/01 18:52:30 | 000,015,181 | ---- | M] () -- C:\Windows\System32\gatherWirelessInfo.vbs [2012/01/01 18:51:25 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll [2012/01/01 18:51:24 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll [2012/01/01 18:48:28 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe [2012/01/01 18:48:27 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe [2012/01/01 18:48:27 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll [2012/01/01 18:48:26 | 002,386,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL [2012/01/01 18:39:07 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll [2012/01/01 18:39:07 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll [2012/01/01 18:23:55 | 001,793,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0045.dll [2012/01/01 18:23:54 | 001,808,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0046.dll [2012/01/01 18:23:54 | 001,558,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0049.dll [2012/01/01 18:23:54 | 001,411,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0047.dll [2012/01/01 18:23:54 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0020.dll [2012/01/01 18:23:53 | 005,499,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0022.dll [2012/01/01 18:23:53 | 002,136,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0021.dll [2012/01/01 18:23:53 | 001,782,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0039.dll [2012/01/01 18:23:52 | 007,964,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0024.dll [2012/01/01 18:23:52 | 005,791,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0026.dll [2012/01/01 18:23:51 | 006,224,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0027.dll [2012/01/01 18:23:51 | 004,175,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0010.dll [2012/01/01 18:23:51 | 002,466,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0011.dll [2012/01/01 18:23:50 | 004,981,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0013.dll [2012/01/01 18:23:49 | 006,781,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0019.dll [2012/01/01 18:23:49 | 003,331,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0018.dll [2012/01/01 18:23:48 | 011,722,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0001.dll [2012/01/01 18:23:47 | 004,164,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0002.dll [2012/01/01 18:23:47 | 001,452,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0003.dll [2012/01/01 18:23:45 | 004,093,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004c.dll [2012/01/01 18:23:45 | 003,419,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004a.dll [2012/01/01 18:23:45 | 001,702,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004b.dll [2012/01/01 18:23:44 | 006,014,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001a.dll [2012/01/01 18:23:44 | 004,045,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons003e.dll [2012/01/01 18:23:44 | 001,972,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004e.dll [2012/01/01 18:23:44 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons002a.dll [2012/01/01 18:23:43 | 006,585,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001b.dll [2012/01/01 18:23:42 | 006,346,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001d.dll [2012/01/01 18:23:41 | 009,892,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000a.dll [2012/01/01 18:23:40 | 006,237,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000c.dll [2012/01/01 18:23:40 | 001,722,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000d.dll [2012/01/01 18:23:39 | 005,654,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000f.dll [2012/01/01 18:23:39 | 005,090,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0416.dll [2012/01/01 18:23:39 | 004,616,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0414.dll [2012/01/01 18:23:38 | 007,042,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons081a.dll [2012/01/01 18:23:38 | 005,031,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0816.dll [2012/01/01 18:23:37 | 005,071,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsModels0011.dll [2012/01/01 18:23:36 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0047.dll [2012/01/01 18:23:36 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0046.dll [2012/01/01 18:23:36 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0045.dll [2012/01/01 18:23:35 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0049.dll [2012/01/01 18:23:34 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0039.dll [2012/01/01 18:23:34 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0020.dll [2012/01/01 18:23:34 | 001,801,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0021.dll [2012/01/01 18:23:33 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0026.dll [2012/01/01 18:23:33 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0024.dll [2012/01/01 18:23:33 | 001,801,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0022.dll [2012/01/01 18:23:32 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0010.dll [2012/01/01 18:23:32 | 002,657,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0011.dll [2012/01/01 18:23:32 | 001,966,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0027.dll [2012/01/01 18:23:31 | 003,466,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0013.dll [2012/01/01 18:23:31 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0018.dll [2012/01/01 18:23:30 | 004,497,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0019.dll [2012/01/01 18:23:30 | 002,599,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0001.dll [2012/01/01 18:23:30 | 001,523,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0000.dll [2012/01/01 18:23:29 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0003.dll [2012/01/01 18:23:29 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0002.dll [2012/01/01 18:23:28 | 004,875,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0009.dll [2012/01/01 18:23:28 | 002,243,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0007.dll [2012/01/01 18:23:27 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004c.dll [2012/01/01 18:23:27 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004b.dll [2012/01/01 18:23:27 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004a.dll [2012/01/01 18:23:26 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004e.dll [2012/01/01 18:23:26 | 001,801,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData003e.dll [2012/01/01 18:23:26 | 001,801,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData002a.dll [2012/01/01 18:23:25 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData001b.dll [2012/01/01 18:23:25 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData001a.dll [2012/01/01 18:23:24 | 009,847,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000a.dll [2012/01/01 18:23:24 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData001d.dll [2012/01/01 18:23:23 | 002,643,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000c.dll [2012/01/01 18:23:23 | 002,342,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000d.dll [2012/01/01 18:23:22 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0416.dll [2012/01/01 18:23:22 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0414.dll [2012/01/01 18:23:22 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000f.dll [2012/01/01 18:23:21 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0816.dll [2012/01/01 18:23:20 | 006,917,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0c1a.dll [2012/01/01 18:23:20 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0c1a.dll [2012/01/01 18:23:20 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData081a.dll [2012/01/01 18:18:20 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll [2012/01/01 18:04:35 | 031,326,208 | ---- | M] () -- C:\Windows\ocsetup_install_NetFx3.etl [2012/01/01 18:04:35 | 000,196,608 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf [2012/01/01 18:04:35 | 000,065,536 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx [2012/01/01 17:34:10 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll [2012/01/01 17:27:27 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll [2012/01/01 17:24:09 | 000,355,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll [2012/01/01 17:15:28 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01007.Wdf [2012/01/01 17:15:18 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf [2012/01/01 17:14:53 | 000,035,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys [2012/01/01 17:14:53 | 000,000,003 | ---- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01007_Inbox_Critical.Wdf [2012/01/01 17:03:21 | 000,001,820 | ---- | M] () -- C:\Windows\System32\rasctrnm.h [2012/01/01 17:00:18 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif [2012/01/01 16:59:18 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl [2012/01/01 16:48:21 | 000,471,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll [2012/01/01 16:48:21 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe [2012/01/01 16:48:21 | 000,346,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe [2012/01/01 16:48:21 | 000,332,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll [2012/01/01 16:48:21 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll [2012/01/01 16:48:21 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll [2012/01/01 16:48:20 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe [2012/01/01 16:48:20 | 000,518,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe [2012/01/01 16:48:20 | 000,471,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll [2012/01/01 16:46:02 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe [2012/01/01 16:46:01 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll [2012/01/01 16:46:00 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx [2012/01/01 16:05:10 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll [2012/01/01 16:05:10 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll [2012/01/01 16:04:13 | 000,604,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL [2012/01/01 15:30:13 | 000,001,028 | ---- | M] () -- C:\Users\Mary\Desktop\Revo Uninstaller.lnk [2012/01/01 15:25:57 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012/01/01 14:53:25 | 000,000,067 | ---- | M] () -- C:\Windows\swupdate.INI [2011/12/28 12:06:12 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf [2011/12/28 12:02:21 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll [2011/12/28 12:02:04 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\HideWin.exe [2011/12/19 10:17:00 | 000,302,592 | ---- | M] () -- C:\Users\Mary\Desktop\5ny4vkgv.exe [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

OTL STILL [2012/01/01 20:01:00 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\migisol.dll [2012/01/01 20:01:00 | 000,094,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MigAutoPlay.exe [2012/01/01 20:00:59 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdshext.dll [2012/01/01 20:00:59 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SecEdit.exe [2012/01/01 20:00:57 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shrink.dll [2012/01/01 20:00:56 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shrpubw.exe [2012/01/01 20:00:56 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll [2012/01/01 20:00:56 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shutdown.exe [2012/01/01 20:00:55 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiInstaller.dll [2012/01/01 20:00:54 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\smclib.sys [2012/01/01 20:00:53 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll [2012/01/01 20:00:53 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\serialui.dll [2012/01/01 20:00:52 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcln.dll [2012/01/01 20:00:52 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupugc.exe [2012/01/01 20:00:52 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcl.exe [2012/01/01 20:00:52 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sfc.exe [2012/01/01 20:00:52 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupSNK.exe [2012/01/01 20:00:48 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssocPrx.dll [2012/01/01 20:00:46 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercfg.cpl [2012/01/01 20:00:46 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWiaCompat.dll [2012/01/01 20:00:46 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pots.dll [2012/01/01 20:00:46 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpts.dll [2012/01/01 20:00:45 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiobj.dll [2012/01/01 20:00:45 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\provthrd.dll [2012/01/01 20:00:45 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL [2012/01/01 20:00:44 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prntvpt.dll [2012/01/01 20:00:44 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printcom.dll [2012/01/01 20:00:44 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe [2012/01/01 20:00:43 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2pcollab.dll [2012/01/01 20:00:43 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2P.dll [2012/01/01 20:00:43 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2phost.exe [2012/01/01 20:00:43 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2pnetsh.dll [2012/01/01 20:00:43 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olecli32.dll [2012/01/01 20:00:43 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\profprov.dll [2012/01/01 20:00:43 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcadm.dll [2012/01/01 20:00:43 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\procinst.dll [2012/01/01 20:00:42 | 001,107,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ogldrv.dll [2012/01/01 20:00:42 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olethk32.dll [2012/01/01 20:00:42 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olesvr32.dll [2012/01/01 20:00:41 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OptionalFeatures.exe [2012/01/01 20:00:41 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osblprov.dll [2012/01/01 20:00:41 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osbaseln.dll [2012/01/01 20:00:38 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PlaySndSrv.dll [2012/01/01 20:00:38 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PING.EXE [2012/01/01 20:00:37 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfmon.exe [2012/01/01 20:00:37 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdhui.dll [2012/01/01 20:00:37 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfnet.dll [2012/01/01 20:00:36 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe [2012/01/01 20:00:36 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RstrtMgr.dll [2012/01/01 20:00:36 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\runonce.exe [2012/01/01 20:00:36 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfts.dll [2012/01/01 20:00:35 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Ribbons.scr [2012/01/01 20:00:35 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rgb9rast.dll [2012/01/01 20:00:35 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtm.dll [2012/01/01 20:00:34 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RESAMPLEDMO.DLL [2012/01/01 20:00:34 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RpcPing.exe [2012/01/01 20:00:34 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll [2012/01/01 20:00:33 | 000,730,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdengin2.dll [2012/01/01 20:00:33 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe [2012/01/01 20:00:33 | 000,087,552 | ---- | C] (Microsoft) -- C:\Windows\System32\Robocopy.exe [2012/01/01 20:00:33 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbunattend.exe [2012/01/01 20:00:32 | 000,142,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\scsiport.sys [2012/01/01 20:00:32 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdchange.exe [2012/01/01 20:00:31 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacAgent.exe [2012/01/01 20:00:30 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qasf.dll [2012/01/01 20:00:30 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rascfg.dll [2012/01/01 20:00:30 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QCLIPROV.DLL [2012/01/01 20:00:30 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasctrs.dll [2012/01/01 20:00:29 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdv.dll [2012/01/01 20:00:29 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcap.dll [2012/01/01 20:00:29 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSHVHOST.DLL [2012/01/01 20:00:29 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSVRMGMT.DLL [2012/01/01 20:00:28 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPENCDD.dll [2012/01/01 20:00:28 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regini.exe [2012/01/01 20:00:28 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegCtrl.dll [2012/01/01 20:00:28 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrleakdiag.exe [2012/01/01 20:00:27 | 000,975,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RASMM.dll [2012/01/01 20:00:27 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raserver.exe [2012/01/01 20:00:27 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasphone.exe [2012/01/01 20:00:27 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcfgex.dll [2012/01/01 20:00:26 | 001,039,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d8.dll [2012/01/01 20:00:26 | 000,816,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dim700.dll [2012/01/01 20:00:26 | 000,384,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dim.dll [2012/01/01 20:00:26 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\desk.cpl [2012/01/01 20:00:26 | 000,226,816 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\Defrag.exe [2012/01/01 20:00:26 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devenum.dll [2012/01/01 20:00:25 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ddraw.dll [2012/01/01 20:00:25 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbnetlib.dll [2012/01/01 20:00:25 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dxof.dll [2012/01/01 20:00:20 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dinput8.dll [2012/01/01 20:00:20 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispdiag.exe [2012/01/01 20:00:20 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diantz.exe [2012/01/01 20:00:20 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispci.dll [2012/01/01 20:00:20 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsjob.dll [2012/01/01 20:00:19 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgui.exe [2012/01/01 20:00:19 | 000,163,840 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\DfrgNtfs.exe [2012/01/01 20:00:19 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfdts.dll [2012/01/01 20:00:19 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispex.dll [2012/01/01 20:00:18 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe [2012/01/01 20:00:18 | 000,096,768 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\dfrgfat.exe [2012/01/01 20:00:18 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DFDWiz.exe [2012/01/01 20:00:18 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DHCPQEC.DLL [2012/01/01 20:00:18 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpsapi.dll [2012/01/01 20:00:18 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgifc.exe [2012/01/01 20:00:18 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmcfg32.dll [2012/01/01 20:00:17 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmipnpinstall.dll [2012/01/01 20:00:17 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdl32.exe [2012/01/01 20:00:17 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmifw.dll [2012/01/01 20:00:17 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmicryptinstall.dll [2012/01/01 20:00:17 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmlua.dll [2012/01/01 20:00:16 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cic.dll [2012/01/01 20:00:16 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clfsw32.dll [2012/01/01 20:00:15 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comsnap.dll [2012/01/01 20:00:15 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comrepl.dll [2012/01/01 20:00:15 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ComputerDefaults.exe [2012/01/01 20:00:14 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CompatUI.dll [2012/01/01 20:00:14 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compstui.dll [2012/01/01 20:00:14 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CompMgmtLauncher.exe [2012/01/01 20:00:14 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\convert.exe [2012/01/01 20:00:13 | 000,686,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\colorui.dll [2012/01/01 20:00:13 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\COLORCNV.DLL [2012/01/01 20:00:13 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstp.exe [2012/01/01 20:00:13 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmutil.dll [2012/01/01 20:00:13 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cofiredm.dll [2012/01/01 20:00:13 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmpbk32.dll [2012/01/01 20:00:13 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstplua.dll [2012/01/01 20:00:12 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\els.dll [2012/01/01 20:00:10 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esentutl.exe [2012/01/01 20:00:10 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esentprf.dll [2012/01/01 20:00:09 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDump.dll [2012/01/01 20:00:09 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\efsadu.dll [2012/01/01 20:00:09 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EAPQEC.DLL [2012/01/01 20:00:08 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\filemgmt.dll [2012/01/01 20:00:08 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fde.dll [2012/01/01 20:00:08 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fmifs.dll [2012/01/01 20:00:07 | 002,585,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallControlPanel.exe [2012/01/01 20:00:07 | 002,249,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Firewall.cpl [2012/01/01 20:00:07 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallAPI.dll [2012/01/01 20:00:07 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findnetprinters.dll [2012/01/01 20:00:06 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3gpui.dll [2012/01/01 20:00:06 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3ui.dll [2012/01/01 20:00:06 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\extrac32.exe [2012/01/01 20:00:06 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\expand.exe [2012/01/01 20:00:06 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\System32\esrb.rs [2012/01/01 20:00:06 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eventcls.dll [2012/01/01 20:00:05 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll [2012/01/01 20:00:05 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll [2012/01/01 20:00:05 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdskmgr.dll [2012/01/01 20:00:05 | 000,178,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmime.dll [2012/01/01 20:00:05 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DpiScaling.exe [2012/01/01 20:00:05 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\drmk.sys [2012/01/01 20:00:05 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmscript.dll [2012/01/01 20:00:05 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\driverquery.exe [2012/01/01 20:00:05 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3gpclnt.dll [2012/01/01 20:00:05 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmloader.dll [2012/01/01 20:00:05 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdskres2.dll [2012/01/01 20:00:04 | 000,388,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdlgs.dll [2012/01/01 20:00:04 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmvdsitf.dll [2012/01/01 20:00:04 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWWIN.EXE [2012/01/01 20:00:04 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmview.ocx [2012/01/01 20:00:04 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnshc.dll [2012/01/01 20:00:04 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmocx.dll [2012/01/01 20:00:04 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmutil.dll [2012/01/01 20:00:04 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxapi.sys [2012/01/01 20:00:03 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll [2012/01/01 20:00:02 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsdmo.dll [2012/01/01 20:00:02 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dskquota.dll [2012/01/01 20:00:02 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxva2.dll [2012/01/01 20:00:02 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsauth.dll [2012/01/01 20:00:01 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll [2012/01/01 20:00:01 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AtBroker.exe [2012/01/01 20:00:01 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\at.exe [2012/01/01 20:00:00 | 004,595,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWSnapin.dll [2012/01/01 20:00:00 | 001,370,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Aurora.scr [2012/01/01 20:00:00 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWGP.dll [2012/01/01 20:00:00 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AUDIOKSE.dll [2012/01/01 20:00:00 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authfwcfg.dll [2012/01/01 20:00:00 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe [2012/01/01 19:59:59 | 000,334,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdedit.exe [2012/01/01 19:59:59 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsadmin.exe [2012/01/01 19:59:59 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basesrv.dll [2012/01/01 19:59:59 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe [2012/01/01 19:59:59 | 000,028,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\battc.sys [2012/01/01 19:59:59 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\batt.dll [2012/01/01 19:59:58 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdsrv.dll [2012/01/01 19:59:58 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayApi.dll [2012/01/01 19:59:58 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdprov.dll [2012/01/01 19:59:58 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\bdasup.sys [2012/01/01 19:59:57 | 000,317,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroleui.dll [2012/01/01 19:59:57 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionQueue.dll [2012/01/01 19:59:57 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ACW.exe [2012/01/01 19:59:57 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AzSqlExt.dll [2012/01/01 19:59:57 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll [2012/01/01 19:59:56 | 001,405,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActiveContentWizard.dll [2012/01/01 19:59:56 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aclui.dll [2012/01/01 19:59:56 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\activeds.tlb [2012/01/01 19:59:56 | 000,053,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\1394bus.sys [2012/01/01 19:59:55 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apircl.dll [2012/01/01 19:59:55 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amstream.dll [2012/01/01 19:59:55 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll [2012/01/01 19:59:55 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll [2012/01/01 19:59:54 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsnt.dll [2012/01/01 19:59:54 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apss.dll [2012/01/01 19:59:53 | 000,879,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Bubbles.scr [2012/01/01 19:59:53 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldp.dll [2012/01/01 19:59:53 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\btpanui.dll [2012/01/01 19:59:52 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cacls.exe [2012/01/01 19:59:51 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcplsdw.dll [2012/01/01 19:59:51 | 000,024,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BOOTVID.DLL [2012/01/01 19:59:51 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\capisp.dll [2012/01/01 19:59:51 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bridgeunattend.exe [2012/01/01 19:59:51 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootstr.dll [2012/01/01 19:59:50 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollCtrl.exe [2012/01/01 19:59:49 | 000,805,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll [2012/01/01 19:59:49 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cewmdm.dll [2012/01/01 19:59:49 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cfgbkend.dll [2012/01/01 19:59:48 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootcfg.exe [2012/01/01 19:59:40 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imagesp1.dll [2012/01/01 19:59:39 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetmib1.dll [2012/01/01 19:59:38 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InfDefaultInstall.exe [2012/01/01 19:59:36 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ias.dll [2012/01/01 19:59:34 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe [2012/01/01 19:59:30 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifsutil.dll [2012/01/01 19:59:29 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icm32.dll [2012/01/01 19:59:29 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icsfiltr.dll [2012/01/01 19:59:29 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icfupgd.dll [2012/01/01 19:59:29 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icacls.exe [2012/01/01 19:59:29 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\idndl.dll [2012/01/01 19:59:29 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icsunattend.exe [2012/01/01 19:59:27 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hlink.dll [2012/01/01 19:59:27 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll [2012/01/01 19:59:27 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hnetmon.dll [2012/01/01 19:59:23 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll [2012/01/01 19:59:23 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedyn.dll [2012/01/01 19:59:23 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe [2012/01/01 19:59:23 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fwcfg.dll [2012/01/01 19:59:23 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fphc.dll [2012/01/01 19:59:23 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\fveupdate.exe [2012/01/01 19:59:23 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framebuf.dll [2012/01/01 19:59:22 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\GuidedHelp.dll [2012/01/01 19:59:22 | 000,025,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidparse.sys [2012/01/01 19:59:22 | 000,016,896 | ---- | C] (Microsoft) -- C:\Windows\System32\grb.rs [2012/01/01 19:59:21 | 000,498,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\HelpPane.exe [2012/01/01 19:59:21 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HelpPaneProxy.dll [2012/01/01 19:59:21 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\getmac.exe [2012/01/01 19:59:20 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gacinstall.dll [2012/01/01 19:59:20 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\g711codc.ax [2012/01/01 19:59:19 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\graftabl.com [2012/01/01 19:59:15 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgrade.exe [2012/01/01 19:59:14 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaacmgr.exe [2012/01/01 19:59:13 | 000,415,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadefui.dll [2012/01/01 19:59:13 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadss.dll [2012/01/01 19:59:13 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wfapigp.dll [2012/01/01 19:59:12 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiascanprofiles.dll [2012/01/01 19:59:12 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiarpc.dll [2012/01/01 19:59:12 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WINSRPC.DLL [2012/01/01 19:59:12 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winusb.dll [2012/01/01 19:59:11 | 000,383,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSATAPI.dll [2012/01/01 19:59:10 | 000,628,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WLanConn.dll [2012/01/01 19:59:10 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlancfg.dll [2012/01/01 19:59:10 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winethc.dll [2012/01/01 19:59:09 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe [2012/01/01 19:59:09 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll [2012/01/01 19:59:07 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll [2012/01/01 19:59:07 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wavemsp.dll [2012/01/01 19:59:07 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w32tm.exe [2012/01/01 19:59:07 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WavDest.dll [2012/01/01 19:59:06 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vssadmin.exe [2012/01/01 19:59:06 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\waitfor.exe [2012/01/01 19:59:06 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vss_ps.dll [2012/01/01 19:59:03 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wermgr.exe [2012/01/01 19:59:03 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\werdiagcontroller.dll [2012/01/01 19:59:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wertargets.wtl [2012/01/01 19:59:01 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscmisetup.dll [2012/01/01 19:59:01 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshcon.dll [2012/01/01 19:59:01 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscproxystub.dll [2012/01/01 19:59:00 | 001,295,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsecedit.dll [2012/01/01 19:59:00 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll [2012/01/01 19:59:00 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll [2012/01/01 19:58:59 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpdwcn.dll [2012/01/01 19:58:59 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpclsp.dll [2012/01/01 19:58:59 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpnpinst.exe [2012/01/01 19:58:59 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xcopy.exe [2012/01/01 19:58:58 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactsrv.dll [2012/01/01 19:58:58 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll [2012/01/01 19:58:57 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wvc.dll [2012/01/01 19:58:57 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll [2012/01/01 19:58:57 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe [2012/01/01 19:58:57 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll [2012/01/01 19:58:57 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wzcdlg.dll [2012/01/01 19:58:57 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlprovi.dll [2012/01/01 19:58:56 | 001,675,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpssvcs.dll [2012/01/01 19:58:56 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll [2012/01/01 19:58:55 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xwizards.dll [2012/01/01 19:58:55 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSTPager.ax [2012/01/01 19:58:54 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmidx.dll [2012/01/01 19:58:54 | 000,041,472 | ---- | C] (Microsoft) -- C:\Windows\System32\WlanMmHC.dll [2012/01/01 19:58:54 | 000,017,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\wmilib.sys [2012/01/01 19:58:53 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOE.DLL [2012/01/01 19:58:53 | 000,913,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WlanMM.dll [2012/01/01 19:58:53 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOD.DLL [2012/01/01 19:58:53 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlandlg.dll [2012/01/01 19:58:53 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmdev.dll [2012/01/01 19:58:53 | 000,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmnet.dll [2012/01/01 19:58:53 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMASF.DLL [2012/01/01 19:58:53 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WLanHC.dll [2012/01/01 19:58:52 | 001,329,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOE.DLL [2012/01/01 19:58:52 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpsrcwp.dll [2012/01/01 19:58:50 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL [2012/01/01 19:58:50 | 000,767,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSENCD.DLL [2012/01/01 19:58:50 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmvdspa.dll [2012/01/01 19:58:49 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmiprop.dll [2012/01/01 19:58:48 | 001,642,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPEncEn.dll [2012/01/01 19:58:47 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpcm.dll [2012/01/01 19:58:45 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Tabbtn.dll [2012/01/01 19:58:45 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systeminfo.exe [2012/01/01 19:58:41 | 000,431,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll [2012/01/01 19:58:41 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tasklist.exe [2012/01/01 19:58:41 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskkill.exe [2012/01/01 19:58:41 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tbs.dll [2012/01/01 19:58:40 | 000,691,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabletPC.cpl [2012/01/01 19:58:40 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TapiMigPlugin.dll [2012/01/01 19:58:40 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tabcal.exe [2012/01/01 19:58:40 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabbtnEx.dll [2012/01/01 19:58:40 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tape.sys [2012/01/01 19:58:40 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdi.sys [2012/01/01 19:58:39 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlcese30.dll [2012/01/01 19:58:39 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srrstr.dll [2012/01/01 19:58:39 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqmapi.dll [2012/01/01 19:58:39 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\takeown.exe [2012/01/01 19:58:39 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srdelayed.exe [2012/01/01 19:58:38 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlceqp30.dll [2012/01/01 19:58:38 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssText3d.scr [2012/01/01 19:58:38 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SSShim.dll [2012/01/01 19:58:38 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srwmi.dll [2012/01/01 19:58:37 | 008,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssBranded.scr [2012/01/01 19:58:36 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizeng.dll [2012/01/01 19:58:36 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SoundRecorder.exe [2012/01/01 19:58:36 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spbcd.dll [2012/01/01 19:58:35 | 008,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizimg.dll [2012/01/01 19:58:35 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll [2012/01/01 19:58:35 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppnp.dll [2012/01/01 19:58:35 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spopk.dll [2012/01/01 19:58:35 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizres.dll [2012/01/01 19:58:34 | 000,338,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SysFxUI.dll [2012/01/01 19:58:34 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxstrace.exe [2012/01/01 19:58:34 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxsstore.dll [2012/01/01 19:58:33 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sti_ci.dll [2012/01/01 19:58:33 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syssetup.dll [2012/01/01 19:58:33 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syskey.exe [2012/01/01 19:58:32 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usbui.dll [2012/01/01 19:58:32 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\userinit.exe [2012/01/01 19:58:32 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usbperf.dll [2012/01/01 19:58:31 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xwtpw32.dll [2012/01/01 19:58:31 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga256.dll [2012/01/01 19:58:31 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\upnpcont.exe [2012/01/01 19:58:31 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga.dll [2012/01/01 19:58:31 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys [2012/01/01 19:58:30 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VAN.dll [2012/01/01 19:58:30 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VIDRESZR.DLL [2012/01/01 19:58:30 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VBICodec.ax [2012/01/01 19:58:30 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uudf.dll [2012/01/01 19:58:30 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\videoprt.sys [2012/01/01 19:58:30 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbisurf.ax

More OTL [2012/01/02 07:18:39 | 000,438,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll [2012/01/02 07:18:39 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll [2012/01/02 07:18:38 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe [2012/01/02 07:18:38 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe [2012/01/02 07:18:37 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Magnify.exe [2012/01/02 07:18:36 | 001,143,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe [2012/01/02 07:18:36 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll [2012/01/02 07:18:36 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll [2012/01/02 07:18:35 | 001,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll [2012/01/02 07:18:35 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll [2012/01/02 07:18:33 | 001,524,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll [2012/01/02 07:18:33 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtutil.exe [2012/01/02 07:18:33 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\whealogr.dll [2012/01/02 07:18:32 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe [2012/01/02 07:18:32 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll [2012/01/02 07:18:32 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe [2012/01/02 07:18:31 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaaut.dll [2012/01/02 07:18:31 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll [2012/01/02 07:18:30 | 000,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsdyn.dll [2012/01/02 07:18:30 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys [2012/01/02 07:18:30 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll [2012/01/02 07:18:29 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll [2012/01/02 07:18:29 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Utilman.exe [2012/01/02 07:18:28 | 001,533,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz.dll [2012/01/02 07:18:28 | 000,968,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz2.dll [2012/01/02 07:18:28 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WcnNetsh.dll [2012/01/02 07:18:28 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys [2012/01/02 07:18:25 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl [2012/01/02 07:18:25 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WscEapPr.dll [2012/01/02 07:18:25 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll [2012/01/02 07:18:25 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDMon.dll [2012/01/02 07:18:25 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll [2012/01/02 07:18:25 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll [2012/01/02 07:18:25 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscisvif.dll [2012/01/02 07:18:24 | 001,575,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL [2012/01/02 07:18:24 | 001,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL [2012/01/02 07:18:24 | 000,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL [2012/01/02 07:18:24 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wow32.dll [2012/01/02 07:18:23 | 001,580,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll [2012/01/02 07:18:23 | 000,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcao.dll [2012/01/02 07:18:23 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe [2012/01/02 07:18:22 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll [2012/01/02 07:18:21 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll [2012/01/02 07:18:21 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll [2012/01/02 07:18:20 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll [2012/01/02 07:18:20 | 000,926,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe [2012/01/02 07:18:20 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll [2012/01/02 07:18:20 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll [2012/01/02 07:18:20 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlgpclnt.dll [2012/01/02 07:18:19 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe [2012/01/02 07:18:19 | 000,986,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe [2012/01/02 07:18:17 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll [2012/01/02 07:18:16 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll [2012/01/02 07:18:14 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll [2012/01/02 07:18:14 | 000,122,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys [2012/01/02 07:18:14 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Storprop.dll [2012/01/02 07:18:13 | 001,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll [2012/01/02 07:18:13 | 000,052,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys [2012/01/02 07:18:12 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll [2012/01/02 07:18:12 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll [2012/01/02 07:18:08 | 002,205,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll [2012/01/02 07:18:08 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx [2012/01/02 07:18:08 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll [2012/01/02 07:18:07 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll [2012/01/02 07:18:07 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll [2012/01/02 07:18:07 | 000,083,456 | ---- | C] (Microsoft) -- C:\Windows\System32\SMBHelperClass.dll [2012/01/02 07:18:07 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll [2012/01/02 07:18:06 | 000,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcc.dll [2012/01/02 07:18:06 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll [2012/01/02 07:18:06 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe [2012/01/02 07:18:06 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll [2012/01/02 07:18:05 | 001,081,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCExt.dll [2012/01/02 07:18:05 | 000,582,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll [2012/01/02 07:18:05 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe [2012/01/02 07:18:05 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe [2012/01/02 07:18:05 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll [2012/01/02 07:18:04 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spcmsg.dll [2012/01/02 07:18:03 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sperror.dll [2012/01/02 07:18:03 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll [2012/01/02 07:18:03 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwinsat.dll [2012/01/02 07:18:02 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll [2012/01/02 07:18:01 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe [2012/01/02 07:17:59 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys [2012/01/02 07:17:59 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SnippingTool.exe [2012/01/02 07:17:59 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe [2012/01/02 07:17:59 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\softkbd.dll [2012/01/02 07:17:58 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSTheme.exe [2012/01/02 07:17:58 | 000,035,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsWpfWrp.exe [2012/01/02 07:17:57 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscupgrd.exe [2012/01/02 07:17:57 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys [2012/01/02 07:17:56 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll [2012/01/02 07:17:56 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys [2012/01/02 07:17:56 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys [2012/01/02 07:17:55 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll [2012/01/02 07:17:55 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ulib.dll [2012/01/02 07:17:54 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll [2012/01/02 07:17:49 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tintlgnt.ime [2012/01/02 07:17:48 | 001,576,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll [2012/01/02 07:17:48 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll [2012/01/02 07:17:47 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll [2012/01/02 07:17:46 | 001,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll [2012/01/02 07:11:10 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders [2012/01/01 20:46:39 | 000,000,000 | ---D | C] -- C:\PerfLogs [2012/01/01 20:03:26 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recdisc.exe [2012/01/01 20:03:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdspres.dll [2012/01/01 20:02:39 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxproxy.dll [2012/01/01 20:01:58 | 000,464,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msra.exe [2012/01/01 20:01:58 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssha.dll [2012/01/01 20:01:58 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrdc.dll [2012/01/01 20:01:57 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxdm.dll [2012/01/01 20:01:56 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mycomput.dll [2012/01/01 20:01:56 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mystify.scr [2012/01/01 20:01:56 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPMONTR.DLL [2012/01/01 20:01:56 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtstocom.exe [2012/01/01 20:01:56 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPHLPR.DLL [2012/01/01 20:01:56 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napdsnap.dll [2012/01/01 20:01:56 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MuiUnattend.exe [2012/01/01 20:01:56 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPCRYPT.DLL [2012/01/01 20:01:56 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napipsec.dll [2012/01/01 20:01:56 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxlegih.dll [2012/01/01 20:01:52 | 001,386,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvbvm60.dll [2012/01/01 20:01:50 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswmdm.dll [2012/01/01 20:01:50 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcuiu.dll [2012/01/01 20:01:50 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcVSp1res.dll [2012/01/01 20:01:46 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdelta.dll [2012/01/01 20:01:46 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdt.exe [2012/01/01 20:01:46 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdadiag.dll [2012/01/01 20:01:46 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdart.dll [2012/01/01 20:01:46 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtclog.dll [2012/01/01 20:01:45 | 000,506,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ENC.DLL [2012/01/01 20:01:45 | 000,415,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll [2012/01/01 20:01:45 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ADEC.DLL [2012/01/01 20:01:45 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdt.dll [2012/01/01 20:01:45 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll [2012/01/01 20:01:45 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmmsp.dll [2012/01/01 20:01:44 | 000,485,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspaint.exe [2012/01/01 20:01:44 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoeacct.dll [2012/01/01 20:01:44 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msorcl32.dll [2012/01/01 20:01:44 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoert2.dll [2012/01/01 20:01:44 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll [2012/01/01 20:01:43 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msidcrl30.dll [2012/01/01 20:01:43 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msident.dll [2012/01/01 20:01:35 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Nlsdl.dll [2012/01/01 20:01:33 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlmgp.dll [2012/01/01 20:01:32 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlsbres.dll [2012/01/01 20:01:30 | 000,531,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\objsel.dll [2012/01/01 20:01:29 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll [2012/01/01 20:01:29 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll [2012/01/01 20:01:29 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll [2012/01/01 20:01:29 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll [2012/01/01 20:01:28 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshipsec.dll [2012/01/01 20:01:27 | 000,520,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntvdm.exe [2012/01/01 20:01:27 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netdiagfx.dll [2012/01/01 20:01:27 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcorehc.dll [2012/01/01 20:01:27 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe [2012/01/01 20:01:27 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netbtugc.exe [2012/01/01 20:01:26 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netid.dll [2012/01/01 20:01:26 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll [2012/01/01 20:01:26 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nci.dll [2012/01/01 20:01:26 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe [2012/01/01 20:01:25 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPSTAT.EXE [2012/01/01 20:01:25 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net1.exe [2012/01/01 20:01:25 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ndfapi.dll [2012/01/01 20:01:25 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net.exe [2012/01/01 20:01:25 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ndfetw.dll [2012/01/01 20:01:25 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nbtstat.exe [2012/01/01 20:01:23 | 000,669,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netprof.dll [2012/01/01 20:01:23 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Netplwiz.exe [2012/01/01 20:01:22 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\makecab.exe [2012/01/01 20:01:22 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsmproxy.dll [2012/01/01 20:01:21 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localsec.dll [2012/01/01 20:01:21 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe [2012/01/01 20:01:21 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\luainstall.dll [2012/01/01 20:01:21 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\loghours.dll [2012/01/01 20:01:21 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpremove.exe [2012/01/01 20:01:21 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lodctr.exe [2012/01/01 20:01:21 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localui.dll [2012/01/01 20:01:20 | 005,714,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logon.scr [2012/01/01 20:01:19 | 000,614,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFWMAAEC.DLL [2012/01/01 20:01:19 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfvdsp.dll [2012/01/01 20:01:16 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe [2012/01/01 20:01:16 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mdminst.dll [2012/01/01 20:01:16 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mcd.sys [2012/01/01 20:01:15 | 000,129,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\McxDriv.dll [2012/01/01 20:01:15 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MdSched.exe [2012/01/01 20:01:15 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsiwmi.dll [2012/01/01 20:01:15 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsium.dll [2012/01/01 20:01:15 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsied.dll [2012/01/01 20:01:14 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\intl.cpl [2012/01/01 20:01:14 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtrmgr.dll [2012/01/01 20:01:14 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kstvtune.ax [2012/01/01 20:01:14 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2gpstore.dll [2012/01/01 20:01:14 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksxbar.ax [2012/01/01 20:01:14 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ktmutil.exe [2012/01/01 20:01:14 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ktmw32.dll [2012/01/01 20:01:14 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtprio.dll [2012/01/01 20:01:13 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\keymgr.dll [2012/01/01 20:01:13 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksproxy.ax [2012/01/01 20:01:13 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\loadperf.dll [2012/01/01 20:01:13 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lnkstub.exe [2012/01/01 20:01:13 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lltdapi.dll [2012/01/01 20:01:13 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LangCleanupSysprepAction.dll [2012/01/01 20:01:12 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\joy.cpl [2012/01/01 20:01:12 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDJPN.DLL [2012/01/01 20:01:11 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprmsg.dll [2012/01/01 20:01:11 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprddm.dll [2012/01/01 20:01:11 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDKOR.DLL [2012/01/01 20:01:10 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mountvol.exe [2012/01/01 20:01:09 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MPG4DECD.DLL [2012/01/01 20:01:08 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP43DECD.DLL [2012/01/01 20:01:08 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP3DMOD.DLL [2012/01/01 20:01:07 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msconfig.exe [2012/01/01 20:01:06 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSAC3ENC.DLL [2012/01/01 20:01:06 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaatext.dll [2012/01/01 20:01:04 | 000,301,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcbase.dll

Still OTL [2012/01/02 07:20:05 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasplap.dll [2012/01/02 07:20:05 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quick.ime [2012/01/02 07:20:05 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qintlgnt.ime [2012/01/02 07:20:04 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelMon.dll [2012/01/02 07:20:04 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rekeywiz.exe [2012/01/02 07:20:03 | 000,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll [2012/01/02 07:20:03 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll [2012/01/02 07:20:03 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reg.exe [2012/01/02 07:20:02 | 000,779,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll [2012/01/02 07:20:02 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnntfy.dll [2012/01/02 07:20:02 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationSettings.exe [2012/01/02 07:20:01 | 000,102,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll [2012/01/02 07:19:59 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll [2012/01/02 07:19:59 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiapi.dll [2012/01/02 07:19:58 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll [2012/01/02 07:19:57 | 000,050,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PSHED.DLL [2012/01/02 07:19:52 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe [2012/01/02 07:19:47 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll [2012/01/02 07:19:47 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll [2012/01/02 07:19:47 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll [2012/01/02 07:19:46 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll [2012/01/02 07:19:46 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsprop.dll [2012/01/02 07:19:46 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll [2012/01/02 07:19:46 | 000,027,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys [2012/01/02 07:19:45 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll [2012/01/02 07:19:45 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe [2012/01/02 07:19:45 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys [2012/01/02 07:19:45 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll [2012/01/02 07:19:44 | 002,926,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2012/01/02 07:19:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll [2012/01/02 07:19:42 | 001,078,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll [2012/01/02 07:19:42 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll [2012/01/02 07:19:42 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsroam.dll [2012/01/02 07:19:42 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorPwdMgr.dll [2012/01/02 07:19:41 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe [2012/01/02 07:19:41 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe [2012/01/02 07:19:41 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys [2012/01/02 07:19:40 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapimig.exe [2012/01/02 07:19:40 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devmgr.dll [2012/01/02 07:19:40 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll [2012/01/02 07:19:40 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll [2012/01/02 07:19:39 | 000,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmv2clt.dll [2012/01/02 07:19:39 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll [2012/01/02 07:19:39 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll [2012/01/02 07:19:39 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe [2012/01/02 07:19:38 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmsynth.dll [2012/01/02 07:19:38 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmusic.dll [2012/01/02 07:19:38 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll [2012/01/02 07:19:37 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpresult.exe [2012/01/02 07:19:36 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IasMigReader.exe [2012/01/02 07:19:36 | 000,454,144 | ---- | C] (Microsoft) -- C:\Windows\System32\IasMigPlugin.dll [2012/01/02 07:19:36 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasnap.dll [2012/01/02 07:19:36 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashlpr.dll [2012/01/02 07:19:36 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll [2012/01/02 07:19:36 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll [2012/01/02 07:19:36 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll [2012/01/02 07:19:36 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpupdate.exe [2012/01/02 07:19:35 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll [2012/01/02 07:19:35 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hdwwiz.exe [2012/01/02 07:19:35 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe [2012/01/02 07:19:35 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys [2012/01/02 07:19:35 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fc.exe [2012/01/02 07:19:34 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBth.dll [2012/01/02 07:19:34 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll [2012/01/02 07:19:34 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll [2012/01/02 07:19:34 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdSSDP.dll [2012/01/02 07:19:34 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWSD.dll [2012/01/02 07:19:34 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll [2012/01/02 07:19:34 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll [2012/01/02 07:19:34 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdProxy.dll [2012/01/02 07:19:34 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBthProxy.dll [2012/01/02 07:19:33 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpedit.dll [2012/01/02 07:19:33 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll [2012/01/02 07:19:33 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe [2012/01/02 07:19:32 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FunctionDiscoveryFolder.dll [2012/01/02 07:19:32 | 001,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll [2012/01/02 07:19:32 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL [2012/01/02 07:19:32 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll [2012/01/02 07:19:32 | 000,109,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys [2012/01/02 07:19:32 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll [2012/01/02 07:19:32 | 000,099,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS [2012/01/02 07:19:32 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe [2012/01/02 07:19:32 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll [2012/01/02 07:19:31 | 001,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll [2012/01/02 07:19:31 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe [2012/01/02 07:19:31 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe [2012/01/02 07:19:31 | 000,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll [2012/01/02 07:19:31 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayDriverLib.dll [2012/01/02 07:19:30 | 001,342,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcpl.dll [2012/01/02 07:19:30 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll [2012/01/02 07:19:30 | 000,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll [2012/01/02 07:19:30 | 000,130,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll [2012/01/02 07:19:30 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthci.dll [2012/01/02 07:19:29 | 002,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll [2012/01/02 07:19:29 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll [2012/01/02 07:19:29 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsigd.dll [2012/01/02 07:19:27 | 001,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apds.dll [2012/01/02 07:19:27 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsmsext.dll [2012/01/02 07:19:26 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll [2012/01/02 07:19:25 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comuid.dll [2012/01/02 07:19:25 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conime.exe [2012/01/02 07:19:24 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll [2012/01/02 07:19:24 | 000,035,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys [2012/01/02 07:19:23 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdial32.dll [2012/01/02 07:19:22 | 001,856,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll [2012/01/02 07:19:22 | 001,788,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll [2012/01/02 07:19:22 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmmon32.exe [2012/01/02 07:19:21 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairing.dll [2012/01/02 07:19:21 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingWizard.exe [2012/01/02 07:19:21 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingProxy.dll [2012/01/02 07:19:21 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrstub.exe [2012/01/02 07:19:21 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll [2012/01/02 07:19:21 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceEject.exe [2012/01/02 07:19:20 | 001,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll [2012/01/02 07:19:20 | 001,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll [2012/01/02 07:19:20 | 000,640,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl [2012/01/02 07:19:20 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollUI.dll [2012/01/02 07:19:20 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe [2012/01/02 07:19:19 | 000,614,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll [2012/01/02 07:19:19 | 000,125,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys [2012/01/02 07:19:19 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cintlgnt.ime [2012/01/02 07:19:19 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cipher.exe [2012/01/02 07:19:19 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cbsra.exe [2012/01/02 07:19:19 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthudtask.exe [2012/01/02 07:19:18 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll [2012/01/02 07:19:18 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll [2012/01/02 07:19:18 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certreq.exe [2012/01/02 07:19:18 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CHxReadingStringIME.dll [2012/01/02 07:19:17 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe [2012/01/02 07:19:17 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chajei.ime [2012/01/02 07:19:16 | 001,053,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll [2012/01/02 07:19:16 | 000,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll [2012/01/02 07:19:16 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexch40.dll [2012/01/02 07:19:16 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexcl40.dll [2012/01/02 07:19:16 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll [2012/01/02 07:19:14 | 000,560,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll [2012/01/02 07:19:14 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfui.dll [2012/01/02 07:19:14 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll [2012/01/02 07:19:14 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimsg.dll [2012/01/02 07:19:12 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\modemui.dll [2012/01/02 07:19:12 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscandui.dll [2012/01/02 07:19:12 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll [2012/01/02 07:19:11 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll [2012/01/02 07:19:11 | 000,155,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll [2012/01/02 07:19:11 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll [2012/01/02 07:19:10 | 002,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll [2012/01/02 07:19:10 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll [2012/01/02 07:19:10 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll [2012/01/02 07:19:09 | 001,086,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NetProjW.dll [2012/01/02 07:19:09 | 000,223,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys [2012/01/02 07:19:08 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll [2012/01/02 07:19:08 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NcdProp.dll [2012/01/02 07:19:07 | 003,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll [2012/01/02 07:19:07 | 000,469,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll [2012/01/02 07:19:07 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax [2012/01/02 07:19:07 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.exe [2012/01/02 07:19:07 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll [2012/01/02 07:19:06 | 000,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrepl40.dll [2012/01/02 07:19:06 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2VDEC.DLL [2012/01/02 07:19:06 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbde40.dll [2012/01/02 07:19:06 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd3x40.dll [2012/01/02 07:19:06 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msltus40.dll [2012/01/02 07:19:06 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll [2012/01/02 07:19:06 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll [2012/01/02 07:19:06 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll [2012/01/02 07:19:05 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe [2012/01/02 07:19:05 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd2x40.dll [2012/01/02 07:19:05 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjtes40.dll [2012/01/02 07:19:05 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjter40.dll [2012/01/02 07:19:05 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll [2012/01/02 07:19:05 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjint40.dll [2012/01/02 07:19:04 | 001,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjet40.dll [2012/01/02 07:19:04 | 000,856,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswdat10.dll [2012/01/02 07:19:04 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msisip.dll [2012/01/02 07:19:03 | 000,618,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswstr10.dll [2012/01/02 07:19:03 | 000,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxbde40.dll [2012/01/02 07:19:00 | 001,480,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll [2012/01/02 07:19:00 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll [2012/01/02 07:19:00 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll [2012/01/02 07:19:00 | 000,351,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll [2012/01/02 07:19:00 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll [2012/01/02 07:19:00 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll [2012/01/02 07:19:00 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll [2012/01/02 07:19:00 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll [2012/01/02 07:19:00 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll [2012/01/02 07:18:59 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstext40.dll [2012/01/02 07:18:59 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll [2012/01/02 07:18:59 | 000,035,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl [2012/01/02 07:18:59 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetppui.dll [2012/01/02 07:18:58 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime [2012/01/02 07:18:58 | 000,099,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll [2012/01/02 07:18:57 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll [2012/01/02 07:18:57 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsilog.dll [2012/01/02 07:18:56 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsecsnp.dll [2012/01/02 07:18:56 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll [2012/01/02 07:18:56 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipconfig.exe [2012/01/02 07:18:55 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassdo.dll [2012/01/02 07:18:55 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassvcs.dll [2012/01/02 07:18:55 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifmon.dll [2012/01/02 07:18:55 | 000,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll [2012/01/02 07:18:54 | 000,619,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe [2012/01/02 07:18:54 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassam.dll [2012/01/02 07:18:54 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll [2012/01/02 07:18:54 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll [2012/01/02 07:18:54 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iaspolcy.dll [2012/01/02 07:18:53 | 000,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME [2012/01/02 07:18:53 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10K.DLL [2012/01/02 07:18:53 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi.dll [2012/01/02 07:18:52 | 000,677,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll [2012/01/02 07:18:52 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll [2012/01/02 07:18:49 | 002,012,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll [2012/01/02 07:18:48 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll [2012/01/02 07:18:45 | 002,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll [2012/01/02 07:18:45 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe [2012/01/02 07:18:45 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmci.dll [2012/01/02 07:18:45 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcico.dll [2012/01/02 07:18:42 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys [2012/01/02 07:18:41 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll [2012/01/02 07:18:41 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax [2012/01/02 07:18:40 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2nacp.dll [2012/01/02 07:18:40 | 000,019,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdusb.dll [2012/01/02 07:18:40 | 000,017,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll [2012/01/02 07:18:40 | 000,017,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdcom.dll [2012/01/02 07:18:39 | 000,950,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe [2012/01/02 07:18:39 | 000,852,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll

OTL cont'd ========== Files/Folders - Created Within 30 Days ========== [2012/01/10 20:53:59 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Mary\Desktop\OTL.exe [2012/01/10 19:28:23 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices [2012/01/10 19:15:59 | 000,000,000 | ---D | C] -- C:\ARK [2012/01/10 19:02:57 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll [2012/01/10 19:02:56 | 003,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll [2012/01/10 19:02:56 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll [2012/01/10 19:02:18 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BthMtpContextHandler.dll [2012/01/10 19:02:18 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe [2012/01/10 19:02:15 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceConnectApi.dll [2012/01/10 19:02:13 | 000,546,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll [2012/01/10 19:02:13 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll [2012/01/10 19:02:13 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll [2012/01/10 19:02:13 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll [2012/01/10 19:02:13 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll [2012/01/10 19:02:13 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll [2012/01/10 18:54:38 | 001,972,528 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Mary\Desktop\tdsskiller.exe [2012/01/10 18:52:35 | 004,713,472 | ---- | C] (AVAST Software) -- C:\Users\Mary\Desktop\aswMBR.exe [2012/01/10 18:51:51 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe [2012/01/10 18:51:51 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll [2012/01/10 18:51:50 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll [2012/01/10 18:51:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT [2012/01/10 18:51:21 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT [2012/01/10 18:39:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell [2012/01/10 18:36:43 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll [2012/01/10 18:36:13 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe [2012/01/10 18:36:13 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe [2012/01/10 18:36:12 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe [2012/01/10 18:36:10 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll [2012/01/10 18:36:10 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll [2012/01/10 18:36:05 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll [2012/01/10 18:36:05 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe [2012/01/10 18:36:05 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll [2012/01/10 18:36:05 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll [2012/01/10 18:36:04 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll [2012/01/10 18:35:46 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll [2012/01/10 18:35:46 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe [2012/01/10 18:35:46 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll [2012/01/10 18:35:46 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll [2012/01/10 18:35:46 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll [2012/01/08 21:53:24 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL [2012/01/08 21:52:55 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2012/01/08 21:52:54 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll [2012/01/08 21:52:54 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2012/01/08 21:52:52 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll [2012/01/08 21:52:52 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax [2012/01/08 21:52:52 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax [2012/01/08 21:52:51 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax [2012/01/08 21:52:38 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe [2012/01/08 21:52:35 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll [2012/01/08 21:52:30 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll [2012/01/08 21:52:12 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe [2012/01/08 21:52:06 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll [2012/01/08 21:52:02 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll [2012/01/08 21:52:02 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll [2012/01/08 21:51:58 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll [2012/01/08 21:51:56 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll [2012/01/08 21:51:56 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax [2012/01/08 21:51:56 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll [2012/01/08 21:51:49 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll [2012/01/08 21:51:36 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll [2012/01/08 21:51:36 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll [2012/01/08 21:51:35 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll [2012/01/08 21:51:27 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll [2012/01/08 21:51:25 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2012/01/08 21:51:25 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2012/01/08 21:51:17 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll [2012/01/08 21:51:16 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll [2012/01/08 21:51:14 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll [2012/01/08 21:51:03 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll [2012/01/08 21:51:02 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll [2012/01/08 21:50:23 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll [2012/01/08 21:49:49 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll [2012/01/08 21:49:48 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL [2012/01/08 21:49:43 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2012/01/08 21:49:43 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll [2012/01/08 21:49:11 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe [2012/01/08 21:49:07 | 002,043,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2012/01/08 21:49:05 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll [2012/01/08 21:49:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2012/01/08 21:48:50 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll [2012/01/08 21:48:50 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll [2012/01/08 21:47:14 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll [2012/01/02 13:01:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2012/01/02 13:00:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2012/01/02 09:17:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2012/01/02 09:17:25 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2012/01/02 09:17:25 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2012/01/02 09:17:25 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2012/01/02 09:17:25 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2012/01/02 08:59:16 | 000,000,000 | ---D | C] -- C:\Users\Mary\AppData\Roaming\TOSHIBA [2012/01/02 08:58:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Toshiba Shared [2012/01/02 08:55:52 | 000,000,000 | ---D | C] -- C:\Users\Mary\AppData\Roaming\InstallShield [2012/01/02 08:55:51 | 000,000,000 | ---D | C] -- C:\Users\Mary\AppData\Roaming\WinBatch [2012/01/02 08:41:22 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2012/01/02 08:41:21 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2012/01/02 08:41:21 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2012/01/02 08:41:21 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2012/01/02 08:41:21 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2012/01/02 08:41:21 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2012/01/02 08:41:20 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2012/01/02 08:41:20 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2012/01/02 08:41:20 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012/01/02 08:41:20 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2012/01/02 08:41:19 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2012/01/02 08:41:19 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2012/01/02 08:41:19 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2012/01/02 08:41:19 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2012/01/02 08:41:19 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2012/01/02 08:41:19 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012/01/02 08:41:19 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2012/01/02 08:41:19 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2012/01/02 08:41:19 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2012/01/02 08:41:19 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2012/01/02 08:41:18 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2012/01/02 08:41:18 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2012/01/02 08:41:18 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2012/01/02 08:41:18 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2012/01/02 08:41:17 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012/01/02 08:41:17 | 001,798,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2012/01/02 08:41:17 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2012/01/02 08:41:17 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2012/01/02 08:41:17 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2012/01/02 08:41:17 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2012/01/02 08:41:17 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2012/01/02 08:41:17 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2012/01/02 08:41:17 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2012/01/02 08:41:15 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2012/01/02 08:41:15 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2012/01/02 08:41:14 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2012/01/02 08:41:14 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2012/01/02 08:39:31 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll [2012/01/02 08:39:31 | 000,979,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll [2012/01/02 08:39:31 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll [2012/01/02 08:39:31 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll [2012/01/02 08:39:31 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll [2012/01/02 08:39:30 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll [2012/01/02 08:39:30 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll [2012/01/02 08:39:23 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll [2012/01/02 08:39:23 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll [2012/01/02 08:39:22 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll [2012/01/02 08:39:22 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll [2012/01/02 08:39:22 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll [2012/01/02 08:39:22 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll [2012/01/02 08:39:22 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll [2012/01/02 08:39:22 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll [2012/01/02 08:39:22 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll [2012/01/02 08:39:21 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll [2012/01/02 08:39:21 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe [2012/01/02 08:39:21 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll [2012/01/02 08:39:21 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll [2012/01/02 08:39:20 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll [2012/01/02 08:37:27 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2012/01/02 08:35:03 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll [2012/01/02 08:35:03 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe [2012/01/02 08:35:03 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll [2012/01/02 08:35:02 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll [2012/01/02 08:35:02 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll [2012/01/02 08:35:02 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll [2012/01/02 07:56:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN [2012/01/02 07:56:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES [2012/01/02 07:56:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES [2012/01/02 07:48:31 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview [2012/01/02 07:27:17 | 000,928,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavenge.dll [2012/01/02 07:27:03 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compcln.exe [2012/01/02 07:20:22 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll [2012/01/02 07:20:21 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll [2012/01/02 07:20:20 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll [2012/01/02 07:20:20 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys [2012/01/02 07:20:20 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys [2012/01/02 07:20:19 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll [2012/01/02 07:20:18 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll [2012/01/02 07:20:18 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scksp.dll [2012/01/02 07:20:16 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll [2012/01/02 07:20:16 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2PGraph.dll [2012/01/02 07:20:16 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\phon.ime [2012/01/02 07:20:15 | 001,823,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll [2012/01/02 07:20:15 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll [2012/01/02 07:20:15 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpui.dll [2012/01/02 07:20:15 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcaui.dll [2012/01/02 07:20:15 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpsetup.dll [2012/01/02 07:20:15 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys [2012/01/02 07:20:15 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssoc.dll [2012/01/02 07:20:15 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe [2012/01/02 07:20:15 | 000,043,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys [2012/01/02 07:20:15 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPutil.exe [2012/01/02 07:20:13 | 001,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pidgenx.dll [2012/01/02 07:20:13 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr [2012/01/02 07:20:13 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe [2012/01/02 07:20:13 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pintlgnt.ime [2012/01/02 07:20:13 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe [2012/01/02 07:20:11 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll [2012/01/02 07:20:10 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll [2012/01/02 07:20:10 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll [2012/01/02 07:20:10 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll [2012/01/02 07:20:10 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll [2012/01/02 07:20:10 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll [2012/01/02 07:20:09 | 002,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oobefldr.dll [2012/01/02 07:20:09 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osk.exe [2012/01/02 07:20:09 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleprn.dll [2012/01/02 07:20:07 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe [2012/01/02 07:20:06 | 000,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasgcw.dll [2012/01/02 07:20:06 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll [2012/01/02 07:20:06 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmontr.dll [2012/01/02 07:20:06 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll [2012/01/02 07:20:06 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdial.exe [2012/01/02 07:20:05 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll [2012/01/02 07:20:05 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll

Oops...I didn't see the last part about not attaching it. OTL logfile created on: 1/10/2012 8:56:49 PM - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Mary\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1.87 Gb Total Physical Memory | 0.91 Gb Available Physical Memory | 48.79% Memory free 3.99 Gb Paging File | 2.99 Gb Available in Paging File | 74.94% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 147.58 Gb Total Space | 105.94 Gb Free Space | 71.78% Space Free | Partition Type: NTFS Computer Name: MARY-PC | User Name: Mary | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/01/10 20:53:59 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Mary\Desktop\OTL.exe PRC - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2011/12/24 17:50:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2011/06/15 15:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe PRC - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe PRC - [2009/04/10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/03/20 07:36:58 | 000,210,216 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynToshiba.exe PRC - [2007/07/07 05:06:52 | 004,669,440 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2007/02/25 23:55:18 | 000,125,048 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe ========== Modules (No Company Name) ========== MOD - [2007/07/14 01:52:00 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll ========== Win32 Services (SafeList) ========== SRV - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc) SRV - [2008/01/18 23:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007/02/25 23:55:18 | 000,125,048 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service) ========== Driver Services (SafeList) ========== DRV - [2012/01/10 19:44:25 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BBC1B8B7-4EFD-4A4C-B84B-097156365B45}\MpKsl2c587bb6.sys -- (MpKsl2c587bb6) DRV - [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2011/04/18 13:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon) DRV - [2009/06/19 21:44:14 | 000,290,816 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21) DRV - [2008/07/29 05:05:04 | 000,919,552 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2007/11/09 05:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ) DRV - [2007/07/14 02:01:30 | 002,771,968 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2007/06/28 18:23:14 | 000,285,184 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32) DRV - [2007/04/30 15:42:14 | 000,081,408 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2006/11/09 16:32:00 | 000,219,264 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10i.sys -- (KR10I) DRV - [2006/11/09 16:31:00 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10n.sys -- (KR10N) DRV - [2006/11/02 02:41:50 | 000,983,552 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2006/10/30 14:23:12 | 000,007,680 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO) DRV - [2006/09/27 22:06:00 | 000,479,488 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr3npxp.sys -- (KR3NPXP) DRV - [2006/07/28 18:25:26 | 000,019,456 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\LPCFilter.sys -- (LPCFilter) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) O1 HOSTS File: ([2007/01/03 08:49:17 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - Startup: C:\Users\Mary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0) O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2C6F3325-0F2B-4A2A-8481-A37CCE2FEBE1}: DhcpNameServer = 209.18.47.61 209.18.47.62 O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\Toshiba-1.JPG O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\Toshiba-1.JPG O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %*

I'm attaching logs because it says it is too large. OTL.Txt Extras.Txt checkup.txt

Gmer GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2012-01-10 20:22:34 Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 TOSHIBA_MK1637GSX rev.DL030M Running: fr2u1fgz.exe; Driver: C:\Users\Mary\AppData\Local\Temp\pwldypow.sys ---- Kernel code sections - GMER 1.0.15 ---- .text C:\Windows\system32\DRIVERS\tos_sps32.sys section is writeable [0x87B51000, 0x4036D, 0xE8000020] .dsrt C:\Windows\system32\DRIVERS\tos_sps32.sys unknown last section [0x87B9A000, 0x510, 0x40000040] ---- Devices - GMER 1.0.15 ---- AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation) AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation) ---- Files - GMER 1.0.15 ---- File C:\Windows\assembly\NativeImages_v2.0.50727_32\index22a.dat 0 bytes File C:\Windows\assembly\NativeImages_v2.0.50727_32\index22b.dat 0 bytes ---- EOF - GMER 1.0.15 ----

Said unexpected error (I think. I closed it) And said that windows can check online. Going to try it again.

Yes, he does have a USB and I told him to stop.

Gmer log quits working. What to do now?

Just to add--my son's laptop (which he got Christmas) seems to be acting similar to mine. He cannot run things as an admin--new partitions--just a whole bunch of weird stuff. My point is, I will be starting a new thread if needed to help with his computer. There seems to be a pattern--every computer he touches starts acting weird. Thanks so much for your help.

asWBR Log aswMBR version 0.9.9.1297 Copyright© 2011 AVAST Software Run date: 2012-01-10 18:55:46 ----------------------------- 18:55:46.664 OS Version: Windows 6.0.6002 Service Pack 2 18:55:46.664 Number of processors: 2 586 0x6802 18:55:46.680 ComputerName: MARY-PC UserName: Mary 18:55:48.380 Initialize success 18:56:30.816 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 18:56:30.832 Disk 0 Vendor: TOSHIBA_MK1637GSX DL030M Size: 152627MB BusType: 3 18:56:30.941 Disk 0 MBR read successfully 18:56:30.941 Disk 0 MBR scan 18:56:30.957 Disk 0 Windows VISTA default MBR code 18:56:30.988 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048 18:56:31.035 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 151126 MB offset 3074048 18:56:31.050 Disk 0 scanning sectors +312580096 18:56:31.144 Disk 0 scanning C:\Windows\system32\drivers 18:56:48.132 Service scanning 18:56:50.238 Service MpKsl471ef965 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{42EAD93F-A207-4777-87D6-1A5BEDBF6D33}\MpKsl471ef965.sys **LOCKED** 32 18:56:50.238 Service MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys **LOCKED** 32 18:56:50.987 Modules scanning 18:57:11.891 Scan finished successfully 18:57:35.229 Disk 0 MBR has been saved successfully to "C:\Users\Mary\Desktop\MBR.dat" 18:57:35.244 The log file has been saved successfully to "C:\Users\Mary\Desktop\aswMBR.txt" TDSS Log--Fix not enabled only Fix mbr 18:58:39.0422 3360 TDSS rootkit removing tool 2.7.0.0 Jan 10 2012 09:14:26 18:58:39.0874 3360 ============================================================ 18:58:39.0874 3360 Current date / time: 2012/01/10 18:58:39.0874 18:58:39.0874 3360 SystemInfo: 18:58:39.0874 3360 18:58:39.0874 3360 OS Version: 6.0.6002 ServicePack: 2.0 18:58:39.0874 3360 Product type: Workstation 18:58:39.0874 3360 ComputerName: MARY-PC 18:58:39.0874 3360 UserName: Mary 18:58:39.0874 3360 Windows directory: C:\Windows 18:58:39.0874 3360 System windows directory: C:\Windows 18:58:39.0874 3360 Processor architecture: Intel x86 18:58:39.0874 3360 Number of processors: 2 18:58:39.0874 3360 Page size: 0x1000 18:58:39.0874 3360 Boot type: Normal boot 18:58:39.0874 3360 ============================================================ 18:58:42.0121 3360 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000, SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K', Flags 0x00000050 18:58:42.0246 3360 Initialize success 18:58:50.0030 2172 ============================================================ 18:58:50.0030 2172 Scan started 18:58:50.0030 2172 Mode: Manual; 18:58:50.0030 2172 ============================================================ 18:58:52.0370 2172 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 18:58:52.0386 2172 ACPI - ok 18:58:52.0620 2172 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys 18:58:52.0635 2172 adp94xx - ok 18:58:52.0760 2172 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys 18:58:52.0776 2172 adpahci - ok 18:58:52.0900 2172 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys 18:58:52.0900 2172 adpu160m - ok 18:58:52.0916 2172 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys 18:58:52.0916 2172 adpu320 - ok 18:58:53.0088 2172 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys 18:58:53.0103 2172 AFD - ok 18:58:53.0275 2172 AgereSoftModem (5d97943c128ed756d1b0a08302c1b1f8) C:\Windows\system32\DRIVERS\AGRSM.sys 18:58:53.0290 2172 AgereSoftModem - ok 18:58:53.0384 2172 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys 18:58:53.0384 2172 agp440 - ok 18:58:53.0462 2172 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 18:58:53.0462 2172 aic78xx - ok 18:58:53.0587 2172 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys 18:58:53.0587 2172 aliide - ok 18:58:53.0665 2172 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys 18:58:53.0665 2172 amdagp - ok 18:58:53.0696 2172 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys 18:58:53.0696 2172 amdide - ok 18:58:53.0743 2172 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys 18:58:53.0743 2172 AmdK7 - ok 18:58:53.0852 2172 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys 18:58:53.0852 2172 AmdK8 - ok 18:58:53.0946 2172 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys 18:58:53.0946 2172 arc - ok 18:58:53.0992 2172 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys 18:58:53.0992 2172 arcsas - ok 18:58:54.0133 2172 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 18:58:54.0133 2172 AsyncMac - ok 18:58:54.0242 2172 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys 18:58:54.0242 2172 atapi - ok 18:58:54.0398 2172 athr (8be56f8300e1c37b578da23c71816b7a) C:\Windows\system32\DRIVERS\athr.sys 18:58:54.0414 2172 athr - ok 18:58:54.0835 2172 atikmdag (fab37c8e4b55235de9055026561dcc7f) C:\Windows\system32\DRIVERS\atikmdag.sys 18:58:54.0928 2172 atikmdag - ok 18:58:55.0459 2172 AtiPcie (4aa1eb65481c392955939e735d27118b) C:\Windows\system32\DRIVERS\AtiPcie.sys 18:58:55.0459 2172 AtiPcie - ok 18:58:55.0818 2172 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 18:58:55.0833 2172 Beep - ok 18:58:55.0864 2172 blbdrive - ok 18:58:55.0927 2172 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys 18:58:55.0927 2172 bowser - ok 18:58:56.0020 2172 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 18:58:56.0020 2172 BrFiltLo - ok 18:58:56.0410 2172 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 18:58:56.0410 2172 BrFiltUp - ok 18:58:56.0520 2172 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 18:58:56.0520 2172 Brserid - ok 18:58:56.0582 2172 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 18:58:56.0582 2172 BrSerWdm - ok 18:58:56.0691 2172 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 18:58:56.0691 2172 BrUsbMdm - ok 18:58:56.0800 2172 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 18:58:56.0800 2172 BrUsbSer - ok 18:58:57.0003 2172 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 18:58:57.0003 2172 BTHMODEM - ok 18:58:57.0066 2172 catchme - ok 18:58:57.0206 2172 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 18:58:57.0206 2172 cdfs - ok 18:58:57.0331 2172 Cdr4_xp - ok 18:58:57.0440 2172 Cdralw2k - ok 18:58:57.0612 2172 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 18:58:57.0627 2172 cdrom - ok 18:58:57.0768 2172 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys 18:58:57.0768 2172 circlass - ok 18:58:57.0861 2172 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 18:58:57.0892 2172 CLFS - ok 18:58:58.0002 2172 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys 18:58:58.0002 2172 CmBatt - ok 18:58:58.0173 2172 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys 18:58:58.0173 2172 cmdide - ok 18:58:58.0314 2172 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys 18:58:58.0314 2172 Compbatt - ok 18:58:58.0563 2172 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys 18:58:58.0563 2172 crcdisk - ok 18:58:58.0626 2172 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys 18:58:58.0626 2172 Crusoe - ok 18:58:58.0719 2172 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys 18:58:58.0719 2172 DfsC - ok 18:58:59.0000 2172 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 18:58:59.0000 2172 disk - ok 18:58:59.0140 2172 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 18:58:59.0140 2172 drmkaud - ok 18:58:59.0406 2172 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys 18:58:59.0421 2172 DXGKrnl - ok 18:58:59.0499 2172 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys 18:58:59.0499 2172 E1G60 - ok 18:58:59.0718 2172 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 18:58:59.0718 2172 Ecache - ok 18:58:59.0842 2172 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys 18:58:59.0858 2172 elxstor - ok 18:59:00.0123 2172 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 18:59:00.0123 2172 exfat - ok 18:59:00.0310 2172 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 18:59:00.0326 2172 fastfat - ok 18:59:00.0451 2172 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys 18:59:00.0451 2172 fdc - ok 18:59:00.0513 2172 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 18:59:00.0513 2172 FileInfo - ok 18:59:00.0638 2172 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 18:59:00.0638 2172 Filetrace - ok 18:59:00.0700 2172 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys 18:59:00.0700 2172 flpydisk - ok 18:59:00.0841 2172 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 18:59:00.0856 2172 FltMgr - ok 18:59:01.0137 2172 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 18:59:01.0137 2172 Fs_Rec - ok 18:59:01.0215 2172 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys 18:59:01.0215 2172 gagp30kx - ok 18:59:01.0278 2172 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys 18:59:01.0293 2172 HdAudAddService - ok 18:59:01.0418 2172 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 18:59:01.0434 2172 HDAudBus - ok 18:59:01.0636 2172 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 18:59:01.0636 2172 HidBth - ok 18:59:01.0777 2172 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 18:59:01.0777 2172 HidIr - ok 18:59:01.0839 2172 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys 18:59:01.0839 2172 HidUsb - ok 18:59:01.0980 2172 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys 18:59:01.0980 2172 HpCISSs - ok 18:59:02.0182 2172 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys 18:59:02.0214 2172 HTTP - ok 18:59:02.0292 2172 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys 18:59:02.0292 2172 i2omp - ok 18:59:02.0416 2172 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 18:59:02.0416 2172 i8042prt - ok 18:59:02.0541 2172 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys 18:59:02.0557 2172 iaStorV - ok 18:59:02.0666 2172 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 18:59:02.0666 2172 iirsp - ok 18:59:02.0931 2172 IntcAzAudAddService (6f62bafe6150f3952f877051c65786fe) C:\Windows\system32\drivers\RTKVHDA.sys 18:59:03.0040 2172 IntcAzAudAddService - ok 18:59:03.0150 2172 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys 18:59:03.0150 2172 intelide - ok 18:59:03.0181 2172 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys 18:59:03.0181 2172 intelppm - ok 18:59:03.0321 2172 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 18:59:03.0321 2172 IpFilterDriver - ok 18:59:03.0477 2172 IpInIp - ok 18:59:03.0540 2172 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys 18:59:03.0540 2172 IPMIDRV - ok 18:59:03.0633 2172 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 18:59:03.0633 2172 IPNAT - ok 18:59:03.0696 2172 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 18:59:03.0696 2172 IRENUM - ok 18:59:03.0789 2172 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys 18:59:03.0805 2172 isapnp - ok 18:59:03.0930 2172 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 18:59:03.0945 2172 iScsiPrt - ok 18:59:04.0086 2172 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 18:59:04.0086 2172 iteatapi - ok 18:59:04.0164 2172 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 18:59:04.0164 2172 iteraid - ok 18:59:04.0288 2172 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 18:59:04.0288 2172 kbdclass - ok 18:59:04.0382 2172 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys 18:59:04.0382 2172 kbdhid - ok 18:59:04.0554 2172 KR10I (e8ca038f51f7761bd6e3a3b0b8014263) C:\Windows\system32\drivers\kr10i.sys 18:59:04.0554 2172 KR10I - ok 18:59:04.0741 2172 KR10N (6a4adb9186dd0e114e623daf57e42b31) C:\Windows\system32\drivers\kr10n.sys 18:59:04.0756 2172 KR10N - ok 18:59:04.0866 2172 KR3NPXP (485e005cd51ff502fb16483eb4b69c17) C:\Windows\system32\drivers\kr3npxp.sys 18:59:04.0881 2172 KR3NPXP - ok 18:59:05.0162 2172 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys 18:59:05.0193 2172 KSecDD - ok 18:59:05.0349 2172 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 18:59:05.0349 2172 lltdio - ok 18:59:05.0505 2172 LPCFilter (515fc18cabee0158a324b08b1c2667cf) C:\Windows\system32\DRIVERS\LPCFilter.sys 18:59:05.0505 2172 LPCFilter - ok 18:59:05.0599 2172 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys 18:59:05.0599 2172 LSI_FC - ok 18:59:05.0677 2172 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys 18:59:05.0677 2172 LSI_SAS - ok 18:59:05.0739 2172 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys 18:59:05.0739 2172 LSI_SCSI - ok 18:59:06.0004 2172 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 18:59:06.0004 2172 luafv - ok 18:59:06.0472 2172 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys 18:59:06.0472 2172 MBAMProtector - ok 18:59:06.0613 2172 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys 18:59:06.0613 2172 megasas - ok 18:59:07.0065 2172 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 18:59:07.0081 2172 Modem - ok 18:59:07.0284 2172 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 18:59:07.0284 2172 monitor - ok 18:59:07.0330 2172 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 18:59:07.0346 2172 mouclass - ok 18:59:07.0393 2172 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 18:59:07.0393 2172 mouhid - ok 18:59:07.0830 2172 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 18:59:07.0830 2172 MountMgr - ok 18:59:08.0298 2172 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys 18:59:08.0344 2172 MpFilter - ok 18:59:08.0563 2172 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys 18:59:08.0563 2172 mpio - ok 18:59:08.0828 2172 MpKsl471ef965 (a69630d039c38018689190234f866d77) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{42EAD93F-A207-4777-87D6-1A5BEDBF6D33}\MpKsl471ef965.sys 18:59:08.0828 2172 MpKsl471ef965 - ok 18:59:09.0093 2172 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys 18:59:09.0093 2172 MpNWMon - ok 18:59:09.0140 2172 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 18:59:09.0140 2172 mpsdrv - ok 18:59:09.0296 2172 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 18:59:09.0296 2172 Mraid35x - ok 18:59:09.0577 2172 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 18:59:09.0592 2172 MRxDAV - ok 18:59:09.0655 2172 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys 18:59:09.0655 2172 mrxsmb - ok 18:59:09.0780 2172 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys 18:59:09.0795 2172 mrxsmb10 - ok 18:59:09.0951 2172 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys 18:59:09.0951 2172 mrxsmb20 - ok 18:59:10.0029 2172 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys 18:59:10.0029 2172 msahci - ok 18:59:10.0045 2172 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys 18:59:10.0045 2172 msdsm - ok 18:59:10.0310 2172 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 18:59:10.0310 2172 Msfs - ok 18:59:10.0372 2172 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 18:59:10.0372 2172 msisadrv - ok 18:59:10.0466 2172 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 18:59:10.0466 2172 MSKSSRV - ok 18:59:10.0497 2172 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 18:59:10.0497 2172 MSPCLOCK - ok 18:59:10.0622 2172 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 18:59:10.0622 2172 MSPQM - ok 18:59:10.0716 2172 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 18:59:10.0716 2172 MsRPC - ok 18:59:10.0809 2172 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 18:59:10.0809 2172 mssmbios - ok 18:59:10.0856 2172 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 18:59:10.0856 2172 MSTEE - ok 18:59:10.0981 2172 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 18:59:10.0981 2172 Mup - ok 18:59:11.0106 2172 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 18:59:11.0106 2172 NativeWifiP - ok 18:59:11.0215 2172 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 18:59:11.0215 2172 NDIS - ok 18:59:11.0386 2172 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 18:59:11.0386 2172 NdisTapi - ok 18:59:11.0418 2172 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 18:59:11.0418 2172 Ndisuio - ok 18:59:11.0527 2172 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 18:59:11.0527 2172 NdisWan - ok 18:59:11.0574 2172 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 18:59:11.0574 2172 NDProxy - ok 18:59:11.0667 2172 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 18:59:11.0667 2172 NetBIOS - ok 18:59:11.0761 2172 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 18:59:11.0761 2172 netbt - ok 18:59:11.0870 2172 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 18:59:11.0870 2172 nfrd960 - ok 18:59:11.0948 2172 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 18:59:11.0948 2172 Npfs - ok 18:59:12.0135 2172 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 18:59:12.0135 2172 nsiproxy - ok 18:59:12.0463 2172 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 18:59:12.0650 2172 Ntfs - ok 18:59:13.0040 2172 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 18:59:13.0040 2172 ntrigdigi - ok 18:59:13.0149 2172 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 18:59:13.0149 2172 Null - ok 18:59:13.0196 2172 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys 18:59:13.0196 2172 nvraid - ok 18:59:13.0399 2172 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys 18:59:13.0399 2172 nvstor - ok 18:59:13.0414 2172 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys 18:59:13.0414 2172 nv_agp - ok 18:59:13.0430 2172 NwlnkFlt - ok 18:59:13.0446 2172 NwlnkFwd - ok 18:59:13.0570 2172 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys 18:59:13.0570 2172 ohci1394 - ok 18:59:13.0633 2172 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 18:59:13.0633 2172 Parport - ok 18:59:13.0836 2172 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys 18:59:13.0836 2172 partmgr - ok 18:59:13.0898 2172 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 18:59:13.0898 2172 Parvdm - ok 18:59:14.0038 2172 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 18:59:14.0038 2172 pci - ok 18:59:14.0194 2172 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys 18:59:14.0194 2172 pciide - ok 18:59:14.0288 2172 pcmcia (3bb2244f343b610c29c98035504c9b75) C:\Windows\system32\DRIVERS\pcmcia.sys 18:59:14.0288 2172 pcmcia - ok 18:59:14.0522 2172 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 18:59:14.0538 2172 PEAUTH - ok 18:59:14.0709 2172 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 18:59:14.0709 2172 PptpMiniport - ok 18:59:14.0772 2172 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys 18:59:14.0772 2172 Processor - ok 18:59:14.0834 2172 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 18:59:14.0834 2172 PSched - ok 18:59:14.0943 2172 PxHelp20 (f7bb4e7a7c02ab4a2672937e124e306e) C:\Windows\system32\Drivers\PxHelp20.sys 18:59:14.0959 2172 PxHelp20 - ok 18:59:15.0146 2172 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys 18:59:15.0162 2172 ql2300 - ok 18:59:15.0208 2172 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 18:59:15.0208 2172 ql40xx - ok 18:59:15.0318 2172 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 18:59:15.0318 2172 QWAVEdrv - ok 18:59:15.0349 2172 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 18:59:15.0349 2172 RasAcd - ok 18:59:15.0411 2172 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 18:59:15.0411 2172 Rasl2tp - ok 18:59:15.0520 2172 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 18:59:15.0520 2172 RasPppoe - ok 18:59:15.0567 2172 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 18:59:15.0567 2172 RasSstp - ok 18:59:15.0614 2172 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 18:59:15.0630 2172 rdbss - ok 18:59:15.0786 2172 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 18:59:15.0786 2172 RDPCDD - ok 18:59:15.0848 2172 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys 18:59:15.0879 2172 rdpdr - ok 18:59:15.0910 2172 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 18:59:15.0910 2172 RDPENCDD - ok 18:59:16.0020 2172 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys 18:59:16.0020 2172 RDPWD - ok 18:59:16.0238 2172 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 18:59:16.0238 2172 rspndr - ok 18:59:16.0347 2172 RTL8169 (b8b159fa669c6386a458fcd468ebb1e6) C:\Windows\system32\DRIVERS\Rtlh86.sys 18:59:16.0347 2172 RTL8169 - ok 18:59:16.0456 2172 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 18:59:16.0456 2172 sbp2port - ok 18:59:16.0581 2172 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys 18:59:16.0597 2172 sdbus - ok 18:59:16.0690 2172 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 18:59:16.0690 2172 secdrv - ok 18:59:16.0784 2172 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys 18:59:16.0800 2172 Serenum - ok 18:59:16.0909 2172 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 18:59:16.0909 2172 Serial - ok 18:59:16.0956 2172 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 18:59:16.0956 2172 sermouse - ok 18:59:17.0080 2172 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys 18:59:17.0080 2172 sffdisk - ok 18:59:17.0174 2172 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys 18:59:17.0174 2172 sffp_mmc - ok 18:59:17.0283 2172 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys 18:59:17.0299 2172 sffp_sd - ok 18:59:17.0314 2172 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 18:59:17.0314 2172 sfloppy - ok 18:59:17.0392 2172 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys 18:59:17.0392 2172 sisagp - ok 18:59:17.0439 2172 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys 18:59:17.0439 2172 SiSRaid2 - ok 18:59:17.0548 2172 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys 18:59:17.0548 2172 SiSRaid4 - ok 18:59:17.0642 2172 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 18:59:17.0642 2172 Smb - ok 18:59:17.0720 2172 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 18:59:17.0720 2172 spldr - ok 18:59:17.0814 2172 srv (0debafcc0e3591fca34f077cab62f7f7) C:\Windows\system32\DRIVERS\srv.sys 18:59:17.0814 2172 srv - ok 18:59:17.0907 2172 srv2 (6b6f3658e0a58c6c50c5f7fbdf3df633) C:\Windows\system32\DRIVERS\srv2.sys 18:59:17.0907 2172 srv2 - ok 18:59:18.0001 2172 srvnet (0c5ab1892ae0fa504218db094bf6d041) C:\Windows\system32\DRIVERS\srvnet.sys 18:59:18.0001 2172 srvnet - ok 18:59:18.0235 2172 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 18:59:18.0235 2172 swenum - ok 18:59:18.0391 2172 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 18:59:18.0391 2172 Symc8xx - ok 18:59:18.0516 2172 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 18:59:18.0516 2172 Sym_hi - ok 18:59:18.0531 2172 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 18:59:18.0531 2172 Sym_u3 - ok 18:59:18.0640 2172 SynTP (5efcedcf3daf5c8d9e8b77a34a4eec99) C:\Windows\system32\DRIVERS\SynTP.sys 18:59:18.0703 2172 SynTP - ok 18:59:18.0812 2172 Tcpip (48cbe6d53632d0067c2d6b20f90d84ca) C:\Windows\system32\drivers\tcpip.sys 18:59:18.0828 2172 Tcpip - ok 18:59:18.0921 2172 Tcpip6 (48cbe6d53632d0067c2d6b20f90d84ca) C:\Windows\system32\DRIVERS\tcpip.sys 18:59:18.0937 2172 Tcpip6 - ok 18:59:19.0015 2172 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 18:59:19.0015 2172 TDPIPE - ok 18:59:19.0062 2172 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 18:59:19.0062 2172 TDTCP - ok 18:59:19.0233 2172 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 18:59:19.0233 2172 tdx - ok 18:59:19.0342 2172 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 18:59:19.0358 2172 TermDD - ok 18:59:19.0452 2172 tifm21 (28b7f973c36d157a7885b1ae42a4a2a9) C:\Windows\system32\drivers\tifm21.sys 18:59:19.0467 2172 tifm21 - ok 18:59:19.0545 2172 Tosrfcom - ok 18:59:19.0686 2172 tos_sps32 (1ea5f27c29405bf49799feca77186da9) C:\Windows\system32\DRIVERS\tos_sps32.sys 18:59:19.0701 2172 tos_sps32 - ok 18:59:19.0764 2172 TpChoice - ok 18:59:19.0935 2172 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 18:59:19.0935 2172 tssecsrv - ok 18:59:20.0107 2172 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 18:59:20.0107 2172 tunmp - ok 18:59:20.0388 2172 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 18:59:20.0388 2172 tunnel - ok 18:59:20.0606 2172 TVALZ (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS 18:59:20.0606 2172 TVALZ - ok 18:59:20.0746 2172 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys 18:59:20.0746 2172 uagp35 - ok 18:59:21.0074 2172 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 18:59:21.0090 2172 udfs - ok 18:59:21.0292 2172 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys 18:59:21.0292 2172 uliagpkx - ok 18:59:21.0417 2172 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys 18:59:21.0417 2172 uliahci - ok 18:59:21.0698 2172 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 18:59:21.0698 2172 UlSata - ok 18:59:21.0745 2172 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 18:59:21.0745 2172 ulsata2 - ok 18:59:21.0792 2172 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 18:59:21.0807 2172 umbus - ok 18:59:22.0088 2172 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys 18:59:22.0088 2172 usbccgp - ok 18:59:22.0213 2172 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 18:59:22.0213 2172 usbcir - ok 18:59:22.0291 2172 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 18:59:22.0291 2172 usbehci - ok 18:59:22.0353 2172 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 18:59:22.0369 2172 usbhub - ok 18:59:22.0384 2172 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys 18:59:22.0384 2172 usbohci - ok 18:59:22.0478 2172 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys 18:59:22.0478 2172 usbprint - ok 18:59:22.0540 2172 USBSTOR - ok 18:59:22.0681 2172 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys 18:59:22.0681 2172 usbuhci - ok 18:59:22.0728 2172 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys 18:59:22.0728 2172 vga - ok 18:59:22.0852 2172 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 18:59:22.0852 2172 VgaSave - ok 18:59:22.0977 2172 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys 18:59:22.0977 2172 viaagp - ok 18:59:23.0071 2172 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys 18:59:23.0071 2172 ViaC7 - ok 18:59:23.0352 2172 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys 18:59:23.0352 2172 viaide - ok 18:59:23.0648 2172 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 18:59:23.0648 2172 volmgr - ok 18:59:24.0038 2172 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 18:59:24.0054 2172 volmgrx - ok 18:59:24.0241 2172 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 18:59:24.0256 2172 volsnap - ok 18:59:24.0334 2172 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys 18:59:24.0334 2172 vsmraid - ok 18:59:24.0412 2172 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 18:59:24.0412 2172 WacomPen - ok 18:59:24.0475 2172 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 18:59:24.0475 2172 Wanarp - ok 18:59:24.0568 2172 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 18:59:24.0568 2172 Wanarpv6 - ok 18:59:24.0646 2172 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys 18:59:24.0646 2172 Wd - ok 18:59:24.0818 2172 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 18:59:24.0849 2172 Wdf01000 - ok 18:59:25.0005 2172 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys 18:59:25.0005 2172 WmiAcpi - ok 18:59:25.0068 2172 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 18:59:25.0068 2172 ws2ifsl - ok 18:59:25.0224 2172 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 18:59:25.0224 2172 WUDFRd - ok 18:59:25.0286 2172 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0 18:59:25.0348 2172 \Device\Harddisk0\DR0 - ok 18:59:25.0364 2172 Boot (0x1200) (156b54357b2fdc60fed28e21297f8334) \Device\Harddisk0\DR0\Partition0 18:59:25.0364 2172 \Device\Harddisk0\DR0\Partition0 - ok 18:59:25.0364 2172 ============================================================ 18:59:25.0364 2172 Scan finished 18:59:25.0364 2172 ============================================================ 18:59:25.0380 2916 Detected object count: 0 18:59:25.0380 2916 Actual detected object count: 0

MBAM Log Malwarebytes Anti-Malware (Trial) 1.60.0.1800 www.malwarebytes.org Database version: v2012.01.09.02 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Mary :: MARY-PC [administrator] Protection: Enabled 1/10/2012 6:30:43 PM mbam-log-2012-01-10 (18-30-43).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 163525 Time elapsed: 18 minute(s), Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)

Trying this again. Will post it when I get home around 8pm. I have to use that computer to get online at home--will I be infecting anything by posting when I do get there? I also teach online--same concerns.

Ok. So my husband believes we have a rootkit because several services keep starting up when they are disabled and certain applications start running when I'm online and you see the admin prompt for a short time. I am attaching several logs. PLEASE help me. A lot of the software doesn't recognize anything but my husband believes it's because it has a PE file injector. I'm a teacher (both online and in a public school and really need my computer)! So, again, please help! wMBR version 0.9.9.1124 Copyright© 2011 AVAST Software Run date: 2007-01-03 07:01:54 ----------------------------- 07:01:54.056 OS Version: Windows 6.0.6000 07:01:54.056 Number of processors: 2 586 0x6802 07:01:54.056 ComputerName: MARY-PC UserName: Mary 07:01:54.992 Initialize success 07:02:38.242 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 07:02:38.257 Disk 0 Vendor: TOSHIBA_MK1637GSX DL030M Size: 152627MB BusType: 3 07:02:38.288 Disk 0 MBR read successfully 07:02:38.304 Disk 0 MBR scan 07:02:38.304 Disk 0 Windows VISTA default MBR code 07:02:38.320 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048 07:02:38.335 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 151126 MB offset 3074048 07:02:38.351 Disk 0 scanning sectors +312580096 07:02:38.429 Disk 0 scanning C:\Windows\system32\drivers 07:02:41.736 Service scanning 07:02:43.421 Modules scanning 07:02:51.954 Disk 0 trace - called modules: 07:02:52.001 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys 07:02:52.001 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85637ad8] 07:02:52.016 3 ntkrnlpa.exe[81cb06e2] -> nt!IofCallDriver -> [0x8554b9b0] 07:02:52.016 5 acpi.sys[8023232a] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x8553e030] 07:02:52.032 Scan finished successfully 07:03:24.761 Disk 0 MBR has been saved successfully to "C:\Users\Mary\Documents\MBR.dat" 07:03:24.776 The log file has been saved successfully to "C:\Users\Mary\Documents\aswMBR.txt" 07:03:45.417 Disk 0 MBR has been saved successfully to "C:\Users\Mary\Desktop\MBR.dat" 07:03:45.433 The log file has been saved successfully to "C:\Users\Mary\Desktop\aswMBR.txt" MBRCheck, version 1.2.3 © 2010, AD Command-line: Windows Version: Windows Vista Home Premium Edition Windows Information: (build 6000), 32-bit Base Board Manufacturer: TOSHIBA BIOS Manufacturer: TOSHIBA System Manufacturer: TOSHIBA System Product Name: Satellite P205D Logical Drives Mask: 0x0000000c Kernel Drivers (total 151): 0x81C00000 \SystemRoot\system32\ntkrnlpa.exe 0x81FA1000 \SystemRoot\system32\hal.dll 0x802C6000 \SystemRoot\system32\kdcom.dll 0x802BD000 \SystemRoot\system32\PSHED.dll 0x802B5000 \SystemRoot\system32\BOOTVID.dll 0x8027A000 \SystemRoot\system32\CLFS.SYS 0x8051F000 \SystemRoot\system32\CI.dll 0x804A4000 \SystemRoot\system32\drivers\Wdf01000.sys 0x8026D000 \SystemRoot\system32\drivers\WDFLDR.SYS 0x8022A000 \SystemRoot\system32\drivers\acpi.sys 0x80221000 \SystemRoot\system32\drivers\WMILIB.SYS 0x80219000 \SystemRoot\system32\drivers\msisadrv.sys 0x8047F000 \SystemRoot\system32\drivers\pci.sys 0x8020A000 \SystemRoot\system32\drivers\volmgr.sys 0x80200000 \SystemRoot\system32\DRIVERS\LPCFilter.sys 0x8047C000 \SystemRoot\system32\DRIVERS\compbatt.sys 0x80472000 \SystemRoot\system32\DRIVERS\BATTC.SYS 0x80462000 \SystemRoot\System32\drivers\mountmgr.sys 0x8045B000 \SystemRoot\system32\drivers\pciide.sys 0x8044D000 \SystemRoot\system32\drivers\PCIIDEX.SYS 0x80423000 \SystemRoot\system32\DRIVERS\pcmcia.sys 0x807B6000 \SystemRoot\System32\drivers\volmgrx.sys 0x8041B000 \SystemRoot\system32\drivers\atapi.sys 0x80798000 \SystemRoot\system32\drivers\ataport.SYS 0x80767000 \SystemRoot\system32\drivers\fltmgr.sys 0x8040B000 \SystemRoot\system32\drivers\fileinfo.sys 0x80402000 \SystemRoot\System32\Drivers\PxHelp20.sys 0x80663000 \SystemRoot\system32\drivers\ndis.sys 0x80638000 \SystemRoot\system32\drivers\msrpc.sys 0x81BC7000 \SystemRoot\system32\drivers\NETIO.SYS 0x81ABF000 \SystemRoot\System32\Drivers\Ntfs.sys 0x81A55000 \SystemRoot\System32\Drivers\ksecdd.sys 0x80602000 \SystemRoot\system32\drivers\volsnap.sys 0x81A50000 \SystemRoot\system32\DRIVERS\TVALZ_O.SYS 0x81A05000 \SystemRoot\system32\DRIVERS\tos_sps32.sys 0x825F8000 \SystemRoot\System32\Drivers\spldr.sys 0x825E9000 \SystemRoot\System32\drivers\partmgr.sys 0x825DA000 \SystemRoot\System32\Drivers\mup.sys 0x825B5000 \SystemRoot\System32\drivers\ecache.sys 0x825A4000 \SystemRoot\system32\drivers\disk.sys 0x82583000 \SystemRoot\system32\drivers\CLASSPNP.SYS 0x8257B000 \SystemRoot\system32\DRIVERS\AtiPcie.sys 0x82572000 \SystemRoot\system32\drivers\crcdisk.sys 0x89A8D000 \SystemRoot\system32\DRIVERS\tunnel.sys 0x89B63000 \SystemRoot\system32\DRIVERS\tunmp.sys 0x82FC1000 \SystemRoot\system32\DRIVERS\amdk8.sys 0x8AAFE000 \SystemRoot\system32\DRIVERS\atikmdag.sys 0x8AA62000 \SystemRoot\System32\drivers\dxgkrnl.sys 0x89A80000 \SystemRoot\System32\drivers\watchdog.sys 0x8B547000 \SystemRoot\system32\DRIVERS\athr.sys 0x8A56A000 \SystemRoot\system32\DRIVERS\usbohci.sys 0x89A43000 \SystemRoot\system32\DRIVERS\USBPORT.SYS 0x89A35000 \SystemRoot\system32\DRIVERS\usbehci.sys 0x82E41000 \SystemRoot\system32\DRIVERS\tdcmdpst.sys 0x89A1D000 \SystemRoot\system32\DRIVERS\cdrom.sys 0x89A0B000 \SystemRoot\system32\DRIVERS\HDAudBus.sys 0x8A45D000 \SystemRoot\system32\DRIVERS\i8042prt.sys 0x89A00000 \SystemRoot\system32\DRIVERS\kbdclass.sys 0x8A430000 \SystemRoot\system32\DRIVERS\SynTP.sys 0x83382000 \SystemRoot\system32\DRIVERS\USBD.SYS 0x8A425000 \SystemRoot\system32\DRIVERS\mouclass.sys 0x83348000 \SystemRoot\system32\DRIVERS\CmBatt.sys 0x832E0000 \SystemRoot\system32\DRIVERS\ohci1394.sys 0x8A417000 \SystemRoot\system32\DRIVERS\1394BUS.SYS 0x8AA16000 \SystemRoot\system32\drivers\tifm21.sys 0x8B52F000 \SystemRoot\system32\DRIVERS\sdbus.sys 0x8B504000 \SystemRoot\system32\DRIVERS\msiscsi.sys 0x8B4C4000 \SystemRoot\system32\DRIVERS\storport.sys 0x8A40C000 \SystemRoot\system32\DRIVERS\TDI.SYS 0x8B4AD000 \SystemRoot\system32\DRIVERS\rasl2tp.sys 0x8A401000 \SystemRoot\system32\DRIVERS\ndistapi.sys 0x8B48A000 \SystemRoot\system32\DRIVERS\ndiswan.sys 0x8A470000 \SystemRoot\system32\DRIVERS\raspppoe.sys 0x8AA03000 \SystemRoot\system32\DRIVERS\raspptp.sys 0x8A47F000 \SystemRoot\system32\DRIVERS\termdd.sys 0x80600000 \SystemRoot\system32\DRIVERS\swenum.sys 0x8B448000 \SystemRoot\system32\DRIVERS\ks.sys 0x8A574000 \SystemRoot\system32\DRIVERS\mssmbios.sys 0x8B472000 \SystemRoot\system32\DRIVERS\umbus.sys 0x8B414000 \SystemRoot\system32\DRIVERS\usbhub.sys 0x82FA9000 \SystemRoot\System32\Drivers\NDProxy.SYS 0x8B8E4000 \SystemRoot\system32\DRIVERS\AGRSM.sys 0x8B8D7000 \SystemRoot\system32\drivers\modem.sys 0x8BA40000 \SystemRoot\system32\drivers\RTKVHDA.sys 0x8B8AA000 \SystemRoot\system32\drivers\portcls.sys 0x8B885000 \SystemRoot\system32\drivers\drmk.sys 0x8B406000 \SystemRoot\System32\Drivers\Cdr4_xp.SYS 0x8B407000 \SystemRoot\System32\Drivers\Cdralw2k.SYS 0x89B12000 \SystemRoot\System32\Drivers\Fs_Rec.SYS 0x89B9E000 \SystemRoot\System32\Drivers\Null.SYS 0x89BA5000 \SystemRoot\System32\Drivers\Beep.SYS 0x8B839000 \SystemRoot\System32\drivers\vga.sys 0x8B818000 \SystemRoot\System32\drivers\VIDEOPRT.SYS 0x82EF5000 \SystemRoot\System32\DRIVERS\RDPCDD.sys 0x82EDD000 \SystemRoot\system32\drivers\rdpencdd.sys 0x8B47F000 \SystemRoot\System32\Drivers\Msfs.SYS 0x8B80A000 \SystemRoot\System32\Drivers\Npfs.SYS 0x89B1B000 \SystemRoot\System32\DRIVERS\rasacd.sys 0x8BD2F000 \SystemRoot\System32\drivers\tcpip.sys 0x8BA07000 \SystemRoot\System32\drivers\fwpkclnt.sys 0x8BD08000 \SystemRoot\System32\Drivers\Mpfp.sys 0x8BCF3000 \SystemRoot\system32\DRIVERS\tdx.sys 0x8BCE1000 \SystemRoot\system32\DRIVERS\ipfltdrv.sys 0x8BCCD000 \SystemRoot\system32\DRIVERS\smb.sys 0x8BC86000 \SystemRoot\system32\drivers\afd.sys 0x8BC54000 \SystemRoot\System32\DRIVERS\netbt.sys 0x8BC3E000 \SystemRoot\system32\DRIVERS\pacer.sys 0x8BC30000 \SystemRoot\system32\DRIVERS\netbios.sys 0x8BC1D000 \SystemRoot\system32\DRIVERS\wanarp.sys 0x8BFC5000 \SystemRoot\system32\DRIVERS\rdbss.sys 0x8A57E000 \SystemRoot\system32\drivers\nsiproxy.sys 0x8BF55000 \SystemRoot\system32\drivers\mfehidk.sys 0x8BC06000 \SystemRoot\System32\Drivers\dfsc.sys 0x8BE4A000 \SystemRoot\System32\Drivers\crashdmp.sys 0x89AE8000 \SystemRoot\System32\Drivers\dump_dumpata.sys 0x82F1D000 \SystemRoot\System32\Drivers\dump_atapi.sys 0x90A00000 \SystemRoot\System32\win32k.sys 0x8A59C000 \SystemRoot\System32\drivers\Dxapi.sys 0x8A506000 \SystemRoot\system32\DRIVERS\monitor.sys 0x91200000 \SystemRoot\System32\TSDDD.dll 0x91210000 \SystemRoot\System32\cdd.dll 0x90E95000 \SystemRoot\system32\drivers\luafv.sys 0x93972000 \SystemRoot\system32\drivers\spsys.sys 0x83270000 \SystemRoot\system32\DRIVERS\lltdio.sys 0x93947000 \SystemRoot\system32\DRIVERS\nwifi.sys 0x8A5CE000 \SystemRoot\system32\DRIVERS\ndisuio.sys 0x93934000 \SystemRoot\system32\DRIVERS\rspndr.sys 0x9453C000 \SystemRoot\system32\drivers\HTTP.sys 0x944E1000 \SystemRoot\System32\DRIVERS\srvnet.sys 0x944C8000 \SystemRoot\system32\DRIVERS\bowser.sys 0x93833000 \SystemRoot\System32\drivers\mpsdrv.sys 0x94483000 \SystemRoot\system32\drivers\mrxdav.sys 0x94465000 \SystemRoot\system32\DRIVERS\mrxsmb.sys 0x9440C000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys 0x938CA000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys 0x947DC000 \SystemRoot\System32\DRIVERS\srv2.sys 0x94750000 \SystemRoot\System32\DRIVERS\srv.sys 0x95122000 \SystemRoot\system32\drivers\peauth.sys 0x8A5B0000 \SystemRoot\System32\Drivers\secdrv.SYS 0x89BF9000 \SystemRoot\system32\drivers\mfebopk.sys 0x95010000 \SystemRoot\system32\drivers\mfeavfk.sys 0x98E26000 \SystemRoot\system32\DRIVERS\cdfs.sys 0x89B24000 \SystemRoot\system32\drivers\mfesmfk.sys 0x9B499000 \??\C:\Users\Mary\AppData\Local\Temp\pwldypow.sys 0x9B432000 \SystemRoot\system32\DRIVERS\usbccgp.sys 0x89B5A000 \SystemRoot\system32\DRIVERS\hidusb.sys 0x90E50000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS 0x89BDD000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS 0x95EE8000 \SystemRoot\system32\DRIVERS\mouhid.sys 0x8CBC9000 \??\C:\Users\Mary\AppData\Local\Temp\aswMBR.sys 0x77260000 \Windows\System32\ntdll.dll Processes (total 74): 0 System Idle Process 4 System 400 C:\Windows\System32\smss.exe 508 csrss.exe 560 C:\Windows\System32\wininit.exe 568 csrss.exe 604 C:\Windows\System32\services.exe 660 C:\Windows\System32\winlogon.exe 688 C:\Windows\System32\lsass.exe 696 C:\Windows\System32\lsm.exe 836 C:\Windows\System32\svchost.exe 876 C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 924 C:\Windows\System32\svchost.exe 1052 C:\Windows\System32\Ati2evxx.exe 1072 C:\Windows\System32\svchost.exe 1104 C:\Windows\System32\svchost.exe 1120 C:\Windows\System32\svchost.exe 1228 C:\Windows\System32\audiodg.exe 1256 C:\Windows\System32\SLsvc.exe 1288 C:\Windows\System32\svchost.exe 1396 C:\Program Files\HitmanPro\hmpsched.exe 1420 C:\Windows\System32\svchost.exe 1620 C:\Windows\System32\Ati2evxx.exe 1700 C:\Windows\System32\spoolsv.exe 1724 C:\Windows\System32\svchost.exe 260 C:\Windows\System32\dwm.exe 420 C:\Windows\explorer.exe 1656 C:\Windows\System32\agrsmsvc.exe 832 C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe 1552 C:\PROGRA~1\COMMON~1\McAfee\McProxy\McProxy.exe 256 C:\PROGRA~1\McAfee\VIRUSS~1\Mcshield.exe 1648 C:\Program Files\McAfee\MPF\MpfSrv.exe 868 C:\Program Files\McAfee\MSK\msksrver.exe 1188 C:\TOSHIBA\IVP\ISM\pinger.exe 1936 C:\Windows\System32\svchost.exe 2072 C:\Windows\System32\svchost.exe 2104 C:\TOSHIBA\IVP\swupdate\swupdtmr.exe 2128 C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe 2172 C:\Windows\System32\TODDSrv.exe 2204 C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe 2232 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe 2312 C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe 2356 C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe 2376 C:\Windows\System32\svchost.exe 2412 C:\Windows\System32\SearchIndexer.exe 2904 C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe 2936 C:\Windows\System32\taskeng.exe 3100 C:\PROGRA~1\McAfee.com\Agent\mcagent.exe 3208 C:\Windows\System32\taskeng.exe 3320 C:\Windows\RtHDVCpl.exe 3384 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe 3588 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 3616 C:\Program Files\Toshiba\ConfigFree\NDSTray.exe 3640 C:\Program Files\Synaptics\SynTP\SynToshiba.exe 3760 C:\Program Files\Toshiba\Utilities\KeNotify.exe 3816 C:\Program Files\Toshiba\Power Saver\TPwrMain.exe 3844 C:\Program Files\Toshiba\SmoothView\SmoothView.exe 3852 C:\Program Files\Toshiba\FlashCards\TCrdMain.exe 3936 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe 3956 C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe 3964 C:\Program Files\Toshiba Registration\Registration.exe 1136 C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe 2716 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe 3068 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe 6004 C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe 3116 C:\PROGRA~1\COMMON~1\McAfee\MNA\McNASvc.exe 4192 C:\Program Files\Google\Update\GoogleUpdate.exe 2468 C:\Program Files\Internet Explorer\ieuser.exe 436 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 4972 C:\Program Files\Internet Explorer\iexplore.exe 4976 C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe 1408 C:\Windows\System32\SearchProtocolHost.exe 5944 C:\Windows\System32\SearchFilterHost.exe 4712 C:\Users\Mary\Desktop\MBRCheck.exe \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`5dd00000 (NTFS) PhysicalDrive0 Model Number: TOSHIBAMK1637GSX, Rev: DL030M Size Device Name MBR Status -------------------------------------------- 149 GB \\.\PhysicalDrive0 Windows 2008 MBR code detected SHA1: BBAD517F7EAC529451E4B9586C847AE190574F61 Done! CKScanner - Additional Security Risks - These are not necessarily bad c:\program files\toshiba games\bejeweled 2 deluxe\sounds\firecrackle.ogg c:\program files\toshiba games\mah jong quest\images\tile_firecracker-1.pnge c:\program files\toshiba games\mah jong quest\images\tile_firecracker-2.pnge c:\program files\toshiba games\mah jong quest\images\tile_firecracker-3.pnge c:\program files\toshiba games\mah jong quest\images\tile_firecracker1.pnge c:\program files\toshiba games\mah jong quest\images\kwazi3\level5-1cracktop.jpge c:\program files\toshiba games\mah jong quest\images\kwazi5\5_lvl_5a_postcrack1.jpge c:\program files\toshiba games\mah jong quest\images\kwazi5\5_lvl_5a_postcrack2.jpge scanner sequence 3.CE.11.OANAMU ----- EOF ----- DDS txt . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 7.0.6000.16473 Run by Mary at 7:42:50 on 2007-01-03 Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.1917.1213 [GMT -5:00] . . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe C:\Windows\system32\svchost.exe -k rpcss C:\Windows\system32\Ati2evxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\HitmanPro\hmpsched.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\Ati2evxx.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\agrsmsvc.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\Program Files\McAfee\MPF\MPFSrv.exe C:\Program Files\McAfee\MSK\MskSrver.exe C:\TOSHIBA\IVP\ISM\pinger.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc c:\TOSHIBA\IVP\swupdate\swupdtmr.exe C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe C:\Windows\system32\TODDSrv.exe C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchIndexer.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe C:\Windows\system32\taskeng.exe c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Windows\system32\taskeng.exe C:\Windows\RtHDVCpl.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Toshiba\ConfigFree\NDSTray.exe C:\Program Files\Synaptics\SynTP\SynToshiba.exe C:\Program Files\Toshiba\Utilities\KeNotify.exe C:\Program Files\Toshiba\Power Saver\TPwrMain.exe C:\Program Files\Toshiba\SmoothView\SmoothView.exe C:\Program Files\Toshiba\FlashCards\TCrdMain.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe C:\Program Files\Toshiba Registration\Registration.exe C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\Internet Explorer\ieuser.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ mDefault_Page_URL = hxxp://www.toshibadirect.com/dpdstart BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: McAfee Phishing Filter: {377c180e-6f0e-4d4c-980f-f45bd3d40cf4} - c:\progra~1\mcafee\msk\mcapbho.dll BHO: StartNow Toolbar Helper: {6e13d095-45c3-4271-9475-f3b48227dd9f} - c:\program files\startnow toolbar\Toolbar32.dll BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0\bin\ssv.dll BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\progra~1\mcafee\viruss~1\scriptsn.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.5.4723.1820\swg.dll TB: StartNow Toolbar: {5911488e-9d1e-40ec-8cbb-06b231cc153f} - c:\program files\startnow toolbar\Toolbar32.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\TOSCDSPD.exe uRun: [1145860967] c:\program files\toshiba registration\registration.exe /r "c:\program files\toshiba registration\Registration.rpd" uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" mRun: [startCCC] c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe mRun: [RtHDVCpl] RtHDVCpl.exe mRun: [skytel] Skytel.exe mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide mRun: [NDSTray.exe] NDSTray.exe mRun: [HWSetup] \HWSetup.exe hwSetUP mRun: [sVPWUTIL] c:\program files\toshiba\utilities\SVPWUTIL.exe SVPwUTIL mRun: [KeNotify] c:\program files\toshiba\utilities\KeNotify.exe mRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE mRun: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe mRun: [smoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe mRun: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe mRun: [mcagent_exe] c:\program files\mcafee.com\agent\mcagent.exe /runkey mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0\bin\npjpi160.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL Trusted Zone: download.com Trusted Zone: surfright.nl\www DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 TCP: Interfaces\{2C6F3325-0F2B-4A2A-8481-A37CCE2FEBE1} : DhcpNameServer = 209.18.47.61 209.18.47.62 AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL . ============= SERVICES / DRIVERS =============== . R1 mfehidk;McAfee Inc.;c:\windows\system32\drivers\mfehidk.sys [2007-8-16 201288] R2 HitmanProScheduler;HitmanPro Scheduler;c:\program files\hitmanpro\hmpsched.exe [2007-1-3 98120] R2 McProxy;McAfee Proxy Service;c:\progra~1\common~1\mcafee\mcproxy\mcproxy.exe [2007-8-16 359248] R2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2007-8-16 144704] R2 Updater Service for StartNow Toolbar;Updater Service for StartNow Toolbar;c:\program files\startnow toolbar\ToolbarUpdaterService.exe [2011-10-25 244960] R3 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe [2007-8-16 695624] R3 mfeavfk;McAfee Inc.;c:\windows\system32\drivers\mfeavfk.sys [2007-8-16 79304] R3 mfebopk;McAfee Inc.;c:\windows\system32\drivers\mfebopk.sys [2007-8-16 35240] R3 mfesmfk;McAfee Inc.;c:\windows\system32\drivers\mfesmfk.sys [2007-8-16 40488] S3 mferkdk;McAfee Inc.;c:\windows\system32\drivers\mferkdk.sys [2007-8-16 33800] S4 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2007-1-3 135664] . =============== Created Last 30 ================ . 2011-12-28 17:07:04 -------- d-----w- c:\programdata\{174892B1-CBE7-44F5-86FF-AB555EFD73A3} 2011-12-28 17:06:55 -------- d-----w- c:\program files\Activation Assistant for the 2007 Microsoft Office suites 2011-12-28 17:05:58 -------- d-----w- c:\program files\Synaptics 2011-12-28 17:03:59 737280 ----a-w- c:\windows\system32\drivers\athr.sys 2011-12-28 17:03:59 737280 ----a-w- c:\windows\system32\athr.sys 2011-12-28 17:03:59 -------- d-----w- c:\program files\Atheros 2011-12-28 17:03:43 -------- d-----w- c:\programdata\Atheros 2011-12-28 17:03:07 269096 ----a-w- c:\windows\RTKVADDA.EXE 2011-12-28 16:58:20 -------- d-----w- c:\program files\ATI Technologies 2011-12-28 16:56:55 -------- d-----w- c:\program files\ATI 2011-12-28 16:56:47 7680 ----a-w- c:\windows\system32\drivers\AtiPcie.sys 2011-12-28 16:51:26 33104 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll 2011-12-28 16:51:26 32592 ----a-w- c:\windows\system32\msonpmon.dll 2011-12-28 16:50:28 -------- d-----w- c:\windows\PCHEALTH 2011-12-28 16:44:39 -------- d-----w- C:\WORKSSETUP 2011-12-28 14:18:51 -------- d-----w- c:\users\mary\appdata\local\ATI 2011-12-28 14:18:47 -------- d-----w- c:\users\mary\appdata\local\Toshiba 2011-12-28 14:18:39 -------- d-----w- c:\users\mary\appdata\local\Google 2007-08-16 22:56:19 1060424 ----a-w- c:\windows\system32\WdfCoInstaller01000.dll 2007-08-16 22:56:18 187448 ----a-w- c:\windows\system32\drivers\SynTP.sys 2007-08-16 22:56:18 143360 ----a-w- c:\windows\system32\SynTPAPI.dll 2007-08-16 22:56:18 110592 ----a-w- c:\windows\system32\SynTPCo4.dll 2007-08-16 22:56:17 196608 ----a-w- c:\windows\system32\SynCtrl.dll 2007-08-16 22:56:17 163840 ----a-w- c:\windows\system32\SynCOM.dll 2007-08-16 20:32:17 -------- d-----w- C:\DOCS 2007-08-16 20:24:26 -------- d-----w- c:\program files\Picasa2 2007-08-16 20:15:31 -------- d-----w- c:\program files\TOSHIBA Games 2007-08-16 20:15:24 -------- d-----w- c:\programdata\WildTangent 2007-08-16 20:11:22 -------- d-----w- c:\program files\common files\Napster Shared 2007-08-16 20:10:43 -------- d-----w- c:\programdata\Napster 2007-08-16 20:10:26 -------- d-----w- c:\program files\Napster 2007-08-16 20:10:24 757760 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iKernel.dll 2007-08-16 20:10:24 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\ctor.dll 2007-08-16 20:10:24 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\DotNetInstaller.exe 2007-08-16 20:10:24 331908 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\setup.dll 2007-08-16 20:10:24 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iscript.dll 2007-08-16 20:10:24 204800 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iuser.dll 2007-08-16 20:10:24 200836 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iGdi.dll 2007-08-16 20:05:17 204800 ----a-w- c:\windows\system32\IVIresizeW7.dll 2007-08-16 20:05:17 192512 ----a-w- c:\windows\system32\IVIresizeP6.dll 2007-08-16 20:05:17 192512 ----a-w- c:\windows\system32\IVIresizeM6.dll 2007-08-16 20:05:17 188416 ----a-w- c:\windows\system32\IVIresizePX.dll 2007-08-16 20:05:16 20480 ----a-w- c:\windows\system32\IVIresize.dll 2007-08-16 20:05:16 200704 ----a-w- c:\windows\system32\IVIresizeA6.dll 2007-08-16 20:05:15 -------- d-----w- c:\program files\InterVideo 2007-08-16 20:05:14 212992 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ILog.dll 2007-08-16 20:04:57 -------- d-----w- c:\windows\RegisteredPackages 2007-08-16 20:04:56 -------- d--h--w- c:\windows\msdownld.tmp 2007-08-16 20:04:54 -------- d-----w- c:\program files\Windows Media Components 2007-08-16 20:01:53 -------- d-----w- c:\program files\Ulead Systems 2007-08-16 20:01:52 -------- d-----w- c:\program files\common files\Ulead Systems 2007-08-16 20:01:33 696320 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iKernel.dll 2007-08-16 20:01:33 57344 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\ctor.dll 2007-08-16 20:01:33 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\DotNetInstaller.exe 2007-08-16 20:01:33 282756 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\setup.dll 2007-08-16 20:01:33 237568 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iscript.dll 2007-08-16 20:01:33 163972 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iGdi.dll 2007-08-16 20:01:33 155648 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iuser.dll 2007-08-16 19:59:06 69632 ----a-w- c:\windows\system32\javacpl.cpl 2007-08-16 19:58:06 -------- d-----w- C:\Memeo 2007-08-16 19:56:39 143360 ----a-w- c:\windows\system32\dunzip32.dll 2007-08-16 19:55:41 33800 ----a-w- c:\windows\system32\drivers\mferkdk.sys 2007-08-16 19:55:40 79304 ----a-w- c:\windows\system32\drivers\mfeavfk.sys 2007-08-16 19:55:40 40488 ----a-w- c:\windows\system32\drivers\mfesmfk.sys 2007-08-16 19:55:40 35240 ----a-w- c:\windows\system32\drivers\mfebopk.sys 2007-08-16 19:55:40 201288 ----a-w- c:\windows\system32\drivers\mfehidk.sys 2007-08-16 19:55:36 125728 ----a-w- c:\windows\system32\drivers\Mpfp.sys 2007-08-16 19:55:17 -------- d-----w- c:\program files\McAfee.com 2007-08-16 19:55:15 -------- d-----w- c:\program files\common files\McAfee 2007-08-16 19:55:14 -------- d-----w- c:\program files\McAfee 2007-08-16 19:54:30 -------- d-----w- c:\program files\Intuit 2007-08-16 19:46:06 69632 ----a-w- c:\windows\system32\TosOlkN.dll 2007-08-16 19:46:06 40960 ----a-w- c:\windows\system32\ToscmddN.dll 2007-08-16 19:46:06 24576 ----a-w- c:\windows\system32\TosusrpN.dll 2007-08-16 19:46:06 102400 ----a-w- c:\windows\system32\Tossps.scr 2007-08-16 19:45:55 77824 ----a-r- c:\program files\common files\installshield\engine\6\intel 32\ctor.dll 2007-08-16 19:45:55 32768 ----a-r- c:\program files\common files\installshield\engine\6\intel 32\objectps.dll 2007-08-16 19:45:55 225280 ----a-r- c:\program files\common files\installshield\iscript\iscript.dll 2007-08-16 19:45:55 176128 ----a-r- c:\program files\common files\installshield\engine\6\intel 32\iuser.dll 2007-08-16 19:45:54 614532 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\IKernel.exe 2007-08-16 19:44:41 -------- d-----w- C:\TOSHIBA 2007-08-16 19:44:39 733184 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\iKernel.dll 2007-08-16 19:44:39 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\ctor.dll 2007-08-16 19:44:39 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\DotNetInstaller.exe 2007-08-16 19:44:39 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll 2007-08-16 19:44:39 303236 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\setup.dll 2007-08-16 19:44:39 266240 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\iscript.dll 2007-08-16 19:44:39 180356 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\iGdi.dll 2007-08-16 19:44:39 172032 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\iuser.dll 2007-08-16 19:43:31 -------- d-----w- c:\program files\Toshiba Registration 2007-08-16 19:43:27 -------- d-----w- c:\windows\Downloaded Installations 2007-08-16 19:42:32 -------- d-----w- c:\programdata\XP 2007-08-16 19:42:32 -------- d-----w- c:\programdata\Vista64 2007-08-16 19:40:49 -------- d-----w- c:\program files\common files\Toshiba Shared 2007-08-16 19:39:55 285184 ----a-w- c:\windows\system32\drivers\tos_sps32.sys 2007-08-16 19:35:44 114688 ----a-w- c:\windows\system32\TODDSrv.exe 2007-08-16 19:27:43 36864 ----a-w- c:\windows\system32\HWS_Ctrl.dll 2007-08-16 19:27:43 24576 ----a-w- c:\windows\system32\TSBWLS.dll 2007-08-16 19:19:05 446464 ----a-w- c:\windows\system32\TOSCDSPD.cpl 2007-08-16 19:18:23 77824 ----a-w- c:\windows\system32\tosmreg.exe 2007-08-16 19:18:23 491520 ----a-w- c:\windows\system32\cselect.exe 2007-08-16 19:18:23 45056 ----a-w- c:\windows\system32\csellang.dll 2007-08-16 19:18:23 -------- d-----w- c:\program files\ltmoh 2007-08-16 19:17:58 -------- d-----w- c:\windows\Options 2007-08-16 19:16:50 -------- d-----w- c:\windows\system32\SDA 2007-08-16 19:15:14 -------- d-----w- c:\windows\tiinst 2007-08-16 19:08:31 81408 ----a-w- c:\windows\system32\drivers\Rtlh86.sys 2007-08-16 19:08:31 -------- d-----w- c:\program files\Realtek 2007-08-16 19:04:22 -------- d-----w- c:\program files\Toshiba 2007-08-16 19:03:46 82432 ----a-w- c:\windows\system32\drivers\sdbus.sys 2007-08-16 19:03:46 13312 ----a-w- c:\windows\system32\drivers\sffdisk.sys 2007-08-16 19:03:46 12800 ----a-w- c:\windows\system32\drivers\sffp_sd.sys 2007-08-16 18:57:17 8704 ----a-w- c:\windows\system32\hccoin.dll 2007-08-16 18:57:17 73216 ----a-w- c:\windows\system32\drivers\usbccgp.sys 2007-08-16 18:57:17 5888 ----a-w- c:\windows\system32\drivers\usbd.sys 2007-08-16 18:57:17 38400 ----a-w- c:\windows\system32\drivers\usbehci.sys 2007-08-16 18:57:17 223744 ----a-w- c:\windows\system32\drivers\usbport.sys 2007-08-16 18:57:17 19456 ----a-w- c:\windows\system32\drivers\usbohci.sys 2007-08-16 18:57:17 192000 ----a-w- c:\windows\system32\drivers\usbhub.sys 2007-08-16 18:55:36 53760 ----a-w- c:\windows\system32\drivers\hdaudbus.sys 2007-08-16 18:42:08 4153344 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll 2007-08-16 18:42:08 1686016 ----a-w- c:\windows\system32\gameux.dll 2007-08-16 18:40:56 1419232 ----a-w- c:\windows\system32\WdfCoinstaller01005.dll 2007-08-16 18:38:14 -------- d-----w- c:\windows\Panther 2007-08-16 18:37:59 -------- d-sh--w- C:\Boot 2007-08-16 18:36:51 479488 ----a-w- c:\windows\system32\drivers\kr3npxp.sys 2007-08-16 18:36:17 211072 ----a-w- c:\windows\system32\drivers\KR10N.sys 2007-08-16 18:35:42 219264 ----a-w- c:\windows\system32\drivers\KR10I.sys 2007-08-16 18:35:28 67584 ----a-w- c:\windows\system32\wlanhlp.dll 2007-08-16 18:35:28 502784 ----a-w- c:\windows\system32\wlansvc.dll 2007-08-16 18:35:28 47104 ----a-w- c:\windows\system32\wlanapi.dll 2007-08-16 18:35:28 297984 ----a-w- c:\windows\system32\wlansec.dll 2007-08-16 18:35:28 290816 ----a-w- c:\windows\system32\wlanmsm.dll 2007-08-16 18:32:56 36864 ----a-w- c:\windows\system32\wmdmps.dll 2007-08-16 18:32:56 31744 ----a-w- c:\windows\system32\wmdmlog.dll 2007-08-16 18:32:56 311296 ----a-w- c:\windows\system32\mswmdm.dll 2007-08-16 18:31:58 974336 ----a-w- c:\windows\system32\crypt32.dll 2007-08-16 18:28:09 5120 ----a-w- c:\windows\system32\wmi.dll 2007-08-16 18:28:09 152576 ----a-w- c:\windows\system32\imagehlp.dll 2007-08-16 18:28:09 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2007-08-16 18:27:11 2048 ----a-w- c:\windows\system32\wertargets.wtl 2007-08-16 18:20:16 104448 ----a-w- c:\windows\system32\DWWIN.EXE 2007-08-16 18:18:49 503480 ----a-w- c:\windows\system32\drivers\ndis.sys 2007-08-16 18:17:55 49664 ----a-w- c:\windows\system32\csrsrv.dll 2007-08-16 18:17:54 376320 ----a-w- c:\windows\system32\winsrv.dll 2007-08-16 18:11:50 229888 ----a-w- c:\windows\system32\msshsq.dll 2007-08-16 18:05:32 80896 ----a-w- c:\windows\system32\MSNP.ax 2007-08-16 18:05:32 68608 ----a-w- c:\windows\system32\Mpeg2Data.ax 2007-08-16 18:05:32 57856 ----a-w- c:\windows\system32\MSDvbNP.ax 2007-08-16 18:05:32 292352 ----a-w- c:\windows\system32\psisdecd.dll 2007-08-16 18:05:32 218624 ----a-w- c:\windows\system32\psisrndr.ax 2007-08-16 18:03:29 414208 ----a-w- c:\windows\system32\msscp.dll 2007-08-16 17:55:59 -------- d-----w- c:\program files\MSXML 4.0 2007-08-16 17:55:56 -------- d-sh--w- c:\windows\Installer 2007-08-16 17:55:21 633856 ----a-w- c:\windows\system32\user32.dll 2007-08-16 17:55:21 2026496 ----a-w- c:\windows\system32\win32k.sys 2007-08-16 17:52:33 -------- d-----w- c:\windows\Driver Cache 2007-07-14 07:01:30 2771968 ----a-w- c:\windows\system32\drivers\atikmdag.sys 2007-07-14 06:52:12 344064 ----a-w- c:\windows\system32\ATIDEMGX.dll 2007-07-14 06:52:00 159744 ----a-w- c:\windows\system32\atitmmxx.dll 2007-07-14 06:51:50 262144 ----a-w- c:\windows\system32\atipdlxx.dll 2007-07-14 06:51:40 237568 ----a-w- c:\windows\system32\Oemdspif.dll 2007-07-14 06:51:30 43520 ----a-w- c:\windows\system32\ati2edxx.dll 2007-07-14 06:51:22 241664 ----a-w- c:\windows\system32\Ati2evxx.dll 2007-07-14 06:50:18 606208 ----a-w- c:\windows\system32\Ati2evxx.exe 2007-07-14 06:48:12 8118272 ----a-w- c:\windows\system32\atioglxx.dll 2007-07-14 06:41:12 2884096 ----a-w- c:\windows\system32\atiumdag.dll 2007-07-14 06:29:20 3788288 ----a-w- c:\windows\system32\atiumdva.dll 2007-07-14 06:09:44 49152 ----a-w- c:\windows\system32\drivers\ati2erec.dll 2007-06-21 22:48:52 972128 ----a-w- c:\program files\common files\microsoft shared\textconv\wkcvqd01.dll 2007-06-20 22:04:52 279904 ----a-w- c:\program files\common files\microsoft shared\textconv\WKLS31.DLL 2007-06-20 22:04:52 161120 ----a-w- c:\program files\common files\microsoft shared\textconv\wkcvqr01.dll 2007-06-09 02:32:00 58704 ----a-r- c:\program files\common files\microsoft shared\works shared\msthes3.dll 2007-06-09 02:31:58 92944 ----a-r- c:\program files\common files\microsoft shared\works shared\msspell3.dll 2007-06-09 02:31:58 3175760 ----a-r- c:\program files\common files\microsoft shared\works shared\1033\msgr3en.dll 2007-06-08 08:30:54 230760 ----a-w- c:\program files\common files\microsoft shared\information retrieval\msitss.dll 2007-06-08 08:30:54 197992 ----a-w- c:\program files\common files\microsoft shared\information retrieval\itircl54.dll 2007-06-05 08:30:46 41296 ----a-r- c:\windows\system32\hlp95en.dll 2007-06-02 09:04:04 1398128 ----a-w- c:\program files\common files\microsoft shared\works shared\1033\MSGR3GE.DLL 2007-05-22 23:46:52 167936 ----a-w- c:\windows\system32\TosBtAPI.dll 2007-05-15 21:58:50 110592 ----a-w- c:\windows\system32\TosBtSDDB.dll 2007-05-15 21:28:00 282624 ----a-w- c:\windows\system32\LCWizard.dll 2007-04-12 18:52:28 102400 ----a-w- c:\windows\system32\TosBdAPI.dll 2007-04-10 17:47:46 131072 ----a-w- c:\windows\system32\TosAvdtAPI.dll 2007-03-30 01:08:00 1884160 ----a-w- c:\windows\system32\TosBtExt.dll 2007-03-22 17:03:48 14656 ----a-r- c:\program files\common files\microsoft shared\textconv\WPEQU532.DLL 2007-03-22 17:03:48 117552 ----a-r- c:\program files\common files\microsoft shared\textconv\msconv97.dll 2007-03-16 06:46:08 16874888 ----a-w- c:\program files\common files\microsoft shared\office12\MSO.DLL 2007-03-11 01:47:36 348160 ----a-r- c:\program files\common files\microsoft shared\textconv\msvcr71.dll 2007-02-28 22:20:04 53248 ----a-w- c:\windows\system32\TosBTHFPAPI.dll 2007-02-28 01:53:44 491520 ----a-w- c:\windows\system32\TosSndPlug.dll 2007-02-02 18:41:14 36864 ----a-w- c:\windows\system32\SDDEVMGR.dll 2007-01-24 21:44:06 290304 ----a-w- c:\windows\system32\drivers\tifm21.sys 2007-01-22 22:17:28 569344 ----a-w- c:\windows\system32\tosBtShell.dll 2007-01-17 16:53:40 61440 ----a-w- c:\windows\system32\TosSndAPI.dll 2007-01-09 21:22:28 50752 ----a-w- c:\windows\agrsmdel.exe 2007-01-03 11:11:42 -------- d-----w- c:\program files\StartNow Toolbar 2007-01-03 10:47:50 23624 ----a-w- c:\windows\system32\drivers\hitmanpro36.sys 2007-01-03 10:47:48 -------- d-----w- c:\program files\HitmanPro 2007-01-03 10:47:18 -------- d-----w- c:\programdata\HitmanPro 2007-01-03 10:06:40 2421760 ----a-w- c:\windows\system32\wucltux.dll 2007-01-03 10:05:19 87552 ----a-w- c:\windows\system32\wudriver.dll 2007-01-03 10:04:32 33792 ----a-w- c:\windows\system32\wuapp.exe 2007-01-03 10:04:32 171608 ----a-w- c:\windows\system32\wuwebv.dll 2006-12-22 06:33:58 90112 ----a-w- c:\windows\system32\LocalCOM.cpl 2006-12-12 18:13:20 32768 ----a-w- c:\windows\system32\EBLib.DLL 2006-12-08 18:05:02 167936 ----a-w- c:\windows\system32\TBTMon.dll 2006-12-08 02:29:30 6536992 ----a-w- c:\program files\common files\microsoft shared\office12\office setup controller\OSETUP.DLL 2006-12-05 20:05:04 114688 ----a-w- c:\windows\system32\TosBtAcc.dll 2006-12-04 22:58:40 94208 ----a-w- c:\windows\system32\tbtmon98Language.dll . ==================== Find3M ==================== . 2011-12-28 17:02:21 319456 ----a-w- c:\windows\DIFxAPI.dll 2011-12-28 17:02:04 315392 ----a-w- c:\windows\HideWin.exe 2007-08-16 18:52:53 1383424 ----a-w- c:\windows\system32\mshtml.tlb 2007-08-16 18:52:50 822784 ----a-w- c:\windows\system32\wininet.dll 2007-08-16 18:52:49 56320 ----a-w- c:\windows\system32\iesetup.dll 2007-08-16 18:52:49 26624 ----a-w- c:\windows\system32\ieUnatt.exe 2007-08-16 18:52:48 1824768 ----a-w- c:\windows\system32\inetcpl.cpl 2007-08-16 18:52:47 52736 ----a-w- c:\windows\apppatch\iebrshim.dll 2007-08-16 18:42:09 449024 ----a-w- c:\windows\apppatch\AcSpecfc.dll 2007-08-16 18:42:09 2560 ----a-w- c:\windows\apppatch\AcRes.dll 2007-08-16 18:42:08 537600 ----a-w- c:\windows\apppatch\AcLayers.dll 2007-08-16 18:42:08 2143744 ----a-w- c:\windows\apppatch\AcGenral.dll 2007-08-16 18:42:08 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll 2007-08-16 18:17:03 160872 ----a-w- c:\windows\system32\halmacpi.dll 2007-08-16 18:17:03 134760 ----a-w- c:\windows\system32\halacpi.dll 2007-08-16 17:58:51 87040 ----a-w- c:\windows\system32\msoert2.dll 2007-08-16 17:58:51 84480 ----a-w- c:\windows\system32\INETRES.dll 2007-08-16 17:58:51 737792 ----a-w- c:\windows\system32\inetcomm.dll 2007-08-16 17:58:51 39424 ----a-w- c:\windows\system32\ACCTRES.dll 2007-08-16 17:58:51 205824 ----a-w- c:\windows\system32\msoeacct.dll 2007-07-19 18:32:40 1841312 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys 2007-07-17 15:34:28 2048000 ----a-w- c:\windows\system32\RtkAPO.dll 2007-07-07 10:06:52 4669440 ----a-w- c:\windows\RtHDVCpl.exe 2007-07-07 10:04:14 532480 ----a-w- c:\windows\system32\RTSndMgr.cpl 2007-07-07 09:27:32 17408 ----a-w- c:\windows\system32\RtkCoInst.dll 2007-06-26 15:46:00 126976 ----a-w- c:\windows\system32\maxxaudioapo.dll 2007-06-16 15:45:50 1826816 ----a-w- c:\windows\SkyTel.exe 2007-05-31 16:23:12 563712 ----a-w- c:\windows\system32\RtkPgExt.dll 2007-05-18 10:26:20 185776 ----a-w- c:\windows\system32\SRSTSHD.dll 2007-04-17 16:09:06 167936 ----a-w- c:\windows\system32\SRSHP360.dll 2007-04-14 07:08:06 135168 ----a-w- c:\windows\system32\SRSWOW.dll 2007-03-24 14:34:40 266240 ----a-w- c:\windows\system32\RtkApoApi.dll 2007-01-17 09:39:36 1191936 ----a-w- c:\windows\RtlUpd.exe 2007-01-13 15:54:44 520192 ----a-w- c:\windows\RtlExUpd.dll 2006-12-14 09:30:06 339968 ----a-w- c:\windows\system32\SRSTSXT.dll 2006-12-02 02:47:12 94208 ----a-w- c:\windows\system32\TosBtHcrpAPI.dll 2006-11-28 22:11:00 1161888 ----a-w- c:\windows\system32\drivers\AGRSM.sys 2006-11-04 21:14:00 1245696 ----a-w- c:\windows\system32\msxml4.dll 2006-11-04 21:10:08 82432 ----a-w- c:\windows\system32\msxml4r.dll 2006-11-02 12:40:56 4096 ----a-w- c:\windows\system32\drivers\en-us\ntrigdigi.sys.mui 2006-11-02 12:36:31 68096 ----a-w- c:\windows\system32\DFDWiz.exe 2006-11-02 12:35:59 95232 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll 2006-11-02 12:34:50 7168 ----a-w- c:\windows\system32\getuname.dll 2006-11-02 09:52:02 902248 ----a-w- c:\windows\system32\winresume.exe 2006-11-02 09:52:01 940648 ----a-w- c:\windows\system32\winload.exe 2006-11-02 09:50:59 140392 ----a-w- c:\windows\system32\drivers\scsiport.sys 2006-11-02 09:49:59 56936 ----a-w- c:\windows\system32\drivers\UAGP35.SYS 2006-11-02 09:47:26 1162656 ----a-w- c:\windows\system32\ntdll.dll 2006-11-02 09:47:18 228968 ----a-w- c:\windows\system32\rsaenh.dll 2006-11-02 09:47:18 165992 ----a-w- c:\windows\system32\dssenh.dll 2006-11-02 09:47:18 121960 ----a-w- c:\windows\system32\basecsp.dll 2006-11-02 09:47:04 991232 ----a-w- c:\windows\system32\Narrator.exe 2006-11-02 09:47:03 98816 ----a-w- c:\windows\system32\NAPHLPR.DLL 2006-11-02 09:47:03 39936 ----a-w- c:\windows\system32\NAPCRYPT.DLL 2006-11-02 09:45:59 624128 ----a-w- c:\windows\system32\wbem\WMIC.exe 2006-11-02 09:44:59 84992 ----a-w- c:\windows\system32\colorcpl.exe 2006-11-02 09:43:27 7680 ----a-w- c:\windows\system32\spwizres.dll 2006-11-02 09:43:27 5963264 ----a-w- c:\windows\system32\spwizimg.dll 2006-11-02 09:43:10 57344 ----a-w- c:\windows\system32\nlsbres.dll 2006-11-02 09:43:08 5120 ----a-w- c:\windows\system32\security.dll 2006-11-02 09:43:00 2560 ----a-w- c:\windows\system32\rnr20.dll 2006-11-02 09:42:53 107520 ----a-w- c:\windows\system32\RDPENCDD.dll 2006-11-02 09:42:44 17408 ----a-w- c:\windows\system32\prflbmsg.dll 2006-11-02 09:42:17 229376 ----a-w- c:\windows\system32\odbcint.dll 2006-11-02 09:41:17 2048 ----a-w- c:\windows\system32\netmsg.dll 2006-11-02 09:41:16 2048 ----a-w- c:\windows\system32\neth.dll 2006-11-02 09:41:16 15360 ----a-w- c:\windows\system32\netevent.dll 2006-11-02 09:41:09 2048 ----a-w- c:\windows\system32\msxml6r.dll 2006-11-02 09:41:09 2048 ----a-w- c:\windows\system32\msxml3r.dll 2006-11-02 09:41:08 61440 ----a-w- c:\windows\system32\msvcrt40.dll 2006-11-02 09:41:03 58368 ----a-w- c:\windows\system32\msobjs.dll 2006-11-02 09:40:18 7168 ----a-w- c:\windows\system32\msctfime.ime 2006-11-02 09:40:16 3072 ----a-w- c:\windows\system32\msafd.dll 2006-11-02 09:40:16 145920 ----a-w- c:\windows\system32\msaudite.dll 2006-11-02 09:23:19 93184 ----a-w- c:\windows\system32\drivers\bridge.sys 2006-11-02 09:20:50 130048 ----a-w- c:\windows\system32\drivers\drmk.sys 2006-11-02 09:14:58 18944 ----a-w- c:\windows\system32\drivers\usbprint.sys 2006-11-02 09:13:00 444928 ----a-w- c:\windows\system32\html.iec 2006-11-02 09:04:35 878080 ----a-w- c:\windows\system32\drivers\PEAuth.sys 2006-11-02 09:03:41 3072 ----a-w- c:\windows\system32\dpnlobby.dll 2006-11-02 09:03:41 3072 ----a-w- c:\windows\system32\dpnaddr.dll 2006-11-02 09:03:00 242688 ----a-w- c:\windows\system32\drivers\rdpdr.sys 2006-11-02 09:02:21 124416 ----a-w- c:\windows\system32\rdpdd.dll 2006-11-02 09:02:15 160256 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2006-11-02 09:02:07 23552 ----a-w- c:\windows\system32\drivers\tssecsrv.sys 2006-11-02 09:02:02 14336 ----a-w- c:\windows\system32\tsddd.dll 2006-11-02 09:02:01 6144 ----a-w- c:\windows\system32\drivers\RDPENCDD.sys 2006-11-02 09:02:01 6144 ----a-w- c:\windows\system32\drivers\RDPCDD.sys 2006-11-02 09:02:01 28672 ----a-w- c:\windows\system32\drivers\tdtcp.sys 2006-11-02 09:02:01 17920 ----a-w- c:\windows\system32\drivers\tdpipe.sys 2006-11-02 08:57:48 32768 ----a-w- c:\windows\system32\drivers\RNDISMP.sys 2006-11-02 08:56:49 60416 ----a-w- c:\windows\system32\drivers\rspndr.sys 2006-11-02 08:56:49 47104 ----a-w- c:\windows\system32\drivers\lltdio.sys 2006-11-02 08:56:34 63488 ----a-w- c:\windows\system32\drivers\mpsdrv.sys 2006-11-02 08:54:59 5632 ----a-w- c:\windows\system32\drivers\drmkaud.sys 2006-11-02 08:54:52 82560 ----a-w- c:\windows\system32\drivers\WUDFRd.sys 2006-11-02 08:54:38 51712 ----a-w- c:\windows\system32\drivers\WUDFPf.sys 2006-11-02 08:54:08 109056 ----a-w- c:\windows\system32\drivers\videoprt.sys 2006-11-02 08:54:05 41984 ----a-w- c:\windows\system32\drivers\monitor.sys 2006-11-02 08:54:01 56320 ----a-w- c:\windows\system32\vga256.dll . ============= FINISH: 7:43:37.26 =============== attach txt . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft® Windows Vista™ Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 12/28/2011 11:39:24 AM System Uptime: 1/3/2007 6:24:48 AM (1 hours ago) . Motherboard: TOSHIBA | | JASAA Processor: AMD Turion 64 X2 Mobile Technology TL-58 | Socket M2/S1G1 | 1900/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 148 GiB total, 132.733 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP100: 1/3/2007 5:04:11 AM - Windows Update . ==== Installed Programs ====================== . Activation Assistant for the 2007 Microsoft Office suites Adobe Reader 8.1.0 Atheros Driver Installation Program ATI Catalyst Install Manager Bluetooth Stack for Windows by Toshiba Catalyst Control Center - Branding Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Vista Catalyst Control Center Localization Chinese Standard Catalyst Control Center Localization Chinese Traditional Catalyst Control Center Localization Czech Catalyst Control Center Localization Danish Catalyst Control Center Localization Dutch Catalyst Control Center Localization Finnish Catalyst Control Center Localization French Catalyst Control Center Localization German Catalyst Control Center Localization Greek Catalyst Control Center Localization Hungarian Catalyst Control Center Localization Italian Catalyst Control Center Localization Japanese Catalyst Control Center Localization Korean Catalyst Control Center Localization Norwegian Catalyst Control Center Localization Polish Catalyst Control Center Localization Portuguese Catalyst Control Center Localization Russian Catalyst Control Center Localization Spanish Catalyst Control Center Localization Swedish Catalyst Control Center Localization Thai Catalyst Control Center Localization Turkish ccc-core-static ccc-utility CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CD/DVD Drive Acoustic Silencer Compatibility Pack for the 2007 Office system DVD MovieFactory for TOSHIBA Google Desktop Google Toolbar for Internet Explorer Google Update Helper HitmanPro 3.6 Java SE Runtime Environment 6 McAfee SecurityCenter Microsoft Office Excel MUI (English) 2007 Microsoft Office Home and Student 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Visual C++ 2005 Redistributable Microsoft Works Microsoft XML Parser MSXML 4.0 SP2 (KB927978) Napster Napster Burn Engine Picasa 2 QuickBooks Financial Center Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista Realtek High Definition Audio Driver Skins StartNow Toolbar Synaptics Pointing Device Driver Texas Instruments PCIxx21/x515/xx12 drivers. TIPCI TOSHIBA Assist TOSHIBA ConfigFree TOSHIBA Disc Creator TOSHIBA DVD PLAYER TOSHIBA Extended Tiles for Windows Mobility Center TOSHIBA Flash Cards Support Utility TOSHIBA Games TOSHIBA Hardware Setup Toshiba Registration TOSHIBA SD Memory Utilities TOSHIBA Software Modem TOSHIBA Software Upgrades TOSHIBA Speech System Applications TOSHIBA Speech System SR Engine(U.S.) Version1.0 TOSHIBA Speech System TTS Engine(U.S.) Version1.0 TOSHIBA Supervisor Password TOSHIBA Value Added Package Update for Office 2007 (KB934528) Update for Office System 2007 Setup (KB929722) Utility Common Driver Windows Media Encoder 9 Series . ==== Event Viewer Messages From Past Week ======== . 12/28/2011 12:13:02 PM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 12/28/2011 12:11:03 PM, Error: ACPI [6] - IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 5, function 0. Please contact your system vendor for technical assistance. 12/28/2011 12:11:02 PM, Error: ACPI [6] - IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 7, function 0. Please contact your system vendor for technical assistance. 1/3/2007 6:48:59 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {4991D34B-80A1-4291-83B6-3328366B9097} to the user Mary-PC\Mary SID (S-1-5-21-3827888315-660581099-1841583290-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 1/3/2007 6:41:00 AM, Error: Microsoft-Windows-Time-Service [34] - The time service has detected that the system time needs to be changed by +157526211 seconds. The time service will not change the system time by more than +54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->65.55.21.15:123) is working properly. 1/3/2007 6:25:06 AM, Error: EventLog [6008] - The previous system shutdown at 6:23:56 AM on 1/3/2007 was unexpected. 1/3/2007 6:10:13 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNASvc with arguments "" in order to run the server: {24F616A1-B755-4053-8018-C3425DC8B68A} 1/3/2007 6:07:01 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: mfehidk spldr Wanarpv6 1/3/2007 6:07:01 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 1/3/2007 6:06:04 AM, Error: EventLog [6008] - The previous system shutdown at 6:03:54 AM on 1/3/2007 was unexpected. 1/3/2007 6:02:42 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 1/3/2007 6:02:42 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 1/3/2007 6:02:40 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF} 1/3/2007 6:02:38 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 1/3/2007 6:02:31 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 1/3/2007 6:01:09 AM, Error: Microsoft-Windows-Kernel-WHEA [10] - Machine Check Event reported is a fatal Bus or Interconnect error. Memory Hierarchy Level: 2 Participation: 3 Request Type: 12 Memory/IO: 1 Address: 0 1/3/2007 5:08:00 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-en-us-LP from package WUClient-SelfUpdate-Aux-Package-en-us-MiniLP(Feature Pack) into Staged(Staged) state 1/3/2007 5:08:00 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update AuxResourcesLP from package WindowsUpdateClient-SelfUpdate-Aux-Package(Language Pack) into Staged(Staged) state 1/3/2007 5:08:00 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update Aux from package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package_en-US(Language Pack) into Staged(Staged) state 1/3/2007 5:08:00 AM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WUClient-SelfUpdate-Aux-Package-en-us-MiniLP (Feature Pack) into Install Requested(Install Requested) state 1/3/2007 5:08:00 AM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-Package (Language Pack) into Install Requested(Install Requested) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-zh-tw-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-zh-hk-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-zh-cn-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-uk-ua-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-tr-tr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-th-th-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-sv-se-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-sr-latn-cs-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-sl-si-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-sk-sk-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ru-ru-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ro-ro-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-pt-pt-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-pt-br-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ps-ps-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-pl-pl-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-nl-nl-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-Neutral from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-nb-no-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-lv-lv-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-lt-lt-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ko-kr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ja-jp-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-it-it-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-hu-hu-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-hr-hr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-he-il-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-fr-fr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-fi-fi-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-et-ee-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-es-es-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-en-us-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-el-gr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-de-de-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-da-dk-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-cs-cz-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-bg-bg-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ar-sa-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update AuxComp from package WindowsUpdateClient-SelfUpdate-Aux-Package(Update) into Staged(Staged) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update Aux from package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package(Update) into Staged(Staged) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-Package (Update) into Install Requested(Install Requested) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package_en-US (Language Pack) into Install Requested(Install Requested) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package (Update) into Install Requested(Install Requested) state 1/3/2007 5:07:59 AM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KBWUClient-SelfUpdate-Aux (Feature Pack) into Install Requested(Install Requested) state 1/3/2007 5:03:41 AM, Error: Microsoft-Windows-Time-Service [34] - The time service has detected that the system time needs to be changed by +157526208 seconds. The time service will not change the system time by more than +54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->65.55.21.15:123) is working properly. 1/3/2007 4:58:00 AM, Error: Microsoft-Windows-Kernel-WHEA [10] - Machine Check Event reported is a fatal Bus or Interconnect error. Memory Hierarchy Level: 2 Participation: 3 Request Type: 15 Memory/IO: 3 Address: 0 1/1/2007 7:42:39 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "109" attempting to start the service McMSCSvc with arguments "" in order to run the server: {03082469-BA75-44A5-89CB-D187F313E572} 1/1/2007 7:41:32 PM, Error: Microsoft-Windows-Kernel-WHEA [10] - Machine Check Event reported is a fatal Bus or Interconnect error. Memory Hierarchy Level: 3 Participation: 3 Request Type: 14 Memory/IO: 1 Address: 0 1/1/2007 12:02:51 AM, Error: Microsoft-Windows-Kernel-WHEA [10] - Machine Check Event reported is a fatal Bus or Interconnect error. Memory Hierarchy Level: 3 Participation: 3 Request Type: 15 Memory/IO: 1 Address: 0 . ==== End Of File =========================== MERGED Post