Buddahass Posted June 7, 2013 ID:688252 Share Posted June 7, 2013 Despite its effects on Chrome, I realized this wasn't just any unsolicited, run of the mill toolbar, when uninstalling it prompted a response stating ( in so many words) the Administrator has chosen settings to keep it. Any help to do otherwise would be greatly appreciated.DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 7.0.6001.18639Run by mafineart at 13:11:40 on 2013-06-05Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.894.148 [GMT -7:00].AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}.============== Running Processes ================.C:\PROGRA~1\AVG\AVG2013\avgrsx.exeC:\Program Files\AVG\AVG2013\avgcsrvx.exeC:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\nvvsvc.exeC:\Windows\system32\SLsvc.exeC:\Program Files\NVIDIA Corporation\Display\nvxdsync.exeC:\Windows\system32\nvvsvc.exeC:\Windows\System32\spoolsv.exeC:\Program Files\AVG\AVG2013\avgidsagent.exeC:\Program Files\AVG\AVG2013\avgwdsvc.exec:\Program Files\Common Files\LightScribe\LSSrvc.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Windows\system32\DRIVERS\xaudio.exeC:\Windows\system32\WUDFHost.exeC:\Program Files\AVG\AVG2013\avgnsx.exeC:\Program Files\AVG\AVG2013\avgemcx.exeC:\Windows\system32\Dwm.exeC:\Windows\system32\taskeng.exeC:\Windows\Explorer.EXEC:\hp\support\hpsysdrv.exeC:\hp\KBD\kbd.exeC:\WINDOWS\RtHDVCpl.exeC:\Program Files\HP\HP Software Update\hpwuSchd2.exeC:\Program Files\AVG\AVG2013\avgui.exeC:\Program Files\NVIDIA Corporation\Display\nvtray.exeC:\Program Files\Canon\MyPrinter\BJMYPRT.EXEC:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exeC:\Program Files\Adobe\Photoshop 7.0\Photoshop.exeC:\Windows\System32\wsqmcons.exeC:\Program Files\Windows Mail\WinMail.exeC:\Program Files\AVG\AVG2013\avgcsrvx.exeC:\Windows\system32\wuauclt.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\svchost.exe -k imgsvcC:\Windows\System32\svchost.exe -k WerSvcGroup.============== Pseudo HJT Report ===============.uStart Page = hxxp://google.com/mStart Page = hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10045&barid={27AD4671-CCAA-11E2-9815-001A92405806}mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=71&bd=Pavilion&pf=desktopBHO: Yahoo! Toolbar Helper: {02478D38-C3F9-4EFB-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dllBHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dllBHO: SweetPacks Browser Helper: {EEE6C35C-6118-11DC-9C72-001320C79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dllTB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dllTB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn\yt.dllTB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dlluRun: [HPAdvisor] c:\program files\hewlett-packard\hp advisor\HPAdvisor.exemRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hidemRun: [hpsysdrv] c:\hp\support\hpsysdrv.exemRun: [KBD] c:\hp\kbd\KBD.EXEmRun: [RtHDVCpl] RtHDVCpl.exemRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exemRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLYmRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logonmRun: [CanonSolutionMenuEx] c:\program files\canon\solution menu ex\CNSEMAIN.EXE /logonmRunOnce: [Launcher] c:\windows\sminst\launcher.exeStartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exemPolicies-System: EnableUIADesktopToggle = dword:0DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabTCP: NameServer = 209.18.47.61 209.18.47.62TCP: Interfaces\{65CB202F-C53A-47EC-A58C-BF660DF2134C} : DHCPNameServer = 209.18.47.61 209.18.47.62LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkgmASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\27.0.1453.94\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome.============= SERVICES / DRIVERS ===============.R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-2-8 60216]R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-2-8 245048]R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-2-8 96568]R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-2-8 39224]R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-3-29 208184]R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-3-1 22328]R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-2-8 170808]R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-3-21 182072]R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-5-14 4937264]R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-4-18 283136]R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-6-4 418376]R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-6-4 22856]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-6-4 701512]S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504].=============== Created Last 30 ================.2013-06-04 21:13:33 -------- d-----w- c:\users\mafineart\appdata\roaming\Malwarebytes2013-06-04 21:13:25 -------- d-----w- c:\programdata\Malwarebytes2013-06-04 21:13:18 22856 ----a-w- c:\windows\system32\drivers\mbam.sys2013-06-04 21:13:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2013-06-04 00:06:46 306688 ----a-w- c:\windows\IsUninst.exe2013-06-04 00:03:53 -------- d-----w- c:\program files\SweetIM2013-06-04 00:03:31 -------- d-----w- c:\users\mafineart\appdata\local\ExtractNow2013-06-04 00:03:31 -------- d-----w- c:\program files\ExtractNow2013-06-03 20:47:44 -------- d-----w- C:\AdobeTemp2013-05-31 23:27:08 231936 ----a-w- c:\windows\system32\msshsq.dll2013-05-31 20:59:10 -------- d-----w- c:\users\mafineart\appdata\roaming\uTorrent2013-05-31 10:30:30 80896 ----a-w- c:\windows\system32\MSNP.ax2013-05-31 10:30:23 293376 ----a-w- c:\windows\system32\psisdecd.dll2013-05-31 10:30:22 217088 ----a-w- c:\windows\system32\psisrndr.ax2013-05-31 10:21:10 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll2013-05-31 10:21:10 295264 ----a-w- c:\windows\system32\PresentationHost.exe2013-05-31 10:21:09 49472 ----a-w- c:\windows\system32\netfxperf.dll2013-05-31 10:21:09 297808 ----a-w- c:\windows\system32\mscoree.dll2013-05-31 10:21:09 1130824 ----a-w- c:\windows\system32\dfshim.dll2013-05-31 10:08:09 2048 ----a-w- c:\windows\system32\winrsmgr.dll2013-05-31 10:03:59 1181696 ----a-w- c:\windows\system32\WsmSvc.dll2013-05-30 23:44:24 49152 ----a-w- c:\windows\system32\csrsrv.dll2013-05-30 23:44:24 375808 ----a-w- c:\windows\system32\winsrv.dll2013-05-30 23:43:57 168960 ----a-w- c:\program files\windows media player\wmplayer.exe2013-05-30 23:43:52 8147456 ----a-w- c:\windows\system32\wmploc.DLL2013-05-30 23:42:27 125952 ----a-w- c:\windows\system32\srvsvc.dll2013-05-30 23:42:26 17920 ----a-w- c:\windows\system32\netevent.dll2013-05-30 23:42:05 501760 ----a-w- c:\windows\system32\usp10.dll2013-05-30 23:40:58 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll2013-05-30 23:39:54 304640 ----a-w- c:\windows\system32\drivers\srv.sys2013-05-30 23:39:47 213504 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys2013-05-30 23:39:44 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys2013-05-30 23:39:44 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys2013-05-30 23:39:32 86528 ----a-w- c:\windows\system32\dnsrslvr.dll2013-05-30 23:39:32 25088 ----a-w- c:\windows\system32\dnscacheugc.exe2013-05-30 23:39:21 67072 ----a-w- c:\windows\system32\asycfilt.dll2013-05-30 23:39:07 1315840 ----a-w- c:\windows\system32\ole32.dll2013-05-30 23:39:06 339968 ----a-w- c:\program files\windows nt\accessories\wordpad.exe2013-05-30 23:39:00 126464 ----a-w- c:\windows\system32\spoolsv.exe2013-05-30 23:38:57 157184 ----a-w- c:\windows\system32\t2embed.dll2013-05-30 23:38:49 2042368 ----a-w- c:\windows\system32\win32k.sys2013-05-30 23:38:35 273408 ----a-w- c:\windows\system32\drivers\afd.sys2013-05-30 23:37:47 269312 ----a-w- c:\windows\system32\es.dll2013-05-30 23:37:36 1169408 ----a-w- c:\windows\system32\sdclt.exe2013-05-30 23:37:11 10926592 ----a-w- c:\program files\movie maker\MOVIEMK.dll2013-05-30 23:37:09 150016 ----a-w- c:\program files\movie maker\MOVIEMK.exe2013-05-30 23:37:07 146432 ----a-w- c:\windows\system32\drivers\srv2.sys2013-05-30 23:37:06 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys2013-05-30 23:37:04 766464 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll2013-05-30 23:36:55 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL2013-05-30 23:36:47 430080 ----a-w- c:\windows\system32\vbscript.dll2013-05-30 23:36:29 563200 ----a-w- c:\windows\system32\oleaut32.dll2013-05-30 23:36:21 954752 ----a-w- c:\windows\system32\mfc40.dll2013-05-30 23:36:20 954288 ----a-w- c:\windows\system32\mfc40u.dll2013-05-30 23:36:04 36352 ----a-w- c:\windows\system32\rtutils.dll2013-05-30 23:35:30 28672 ----a-w- c:\windows\system32\Apphlpdm.dll2013-05-30 23:35:22 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll2013-05-30 23:35:13 866816 ----a-w- c:\windows\system32\wmpmde.dll2013-05-30 23:35:10 429056 ----a-w- c:\windows\system32\EncDec.dll2013-05-30 23:35:09 323072 ----a-w- c:\windows\system32\sbe.dll2013-05-30 23:35:09 177664 ----a-w- c:\windows\system32\mpg2splt.ax2013-05-30 23:35:09 153088 ----a-w- c:\windows\system32\sbeio.dll2013-05-30 23:33:48 1314816 ----a-w- c:\windows\system32\quartz.dll2013-05-30 23:33:23 603648 ----a-w- c:\windows\system32\schedsvc.dll2013-05-30 23:33:22 357376 ----a-w- c:\windows\system32\taskschd.dll2013-05-30 23:33:21 345088 ----a-w- c:\windows\system32\wmicmiplugin.dll2013-05-30 23:33:20 270336 ----a-w- c:\windows\system32\taskcomp.dll2013-05-30 23:33:20 171520 ----a-w- c:\windows\system32\taskeng.exe2013-05-30 23:33:15 738816 ----a-w- c:\windows\system32\inetcomm.dll2013-05-30 23:33:08 81920 ----a-w- c:\windows\system32\consent.exe2013-05-30 23:32:53 1257472 ----a-w- c:\windows\system32\msxml3.dll2013-05-30 23:32:47 147456 ----a-w- c:\windows\system32\Faultrep.dll2013-05-30 23:32:47 125952 ----a-w- c:\windows\system32\wersvc.dll2013-05-30 23:32:44 565248 ----a-w- c:\windows\system32\emdmgmt.dll2013-05-30 23:32:43 625152 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys2013-05-30 23:32:43 45056 ----a-w- c:\windows\system32\dataclen.dll2013-05-30 23:32:42 36864 ----a-w- c:\windows\system32\cdd.dll2013-05-30 23:32:42 148480 ----a-w- c:\windows\system32\drivers\nwifi.sys2013-05-30 23:32:36 2048 ----a-w- c:\windows\system32\tzres.dll2013-05-30 23:31:35 90112 ----a-w- c:\windows\system32\wshext.dll2013-05-30 23:31:35 180224 ----a-w- c:\windows\system32\scrobj.dll2013-05-30 23:31:35 172032 ----a-w- c:\windows\system32\scrrun.dll2013-05-30 23:31:35 155648 ----a-w- c:\windows\system32\wscript.exe2013-05-30 23:31:35 135168 ----a-w- c:\windows\system32\wshom.ocx2013-05-30 23:31:35 135168 ----a-w- c:\windows\system32\cscript.exe2013-05-30 23:31:19 2067456 ----a-w- c:\windows\system32\mstscax.dll2013-05-30 23:31:17 677888 ----a-w- c:\windows\system32\mstsc.exe2013-05-30 23:31:09 898952 ----a-w- c:\windows\system32\drivers\tcpip.sys2013-05-30 23:30:56 531968 ----a-w- c:\windows\system32\comctl32.dll2013-05-30 23:18:43 276992 ----a-w- c:\windows\system32\schannel.dll2013-05-30 22:38:22 303104 ----a-w- c:\windows\system32\CNMXLMAN.DLL2013-05-30 22:38:03 -------- d--h--w- c:\programdata\CanonIJFAX2013-05-30 22:36:02 -------- d-----w- c:\program files\common files\CANON2013-05-30 22:35:50 -------- d-----w- c:\programdata\CanonIJWSpt2013-05-30 22:34:30 74752 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\CNMPPAN.DLL2013-05-30 22:34:30 28672 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\CNMPDAN.DLL2013-05-30 22:32:35 315392 ----a-w- c:\windows\system32\CNC880L.dll2013-05-30 22:32:35 1347584 ----a-w- c:\windows\system32\CNC880C.dll2013-05-30 22:32:35 114688 ----a-w- c:\windows\system32\CNC880I.dll2013-05-30 22:32:35 106496 ----a-w- c:\windows\system32\CNC880U.dll2013-05-30 22:32:34 15872 ----a-w- c:\windows\system32\CNHMCA.dll2013-05-30 22:29:51 303104 ----a-w- c:\windows\system32\CNMLMAN.DLL2013-05-30 22:29:08 257024 ----a-w- c:\windows\system32\CNCALAN.DLL2013-05-30 22:29:04 94208 ----a-w- c:\windows\system32\CNC880O.dll2013-05-30 22:29:02 180224 ----a-w- c:\windows\system32\CNMIUAN.DLL2013-05-30 22:28:40 34816 ----a-w- c:\windows\system32\CNMNPUI.DLL2013-05-30 22:28:40 -------- d-----w- c:\windows\system32\STRING2013-05-30 22:26:07 -------- d-----w- c:\program files\Canon2013-05-30 18:05:17 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2013-05-30 18:05:17 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe2013-05-30 15:00:11 -------- d-----w- C:\PerfLogs2013-05-30 14:53:09 98304 ----a-w- c:\windows\RTKAUDIOSERVICE.EXE2013-05-30 14:32:08 47560 ----a-w- c:\windows\system32\SPReview.exe2013-05-30 14:32:07 152576 ----a-w- c:\windows\system32\SPWizUI.dll2013-05-30 14:07:32 193024 ----a-w- c:\windows\system32\recdisc.exe2013-05-30 14:07:30 6656 ----a-w- c:\windows\system32\sdspres.dll2013-05-30 14:07:11 599552 ----a-w- c:\windows\system32\vsp1cln.exe2013-05-30 14:07:08 28160 ----a-w- c:\windows\system32\sxproxy.dll2013-05-30 14:07:07 142336 ----a-w- c:\windows\system32\spp.dll2013-05-30 14:05:59 97792 ----a-w- c:\windows\system32\cryptnet.dll2013-05-30 14:04:59 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll2013-05-30 14:02:40 44032 ----a-w- c:\windows\system32\cbsra.exe2013-05-30 13:57:36 -------- d-----w- C:\2f11ee228e24c198718f2cd1214565592013-05-30 13:09:21 -------- d-----w- c:\windows\CheckSur2013-05-30 12:11:40 -------- d-----w- c:\users\mafineart\New Pics2013-05-30 12:10:32 -------- d-----w- c:\users\mafineart\Gregs Place2013-05-30 12:09:57 -------- d-----w- c:\users\mafineart\JNCASE2013-05-30 11:56:37 -------- d-----w- c:\users\mafineart\Accounts2013-05-30 11:24:40 -------- d-----w- c:\users\mafineart\Images2013-05-30 11:23:19 -------- d-----w- c:\users\mafineart\appdata\local\Adobe2013-05-30 10:34:57 -------- d-----w- C:\System Recovery files2013-05-30 10:19:39 -------- d-----w- c:\users\mafineart\backup files2013-05-30 09:51:15 532480 ----a-w- c:\windows\system32\RTSndMgr.cpl2013-05-30 09:51:14 636416 ----a-w- c:\windows\system32\RtkPgExt.dll2013-05-30 09:51:14 4874240 ----a-w- c:\windows\RtHDVCpl.exe2013-05-30 09:51:14 29696 ----a-w- c:\windows\system32\RtkCoInst.dll2013-05-30 09:51:14 2156544 ----a-w- c:\windows\system32\RtkAPO.dll2013-05-30 09:51:14 2047576 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys2013-05-30 09:51:14 1191936 ----a-w- c:\windows\RtlUpd.exe2013-05-30 09:51:12 315392 ----a-w- c:\windows\HideWin.exe2013-05-30 09:50:54 -------- d-----w- c:\users\mafineart\appdata\roaming\WinBatch2013-05-30 09:35:08 -------- d-----w- C:\swsetup2013-05-30 09:04:28 71680 ----a-w- c:\windows\system32\atl.dll2013-05-30 08:48:36 28672 ----a-w- c:\windows\system32\FwRemoteSvr.dll2013-05-30 08:48:35 61440 ----a-w- c:\windows\system32\winipsec.dll2013-05-30 08:48:35 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL2013-05-30 08:48:35 272896 ----a-w- c:\windows\system32\polstore.dll2013-05-30 08:46:26 23040 ----a-w- c:\program files\movie maker\WMM2EXT.dll2013-05-30 08:46:25 195072 ----a-w- c:\program files\movie maker\WMM2AE.dll2013-05-30 06:45:37 4984 ----a-w- c:\windows\system32\drivers\nvphy.bin2013-05-30 06:09:12 -------- d-----w- c:\users\mafineart\appdata\local\Google2013-05-30 06:08:57 -------- d-----w- c:\users\mafineart\appdata\local\Apps2013-05-30 06:08:56 -------- d-----w- c:\users\mafineart\appdata\local\Deployment2013-05-30 05:44:46 -------- d-----w- c:\programdata\ErrorEND2013-05-30 04:22:27 23552 ----a-w- c:\windows\system32\lpk.dll2013-05-30 04:22:27 10240 ----a-w- c:\windows\system32\dciman32.dll2013-05-30 04:19:57 72704 ----a-w- c:\windows\system32\admparse.dll2013-05-30 04:19:50 48128 ----a-w- c:\windows\system32\mshtmler.dll2013-05-30 04:19:44 129536 ----a-w- c:\program files\internet explorer\sqmapi.dll2013-05-30 04:15:41 94720 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll2013-05-30 04:15:41 241152 ----a-w- c:\windows\system32\PortableDeviceApi.dll2013-05-30 04:15:41 160768 ----a-w- c:\windows\system32\PortableDeviceTypes.dll2013-05-30 04:13:35 11264 ----a-w- c:\windows\system32\MRINFO.EXE2013-05-30 04:13:34 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE2013-05-30 04:13:34 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE2013-05-30 04:13:34 27136 ----a-w- c:\windows\system32\NETSTAT.EXE2013-05-30 04:13:34 19968 ----a-w- c:\windows\system32\ARP.EXE2013-05-30 04:13:34 17920 ----a-w- c:\windows\system32\ROUTE.EXE2013-05-30 04:13:34 104960 ----a-w- c:\windows\system32\netiohlp.dll2013-05-30 04:13:34 10240 ----a-w- c:\windows\system32\finger.exe2013-05-30 04:10:38 127488 ----a-w- c:\windows\system32\L2SecHC.dll2013-05-30 04:10:37 68096 ----a-w- c:\windows\system32\wlanhlp.dll2013-05-30 04:10:37 64512 ----a-w- c:\windows\system32\wlanapi.dll2013-05-30 04:10:37 293376 ----a-w- c:\windows\system32\wlanmsm.dll2013-05-30 04:10:36 513024 ----a-w- c:\windows\system32\wlansvc.dll2013-05-30 04:10:36 302592 ----a-w- c:\windows\system32\wlansec.dll2013-05-30 04:10:36 15181 ----a-w- c:\windows\system32\gatherWirelessInfo.vbs2013-05-30 04:09:41 2048 ----a-w- c:\windows\system32\msxml3r.dll2013-05-30 04:09:40 1399296 ----a-w- c:\windows\system32\msxml6.dll2013-05-30 04:09:39 2048 ----a-w- c:\windows\system32\msxml6r.dll2013-05-30 04:08:45 213504 ----a-w- c:\windows\system32\msv1_0.dll2013-05-30 04:06:06 98816 ----a-w- c:\windows\system32\mfps.dll2013-05-30 04:06:06 2868224 ----a-w- c:\windows\system32\mf.dll2013-05-30 04:06:05 53248 ----a-w- c:\windows\system32\rrinstaller.exe2013-05-30 04:06:05 24576 ----a-w- c:\windows\system32\mfpmp.exe2013-05-30 04:06:05 2048 ----a-w- c:\windows\system32\mferror.dll2013-05-30 03:59:52 296960 ----a-w- c:\windows\system32\gdi32.dll2013-05-30 03:57:16 562176 ----a-w- c:\windows\system32\msdtcprx.dll2013-05-30 03:57:16 38912 ----a-w- c:\windows\system32\xolehlp.dll2013-05-30 03:56:33 160256 ----a-w- c:\windows\system32\wkssvc.dll2013-05-30 03:55:42 53248 ----a-w- c:\windows\system32\tsgqec.dll2013-05-30 03:55:42 136192 ----a-w- c:\windows\system32\aaclient.dll2013-05-30 03:54:56 303616 ----a-w- c:\windows\system32\wmpeffects.dll2013-05-30 03:52:45 714240 ----a-w- c:\windows\system32\timedate.cpl2013-05-30 03:46:35 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax2013-05-30 03:46:35 57856 ----a-w- c:\windows\system32\MSDvbNP.ax2013-05-30 03:43:37 636928 ----a-w- c:\windows\system32\localspl.dll2013-05-30 03:41:10 2927104 ----a-w- c:\windows\explorer.exe2013-05-30 03:39:37 499712 ----a-w- c:\windows\system32\kerberos.dll2013-05-30 03:39:36 9728 ----a-w- c:\windows\system32\lsass.exe2013-05-30 03:39:36 72704 ----a-w- c:\windows\system32\secur32.dll2013-05-30 03:39:36 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys2013-05-30 03:39:36 175104 ----a-w- c:\windows\system32\wdigest.dll2013-05-30 03:39:36 1256448 ----a-w- c:\windows\system32\lsasrv.dll2013-05-30 03:36:59 1452544 ----a-w- c:\windows\system32\NlsLexicons0003.dll2013-05-30 03:33:43 6656 ----a-w- c:\windows\system32\kbd106n.dll2013-05-30 03:33:34 988216 ----a-w- c:\windows\system32\winload.exe2013-05-30 03:33:34 927288 ----a-w- c:\windows\system32\winresume.exe2013-05-30 03:33:33 40960 ----a-w- c:\windows\system32\srclient.dll2013-05-30 03:33:33 378368 ----a-w- c:\windows\system32\srcore.dll2013-05-30 03:33:33 318464 ----a-w- c:\windows\system32\rstrui.exe2013-05-30 03:33:33 14848 ----a-w- c:\windows\system32\srdelayed.exe2013-05-30 03:33:32 19000 ----a-w- c:\windows\system32\kd1394.dll2013-05-30 03:33:31 46592 ----a-w- c:\windows\system32\setbcdlocale.dll2013-05-30 03:33:30 615992 ----a-w- c:\windows\system32\ci.dll2013-05-30 03:32:16 551424 ----a-w- c:\windows\system32\rpcss.dll2013-05-30 03:32:15 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll2013-05-30 03:32:14 666624 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe2013-05-30 03:32:13 615424 ----a-w- c:\windows\system32\wbem\fastprox.dll2013-05-30 03:32:13 499200 ----a-w- c:\windows\system32\wbem\WmiPrvSD.dll2013-05-30 03:32:13 247296 ----a-w- c:\windows\system32\wbem\WmiPrvSE.exe2013-05-30 03:32:13 129024 ----a-w- c:\windows\system32\wbem\WmiDcPrv.dll2013-05-30 03:32:12 54784 ----a-w- c:\windows\system32\iasads.dll2013-05-30 03:32:12 44032 ----a-w- c:\windows\system32\iasdatastore.dll2013-05-30 03:32:12 17408 ----a-w- c:\windows\system32\iashost.exe2013-05-30 03:32:11 98304 ----a-w- c:\windows\system32\iasrecst.dll2013-05-30 03:32:11 183296 ----a-w- c:\windows\system32\sdohlp.dll2013-05-30 03:31:37 62464 ----a-w- c:\windows\system32\l3codeca.acm2013-05-30 03:31:37 220672 ----a-w- c:\windows\system32\l3codecp.acm2013-05-30 03:30:31 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys2013-05-30 03:30:31 190464 ----a-w- c:\windows\system32\iphlpsvc.dll2013-05-30 03:30:31 15360 ----a-w- c:\windows\system32\drivers\TUNMP.SYS2013-05-30 03:29:27 454656 ----a-w- c:\program files\common files\system\msadc\msadce.dll2013-05-30 03:28:27 24064 ----a-w- c:\windows\system32\amxread.dll2013-05-30 03:28:27 13824 ----a-w- c:\windows\system32\apilogen.dll2013-05-30 03:27:05 425472 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll2013-05-30 03:27:04 712704 ----a-w- c:\windows\system32\WindowsCodecs.dll2013-05-30 03:27:03 347136 ----a-w- c:\windows\system32\WindowsCodecsExt.dll2013-05-30 03:24:50 443392 ----a-w- c:\windows\system32\win32spl.dll2013-05-30 03:24:50 37888 ----a-w- c:\windows\system32\printcom.dll2013-05-30 03:24:08 14848 ----a-w- c:\windows\system32\wshrm.dll2013-05-30 03:24:08 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys2013-05-30 03:23:18 43520 ----a-w- c:\windows\system32\msdxm.tlb2013-05-30 03:23:18 313344 ----a-w- c:\windows\system32\wmpdxm.dll2013-05-30 03:23:18 18432 ----a-w- c:\windows\system32\amcompat.tlb2013-05-30 03:22:42 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe2013-05-30 03:22:42 329216 ----a-w- c:\windows\system32\msdrm.dll2013-05-30 03:22:42 151040 ----a-w- c:\windows\system32\secproc_ssp.dll2013-05-30 03:22:41 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe2013-05-30 03:22:41 151040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll2013-05-30 03:22:40 511488 ----a-w- c:\windows\system32\RMActivate.exe2013-05-30 03:22:40 472064 ----a-w- c:\windows\system32\secproc.dll2013-05-30 03:22:39 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe2013-05-30 03:22:39 472576 ----a-w- c:\windows\system32\secproc_isv.dll2013-05-30 03:19:54 634656 ----a-w- c:\windows\system32\nvvsvc.exe2013-05-30 03:19:54 62752 ----a-w- c:\windows\system32\nvshext.dll2013-05-30 03:19:53 2557728 ----a-w- c:\windows\system32\nvsvcr.dll2013-05-30 03:18:51 53024 ----a-w- c:\windows\system32\OpenCL.dll2013-05-30 03:17:06 -------- d-----w- c:\programdata\NVIDIA Corporation2013-05-30 03:16:46 -------- d-----w- c:\program files\NVIDIA Corporation2013-05-30 03:05:53 622080 ----a-w- c:\windows\system32\icardagt.exe2013-05-30 03:05:52 97800 ----a-w- c:\windows\system32\infocardapi.dll2013-05-30 03:05:52 37384 ----a-w- c:\windows\system32\infocardcpl.cpl2013-05-30 03:05:52 11264 ----a-w- c:\windows\system32\icardres.dll2013-05-30 03:05:38 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll2013-05-30 03:05:33 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll2013-05-30 02:43:10 158720 ----a-w- c:\windows\system32\mscorier.dll2013-05-30 02:43:09 83968 ----a-w- c:\windows\system32\mscories.dll2013-05-29 12:15:18 1695744 ----a-w- c:\windows\system32\gameux.dll2013-05-29 12:14:42 94720 ----a-w- c:\windows\system32\logagent.exe2013-05-29 12:14:41 996352 ----a-w- c:\windows\system32\WMNetMgr.dll2013-05-29 12:13:55 84480 ----a-w- c:\windows\system32\INETRES.dll2013-05-29 12:02:49 61440 ----a-w- c:\windows\system32\msasn1.dll2013-05-29 12:02:28 1645568 ----a-w- c:\windows\system32\connect.dll2013-05-29 12:01:45 784896 ----a-w- c:\windows\system32\rpcrt4.dll2013-05-29 12:00:41 281600 ----a-w- c:\windows\system32\raschap.dll2013-05-29 12:00:40 244224 ----a-w- c:\windows\system32\rastls.dll2013-05-29 12:00:20 351232 ----a-w- c:\windows\system32\WSDApi.dll2013-05-29 11:58:39 91136 ----a-w- c:\windows\system32\avifil32.dll2013-05-29 11:58:39 82944 ----a-w- c:\windows\system32\mciavi32.dll2013-05-29 11:58:39 65024 ----a-w- c:\windows\system32\avicap32.dll2013-05-29 11:58:39 31744 ----a-w- c:\windows\system32\msvidc32.dll2013-05-29 11:58:39 13312 ----a-w- c:\windows\system32\msrle32.dll2013-05-29 11:58:39 123904 ----a-w- c:\windows\system32\msvfw32.dll2013-05-29 11:58:37 50176 ----a-w- c:\windows\system32\iyuv_32.dll2013-05-29 11:58:37 22528 ----a-w- c:\windows\system32\msyuv.dll2013-05-29 11:58:37 11776 ----a-w- c:\windows\system32\tsbyuv.dll2013-05-29 11:58:03 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL2013-05-29 11:57:06 7680 ----a-w- c:\windows\system32\spwmp.dll2013-05-29 11:57:06 107520 ----a-w- c:\program files\windows media player\wmpshare.exe2013-05-29 11:57:05 4096 ----a-w- c:\windows\system32\msdxm.ocx2013-05-29 11:57:05 4096 ----a-w- c:\windows\system32\dxmasf.dll2013-05-29 11:57:05 107520 ----a-w- c:\program files\windows media player\wmpconfig.exe2013-05-29 11:56:58 1418752 ----a-w- c:\program files\windows media player\setup_wm.exe2013-05-29 11:56:57 310784 ----a-w- c:\windows\system32\unregmp2.exe2013-05-29 11:31:56 -------- d-----w- c:\users\mafineart\appdata\roaming\AVG20132013-05-29 11:29:51 -------- d-----w- c:\users\mafineart\appdata\roaming\TuneUp Software2013-05-29 11:27:29 -------- d--h--w- C:\$AVG2013-05-29 11:27:29 -------- d-----w- c:\programdata\AVG20132013-05-29 11:23:53 -------- d-----w- c:\program files\AVG2013-05-29 11:19:57 -------- d--h--w- c:\programdata\Common Files2013-05-29 11:19:56 -------- d-----w- c:\users\mafineart\appdata\local\MFAData2013-05-29 11:19:56 -------- d-----w- c:\users\mafineart\appdata\local\Avg20132013-05-29 11:19:56 -------- d-----w- c:\programdata\MFAData2013-05-29 10:15:54 171520 ----a-w- c:\windows\system32\wintrust.dll2013-05-29 10:15:26 98304 ----a-w- c:\windows\system32\cabview.dll2013-05-29 10:14:10 411136 ----a-w- c:\windows\system32\drivers\http.sys2013-05-29 10:14:10 31232 ----a-w- c:\windows\system32\httpapi.dll2013-05-29 10:14:09 24064 ----a-w- c:\windows\system32\nshhttp.dll2013-05-29 10:05:59 -------- d-----w- c:\program files\MSXML 4.02013-05-29 09:51:49 -------- d-----w- c:\users\mafineart\appdata\local\WindowsUpdate2013-05-29 09:13:47 -------- d-----w- c:\users\mafineart\appdata\local\Hewlett-Packard2013-05-29 07:16:40 -------- d-----w- c:\windows\system32\oem2013-05-29 06:47:16 -------- d-----w- c:\users\mafineart\appdata\local\VirtualStore2013-05-29 06:30:36 -------- d-sh--we C:\Documents and Settings.==================== Find3M ====================.2013-05-30 14:43:29 101888 ----a-w- c:\windows\system32\ifxcardm.dll2013-05-30 14:43:13 82432 ----a-w- c:\windows\system32\axaltocm.dll2013-05-30 09:51:17 319456 ----a-w- c:\windows\DIFxAPI.dll2013-05-30 03:36:59 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll2013-05-30 03:28:27 40960 ----a-w- c:\windows\apppatch\apihex86.dll2013-05-29 12:15:33 2560 ----a-w- c:\windows\apppatch\AcRes.dll2013-03-29 09:53:48 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys2013-03-21 10:08:24 182072 ----a-w- c:\windows\system32\drivers\avgtdix.sys.============= FINISH: 13:13:34.02 ===============.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft® Windows Vista™ Home Premium Boot Device: \Device\HarddiskVolume1Install Date: 5/28/2013 11:22:46 PMSystem Uptime: 6/5/2013 12:16:13 PM (1 hours ago).Motherboard: ASUSTek Computer INC. | | NODUSM3Processor: AMD Athlon 64 X2 Dual Core Processor 4200+ | Socket AM2 | 2000/200mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 292 GiB total, 208.833 GiB free.D: is FIXED (NTFS) - 6 GiB total, 0.877 GiB free.E: is CDROM (CDFS)F: is RemovableG: is RemovableH: is RemovableI: is RemovableJ: is Removable.==== Disabled Device Manager Items =============.==== System Restore Points ===================..==== Installed Programs ======================.Adobe AIRAdobe Flash Player 11 ActiveXAdobe Media PlayerAdobe Photoshop 7.0Adobe Reader 7.0.8AutoUpdateAVG 2013Canon MP Navigator EX 4.1Canon MX880 series MP DriversCanon MX880 series User RegistrationCanon My PrinterCanon Solution Menu EXDivXEnhanced Multimedia Keyboard SolutionExtractNowGoogle ChromeGoogle Update HelperHardware Diagnostic ToolsHotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)HP Connections (remove only)HP Customer Experience EnhancementsHP Customer FeedbackHP Easy Setup - CoreHP Easy Setup - FrontendHP Picasso Media Center Add-InHP Product DetectionHP UpdateInternet Explorer Toolbar 4.8 by SweetPacksLightScribe 1.4.124.1Malwarebytes Anti-Malware version 1.75.0.1300Microsoft .NET Framework 3.5 SP1Microsoft .NET Framework 4 Client ProfileMicrosoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft WorksMSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)muvee autoProducer 5.0My HP GamesNVIDIA Control Panel 307.83NVIDIA DriversNVIDIA Graphics Driver 307.83NVIDIA Install ApplicationNVIDIA Update 1.10.8NVIDIA Update ComponentsOcxSetupPython 2.4.3Realtek High Definition Audio DriverRoxio Creator AudioRoxio Creator Basic v9Roxio Creator CopyRoxio Creator DataRoxio Creator EasyArchiveRoxio Creator ToolsRoxio Express Labeler 3Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Soft Data Fax Modem with SmartCPUpdate for Microsoft .NET Framework 3.5 SP1 (KB963707)Yahoo! ToolbarYahoo! Toolbar for Internet Explorer.==== End Of File =========================== Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted June 7, 2013 ID:688255 Share Posted June 7, 2013 Hello Buddahass and welcome to Malwarebytes!I am D-FRED-BROWN and I will be helping you. Please print or save this topic. It will make it easier for you to follow the instructions and complete all of the necessary steps.----------Step 1----------------Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!Double-click on TDSSKiller.exe to run the tool for known TDSS variants.Vista/Windows 7 users right-click and select Run As Administrator.If TDSSKiller does not run, try renaming it.To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.Click the Start Scan button.Do not use the computer during the scanIf the scan completes with nothing found, click Close to exit.If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).Copy and paste the contents of that file in your next reply.----------Step 2----------------Please download Malwarebytes Anti-Rootkit from HEREUnzip the contents to a folder in a convenient location.Open the folder where the contents were unzipped and run mbar.exeFollow the instructions in the wizard to update and allow the program to scan your computer for threats.Click on the Cleanup button to remove any threats and reboot if prompted to do so.Wait while the system shuts down and the cleanup process is performed.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt----------Step 3----------------Please download ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:http://www.bleepingc...to-use-combofix***IMPORTANT: save ComboFix to your Desktop**** Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.Please go here to see a list of programs that should be disabled.**Note: Do not mouseclick ComboFix's window while it's running. That may cause it to stall** Please include the C:\ComboFix.txt in your next reply for further review.NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.----------Step 4----------------Please download Security Check by screen317 from here or here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.A Notepad document should open automatically called checkup.txt; please post the contents of that document.----------Step 5----------------In your next reply, please include the following:TDSSKiller's logfileMBAR mbar-log.txt and system-log.txtComboFix's report (C:\ComboFix.txt)Security Check checkup.txtAfter that, please let me know: How is your computer running now? Do you have any questions or concerns you'd like me to address? Don't hesitate to ask. -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------Note:Please make sure you are subscribed to this topic: Click on the "Follow This Topic" Button (at the top right of this page), make sure that the "Receive notification" box is checked and that it is set to "Instantly"-------> Your topic will be closed if you haven't replied within 3 days! <--------(If I don't respond within 24 hours, please send me a PM)-DFB Link to post Share on other sites More sharing options...
Buddahass Posted June 7, 2013 Author ID:688285 Share Posted June 7, 2013 Thanks D-FRED for your assistance, I posted here as it was the only forum I could find, that seemed to have any experience defeating it.I'm not sure if these did however, but as requested, the results are posted below.00:57:16.0878 5368 TDSS rootkit removing tool 2.8.17.0 Apr 11 2013 11:56:3400:57:17.0658 5368 ============================================================00:57:17.0658 5368 Current date / time: 2013/06/07 00:57:17.065800:57:17.0673 5368 SystemInfo:00:57:17.0673 5368 00:57:17.0673 5368 OS Version: 6.0.6001 ServicePack: 1.000:57:17.0673 5368 Product type: Workstation00:57:17.0673 5368 ComputerName: MAFINEART-PC00:57:17.0673 5368 UserName: mafineart00:57:17.0673 5368 Windows directory: C:\Windows00:57:17.0673 5368 System windows directory: C:\Windows00:57:17.0673 5368 Processor architecture: Intel x8600:57:17.0673 5368 Number of processors: 200:57:17.0673 5368 Page size: 0x100000:57:17.0673 5368 Boot type: Normal boot00:57:17.0673 5368 ============================================================00:57:18.0469 5368 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000005000:57:18.0562 5368 Drive \Device\Harddisk5\DR5 - Size: 0x3BA800000 (14.91 Gb), SectorSize: 0x200, Cylinders: 0x79A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'00:57:18.0578 5368 ============================================================00:57:18.0578 5368 \Device\Harddisk0\DR0:00:57:18.0578 5368 MBR partitions:00:57:18.0578 5368 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x247A909100:57:18.0578 5368 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x247A90D0, BlocksNum 0xC845F100:57:18.0578 5368 \Device\Harddisk5\DR5:00:57:18.0578 5368 MBR partitions:00:57:18.0578 5368 \Device\Harddisk5\DR5\Partition1: MBR, Type 0xC, StartLBA 0x1F80, BlocksNum 0x1DD208000:57:18.0578 5368 ============================================================00:57:18.0672 5368 C: <-> \Device\Harddisk0\DR0\Partition100:57:18.0796 5368 D: <-> \Device\Harddisk0\DR0\Partition200:57:18.0796 5368 ============================================================00:57:18.0796 5368 Initialize success00:57:18.0796 5368 ============================================================00:57:37.0532 5452 ============================================================00:57:37.0532 5452 Scan started00:57:37.0532 5452 Mode: Manual;00:57:37.0532 5452 ============================================================00:57:38.0546 5452 ================ Scan system memory ========================00:57:38.0546 5452 System memory - ok00:57:38.0546 5452 ================ Scan services =============================00:57:38.0733 5452 [ FCB8C7210F0135E24C6580F7F649C73C ] ACPI C:\Windows\system32\drivers\acpi.sys00:57:38.0764 5452 ACPI - ok00:57:38.0780 5452 adfs - ok00:57:38.0842 5452 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys00:57:38.0858 5452 adp94xx - ok00:57:38.0905 5452 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys00:57:38.0920 5452 adpahci - ok00:57:38.0936 5452 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys00:57:38.0952 5452 adpu160m - ok00:57:38.0983 5452 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys00:57:38.0998 5452 adpu320 - ok00:57:39.0045 5452 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll00:57:39.0045 5452 AeLookupSvc - ok00:57:39.0092 5452 [ 48EB99503533C27AC6135648E5474457 ] AFD C:\Windows\system32\drivers\afd.sys00:57:39.0170 5452 AFD - ok00:57:39.0201 5452 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys00:57:39.0217 5452 agp440 - ok00:57:39.0248 5452 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys00:57:39.0248 5452 aic78xx - ok00:57:39.0310 5452 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe00:57:39.0310 5452 ALG - ok00:57:39.0342 5452 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys00:57:39.0357 5452 aliide - ok00:57:39.0373 5452 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys00:57:39.0388 5452 amdagp - ok00:57:39.0420 5452 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys00:57:39.0420 5452 amdide - ok00:57:39.0466 5452 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys00:57:39.0513 5452 AmdK7 - ok00:57:39.0560 5452 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys00:57:39.0591 5452 AmdK8 - ok00:57:39.0622 5452 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll00:57:39.0638 5452 Appinfo - ok00:57:39.0685 5452 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys00:57:39.0685 5452 arc - ok00:57:39.0716 5452 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys00:57:39.0716 5452 arcsas - ok00:57:39.0778 5452 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys00:57:39.0778 5452 AsyncMac - ok00:57:39.0841 5452 [ 2D9C903DC76A66813D350A562DE40ED9 ] atapi C:\Windows\system32\drivers\atapi.sys00:57:39.0841 5452 atapi - ok00:57:39.0872 5452 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll00:57:39.0919 5452 AudioEndpointBuilder - ok00:57:39.0966 5452 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] Audiosrv C:\Windows\System32\Audiosrv.dll00:57:39.0966 5452 Audiosrv - ok00:57:40.0246 5452 [ 50185186719134FA8F307D269106A51C ] AVGIDSAgent C:\Program Files\AVG\AVG2013\avgidsagent.exe00:57:40.0418 5452 AVGIDSAgent - ok00:57:40.0465 5452 [ 4750A2A188D39034F5DDDDAE1BF38BF8 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys00:57:40.0480 5452 AVGIDSDriver - ok00:57:40.0512 5452 [ B0DEF92F4E1E6B9242E6C8FAB82703F7 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys00:57:40.0527 5452 AVGIDSHX - ok00:57:40.0543 5452 [ A426B2DC795531D99E2EE1952AEC051A ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys00:57:40.0558 5452 AVGIDSShim - ok00:57:40.0574 5452 [ 08FA13787D77A75DC413E27FD92B44E8 ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys00:57:40.0590 5452 Avgldx86 - ok00:57:40.0605 5452 [ 3E587EE55C70E6DB78A98D7121D3052E ] Avglogx C:\Windows\system32\DRIVERS\avglogx.sys00:57:40.0621 5452 Avglogx - ok00:57:40.0636 5452 [ 5AC56B2CF8EE751796C5A8FC5C631B66 ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys00:57:40.0652 5452 Avgmfx86 - ok00:57:40.0668 5452 [ C29E6070396E437FDE184D739CCBA2C7 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys00:57:40.0668 5452 Avgrkx86 - ok00:57:40.0699 5452 [ 14370FB29526F593C04FA48B5D69F7F0 ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys00:57:40.0699 5452 Avgtdix - ok00:57:40.0746 5452 [ 3A0977CB68AF13E2579E47EB8984056B ] avgwd C:\Program Files\AVG\AVG2013\avgwdsvc.exe00:57:40.0746 5452 avgwd - ok00:57:40.0792 5452 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys00:57:40.0824 5452 Beep - ok00:57:40.0870 5452 [ 8582E233C346AEFE759833E8A30DD697 ] BFE C:\Windows\System32\bfe.dll00:57:40.0886 5452 BFE - ok00:57:40.0917 5452 [ 02ED7B4DBC2A3232A389106DA7515C3D ] BITS C:\Windows\System32\qmgr.dll00:57:40.0948 5452 BITS - ok00:57:40.0964 5452 blbdrive - ok00:57:41.0011 5452 [ 8153396D5551276227FA146900F734E6 ] bowser C:\Windows\system32\DRIVERS\bowser.sys00:57:41.0042 5452 bowser - ok00:57:41.0073 5452 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys00:57:41.0104 5452 BrFiltLo - ok00:57:41.0120 5452 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys00:57:41.0182 5452 BrFiltUp - ok00:57:41.0245 5452 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll00:57:41.0245 5452 Browser - ok00:57:41.0260 5452 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys00:57:41.0307 5452 Brserid - ok00:57:41.0354 5452 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys00:57:41.0401 5452 BrSerWdm - ok00:57:41.0416 5452 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys00:57:41.0432 5452 BrUsbMdm - ok00:57:41.0463 5452 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys00:57:41.0510 5452 BrUsbSer - ok00:57:41.0572 5452 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys00:57:41.0604 5452 BTHMODEM - ok00:57:41.0635 5452 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys00:57:41.0682 5452 cdfs - ok00:57:41.0697 5452 [ 1EC25CEA0DE6AC4718BF89F9E1778B57 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys00:57:41.0728 5452 cdrom - ok00:57:41.0775 5452 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] CertPropSvc C:\Windows\System32\certprop.dll00:57:41.0775 5452 CertPropSvc - ok00:57:41.0806 5452 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys00:57:41.0822 5452 circlass - ok00:57:41.0869 5452 [ 465745561C832B29F7C48B488AAB3842 ] CLFS C:\Windows\system32\CLFS.sys00:57:41.0900 5452 CLFS - ok00:57:41.0962 5452 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe00:57:41.0978 5452 clr_optimization_v2.0.50727_32 - ok00:57:42.0040 5452 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe00:57:42.0103 5452 clr_optimization_v4.0.30319_32 - ok00:57:42.0150 5452 CLTNetCnService - ok00:57:42.0181 5452 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys00:57:42.0212 5452 cmdide - ok00:57:42.0243 5452 [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt C:\Windows\system32\drivers\compbatt.sys00:57:42.0243 5452 Compbatt - ok00:57:42.0259 5452 COMSysApp - ok00:57:42.0290 5452 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys00:57:42.0306 5452 crcdisk - ok00:57:42.0352 5452 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys00:57:42.0384 5452 Crusoe - ok00:57:42.0430 5452 [ 6DE363F9F99334514C46AEC02D3E3678 ] CryptSvc C:\Windows\system32\cryptsvc.dll00:57:42.0430 5452 CryptSvc - ok00:57:42.0540 5452 [ 301AE00E12408650BADDC04DBC832830 ] DcomLaunch C:\Windows\system32\rpcss.dll00:57:42.0571 5452 DcomLaunch - ok00:57:42.0602 5452 [ A3E9FA213F443AC77C7746119D13FEEC ] DfsC C:\Windows\system32\Drivers\dfsc.sys00:57:42.0602 5452 DfsC - ok00:57:42.0696 5452 [ FA3463F25F9CC9C3BCF1E7912FEFF099 ] DFSR C:\Windows\system32\DFSR.exe00:57:42.0836 5452 DFSR - ok00:57:42.0883 5452 [ 43A988A9C10333476CB5FB667CBD629D ] Dhcp C:\Windows\System32\dhcpcsvc.dll00:57:42.0898 5452 Dhcp - ok00:57:42.0930 5452 [ 64109E623ABD6955C8FB110B592E68B7 ] disk C:\Windows\system32\drivers\disk.sys00:57:42.0945 5452 disk - ok00:57:42.0976 5452 [ 4805D9A6D281C7A7DEFD9094DEC6AF7D ] Dnscache C:\Windows\System32\dnsrslvr.dll00:57:42.0992 5452 Dnscache - ok00:57:43.0039 5452 [ 5AF620A08C614E24206B79E8153CF1A8 ] dot3svc C:\Windows\System32\dot3svc.dll00:57:43.0039 5452 dot3svc - ok00:57:43.0070 5452 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll00:57:43.0070 5452 DPS - ok00:57:43.0117 5452 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys00:57:43.0132 5452 drmkaud - ok00:57:43.0179 5452 [ 85F33880B8CFB554BD3D9CCDB486845A ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys00:57:43.0288 5452 DXGKrnl - ok00:57:43.0335 5452 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys00:57:43.0382 5452 E1G60 - ok00:57:43.0413 5452 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll00:57:43.0413 5452 EapHost - ok00:57:43.0444 5452 [ DD2CD259D83D8B72C02C5F2331FF9D68 ] Ecache C:\Windows\system32\drivers\ecache.sys00:57:43.0460 5452 Ecache - ok00:57:43.0507 5452 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe00:57:43.0522 5452 ehRecvr - ok00:57:43.0538 5452 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe00:57:43.0554 5452 ehSched - ok00:57:43.0569 5452 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll00:57:43.0569 5452 ehstart - ok00:57:43.0616 5452 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys00:57:43.0632 5452 elxstor - ok00:57:43.0663 5452 [ 70B1A86DF0C8EAD17D2BC332EDAE2C7C ] EMDMgmt C:\Windows\system32\emdmgmt.dll00:57:43.0678 5452 EMDMgmt - ok00:57:43.0725 5452 [ 3CB3343D720168B575133A0A20DC2465 ] EventSystem C:\Windows\system32\es.dll00:57:43.0725 5452 EventSystem - ok00:57:43.0772 5452 [ 0D858EB20589A34EFB25695ACAA6AA2D ] exfat C:\Windows\system32\drivers\exfat.sys00:57:43.0803 5452 exfat - ok00:57:43.0834 5452 [ 3C489390C2E2064563727752AF8EAB9E ] fastfat C:\Windows\system32\drivers\fastfat.sys00:57:43.0866 5452 fastfat - ok00:57:43.0897 5452 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys00:57:43.0897 5452 fdc - ok00:57:43.0912 5452 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll00:57:43.0912 5452 fdPHost - ok00:57:43.0928 5452 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll00:57:43.0928 5452 FDResPub - ok00:57:43.0959 5452 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys00:57:43.0959 5452 FileInfo - ok00:57:43.0975 5452 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys00:57:43.0990 5452 Filetrace - ok00:57:44.0022 5452 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys00:57:44.0084 5452 flpydisk - ok00:57:44.0100 5452 [ 05EA53AFE985443011E36DAB07343B46 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys00:57:44.0100 5452 FltMgr - ok00:57:44.0162 5452 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe00:57:44.0193 5452 FontCache3.0.0.0 - ok00:57:44.0224 5452 [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys00:57:44.0271 5452 Fs_Rec - ok00:57:44.0318 5452 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys00:57:44.0318 5452 gagp30kx - ok00:57:44.0334 5452 [ D9F1113D9401185245573350712F92FC ] gpsvc C:\Windows\System32\gpsvc.dll00:57:44.0349 5452 gpsvc - ok00:57:44.0396 5452 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe00:57:44.0412 5452 gupdate - ok00:57:44.0427 5452 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe00:57:44.0443 5452 gupdatem - ok00:57:44.0474 5452 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys00:57:44.0505 5452 HdAudAddService - ok00:57:44.0521 5452 [ C87B1EE051C0464491C1A7B03FA0BC99 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys00:57:44.0568 5452 HDAudBus - ok00:57:44.0583 5452 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys00:57:44.0614 5452 HidBth - ok00:57:44.0646 5452 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys00:57:44.0677 5452 HidIr - ok00:57:44.0708 5452 [ 8FA640195279ACE21BEA91396A0054FC ] hidserv C:\Windows\system32\hidserv.dll00:57:44.0708 5452 hidserv - ok00:57:44.0739 5452 [ 3C64042B95E583B366BA4E5D2450235E ] HidUsb C:\Windows\system32\drivers\hidusb.sys00:57:44.0755 5452 HidUsb - ok00:57:44.0770 5452 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll00:57:44.0786 5452 hkmsvc - ok00:57:44.0802 5452 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys00:57:44.0802 5452 HpCISSs - ok00:57:44.0864 5452 [ 88749FBF8BEB18C90E7D6626C8C1910B ] HSF_DP C:\Windows\system32\DRIVERS\HSX_DP.sys00:57:44.0958 5452 HSF_DP - ok00:57:44.0989 5452 [ FE440536BD98AF772130DC3A6FE1915F ] HSXHWBS2 C:\Windows\system32\DRIVERS\HSXHWBS2.sys00:57:45.0036 5452 HSXHWBS2 - ok00:57:45.0067 5452 [ 96E241624C71211A79C84F50A8E71CAB ] HTTP C:\Windows\system32\drivers\HTTP.sys00:57:45.0082 5452 HTTP - ok00:57:45.0129 5452 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys00:57:45.0129 5452 i2omp - ok00:57:45.0160 5452 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys00:57:45.0223 5452 i8042prt - ok00:57:45.0254 5452 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys00:57:45.0270 5452 iaStorV - ok00:57:45.0332 5452 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe00:57:45.0379 5452 idsvc - ok00:57:45.0410 5452 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys00:57:45.0426 5452 iirsp - ok00:57:45.0488 5452 [ A3BC480A2BF8AA8E4DABD2D5DCE0AFAC ] IKEEXT C:\Windows\System32\ikeext.dll00:57:45.0504 5452 IKEEXT - ok00:57:45.0613 5452 [ EDC37B918E583A5A813C53D4F5588255 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys00:57:45.0862 5452 IntcAzAudAddService - ok00:57:45.0878 5452 [ 97469037714070E45194ED318D636401 ] intelide C:\Windows\system32\drivers\intelide.sys00:57:45.0894 5452 intelide - ok00:57:45.0909 5452 [ CE44CC04262F28216DD4341E9E36A16F ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys00:57:45.0940 5452 intelppm - ok00:57:45.0987 5452 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll00:57:45.0987 5452 IPBusEnum - ok00:57:46.0018 5452 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys00:57:46.0096 5452 IpFilterDriver - ok00:57:46.0128 5452 [ 6A35D233693EDC29A12742049BC5E37F ] iphlpsvc C:\Windows\System32\iphlpsvc.dll00:57:46.0143 5452 iphlpsvc - ok00:57:46.0143 5452 IpInIp - ok00:57:46.0174 5452 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys00:57:46.0190 5452 IPMIDRV - ok00:57:46.0237 5452 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys00:57:46.0237 5452 IPNAT - ok00:57:46.0268 5452 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys00:57:46.0299 5452 IRENUM - ok00:57:46.0377 5452 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys00:57:46.0377 5452 isapnp - ok00:57:46.0424 5452 [ F247EEC28317F6C739C16DE420097301 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys00:57:46.0440 5452 iScsiPrt - ok00:57:46.0471 5452 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys00:57:46.0486 5452 iteatapi - ok00:57:46.0518 5452 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys00:57:46.0518 5452 iteraid - ok00:57:46.0564 5452 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys00:57:46.0564 5452 kbdclass - ok00:57:46.0580 5452 [ D2600CB17B7408B4A83F231DC9A11AC3 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys00:57:46.0611 5452 kbdhid - ok00:57:46.0642 5452 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] KeyIso C:\Windows\system32\lsass.exe00:57:46.0642 5452 KeyIso - ok00:57:46.0674 5452 [ 7A0CF7908B6824D6A2A1D313E5AE3DCA ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys00:57:46.0705 5452 KSecDD - ok00:57:46.0752 5452 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll00:57:46.0767 5452 KtmRm - ok00:57:46.0830 5452 [ 1925E63C91CF1610AE41BFD539062079 ] LanmanServer C:\Windows\system32\srvsvc.dll00:57:46.0830 5452 LanmanServer - ok00:57:46.0876 5452 [ 2AE2E1628C5D3F1C0A46A67C9FA1DF15 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll00:57:46.0876 5452 LanmanWorkstation - ok00:57:46.0939 5452 [ 6E5DAC168D1FF9843E84A59D51D31107 ] LightScribeService c:\Program Files\Common Files\LightScribe\LSSrvc.exe00:57:46.0954 5452 LightScribeService - ok00:57:46.0986 5452 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys00:57:46.0986 5452 lltdio - ok00:57:47.0032 5452 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll00:57:47.0064 5452 lltdsvc - ok00:57:47.0095 5452 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll00:57:47.0095 5452 lmhosts - ok00:57:47.0142 5452 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys00:57:47.0157 5452 LSI_FC - ok00:57:47.0188 5452 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys00:57:47.0204 5452 LSI_SAS - ok00:57:47.0235 5452 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys00:57:47.0235 5452 LSI_SCSI - ok00:57:47.0266 5452 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys00:57:47.0266 5452 luafv - ok00:57:47.0344 5452 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\Windows\system32\drivers\mbam.sys00:57:47.0344 5452 MBAMProtector - ok00:57:47.0407 5452 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe00:57:47.0407 5452 MBAMScheduler - ok00:57:47.0469 5452 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe00:57:47.0516 5452 MBAMService - ok00:57:47.0563 5452 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll00:57:47.0594 5452 Mcx2Svc - ok00:57:47.0625 5452 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys00:57:47.0656 5452 mdmxsdk - ok00:57:47.0703 5452 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys00:57:47.0703 5452 megasas - ok00:57:47.0734 5452 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll00:57:47.0734 5452 MMCSS - ok00:57:47.0750 5452 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys00:57:47.0766 5452 Modem - ok00:57:47.0797 5452 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys00:57:47.0828 5452 monitor - ok00:57:47.0844 5452 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys00:57:47.0859 5452 mouclass - ok00:57:47.0890 5452 [ A3A6DFF7E9E757DB3DF51A833BC28885 ] mouhid C:\Windows\system32\drivers\mouhid.sys00:57:47.0922 5452 mouhid - ok00:57:47.0953 5452 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys00:57:47.0953 5452 MountMgr - ok00:57:47.0984 5452 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys00:57:47.0984 5452 mpio - ok00:57:48.0015 5452 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys00:57:48.0031 5452 mpsdrv - ok00:57:48.0062 5452 [ D1639BA315B0D79DEC49A4B0E1FB929B ] MpsSvc C:\Windows\system32\mpssvc.dll00:57:48.0078 5452 MpsSvc - ok00:57:48.0124 5452 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys00:57:48.0140 5452 Mraid35x - ok00:57:48.0171 5452 [ AE3DE84536B6799D2267443CEC8EDBB9 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys00:57:48.0218 5452 MRxDAV - ok00:57:48.0249 5452 [ 5734A0F2BE7E495F7D3ED6EFD4B9F5A1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys00:57:48.0312 5452 mrxsmb - ok00:57:48.0327 5452 [ 6B5FA5ADFACAC9DBBE0991F4566D7D55 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys00:57:48.0358 5452 mrxsmb10 - ok00:57:48.0374 5452 [ 5C80D8159181C7ABF1B14BA703B01E0B ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys00:57:48.0421 5452 mrxsmb20 - ok00:57:48.0468 5452 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys00:57:48.0483 5452 msahci - ok00:57:48.0530 5452 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys00:57:48.0530 5452 msdsm - ok00:57:48.0592 5452 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe00:57:48.0624 5452 MSDTC - ok00:57:48.0670 5452 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys00:57:48.0748 5452 Msfs - ok00:57:48.0764 5452 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys00:57:48.0764 5452 msisadrv - ok00:57:48.0811 5452 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll00:57:48.0811 5452 MSiSCSI - ok00:57:48.0826 5452 msiserver - ok00:57:48.0873 5452 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys00:57:48.0873 5452 MSKSSRV - ok00:57:48.0920 5452 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys00:57:48.0936 5452 MSPCLOCK - ok00:57:48.0951 5452 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys00:57:48.0982 5452 MSPQM - ok00:57:49.0014 5452 [ B5614AECB05A9340AA0FB55BF561CC63 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys00:57:49.0029 5452 MsRPC - ok00:57:49.0045 5452 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys00:57:49.0045 5452 mssmbios - ok00:57:49.0076 5452 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys00:57:49.0076 5452 MSTEE - ok00:57:49.0107 5452 [ 6DFD1D322DE55B0B7DB7D21B90BEC49C ] Mup C:\Windows\system32\Drivers\mup.sys00:57:49.0123 5452 Mup - ok00:57:49.0154 5452 [ C43B25863FBD65B6D2A142AF3AE320CA ] napagent C:\Windows\system32\qagentRT.dll00:57:49.0170 5452 napagent - ok00:57:49.0216 5452 [ 3C21CE48FF529BB73DADB98770B54025 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys00:57:49.0263 5452 NativeWifiP - ok00:57:49.0310 5452 [ 9BDC71790FA08F0A0B5F10462B1BD0B1 ] NDIS C:\Windows\system32\drivers\ndis.sys00:57:49.0326 5452 NDIS - ok00:57:49.0357 5452 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys00:57:49.0372 5452 NdisTapi - ok00:57:49.0388 5452 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys00:57:49.0388 5452 Ndisuio - ok00:57:49.0404 5452 [ 3D14C3B3496F88890D431E8AA022A411 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys00:57:49.0450 5452 NdisWan - ok00:57:49.0466 5452 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys00:57:49.0482 5452 NDProxy - ok00:57:49.0497 5452 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys00:57:49.0497 5452 NetBIOS - ok00:57:49.0513 5452 [ 7C5FEE5B1C5728507CD96FB4A13E7A02 ] netbt C:\Windows\system32\DRIVERS\netbt.sys00:57:49.0528 5452 netbt - ok00:57:49.0544 5452 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] Netlogon C:\Windows\system32\lsass.exe00:57:49.0544 5452 Netlogon - ok00:57:49.0575 5452 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll00:57:49.0575 5452 Netman - ok00:57:49.0622 5452 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll00:57:49.0622 5452 netprofm - ok00:57:49.0669 5452 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe00:57:49.0669 5452 NetTcpPortSharing - ok00:57:49.0716 5452 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys00:57:49.0716 5452 nfrd960 - ok00:57:49.0747 5452 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll00:57:49.0762 5452 NlaSvc - ok00:57:49.0794 5452 [ ECB5003F484F9ED6C608D6D6C7886CBB ] Npfs C:\Windows\system32\drivers\Npfs.sys00:57:49.0809 5452 Npfs - ok00:57:49.0840 5452 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll00:57:49.0840 5452 nsi - ok00:57:49.0856 5452 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys00:57:49.0856 5452 nsiproxy - ok00:57:49.0903 5452 [ B4EFFE29EB4F15538FD8A9681108492D ] Ntfs C:\Windows\system32\drivers\Ntfs.sys00:57:49.0950 5452 Ntfs - ok00:57:49.0981 5452 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys00:57:49.0996 5452 ntrigdigi - ok00:57:50.0012 5452 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys00:57:50.0028 5452 Null - ok00:57:50.0090 5452 [ D958A2B5F6AD5C3B8CCDC4D7DA62466C ] NVENETFD C:\Windows\system32\DRIVERS\nvmfdx32.sys00:57:50.0152 5452 NVENETFD - ok00:57:50.0511 5452 [ 9A77B1C13BCCEDDF78DFD7AFC25B4F5E ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys00:57:50.0761 5452 nvlddmkm - ok00:57:50.0808 5452 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys00:57:50.0808 5452 nvraid - ok00:57:50.0823 5452 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys00:57:50.0839 5452 nvstor - ok00:57:50.0870 5452 [ 7EBA6C9A0A295B1559EFB9062E701218 ] nvstor32 C:\Windows\system32\DRIVERS\nvstor32.sys00:57:50.0886 5452 nvstor32 - ok00:57:50.0917 5452 [ 31B8835B003CAA6D31BEAD83DDBF98E5 ] nvsvc C:\Windows\system32\nvvsvc.exe00:57:50.0948 5452 nvsvc - ok00:57:51.0026 5452 [ F935E817409F78FA50C5921DB39124B3 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe00:57:51.0057 5452 nvUpdatusService - ok00:57:51.0088 5452 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys00:57:51.0104 5452 nv_agp - ok00:57:51.0104 5452 NwlnkFlt - ok00:57:51.0120 5452 NwlnkFwd - ok00:57:51.0166 5452 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys00:57:51.0182 5452 ohci1394 - ok00:57:51.0213 5452 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2pimsvc C:\Windows\system32\p2psvc.dll00:57:51.0244 5452 p2pimsvc - ok00:57:51.0260 5452 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2psvc C:\Windows\system32\p2psvc.dll00:57:51.0276 5452 p2psvc - ok00:57:51.0291 5452 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys00:57:51.0338 5452 Parport - ok00:57:51.0385 5452 [ 3B38467E7C3DAED009DFE359E17F139F ] partmgr C:\Windows\system32\drivers\partmgr.sys00:57:51.0400 5452 partmgr - ok00:57:51.0447 5452 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys00:57:51.0463 5452 Parvdm - ok00:57:51.0478 5452 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll00:57:51.0478 5452 PcaSvc - ok00:57:51.0525 5452 [ 01B94418DEB235DFF777CC80076354B4 ] pci C:\Windows\system32\drivers\pci.sys00:57:51.0541 5452 pci - ok00:57:51.0556 5452 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys00:57:51.0556 5452 pciide - ok00:57:51.0588 5452 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys00:57:51.0603 5452 pcmcia - ok00:57:51.0666 5452 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys00:57:51.0712 5452 PEAUTH - ok00:57:51.0790 5452 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll00:57:51.0853 5452 pla - ok00:57:51.0884 5452 [ 78F975CB6D18265BE6F492EDB2D7BC7B ] PlugPlay C:\Windows\system32\umpnpmgr.dll00:57:51.0884 5452 PlugPlay - ok00:57:51.0915 5452 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll00:57:51.0931 5452 PNRPAutoReg - ok00:57:51.0946 5452 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPsvc C:\Windows\system32\p2psvc.dll00:57:51.0962 5452 PNRPsvc - ok00:57:51.0993 5452 [ 47B8F37AA18B74D8C2E1BC1A7A2C8F8A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll00:57:52.0009 5452 PolicyAgent - ok00:57:52.0040 5452 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys00:57:52.0056 5452 PptpMiniport - ok00:57:52.0087 5452 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys00:57:52.0102 5452 Processor - ok00:57:52.0134 5452 [ B627E4FC8585E8843C5905D4D3587A90 ] ProfSvc C:\Windows\system32\profsvc.dll00:57:52.0134 5452 ProfSvc - ok00:57:52.0149 5452 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] ProtectedStorage C:\Windows\system32\lsass.exe00:57:52.0149 5452 ProtectedStorage - ok00:57:52.0196 5452 [ 390C204CED3785609AB24E9C52054A84 ] Ps2 C:\Windows\system32\DRIVERS\PS2.sys00:57:52.0212 5452 Ps2 - ok00:57:52.0243 5452 [ BFEF604508A0ED1EAE2A73E872555FFB ] PSched C:\Windows\system32\DRIVERS\pacer.sys00:57:52.0243 5452 PSched - ok00:57:52.0258 5452 [ FEFFCFDC528764A04C8ED63D5FA6E711 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys00:57:52.0368 5452 PxHelp20 - ok00:57:52.0461 5452 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys00:57:52.0492 5452 ql2300 - ok00:57:52.0524 5452 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys00:57:52.0539 5452 ql40xx - ok00:57:52.0570 5452 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll00:57:52.0586 5452 QWAVE - ok00:57:52.0617 5452 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys00:57:52.0617 5452 QWAVEdrv - ok00:57:52.0633 5452 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys00:57:52.0680 5452 RasAcd - ok00:57:52.0695 5452 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll00:57:52.0695 5452 RasAuto - ok00:57:52.0726 5452 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys00:57:52.0742 5452 Rasl2tp - ok00:57:52.0773 5452 [ 6E7C284FC5C4EC07AD164D93810385A6 ] RasMan C:\Windows\System32\rasmans.dll00:57:52.0789 5452 RasMan - ok00:57:52.0804 5452 [ 3E9D9B048107B40D87B97DF2E48E0744 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys00:57:52.0836 5452 RasPppoe - ok00:57:52.0851 5452 [ A7D141684E9500AC928A772ED8E6B671 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys00:57:52.0867 5452 RasSstp - ok00:57:52.0882 5452 [ 6E1C5D0457622F9EE35F683110E93D14 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys00:57:52.0914 5452 rdbss - ok00:57:52.0929 5452 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys00:57:52.0929 5452 RDPCDD - ok00:57:52.0960 5452 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys00:57:52.0976 5452 rdpdr - ok00:57:52.0992 5452 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys00:57:52.0992 5452 RDPENCDD - ok00:57:53.0023 5452 [ E1C18F4097A5ABCEC941DC4B2F99DB7E ] RDPWD C:\Windows\system32\drivers\RDPWD.sys00:57:53.0054 5452 RDPWD - ok00:57:53.0116 5452 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll00:57:53.0116 5452 RemoteAccess - ok00:57:53.0132 5452 [ CC4E32400F3C7253400CF8F3F3A0B676 ] RemoteRegistry C:\Windows\system32\regsvc.dll00:57:53.0132 5452 RemoteRegistry - ok00:57:53.0163 5452 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe00:57:53.0163 5452 RpcLocator - ok00:57:53.0194 5452 [ 301AE00E12408650BADDC04DBC832830 ] RpcSs C:\Windows\system32\rpcss.dll00:57:53.0194 5452 RpcSs - ok00:57:53.0226 5452 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys00:57:53.0226 5452 rspndr - ok00:57:53.0241 5452 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] SamSs C:\Windows\system32\lsass.exe00:57:53.0257 5452 SamSs - ok00:57:53.0272 5452 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys00:57:53.0272 5452 sbp2port - ok00:57:53.0288 5452 [ 11387E32642269C7E62E8B52C060B3C6 ] SCardSvr C:\Windows\System32\SCardSvr.dll00:57:53.0304 5452 SCardSvr - ok00:57:53.0335 5452 [ 7B587B8A6D4A99F79D2902D0385F29BD ] Schedule C:\Windows\system32\schedsvc.dll00:57:53.0350 5452 Schedule - ok00:57:53.0382 5452 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] SCPolicySvc C:\Windows\System32\certprop.dll00:57:53.0382 5452 SCPolicySvc - ok00:57:53.0397 5452 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll00:57:53.0413 5452 SDRSVC - ok00:57:53.0428 5452 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys00:57:53.0444 5452 secdrv - ok00:57:53.0460 5452 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll00:57:53.0460 5452 seclogon - ok00:57:53.0475 5452 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll00:57:53.0475 5452 SENS - ok00:57:53.0491 5452 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys00:57:53.0491 5452 Serenum - ok00:57:53.0522 5452 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys00:57:53.0569 5452 Serial - ok00:57:53.0600 5452 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys00:57:53.0600 5452 sermouse - ok00:57:53.0647 5452 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll00:57:53.0647 5452 SessionEnv - ok00:57:53.0662 5452 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys00:57:53.0662 5452 sffdisk - ok00:57:53.0678 5452 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys00:57:53.0709 5452 sffp_mmc - ok00:57:53.0725 5452 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys00:57:53.0740 5452 sffp_sd - ok00:57:53.0756 5452 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys00:57:53.0772 5452 sfloppy - ok00:57:53.0803 5452 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll00:57:53.0818 5452 SharedAccess - ok00:57:53.0850 5452 [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] ShellHWDetection C:\Windows\System32\shsvcs.dll00:57:53.0881 5452 ShellHWDetection - ok00:57:53.0912 5452 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys00:57:53.0912 5452 sisagp - ok00:57:53.0943 5452 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys00:57:53.0943 5452 SiSRaid2 - ok00:57:53.0943 5452 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys00:57:53.0959 5452 SiSRaid4 - ok00:57:54.0052 5452 [ 0BA91E1358AD25236863039BB2609A2E ] slsvc C:\Windows\system32\SLsvc.exe00:57:54.0130 5452 slsvc - ok00:57:54.0162 5452 [ 7C6DC44CA0BFA6291629AB764200D1D4 ] SLUINotify C:\Windows\system32\SLUINotify.dll00:57:54.0162 5452 SLUINotify - ok00:57:54.0177 5452 [ 031E6BCD53C9B2B9ACE111EAFEC347B6 ] Smb C:\Windows\system32\DRIVERS\smb.sys00:57:54.0177 5452 Smb - ok00:57:54.0208 5452 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe00:57:54.0224 5452 SNMPTRAP - ok00:57:54.0240 5452 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys00:57:54.0255 5452 spldr - ok00:57:54.0286 5452 [ 3665F79026A3F91FBCA63F2C65A09B19 ] Spooler C:\Windows\System32\spoolsv.exe00:57:54.0286 5452 Spooler - ok00:57:54.0318 5452 [ 2252AEF839B1093D16761189F45AF885 ] srv C:\Windows\system32\DRIVERS\srv.sys00:57:54.0318 5452 srv - ok00:57:54.0349 5452 [ B7FF59408034119476B00A81BB53D5D1 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys00:57:54.0349 5452 srv2 - ok00:57:54.0364 5452 [ 2ACCC9B12AF02030F531E6CCA6F8B76E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys00:57:54.0364 5452 srvnet - ok00:57:54.0396 5452 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll00:57:54.0411 5452 SSDPSRV - ok00:57:54.0427 5452 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll00:57:54.0442 5452 SstpSvc - ok00:57:54.0520 5452 [ 7DD08A597BC56051F320DA0BAF69E389 ] stisvc C:\Windows\System32\wiaservc.dll00:57:54.0536 5452 stisvc - ok00:57:54.0567 5452 [ D4CE4D370A26AE1BF41BE9F69D24D049 ] stllssvr c:\Program Files\Common Files\SureThing Shared\stllssvr.exe00:57:54.0583 5452 stllssvr - ok00:57:54.0614 5452 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys00:57:54.0614 5452 swenum - ok00:57:54.0661 5452 [ B36C7CDB86F7F7A8E884479219766950 ] swprv C:\Windows\System32\swprv.dll00:57:54.0676 5452 swprv - ok00:57:54.0708 5452 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys00:57:54.0723 5452 Symc8xx - ok00:57:54.0739 5452 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys00:57:54.0739 5452 Sym_hi - ok00:57:54.0770 5452 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys00:57:54.0770 5452 Sym_u3 - ok00:57:54.0832 5452 [ 8710A92D0024B03B5FB9540DF1F71F1D ] SysMain C:\Windows\system32\sysmain.dll00:57:54.0848 5452 SysMain - ok00:57:54.0879 5452 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll00:57:54.0879 5452 TabletInputService - ok00:57:54.0926 5452 [ 680916BB09EE0F3A6ACA7C274B0D633F ] TapiSrv C:\Windows\System32\tapisrv.dll00:57:54.0942 5452 TapiSrv - ok00:57:54.0957 5452 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll00:57:54.0973 5452 TBS - ok00:57:55.0035 5452 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys00:57:55.0113 5452 Tcpip - ok00:57:55.0144 5452 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys00:57:55.0160 5452 Tcpip6 - ok00:57:55.0191 5452 [ D4A2E4A4B011F3A883AF77315A5AE76B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys00:57:55.0207 5452 tcpipreg - ok00:57:55.0222 5452 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys00:57:55.0238 5452 TDPIPE - ok00:57:55.0269 5452 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys00:57:55.0269 5452 TDTCP - ok00:57:55.0300 5452 [ D09276B1FAB033CE1D40DCBDF303D10F ] tdx C:\Windows\system32\DRIVERS\tdx.sys00:57:55.0316 5452 tdx - ok00:57:55.0347 5452 [ A048056F5E1A96A9BF3071B91741A5AA ] TermDD C:\Windows\system32\DRIVERS\termdd.sys00:57:55.0363 5452 TermDD - ok00:57:55.0410 5452 [ D605031E225AACCBCEB5B76A4F1603A6 ] TermService C:\Windows\System32\termsrv.dll00:57:55.0425 5452 TermService - ok00:57:55.0456 5452 [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] Themes C:\Windows\system32\shsvcs.dll00:57:55.0472 5452 Themes - ok00:57:55.0503 5452 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll00:57:55.0503 5452 THREADORDER - ok00:57:55.0534 5452 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll00:57:55.0534 5452 TrkWks - ok00:57:55.0581 5452 [ 16613A1BAD034D4ECF957AF18B7C2FF5 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe00:57:55.0581 5452 TrustedInstaller - ok00:57:55.0597 5452 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys00:57:55.0628 5452 tssecsrv - ok00:57:55.0659 5452 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys00:57:55.0675 5452 tunmp - ok00:57:55.0690 5452 [ 6042505FF6FA9AC1EF7684D0E03B6940 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys00:57:55.0706 5452 tunnel - ok00:57:55.0753 5452 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys00:57:55.0753 5452 uagp35 - ok00:57:55.0784 5452 [ 8B5088058FA1D1CD897A2113CCFF6C58 ] udfs C:\Windows\system32\DRIVERS\udfs.sys00:57:55.0800 5452 udfs - ok00:57:55.0831 5452 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe00:57:55.0831 5452 UI0Detect - ok00:57:55.0846 5452 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys00:57:55.0862 5452 uliagpkx - ok00:57:55.0878 5452 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys00:57:55.0878 5452 uliahci - ok00:57:55.0909 5452 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys00:57:55.0909 5452 UlSata - ok00:57:55.0940 5452 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys00:57:55.0940 5452 ulsata2 - ok00:57:55.0971 5452 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys00:57:55.0987 5452 umbus - ok00:57:56.0018 5452 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll00:57:56.0034 5452 upnphost - ok00:57:56.0065 5452 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys00:57:56.0096 5452 usbccgp - ok00:57:56.0127 5452 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys00:57:56.0174 5452 usbcir - ok00:57:56.0205 5452 [ CEBE90821810E76320155BEBA722FCF9 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys00:57:56.0205 5452 usbehci - ok00:57:56.0236 5452 [ CC6B28E4CE39951357963119CE47B143 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys00:57:56.0252 5452 usbhub - ok00:57:56.0252 5452 [ 7BDB7B0E7D45AC0402D78B90789EF47C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys00:57:56.0268 5452 usbohci - ok00:57:56.0299 5452 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys00:57:56.0299 5452 usbprint - ok00:57:56.0314 5452 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys00:57:56.0330 5452 usbscan - ok00:57:56.0361 5452 [ 87BA6B83C5D19B69160968D07D6E2982 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS00:57:56.0377 5452 USBSTOR - ok00:57:56.0408 5452 [ 325DBBACB8A36AF9988CCF40EAC228CC ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys00:57:56.0424 5452 usbuhci - ok00:57:56.0470 5452 [ 032A0ACC3909AE7215D524E29D536797 ] UxSms C:\Windows\System32\uxsms.dll00:57:56.0470 5452 UxSms - ok00:57:56.0517 5452 [ B13BC395B9D6116628F5AF47E0802AC4 ] vds C:\Windows\System32\vds.exe00:57:56.0548 5452 vds - ok00:57:56.0580 5452 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys00:57:56.0595 5452 vga - ok00:57:56.0626 5452 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys00:57:56.0626 5452 VgaSave - ok00:57:56.0673 5452 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys00:57:56.0673 5452 viaagp - ok00:57:56.0704 5452 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys00:57:56.0736 5452 ViaC7 - ok00:57:56.0767 5452 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys00:57:56.0798 5452 viaide - ok00:57:56.0845 5452 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys00:57:56.0845 5452 volmgr - ok00:57:56.0892 5452 [ 98F5FFE6316BD74E9E2C97206C190196 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys00:57:56.0923 5452 volmgrx - ok00:57:56.0970 5452 [ D8B4A53DD2769F226B3EB374374987C9 ] volsnap C:\Windows\system32\drivers\volsnap.sys00:57:56.0985 5452 volsnap - ok00:57:57.0016 5452 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys00:57:57.0032 5452 vsmraid - ok00:57:57.0094 5452 [ D5FB73D19C46ADE183F968E13F186B23 ] VSS C:\Windows\system32\vssvc.exe00:57:57.0126 5452 VSS - ok00:57:57.0157 5452 [ 1CF9206966A8458CDA9A8B20DF8AB7D3 ] W32Time C:\Windows\system32\w32time.dll00:57:57.0172 5452 W32Time - ok00:57:57.0204 5452 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys00:57:57.0235 5452 WacomPen - ok00:57:57.0266 5452 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys00:57:57.0297 5452 Wanarp - ok00:57:57.0313 5452 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys00:57:57.0313 5452 Wanarpv6 - ok00:57:57.0344 5452 [ F3A5C2E1A6533192B070D06ECF6BE796 ] wcncsvc C:\Windows\System32\wcncsvc.dll00:57:57.0360 5452 wcncsvc - ok00:57:57.0391 5452 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll00:57:57.0406 5452 WcsPlugInService - ok00:57:57.0438 5452 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys00:57:57.0453 5452 Wd - ok00:57:57.0500 5452 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys00:57:57.0516 5452 Wdf01000 - ok00:57:57.0531 5452 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll00:57:57.0547 5452 WdiServiceHost - ok00:57:57.0562 5452 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll00:57:57.0562 5452 WdiSystemHost - ok00:57:57.0578 5452 [ CF9A5F41789B642DB967021DE06A2713 ] WebClient C:\Windows\System32\webclnt.dll00:57:57.0594 5452 WebClient - ok00:57:57.0625 5452 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll00:57:57.0640 5452 Wecsvc - ok00:57:57.0656 5452 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll00:57:57.0656 5452 wercplsupport - ok00:57:57.0687 5452 [ FD1965AAA112C6818A30AB02742D0461 ] WerSvc C:\Windows\System32\WerSvc.dll00:57:57.0703 5452 WerSvc - ok00:57:57.0734 5452 [ 72CC6A8CA7891031D6380DB5025C773C ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys00:57:57.0781 5452 winachsf - ok00:57:57.0843 5452 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll00:57:57.0859 5452 WinDefend - ok00:57:57.0874 5452 WinHttpAutoProxySvc - ok00:57:57.0937 5452 [ 00B79A7C984678F24CF052E5BEB3A2F5 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll00:57:57.0937 5452 Winmgmt - ok00:57:57.0999 5452 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll00:57:58.0046 5452 WinRM - ok00:57:58.0108 5452 [ 275F4346E569DF56CFB95243BD6F6FF0 ] Wlansvc C:\Windows\System32\wlansvc.dll00:57:58.0124 5452 Wlansvc - ok00:57:58.0171 5452 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys00:57:58.0186 5452 WmiAcpi - ok00:57:58.0218 5452 [ ABA4CF9F856D9A3A25F4DDD7690A6E9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe00:57:58.0233 5452 wmiApSrv - ok00:57:58.0296 5452 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe00:57:58.0327 5452 WMPNetworkSvc - ok00:57:58.0374 5452 [ 5D94CD167751294962BA238D82DD1BB8 ] WPCSvc C:\Windows\System32\wpcsvc.dll00:57:58.0374 5452 WPCSvc - ok00:57:58.0389 5452 [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll00:57:58.0405 5452 WPDBusEnum - ok00:57:58.0483 5452 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe00:57:58.0561 5452 WPFFontCache_v0400 - ok00:57:58.0592 5452 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys00:57:58.0608 5452 ws2ifsl - ok00:57:58.0654 5452 [ 683DD16B590372F2C9661D277F35E49C ] wscsvc C:\Windows\System32\wscsvc.dll00:57:58.0670 5452 wscsvc - ok00:57:58.0670 5452 WSearch - ok00:57:58.0779 5452 [ D79538B67FA641E986855DEF651E78FE ] wuauserv C:\Windows\system32\wuaueng.dll00:57:58.0842 5452 wuauserv - ok00:57:58.0873 5452 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys00:57:58.0873 5452 WUDFRd - ok00:57:58.0904 5452 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll00:57:58.0904 5452 wudfsvc - ok00:57:58.0951 5452 [ DAB33CFA9DD24251AAA389FF36B64D4B ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys00:57:58.0951 5452 XAudio - ok00:57:58.0982 5452 [ CD5F291A1161F15896D1A4D63DAFF5DF ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe00:57:58.0998 5452 XAudioService - ok00:57:59.0029 5452 ================ Scan global ===============================00:57:59.0060 5452 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll00:57:59.0107 5452 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll00:57:59.0138 5452 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll00:57:59.0185 5452 [ 2B336AB6286D6C81FA02CBAB914E3C6C ] C:\Windows\system32\services.exe00:57:59.0200 5452 [Global] - ok00:57:59.0200 5452 ================ Scan MBR ==================================00:57:59.0216 5452 [ 8913823FF508CCF109DB74B636C301DA ] \Device\Harddisk0\DR000:57:59.0700 5452 \Device\Harddisk0\DR0 - ok00:57:59.0715 5452 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk5\DR500:57:59.0715 5452 \Device\Harddisk5\DR5 - ok00:57:59.0715 5452 ================ Scan VBR ==================================00:57:59.0731 5452 [ C81469B2C7A3FB12CD4360F32F7CFEE6 ] \Device\Harddisk0\DR0\Partition100:57:59.0731 5452 \Device\Harddisk0\DR0\Partition1 - ok00:57:59.0762 5452 [ 9886964C7E63330EBA20FBD5271A95B1 ] \Device\Harddisk0\DR0\Partition200:57:59.0762 5452 \Device\Harddisk0\DR0\Partition2 - ok00:57:59.0778 5452 [ E543324A9E6EC2285C00F4D623767712 ] \Device\Harddisk5\DR5\Partition100:57:59.0778 5452 \Device\Harddisk5\DR5\Partition1 - ok00:57:59.0778 5452 ============================================================00:57:59.0778 5452 Scan finished00:57:59.0778 5452 ============================================================00:57:59.0793 5444 Detected object count: 000:57:59.0793 5444 Actual detected object count: 000:58:38.0325 5356 Deinitialize successMalwarebytes Anti-Rootkit BETA 1.06.0.1003www.malwarebytes.orgDatabase version: v2013.06.07.04Windows Vista Service Pack 1 x86 NTFSInternet Explorer 7.0.6001.18000mafineart :: MAFINEART-PC [administrator]6/7/2013 1:02:58 AMmbar-log-2013-06-07 (01-02-58).txtScan type: Quick scanScan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2PScan options disabled: Deep Anti-Rootkit Scan | PUPObjects scanned: 221621Time elapsed: 15 minute(s), 42 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 0(No malicious items detected)Physical Sectors Detected: 0(No malicious items detected)(end) Link to post Share on other sites More sharing options...
Buddahass Posted June 7, 2013 Author ID:688286 Share Posted June 7, 2013 ---------------------------------------Malwarebytes Anti-Rootkit BETA 1.06.0.1003© Malwarebytes Corporation 2011-2012OS version: 6.0.6001 Windows Vista Service Pack 1 x86Account is AdministrativeInternet Explorer version: 7.0.6001.18000File system is: NTFSDisk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXEDCPU speed: 2.204000 GHzMemory total: 937234432, free: 297144320Downloaded database version: v2013.06.07.04Downloaded database version: v2013.05.22.01Initializing...------------ Kernel report ------------ 06/07/2013 01:02:52------------ Loaded modules -----------\SystemRoot\system32\ntkrnlpa.exe\SystemRoot\system32\hal.dll\SystemRoot\system32\kdcom.dll\SystemRoot\system32\PSHED.dll\SystemRoot\system32\BOOTVID.dll\SystemRoot\system32\CLFS.SYS\SystemRoot\system32\CI.dll\SystemRoot\system32\drivers\Wdf01000.sys\SystemRoot\system32\drivers\WDFLDR.SYS\SystemRoot\system32\drivers\acpi.sys\SystemRoot\system32\drivers\WMILIB.SYS\SystemRoot\system32\drivers\msisadrv.sys\SystemRoot\system32\drivers\pci.sys\SystemRoot\System32\drivers\partmgr.sys\SystemRoot\system32\drivers\volmgr.sys\SystemRoot\System32\drivers\volmgrx.sys\SystemRoot\system32\drivers\pciide.sys\SystemRoot\system32\drivers\PCIIDEX.SYS\SystemRoot\System32\drivers\mountmgr.sys\SystemRoot\system32\drivers\atapi.sys\SystemRoot\system32\drivers\ataport.SYS\SystemRoot\system32\DRIVERS\nvstor32.sys\SystemRoot\system32\DRIVERS\storport.sys\SystemRoot\system32\drivers\fltmgr.sys\SystemRoot\system32\drivers\fileinfo.sys\SystemRoot\System32\Drivers\PxHelp20.sys\SystemRoot\System32\Drivers\ksecdd.sys\SystemRoot\system32\drivers\ndis.sys\SystemRoot\system32\drivers\msrpc.sys\SystemRoot\system32\drivers\NETIO.SYS\SystemRoot\System32\drivers\tcpip.sys\SystemRoot\System32\drivers\fwpkclnt.sys\SystemRoot\System32\Drivers\Ntfs.sys\SystemRoot\system32\drivers\volsnap.sys\SystemRoot\System32\Drivers\spldr.sys\SystemRoot\System32\Drivers\mup.sys\SystemRoot\System32\drivers\ecache.sys\SystemRoot\system32\drivers\disk.sys\SystemRoot\system32\drivers\CLASSPNP.SYS\SystemRoot\system32\drivers\crcdisk.sys\SystemRoot\system32\DRIVERS\avgrkx86.sys\SystemRoot\system32\DRIVERS\avglogx.sys\SystemRoot\system32\DRIVERS\avgmfx86.sys\SystemRoot\system32\DRIVERS\avgidshx.sys\SystemRoot\system32\DRIVERS\tunnel.sys\SystemRoot\system32\DRIVERS\tunmp.sys\SystemRoot\system32\DRIVERS\amdk8.sys\SystemRoot\system32\DRIVERS\nvlddmkm.sys\SystemRoot\System32\drivers\dxgkrnl.sys\SystemRoot\System32\drivers\watchdog.sys\SystemRoot\system32\DRIVERS\usbohci.sys\SystemRoot\system32\DRIVERS\USBPORT.SYS\SystemRoot\system32\DRIVERS\usbehci.sys\SystemRoot\system32\DRIVERS\cdrom.sys\SystemRoot\system32\DRIVERS\ohci1394.sys\SystemRoot\system32\DRIVERS\1394BUS.SYS\SystemRoot\system32\DRIVERS\HSXHWBS2.sys\SystemRoot\system32\DRIVERS\ks.sys\SystemRoot\system32\DRIVERS\HSX_DP.sys\SystemRoot\system32\DRIVERS\HSX_CNXT.sys\SystemRoot\system32\drivers\modem.sys\SystemRoot\system32\DRIVERS\HDAudBus.sys\SystemRoot\system32\DRIVERS\nvmfdx32.sys\SystemRoot\system32\DRIVERS\i8042prt.sys\SystemRoot\system32\DRIVERS\mouclass.sys\SystemRoot\system32\DRIVERS\PS2.sys\SystemRoot\system32\DRIVERS\kbdclass.sys\SystemRoot\system32\DRIVERS\msiscsi.sys\SystemRoot\system32\DRIVERS\TDI.SYS\SystemRoot\system32\DRIVERS\rasl2tp.sys\SystemRoot\system32\DRIVERS\ndistapi.sys\SystemRoot\system32\DRIVERS\ndiswan.sys\SystemRoot\system32\DRIVERS\raspppoe.sys\SystemRoot\system32\DRIVERS\raspptp.sys\SystemRoot\system32\DRIVERS\rassstp.sys\SystemRoot\system32\DRIVERS\termdd.sys\SystemRoot\system32\DRIVERS\swenum.sys\SystemRoot\system32\DRIVERS\mssmbios.sys\SystemRoot\system32\DRIVERS\umbus.sys\SystemRoot\system32\DRIVERS\usbhub.sys\SystemRoot\System32\Drivers\NDProxy.SYS\SystemRoot\system32\drivers\RTKVHDA.sys\SystemRoot\system32\drivers\portcls.sys\SystemRoot\system32\drivers\drmk.sys\SystemRoot\system32\DRIVERS\USBSTOR.SYS\SystemRoot\system32\DRIVERS\USBD.SYS\SystemRoot\System32\Drivers\Fs_Rec.SYS\SystemRoot\System32\Drivers\Null.SYS\SystemRoot\System32\Drivers\Beep.SYS\SystemRoot\System32\drivers\vga.sys\SystemRoot\System32\drivers\VIDEOPRT.SYS\SystemRoot\System32\DRIVERS\RDPCDD.sys\SystemRoot\system32\drivers\rdpencdd.sys\SystemRoot\System32\Drivers\Msfs.SYS\SystemRoot\System32\Drivers\Npfs.SYS\SystemRoot\System32\DRIVERS\rasacd.sys\SystemRoot\system32\DRIVERS\tdx.sys\SystemRoot\system32\DRIVERS\smb.sys\SystemRoot\system32\DRIVERS\avgtdix.sys\SystemRoot\System32\DRIVERS\netbt.sys\SystemRoot\system32\drivers\afd.sys\SystemRoot\system32\DRIVERS\pacer.sys\SystemRoot\system32\DRIVERS\netbios.sys\SystemRoot\system32\DRIVERS\wanarp.sys\SystemRoot\system32\DRIVERS\rdbss.sys\SystemRoot\system32\drivers\nsiproxy.sys\SystemRoot\System32\Drivers\dfsc.sys\SystemRoot\system32\DRIVERS\avgldx86.sys\SystemRoot\system32\DRIVERS\avgidsshimx.sys\SystemRoot\system32\DRIVERS\avgidsdriverx.sys\SystemRoot\system32\DRIVERS\cdfs.sys\SystemRoot\System32\Drivers\crashdmp.sys\SystemRoot\System32\Drivers\dump_diskdump.sys\SystemRoot\System32\Drivers\dump_nvstor32.sys\SystemRoot\System32\win32k.sys\SystemRoot\System32\drivers\Dxapi.sys\SystemRoot\system32\DRIVERS\monitor.sys\SystemRoot\System32\TSDDD.dll\SystemRoot\System32\cdd.dll\SystemRoot\System32\ATMFD.DLL\SystemRoot\system32\drivers\luafv.sys\??\C:\Windows\system32\drivers\mbam.sys\SystemRoot\system32\drivers\spsys.sys\SystemRoot\system32\DRIVERS\lltdio.sys\SystemRoot\system32\DRIVERS\rspndr.sys\SystemRoot\system32\drivers\HTTP.sys\SystemRoot\System32\DRIVERS\srvnet.sys\SystemRoot\system32\DRIVERS\bowser.sys\SystemRoot\System32\drivers\mpsdrv.sys\SystemRoot\system32\drivers\mrxdav.sys\SystemRoot\system32\DRIVERS\mrxsmb.sys\SystemRoot\system32\DRIVERS\mrxsmb10.sys\SystemRoot\system32\DRIVERS\mrxsmb20.sys\SystemRoot\System32\DRIVERS\srv2.sys\SystemRoot\System32\DRIVERS\srv.sys\SystemRoot\system32\DRIVERS\mdmxsdk.sys\SystemRoot\system32\drivers\peauth.sys\SystemRoot\System32\Drivers\secdrv.SYS\SystemRoot\System32\drivers\tcpipreg.sys\SystemRoot\system32\DRIVERS\xaudio.sys\SystemRoot\system32\DRIVERS\WUDFRd.sys\SystemRoot\system32\DRIVERS\WUDFPf.sys\SystemRoot\System32\Drivers\fastfat.SYS\??\C:\Windows\system32\drivers\mbamchameleon.sys\??\C:\Windows\system32\drivers\mbamswissarmy.sys\WINDOWS\System32\ntdll.dll----------- End -----------Done!<<<1>>>Upper Device Name: \Device\Harddisk5\DR5Upper Device Object: 0xffffffff83dd2ac8Upper Device Driver Name: \Driver\disk\Lower Device Name: \Device\00000068\Lower Device Object: 0xffffffff85052cd0Lower Device Driver Name: \Driver\USBSTOR\<<<1>>>Upper Device Name: \Device\Harddisk4\DR4Upper Device Object: 0xffffffff8b9d3560Upper Device Driver Name: \Driver\disk\Lower Device Name: \Device\0000005d\Lower Device Object: 0xffffffff8b3b4970Lower Device Driver Name: \Driver\USBSTOR\<<<1>>>Upper Device Name: \Device\Harddisk3\DR3Upper Device Object: 0xffffffff8b9d3ac8Upper Device Driver Name: \Driver\disk\Lower Device Name: \Device\0000005c\Lower Device Object: 0xffffffff8b3b4cd0Lower Device Driver Name: \Driver\USBSTOR\<<<1>>>Upper Device Name: \Device\Harddisk2\DR2Upper Device Object: 0xffffffff8b211ac8Upper Device Driver Name: \Driver\disk\Lower Device Name: \Device\0000005b\Lower Device Object: 0xffffffff8b2e2cd0Lower Device Driver Name: \Driver\USBSTOR\<<<1>>>Upper Device Name: \Device\Harddisk1\DR1Upper Device Object: 0xffffffff8b3b9ac8Upper Device Driver Name: \Driver\disk\Lower Device Name: \Device\0000005a\Lower Device Object: 0xffffffff8b12e480Lower Device Driver Name: \Driver\USBSTOR\<<<1>>>Upper Device Name: \Device\Harddisk0\DR0Upper Device Object: 0xffffffff856d2ac8Upper Device Driver Name: \Driver\disk\Lower Device Name: \Device\00000050\Lower Device Object: 0xffffffff84634b88Lower Device Driver Name: \Driver\nvstor32\<<<2>>>Device number: 0, partition: 1Physical Sector Size: 512Drive: 0, DevicePointer: 0xffffffff856d2ac8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\--------- Disk Stack ------DevicePointer: 0xffffffff856d27b8, DeviceName: Unknown, DriverName: \Driver\partmgr\DevicePointer: 0xffffffff856d2ac8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\DevicePointer: 0xffffffff83c9b4f8, DeviceName: Unknown, DriverName: \Driver\ACPI\DevicePointer: 0xffffffff84634b88, DeviceName: \Device\00000050\, DriverName: \Driver\nvstor32\------------ End ----------Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\Upper DeviceData: 0x0, 0x0, 0x0Lower DeviceData: 0x0, 0x0, 0x0<<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes<<<2>>>Device number: 0, partition: 1<<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytesScanning drivers directory: C:\Windows\system32\drivers...<<<2>>>Device number: 0, partition: 1<<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytesDone!Drive 0Scanning MBR on drive 0...Inspecting partition table:MBR Signature: 55AADisk Signature: 1549F232Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 63 Numsec = 612012177 Partition file system is NTFS Partition is bootable Partition 1 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 612012240 Numsec = 13125105 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0Disk Size: 320072933376 bytesSector size: 512 bytesScanning physical sectors of unpartitioned space on drive 0 (1-62-625122448-625142448)...Done!Physical Sector Size: 0Drive: 1, DevicePointer: 0xffffffff8b3b9ac8, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\--------- Disk Stack ------DevicePointer: 0xffffffff8b2e98f0, DeviceName: Unknown, DriverName: \Driver\partmgr\DevicePointer: 0xffffffff8b3b9ac8, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\DevicePointer: 0xffffffff8b12e480, DeviceName: \Device\0000005a\, DriverName: \Driver\USBSTOR\------------ End ----------Physical Sector Size: 0Drive: 2, DevicePointer: 0xffffffff8b211ac8, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\--------- Disk Stack ------DevicePointer: 0xffffffff8b2ea8f0, DeviceName: Unknown, DriverName: \Driver\partmgr\DevicePointer: 0xffffffff8b211ac8, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\DevicePointer: 0xffffffff8b2e2cd0, DeviceName: \Device\0000005b\, DriverName: \Driver\USBSTOR\------------ End ----------Physical Sector Size: 0Drive: 3, DevicePointer: 0xffffffff8b9d3ac8, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\disk\--------- Disk Stack ------DevicePointer: 0xffffffff8b3be8d8, DeviceName: Unknown, DriverName: \Driver\partmgr\DevicePointer: 0xffffffff8b9d3ac8, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\disk\DevicePointer: 0xffffffff8b3b4cd0, DeviceName: \Device\0000005c\, DriverName: \Driver\USBSTOR\------------ End ----------Physical Sector Size: 0Drive: 4, DevicePointer: 0xffffffff8b9d3560, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\disk\--------- Disk Stack ------DevicePointer: 0xffffffff8b2e8878, DeviceName: Unknown, DriverName: \Driver\partmgr\DevicePointer: 0xffffffff8b9d3560, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\disk\DevicePointer: 0xffffffff8b3b4970, DeviceName: \Device\0000005d\, DriverName: \Driver\USBSTOR\------------ End ----------Physical Sector Size: 512Drive: 5, DevicePointer: 0xffffffff83dd2ac8, DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\disk\--------- Disk Stack ------DevicePointer: 0xffffffff83dd2020, DeviceName: Unknown, DriverName: \Driver\partmgr\DevicePointer: 0xffffffff83dd2ac8, DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\disk\DevicePointer: 0xffffffff85052cd0, DeviceName: \Device\00000068\, DriverName: \Driver\USBSTOR\------------ End ----------Alternate DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\disk\Upper DeviceData: 0x0, 0x0, 0x0Lower DeviceData: 0x0, 0x0, 0x0Drive 5Scanning MBR on drive 5...Inspecting partition table:MBR Signature: 55AADisk Signature: C3072E18Partition information: Partition 0 type is Other (0xc) Partition is NOT ACTIVE. Partition starts at LBA: 8064 Numsec = 31268992 Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0Disk Size: 16013852672 bytesSector size: 512 bytesDone!Read File: File "c:\programdata\avg2013\chjw\26240a7d240a4feb.dat:8edad50a-98a8-4646-a5df-81719811ab3c" is sparse (flags = 32768)Scan finished=======================================Removal queue found; removal startedRemoving c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_i.mbam...Removing c:\programdata\malwarebytes' anti-malware (portable)\bootstrap_0_0_63_i.mbam...Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_r.mbam...Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_5_i.mbam...Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_5_r.mbam...Removal finishedComboFix 13-06-06.04 - mafineart 06/07/2013 1:32.1.2 - x86Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.894.368 [GMT -7:00]Running from: c:\users\mafineart\Desktop\ComboFix.exeAV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}..((((((((((((((((((((((((( Files Created from 2013-05-07 to 2013-06-07 )))))))))))))))))))))))))))))))..2013-06-07 08:41 . 2013-06-07 08:41 -------- d-----w- c:\users\Default\AppData\Local\temp2013-06-07 08:02 . 2013-06-07 08:19 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)2013-06-04 21:13 . 2013-06-04 21:13 -------- d-----w- c:\programdata\Malwarebytes2013-06-04 21:13 . 2013-06-04 21:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2013-06-04 21:13 . 2013-04-04 21:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys2013-06-04 00:06 . 1998-10-29 23:45 306688 ----a-w- c:\windows\IsUninst.exe2013-06-04 00:03 . 2013-06-04 00:03 -------- d-----w- c:\program files\SweetIM2013-06-04 00:03 . 2013-06-04 00:03 -------- d-----w- c:\program files\ExtractNow2013-06-03 20:47 . 2013-06-03 21:15 -------- d-----w- C:\AdobeTemp2013-06-03 20:15 . 2013-06-03 20:15 -------- d-----w- c:\programdata\FLEXnet2013-06-03 19:44 . 2013-06-03 19:44 -------- d-----w- c:\program files\Microsoft.NET2013-06-01 00:22 . 2013-06-01 00:22 -------- d-----w- c:\program files\Adobe Media Player2013-06-01 00:19 . 2013-06-01 00:19 -------- d-----w- c:\program files\Common Files\Adobe AIR2013-05-31 23:27 . 2010-09-20 09:25 231936 ----a-w- c:\windows\system32\msshsq.dll2013-05-31 10:30 . 2010-04-14 17:46 80896 ----a-w- c:\windows\system32\MSNP.ax2013-05-31 10:30 . 2010-04-14 17:47 293376 ----a-w- c:\windows\system32\psisdecd.dll2013-05-31 10:30 . 2010-04-14 17:47 217088 ----a-w- c:\windows\system32\psisrndr.ax2013-05-31 10:21 . 2009-11-08 17:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll2013-05-31 10:21 . 2009-11-08 17:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe2013-05-31 10:21 . 2009-11-08 17:55 49472 ----a-w- c:\windows\system32\netfxperf.dll2013-05-31 10:21 . 2009-11-08 17:55 297808 ----a-w- c:\windows\system32\mscoree.dll2013-05-31 10:21 . 2009-11-08 17:55 1130824 ----a-w- c:\windows\system32\dfshim.dll2013-05-31 10:08 . 2009-10-09 21:56 2048 ----a-w- c:\windows\system32\winrsmgr.dll2013-05-31 10:03 . 2009-10-09 21:56 1181696 ----a-w- c:\windows\system32\WsmSvc.dll2013-05-30 23:44 . 2011-04-20 14:47 375808 ----a-w- c:\windows\system32\winsrv.dll2013-05-30 23:44 . 2011-04-20 14:44 49152 ----a-w- c:\windows\system32\csrsrv.dll2013-05-30 23:43 . 2010-09-10 16:35 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe2013-05-30 23:43 . 2010-09-10 16:37 8147456 ----a-w- c:\windows\system32\wmploc.DLL2013-05-30 23:42 . 2010-09-06 16:24 125952 ----a-w- c:\windows\system32\srvsvc.dll2013-05-30 23:42 . 2010-09-06 16:23 17920 ----a-w- c:\windows\system32\netevent.dll2013-05-30 23:42 . 2010-04-16 16:10 501760 ----a-w- c:\windows\system32\usp10.dll2013-05-30 23:40 . 2010-12-28 14:56 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll2013-05-30 23:39 . 2011-02-18 13:31 304640 ----a-w- c:\windows\system32\drivers\srv.sys2013-05-30 23:39 . 2011-07-06 14:56 213504 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys2013-05-30 23:39 . 2011-04-29 12:49 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys2013-05-30 23:39 . 2011-04-29 12:49 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys2013-05-30 23:39 . 2011-03-02 14:49 86528 ----a-w- c:\windows\system32\dnsrslvr.dll2013-05-30 23:39 . 2009-05-04 10:11 25088 ----a-w- c:\windows\system32\dnscacheugc.exe2013-05-30 23:39 . 2010-04-05 16:07 67072 ----a-w- c:\windows\system32\asycfilt.dll2013-05-30 23:39 . 2010-06-28 16:15 1315840 ----a-w- c:\windows\system32\ole32.dll2013-05-30 23:39 . 2010-06-28 14:31 339968 ----a-w- c:\program files\Windows NT\Accessories\wordpad.exe2013-05-30 23:39 . 2010-08-17 13:32 126464 ----a-w- c:\windows\system32\spoolsv.exe2013-05-30 23:38 . 2010-08-26 16:07 157184 ----a-w- c:\windows\system32\t2embed.dll2013-05-30 23:38 . 2011-06-02 12:59 2042368 ----a-w- c:\windows\system32\win32k.sys2013-05-30 23:38 . 2011-04-21 13:16 273408 ----a-w- c:\windows\system32\drivers\afd.sys2013-05-30 23:37 . 2008-04-18 05:48 269312 ----a-w- c:\windows\system32\es.dll2013-05-30 23:37 . 2010-12-14 15:49 1169408 ----a-w- c:\windows\system32\sdclt.exe2013-05-30 23:37 . 2010-06-17 17:15 10926592 ----a-w- c:\program files\Movie Maker\MOVIEMK.dll2013-05-30 23:37 . 2010-06-17 15:49 150016 ----a-w- c:\program files\Movie Maker\MOVIEMK.exe2013-05-30 23:37 . 2011-04-29 12:49 146432 ----a-w- c:\windows\system32\drivers\srv2.sys2013-05-30 23:37 . 2011-04-29 12:49 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys2013-05-30 23:37 . 2011-05-02 16:00 766464 ----a-w- c:\program files\Common Files\Microsoft Shared\vgx\VGX.dll2013-05-30 23:36 . 2010-04-05 16:08 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL2013-05-30 23:36 . 2011-02-16 15:35 430080 ----a-w- c:\windows\system32\vbscript.dll2013-05-30 23:36 . 2010-12-20 15:39 563200 ----a-w- c:\windows\system32\oleaut32.dll2013-05-30 23:36 . 2010-08-31 15:41 954752 ----a-w- c:\windows\system32\mfc40.dll2013-05-30 23:36 . 2010-08-31 15:41 954288 ----a-w- c:\windows\system32\mfc40u.dll2013-05-30 23:36 . 2010-06-18 16:43 36352 ----a-w- c:\windows\system32\rtutils.dll2013-05-30 23:35 . 2011-03-03 14:56 28672 ----a-w- c:\windows\system32\Apphlpdm.dll2013-05-30 23:35 . 2011-03-03 13:01 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll2013-05-30 23:35 . 2010-08-20 15:21 866816 ----a-w- c:\windows\system32\wmpmde.dll2013-05-30 23:35 . 2010-12-29 17:41 429056 ----a-w- c:\windows\system32\EncDec.dll2013-05-30 23:35 . 2010-12-29 17:41 323072 ----a-w- c:\windows\system32\sbe.dll2013-05-30 23:35 . 2010-12-29 17:41 153088 ----a-w- c:\windows\system32\sbeio.dll2013-05-30 23:35 . 2010-12-29 17:39 177664 ----a-w- c:\windows\system32\mpg2splt.ax2013-05-30 23:33 . 2010-04-16 16:10 1314816 ----a-w- c:\windows\system32\quartz.dll2013-05-30 23:33 . 2010-11-06 11:09 603648 ----a-w- c:\windows\system32\schedsvc.dll2013-05-30 23:33 . 2010-11-06 11:10 357376 ----a-w- c:\windows\system32\taskschd.dll2013-05-30 23:33 . 2010-11-06 11:10 345088 ----a-w- c:\windows\system32\wmicmiplugin.dll2013-05-30 23:33 . 2010-11-06 11:10 270336 ----a-w- c:\windows\system32\taskcomp.dll2013-05-30 23:33 . 2010-11-05 00:53 171520 ----a-w- c:\windows\system32\taskeng.exe2013-05-30 23:33 . 2011-05-02 15:58 738816 ----a-w- c:\windows\system32\inetcomm.dll2013-05-30 23:33 . 2010-10-18 14:01 81920 ----a-w- c:\windows\system32\consent.exe2013-05-30 23:32 . 2010-06-11 15:30 1257472 ----a-w- c:\windows\system32\msxml3.dll2013-05-30 23:32 . 2008-09-18 04:56 125952 ----a-w- c:\windows\system32\wersvc.dll2013-05-30 23:32 . 2008-09-18 04:56 147456 ----a-w- c:\windows\system32\Faultrep.dll2013-05-30 23:32 . 2008-06-26 03:29 565248 ----a-w- c:\windows\system32\emdmgmt.dll2013-05-30 23:32 . 2008-08-02 01:01 625152 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys2013-05-30 23:32 . 2008-06-26 03:29 45056 ----a-w- c:\windows\system32\dataclen.dll2013-05-30 23:32 . 2008-08-02 03:26 36864 ----a-w- c:\windows\system32\cdd.dll2013-05-30 23:32 . 2008-05-20 02:07 148480 ----a-w- c:\windows\system32\drivers\nwifi.sys2013-05-30 23:32 . 2010-10-28 12:56 2048 ----a-w- c:\windows\system32\tzres.dll2013-05-30 23:31 . 2008-05-08 21:59 90112 ----a-w- c:\windows\system32\wshext.dll2013-05-30 23:31 . 2008-05-08 21:59 180224 ----a-w- c:\windows\system32\scrobj.dll2013-05-30 23:31 . 2008-05-08 21:59 172032 ----a-w- c:\windows\system32\scrrun.dll2013-05-30 23:31 . 2008-05-08 21:59 155648 ----a-w- c:\windows\system32\wscript.exe2013-05-30 23:31 . 2008-05-08 21:58 135168 ----a-w- c:\windows\system32\cscript.exe2013-05-30 23:31 . 2008-05-08 21:58 135168 ----a-w- c:\windows\system32\wshom.ocx2013-05-30 23:31 . 2010-12-17 16:43 2067456 ----a-w- c:\windows\system32\mstscax.dll2013-05-30 23:31 . 2010-12-17 15:06 677888 ----a-w- c:\windows\system32\mstsc.exe2013-05-30 23:31 . 2010-06-16 15:59 898952 ----a-w- c:\windows\system32\drivers\tcpip.sys2013-05-30 23:30 . 2010-08-31 15:40 531968 ----a-w- c:\windows\system32\comctl32.dll2013-05-30 23:18 . 2011-04-29 14:54 276992 ----a-w- c:\windows\system32\schannel.dll2013-05-30 22:38 . 2010-10-18 12:00 303104 ----a-w- c:\windows\system32\CNMXLMAN.DLL2013-05-30 22:38 . 2013-05-30 22:38 -------- d--h--w- c:\programdata\CanonIJFAX2013-05-30 22:36 . 2013-05-30 22:36 -------- d-----w- c:\program files\Common Files\CANON2013-05-30 22:35 . 2013-05-30 22:35 -------- d-----w- c:\programdata\CanonIJWSpt2013-05-30 22:34 . 2013-05-30 22:34 -------- d--h--w- c:\programdata\CanonBJ2013-05-30 22:34 . 2010-10-18 12:00 74752 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPPAN.DLL2013-05-30 22:34 . 2010-10-18 12:00 28672 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPDAN.DLL2013-05-30 22:34 . 2013-05-30 22:34 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information2013-05-30 22:32 . 2010-09-13 21:44 106496 ----a-w- c:\windows\system32\CNC880U.dll2013-05-30 22:32 . 2010-09-13 21:42 1347584 ----a-w- c:\windows\system32\CNC880C.dll2013-05-30 22:32 . 2010-09-13 21:42 114688 ----a-w- c:\windows\system32\CNC880I.dll2013-05-30 22:32 . 2010-09-07 00:03 315392 ----a-w- c:\windows\system32\CNC880L.dll2013-05-30 22:32 . 2008-08-26 01:02 15872 ----a-w- c:\windows\system32\CNHMCA.dll2013-05-30 22:29 . 2010-10-18 12:00 303104 ----a-w- c:\windows\system32\CNMLMAN.DLL2013-05-30 22:29 . 2010-10-19 12:00 257024 ----a-w- c:\windows\system32\CNCALAN.DLL2013-05-30 22:29 . 2010-06-03 15:11 94208 ----a-w- c:\windows\system32\CNC880O.dll2013-05-30 22:29 . 2010-09-07 10:58 180224 ----a-w- c:\windows\system32\CNMIUAN.DLL2013-05-30 22:28 . 2013-05-30 22:28 -------- d-----w- c:\windows\system32\STRING2013-05-30 22:28 . 2010-09-08 16:26 34816 ----a-w- c:\windows\system32\CNMNPUI.DLL2013-05-30 22:26 . 2013-05-30 22:36 -------- d-----w- c:\program files\Canon2013-05-30 18:05 . 2013-05-30 18:05 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2013-05-30 18:05 . 2013-05-30 18:05 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe2013-05-30 15:00 . 2013-05-30 15:00 -------- d-----w- C:\PerfLogs2013-05-30 14:53 . 2008-01-08 20:10 98304 ----a-w- c:\windows\RTKAUDIOSERVICE.EXE2013-05-30 14:32 . 2013-05-30 13:57 47560 ----a-w- c:\windows\system32\SPReview.exe2013-05-30 14:32 . 2013-05-30 13:57 152576 ----a-w- c:\windows\system32\SPWizUI.dll2013-05-30 14:07 . 2008-01-19 06:33 193024 ----a-w- c:\windows\system32\recdisc.exe2013-05-30 14:07 . 2008-01-19 06:36 6656 ----a-w- c:\windows\system32\sdspres.dll2013-05-30 14:07 . 2008-01-19 06:33 599552 ----a-w- c:\windows\system32\vsp1cln.exe2013-05-30 14:07 . 2008-01-19 06:36 28160 ----a-w- c:\windows\system32\sxproxy.dll2013-05-30 14:07 . 2008-01-19 06:36 142336 ----a-w- c:\windows\system32\spp.dll2013-05-30 14:05 . 2008-01-19 06:36 975360 ----a-w- c:\windows\system32\RASMM.dll..(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2013-05-30 14:43 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll2013-05-30 14:43 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll2013-05-30 09:51 . 2006-12-09 20:17 319456 ----a-w- c:\windows\DIFxAPI.dll2013-05-30 03:28 . 2013-05-30 03:28 40960 ----a-w- c:\windows\apppatch\apihex86.dll2013-05-29 12:15 . 2013-05-29 12:15 2560 ----a-w- c:\windows\apppatch\AcRes.dll2013-03-29 09:53 . 2013-03-29 09:53 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys2013-03-21 10:08 . 2013-03-21 10:08 182072 ----a-w- c:\windows\system32\drivers\avgtdix.sys..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shownREGEDIT4.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2006-09-28 65536]"KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440]"RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 4874240]"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-17 49152]"AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2013-04-29 4408368]"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-07-26 2569616]"CanonSolutionMenuEx"="c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-09-15 1213848].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]"Launcher"="c:\windows\SMINST\launcher.exe" [2006-11-25 44136].c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2013-6-3 113664].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]"DisableMonitoring"=dword:00000001.[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]"DisableMonitoring"=dword:00000001.[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]"DisableMonitoring"=dword:00000001.--- Other Services/Drivers In Memory ---.*NewlyCreated* - 80223447*Deregistered* - 80223447.[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]2013-06-07 08:14 1165776 ----a-w- c:\program files\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe.Contents of the 'Scheduled Tasks' folder.2013-06-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files\Google\Update\GoogleUpdate.exe [2013-05-30 06:09].2013-06-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files\Google\Update\GoogleUpdate.exe [2013-05-30 06:09]..------- Supplementary Scan -------.uStart Page = hxxp://google.com/mStart Page = hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10045&barid={27AD4671-CCAA-11E2-9815-001A92405806}TCP: DhcpNameServer = 209.18.47.61 209.18.47.62.- - - - ORPHANS REMOVED - - - -.HKCU-Run-HPAdvisor - c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe...**************************************************************************.catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2013-06-07 01:42Windows 6.0.6001 Service Pack 1 NTFS.scanning hidden processes ... .scanning hidden autostart entries ....scanning hidden files ... .scan completed successfullyhidden files: 0.**************************************************************************.--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.Completion time: 2013-06-07 01:45:31ComboFix-quarantined-files.txt 2013-06-07 08:45.Pre-Run: 217,718,603,776 bytes freePost-Run: 219,075,817,472 bytes free.- - End Of File - - B5E692D8129C8884B294A74452DEF1EE8913823FF508CCF109DB74B636C301DAResults of screen317's Security Check version 0.99.64 Windows Vista Service Pack 1 x86 (UAC is enabled) Out of date service pack!!``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! AVG AntiVirus Free Edition 2013 Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300 Adobe Reader 7 Adobe Reader out of Date! Google Chrome 27.0.1453.110 Google Chrome 27.0.1453.94 ````````Process Check: objlist.exe by Laurent```````` AVG avgwdsvc.exe AVG avgrsx.exe AVG avgnsx.exe AVG avgemc.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 1 %````````````````````End of Log`````````````````````` Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted June 7, 2013 ID:688409 Share Posted June 7, 2013 Please do the following:1. Close any open browsers.2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.3. Open notepad and copy/paste the text in the quotebox below into it:KILLALL::Driver::80223447File::C:\Windows\System32\Drivers\80223447.sysReboot::Save this as CFScript.txt, in the same location as ComboFix.exeRefering to the picture above, drag CFScript into ComboFix.exeWhen finished, it shall produce a log for you at C:\ComboFix.txt which I shall require in your next reply.Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall.Please include the newly-created C:\ComboFix.txt in your next reply, and let me know how things are running now Link to post Share on other sites More sharing options...
Buddahass Posted June 8, 2013 Author ID:688796 Share Posted June 8, 2013 Hi D-FRED, ran the script, and had AVG temporarily disabled.Upon rebooting, my anti virus "did" activate, and did react to Combofix, momentarilly prompting me with the option to provide an exception for it.I allowed it, then disabled it again. Combofix then proceeded unhindered to complete the log. The toolbar is still listed among my programs, and Chrome still currently redirects to the Sweetpacks site.ComboFix 13-06-07.03 - mafineart 06/08/2013 4:23.2.2 - x86Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.894.343 [GMT -7:00]Running from: c:\users\mafineart\Desktop\ComboFix.exeCommand switches used :: c:\users\mafineart\Desktop\CFScript.txtAV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}.FILE ::"c:\windows\System32\Drivers\80223447.sys"..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))...((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))..-------\Legacy_80223447..((((((((((((((((((((((((( Files Created from 2013-05-08 to 2013-06-08 )))))))))))))))))))))))))))))))..2013-06-08 11:34 . 2013-06-08 11:34 -------- d-----w- c:\users\Default\AppData\Local\temp2013-06-07 08:02 . 2013-06-07 08:19 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)2013-06-04 21:13 . 2013-06-04 21:13 -------- d-----w- c:\programdata\Malwarebytes2013-06-04 21:13 . 2013-06-04 21:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2013-06-04 21:13 . 2013-04-04 21:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys2013-06-04 00:06 . 1998-10-29 23:45 306688 ----a-w- c:\windows\IsUninst.exe2013-06-04 00:03 . 2013-06-04 00:03 -------- d-----w- c:\program files\SweetIM2013-06-04 00:03 . 2013-06-04 00:03 -------- d-----w- c:\program files\ExtractNow2013-06-03 20:47 . 2013-06-03 21:15 -------- d-----w- C:\AdobeTemp2013-06-03 20:15 . 2013-06-03 20:15 -------- d-----w- c:\programdata\FLEXnet2013-06-03 19:44 . 2013-06-03 19:44 -------- d-----w- c:\program files\Microsoft.NET2013-06-01 00:22 . 2013-06-01 00:22 -------- d-----w- c:\program files\Adobe Media Player2013-06-01 00:19 . 2013-06-01 00:19 -------- d-----w- c:\program files\Common Files\Adobe AIR2013-05-31 23:27 . 2010-09-20 09:25 231936 ----a-w- c:\windows\system32\msshsq.dll2013-05-31 10:30 . 2010-04-14 17:46 80896 ----a-w- c:\windows\system32\MSNP.ax2013-05-31 10:30 . 2010-04-14 17:47 293376 ----a-w- c:\windows\system32\psisdecd.dll2013-05-31 10:30 . 2010-04-14 17:47 217088 ----a-w- c:\windows\system32\psisrndr.ax2013-05-31 10:21 . 2009-11-08 17:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll2013-05-31 10:21 . 2009-11-08 17:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe2013-05-31 10:21 . 2009-11-08 17:55 49472 ----a-w- c:\windows\system32\netfxperf.dll2013-05-31 10:21 . 2009-11-08 17:55 297808 ----a-w- c:\windows\system32\mscoree.dll2013-05-31 10:21 . 2009-11-08 17:55 1130824 ----a-w- c:\windows\system32\dfshim.dll2013-05-31 10:08 . 2009-10-09 21:56 2048 ----a-w- c:\windows\system32\winrsmgr.dll2013-05-31 10:03 . 2009-10-09 21:56 1181696 ----a-w- c:\windows\system32\WsmSvc.dll2013-05-30 23:44 . 2011-04-20 14:47 375808 ----a-w- c:\windows\system32\winsrv.dll2013-05-30 23:44 . 2011-04-20 14:44 49152 ----a-w- c:\windows\system32\csrsrv.dll2013-05-30 23:43 . 2010-09-10 16:35 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe2013-05-30 23:43 . 2010-09-10 16:37 8147456 ----a-w- c:\windows\system32\wmploc.DLL2013-05-30 23:42 . 2010-09-06 16:24 125952 ----a-w- c:\windows\system32\srvsvc.dll2013-05-30 23:42 . 2010-09-06 16:23 17920 ----a-w- c:\windows\system32\netevent.dll2013-05-30 23:42 . 2010-04-16 16:10 501760 ----a-w- c:\windows\system32\usp10.dll2013-05-30 23:40 . 2010-12-28 14:56 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll2013-05-30 23:39 . 2011-02-18 13:31 304640 ----a-w- c:\windows\system32\drivers\srv.sys2013-05-30 23:39 . 2011-07-06 14:56 213504 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys2013-05-30 23:39 . 2011-04-29 12:49 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys2013-05-30 23:39 . 2011-04-29 12:49 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys2013-05-30 23:39 . 2011-03-02 14:49 86528 ----a-w- c:\windows\system32\dnsrslvr.dll2013-05-30 23:39 . 2009-05-04 10:11 25088 ----a-w- c:\windows\system32\dnscacheugc.exe2013-05-30 23:39 . 2010-04-05 16:07 67072 ----a-w- c:\windows\system32\asycfilt.dll2013-05-30 23:39 . 2010-06-28 16:15 1315840 ----a-w- c:\windows\system32\ole32.dll2013-05-30 23:39 . 2010-06-28 14:31 339968 ----a-w- c:\program files\Windows NT\Accessories\wordpad.exe2013-05-30 23:39 . 2010-08-17 13:32 126464 ----a-w- c:\windows\system32\spoolsv.exe2013-05-30 23:38 . 2010-08-26 16:07 157184 ----a-w- c:\windows\system32\t2embed.dll2013-05-30 23:38 . 2011-06-02 12:59 2042368 ----a-w- c:\windows\system32\win32k.sys2013-05-30 23:38 . 2011-04-21 13:16 273408 ----a-w- c:\windows\system32\drivers\afd.sys2013-05-30 23:37 . 2008-04-18 05:48 269312 ----a-w- c:\windows\system32\es.dll2013-05-30 23:37 . 2010-12-14 15:49 1169408 ----a-w- c:\windows\system32\sdclt.exe2013-05-30 23:37 . 2010-06-17 17:15 10926592 ----a-w- c:\program files\Movie Maker\MOVIEMK.dll2013-05-30 23:37 . 2010-06-17 15:49 150016 ----a-w- c:\program files\Movie Maker\MOVIEMK.exe2013-05-30 23:37 . 2011-04-29 12:49 146432 ----a-w- c:\windows\system32\drivers\srv2.sys2013-05-30 23:37 . 2011-04-29 12:49 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys2013-05-30 23:37 . 2011-05-02 16:00 766464 ----a-w- c:\program files\Common Files\Microsoft Shared\vgx\VGX.dll2013-05-30 23:36 . 2010-04-05 16:08 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL2013-05-30 23:36 . 2011-02-16 15:35 430080 ----a-w- c:\windows\system32\vbscript.dll2013-05-30 23:36 . 2010-12-20 15:39 563200 ----a-w- c:\windows\system32\oleaut32.dll2013-05-30 23:36 . 2010-08-31 15:41 954752 ----a-w- c:\windows\system32\mfc40.dll2013-05-30 23:36 . 2010-08-31 15:41 954288 ----a-w- c:\windows\system32\mfc40u.dll2013-05-30 23:36 . 2010-06-18 16:43 36352 ----a-w- c:\windows\system32\rtutils.dll2013-05-30 23:35 . 2011-03-03 14:56 28672 ----a-w- c:\windows\system32\Apphlpdm.dll2013-05-30 23:35 . 2011-03-03 13:01 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll2013-05-30 23:35 . 2010-08-20 15:21 866816 ----a-w- c:\windows\system32\wmpmde.dll2013-05-30 23:35 . 2010-12-29 17:41 429056 ----a-w- c:\windows\system32\EncDec.dll2013-05-30 23:35 . 2010-12-29 17:41 323072 ----a-w- c:\windows\system32\sbe.dll2013-05-30 23:35 . 2010-12-29 17:41 153088 ----a-w- c:\windows\system32\sbeio.dll2013-05-30 23:35 . 2010-12-29 17:39 177664 ----a-w- c:\windows\system32\mpg2splt.ax2013-05-30 23:33 . 2010-04-16 16:10 1314816 ----a-w- c:\windows\system32\quartz.dll2013-05-30 23:33 . 2010-11-06 11:09 603648 ----a-w- c:\windows\system32\schedsvc.dll2013-05-30 23:33 . 2010-11-06 11:10 357376 ----a-w- c:\windows\system32\taskschd.dll2013-05-30 23:33 . 2010-11-06 11:10 345088 ----a-w- c:\windows\system32\wmicmiplugin.dll2013-05-30 23:33 . 2010-11-06 11:10 270336 ----a-w- c:\windows\system32\taskcomp.dll2013-05-30 23:33 . 2010-11-05 00:53 171520 ----a-w- c:\windows\system32\taskeng.exe2013-05-30 23:33 . 2011-05-02 15:58 738816 ----a-w- c:\windows\system32\inetcomm.dll2013-05-30 23:33 . 2010-10-18 14:01 81920 ----a-w- c:\windows\system32\consent.exe2013-05-30 23:32 . 2010-06-11 15:30 1257472 ----a-w- c:\windows\system32\msxml3.dll2013-05-30 23:32 . 2008-09-18 04:56 125952 ----a-w- c:\windows\system32\wersvc.dll2013-05-30 23:32 . 2008-09-18 04:56 147456 ----a-w- c:\windows\system32\Faultrep.dll2013-05-30 23:32 . 2008-06-26 03:29 565248 ----a-w- c:\windows\system32\emdmgmt.dll2013-05-30 23:32 . 2008-08-02 01:01 625152 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys2013-05-30 23:32 . 2008-06-26 03:29 45056 ----a-w- c:\windows\system32\dataclen.dll2013-05-30 23:32 . 2008-08-02 03:26 36864 ----a-w- c:\windows\system32\cdd.dll2013-05-30 23:32 . 2008-05-20 02:07 148480 ----a-w- c:\windows\system32\drivers\nwifi.sys2013-05-30 23:32 . 2010-10-28 12:56 2048 ----a-w- c:\windows\system32\tzres.dll2013-05-30 23:31 . 2008-05-08 21:59 90112 ----a-w- c:\windows\system32\wshext.dll2013-05-30 23:31 . 2008-05-08 21:59 180224 ----a-w- c:\windows\system32\scrobj.dll2013-05-30 23:31 . 2008-05-08 21:59 172032 ----a-w- c:\windows\system32\scrrun.dll2013-05-30 23:31 . 2008-05-08 21:59 155648 ----a-w- c:\windows\system32\wscript.exe2013-05-30 23:31 . 2008-05-08 21:58 135168 ----a-w- c:\windows\system32\cscript.exe2013-05-30 23:31 . 2008-05-08 21:58 135168 ----a-w- c:\windows\system32\wshom.ocx2013-05-30 23:31 . 2010-12-17 16:43 2067456 ----a-w- c:\windows\system32\mstscax.dll2013-05-30 23:31 . 2010-12-17 15:06 677888 ----a-w- c:\windows\system32\mstsc.exe2013-05-30 23:31 . 2010-06-16 15:59 898952 ----a-w- c:\windows\system32\drivers\tcpip.sys2013-05-30 23:30 . 2010-08-31 15:40 531968 ----a-w- c:\windows\system32\comctl32.dll2013-05-30 23:18 . 2011-04-29 14:54 276992 ----a-w- c:\windows\system32\schannel.dll2013-05-30 22:38 . 2010-10-18 12:00 303104 ----a-w- c:\windows\system32\CNMXLMAN.DLL2013-05-30 22:38 . 2013-05-30 22:38 -------- d--h--w- c:\programdata\CanonIJFAX2013-05-30 22:36 . 2013-05-30 22:36 -------- d-----w- c:\program files\Common Files\CANON2013-05-30 22:35 . 2013-05-30 22:35 -------- d-----w- c:\programdata\CanonIJWSpt2013-05-30 22:34 . 2013-05-30 22:34 -------- d--h--w- c:\programdata\CanonBJ2013-05-30 22:34 . 2010-10-18 12:00 74752 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPPAN.DLL2013-05-30 22:34 . 2010-10-18 12:00 28672 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPDAN.DLL2013-05-30 22:34 . 2013-05-30 22:34 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information2013-05-30 22:32 . 2010-09-13 21:44 106496 ----a-w- c:\windows\system32\CNC880U.dll2013-05-30 22:32 . 2010-09-13 21:42 1347584 ----a-w- c:\windows\system32\CNC880C.dll2013-05-30 22:32 . 2010-09-13 21:42 114688 ----a-w- c:\windows\system32\CNC880I.dll2013-05-30 22:32 . 2010-09-07 00:03 315392 ----a-w- c:\windows\system32\CNC880L.dll2013-05-30 22:32 . 2008-08-26 01:02 15872 ----a-w- c:\windows\system32\CNHMCA.dll2013-05-30 22:29 . 2010-10-18 12:00 303104 ----a-w- c:\windows\system32\CNMLMAN.DLL2013-05-30 22:29 . 2010-10-19 12:00 257024 ----a-w- c:\windows\system32\CNCALAN.DLL2013-05-30 22:29 . 2010-06-03 15:11 94208 ----a-w- c:\windows\system32\CNC880O.dll2013-05-30 22:29 . 2010-09-07 10:58 180224 ----a-w- c:\windows\system32\CNMIUAN.DLL2013-05-30 22:28 . 2013-05-30 22:28 -------- d-----w- c:\windows\system32\STRING2013-05-30 22:28 . 2010-09-08 16:26 34816 ----a-w- c:\windows\system32\CNMNPUI.DLL2013-05-30 22:26 . 2013-05-30 22:36 -------- d-----w- c:\program files\Canon2013-05-30 18:05 . 2013-05-30 18:05 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2013-05-30 18:05 . 2013-05-30 18:05 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe2013-05-30 15:00 . 2013-05-30 15:00 -------- d-----w- C:\PerfLogs2013-05-30 14:53 . 2008-01-08 20:10 98304 ----a-w- c:\windows\RTKAUDIOSERVICE.EXE2013-05-30 14:32 . 2013-05-30 13:57 47560 ----a-w- c:\windows\system32\SPReview.exe2013-05-30 14:32 . 2013-05-30 13:57 152576 ----a-w- c:\windows\system32\SPWizUI.dll2013-05-30 14:07 . 2008-01-19 06:33 193024 ----a-w- c:\windows\system32\recdisc.exe2013-05-30 14:07 . 2008-01-19 06:36 6656 ----a-w- c:\windows\system32\sdspres.dll2013-05-30 14:07 . 2008-01-19 06:33 599552 ----a-w- c:\windows\system32\vsp1cln.exe2013-05-30 14:07 . 2008-01-19 06:36 28160 ----a-w- c:\windows\system32\sxproxy.dll2013-05-30 14:07 . 2008-01-19 06:36 142336 ----a-w- c:\windows\system32\spp.dll2013-05-30 14:05 . 2008-01-19 06:36 975360 ----a-w- c:\windows\system32\RASMM.dll..(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2013-05-30 14:43 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll2013-05-30 14:43 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll2013-05-30 09:51 . 2006-12-09 20:17 319456 ----a-w- c:\windows\DIFxAPI.dll2013-05-30 03:28 . 2013-05-30 03:28 40960 ----a-w- c:\windows\apppatch\apihex86.dll2013-05-29 12:15 . 2013-05-29 12:15 2560 ----a-w- c:\windows\apppatch\AcRes.dll2013-03-29 09:53 . 2013-03-29 09:53 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys2013-03-21 10:08 . 2013-03-21 10:08 182072 ----a-w- c:\windows\system32\drivers\avgtdix.sys..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shownREGEDIT4.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2006-09-28 65536]"KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440]"RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 4874240]"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-17 49152]"AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2013-04-29 4408368]"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-07-26 2569616]"CanonSolutionMenuEx"="c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-09-15 1213848].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]"Launcher"="c:\windows\SMINST\launcher.exe" [2006-11-25 44136].c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2013-6-3 113664].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]"DisableMonitoring"=dword:00000001.[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]"DisableMonitoring"=dword:00000001.[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]"DisableMonitoring"=dword:00000001.[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]2013-06-07 08:14 1165776 ----a-w- c:\program files\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe.Contents of the 'Scheduled Tasks' folder.2013-06-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files\Google\Update\GoogleUpdate.exe [2013-05-30 06:09].2013-06-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files\Google\Update\GoogleUpdate.exe [2013-05-30 06:09]..------- Supplementary Scan -------.uStart Page = hxxp://google.com/mStart Page = hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10045&barid={27AD4671-CCAA-11E2-9815-001A92405806}TCP: DhcpNameServer = 209.18.47.61 209.18.47.62..**************************************************************************.catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2013-06-08 04:38Windows 6.0.6001 Service Pack 1 NTFS.scanning hidden processes ... .scanning hidden autostart entries ....scanning hidden files ... .scan completed successfullyhidden files: 0.**************************************************************************.--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.------------------------ Other Running Processes ------------------------.c:\windows\system32\nvvsvc.exec:\program files\NVIDIA Corporation\Display\nvxdsync.exec:\windows\system32\nvvsvc.exec:\program files\AVG\AVG2013\avgwdsvc.exec:\program files\Common Files\LightScribe\LSSrvc.exec:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exec:\windows\system32\DRIVERS\xaudio.exec:\windows\system32\WUDFHost.exec:\windows\RtHDVCpl.exec:\program files\NVIDIA Corporation\Display\nvtray.exec:\program files\AVG\AVG2013\avgcfgex.exec:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe.**************************************************************************.Completion time: 2013-06-08 04:43:53 - machine was rebootedComboFix-quarantined-files.txt 2013-06-08 11:43ComboFix2.txt 2013-06-07 08:45.Pre-Run: 219,458,277,376 bytes freePost-Run: 219,152,850,944 bytes free.- - End Of File - - 5E3949B8400E7937049262A2B7D795E38913823FF508CCF109DB74B636C301DA Link to post Share on other sites More sharing options...
Buddahass Posted June 8, 2013 Author ID:688802 Share Posted June 8, 2013 Also, upon running the script, Combofix was interrupted mid stream, prompting an update to a newer version was available. No sure what to do, I accepted the update, it appeared to do so, and then continued on to scan and reboot. Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted June 8, 2013 ID:688881 Share Posted June 8, 2013 Looks a whole lot better. I'd like to run a few more scans to verify we haven't missed anything.----------Step 1----------------We need to create a New FULL OTL ReportPlease download OTL from here if you have not done so already:Main Mirror[*]Save it to your desktop.[*]Double click on the OTL icon on your desktop.[*]Click the "Scan All Users" checkbox.[*]Change the "Extra Registry" option to "SafeList"[*]Push the Run Scan button.[*]Two reports will open, copy and paste them in a reply here:OTL.txt <-- Will be openedExtra.txt <-- Will be minimized----------Step 2----------------I'd like us to scan your machine with ESET OnlineScanHold down Control and click on the following link to open ESET OnlineScan in a new window.ESET OnlineScanClick the button.For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)Click on to download the ESET Smart Installer. Save it to your desktop.Double click on the icon on your desktop.[*]Check [*]Click the button.[*]Accept any security warnings from your browser.[*]Check [*]Push the Start button.[*]ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.[*]When the scan completes, push [*]Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.[*]Push the button.[*]Push A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt----------Step 3----------------Please post the OTL.txt and Extras.txt, and the ESET online scan log in your next reply.Let me know how things go. Link to post Share on other sites More sharing options...
Buddahass Posted June 8, 2013 Author ID:688934 Share Posted June 8, 2013 Looks a whole lot better. I'd like to run a few more scans to verify we haven't missed anything.The toolbar is still listed among my programs, and Chrome still currently redirects to the Sweetpacks site.Hi D-FRED, not sure if you saw this, as it probably should have been typed first, rather than midway through. I'll run the OTL scan as soon as I get home. Thanks! Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted June 8, 2013 ID:688941 Share Posted June 8, 2013 My bad, I missed that. We'll fix those issues with OTL Link to post Share on other sites More sharing options...
Buddahass Posted June 9, 2013 Author ID:689085 Share Posted June 9, 2013 Hi D-FREDThe ESET scan found no threats, nor offered any option to save a log file. OTL logfile created on: 6/8/2013 9:47:14 PM - Run 1OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\mafineart\DesktopWindows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstationInternet Explorer (Version = 7.0.6001.18000)Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy893.82 Mb Total Physical Memory | 298.88 Mb Available Physical Memory | 33.44% Memory free2.00 Gb Paging File | 1.29 Gb Available in Paging File | 64.48% Paging File freePaging file location(s): ?:\pagefile.sys [binary data]%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program FilesDrive C: | 291.83 Gb Total Space | 207.04 Gb Free Space | 70.94% Space Free | Partition Type: NTFSDrive D: | 6.26 Gb Total Space | 0.88 Gb Free Space | 14.01% Space Free | Partition Type: NTFSDrive E: | 76.72 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFSComputer Name: MAFINEART-PC | User Name: mafineart | Logged in as Administrator.Boot Mode: Normal | Scan Mode: All usersCompany Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days========== Processes (SafeList) ==========PRC - [2013/06/08 21:44:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\mafineart\Desktop\OTL.exePRC - [2013/05/29 20:41:10 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exePRC - [2013/05/14 00:54:12 | 004,937,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exePRC - [2013/04/29 00:58:42 | 004,408,368 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exePRC - [2013/04/18 04:34:38 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exePRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exePRC - [2013/02/19 21:32:08 | 001,259,296 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exePRC - [2013/02/19 04:01:14 | 000,328,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcfgex.exePRC - [2013/01/31 02:01:06 | 000,865,056 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exePRC - [2013/01/31 02:01:05 | 001,821,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exePRC - [2010/07/25 19:08:00 | 002,569,616 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXEPRC - [2008/01/15 11:26:18 | 004,874,240 | ---- | M] (Realtek Semiconductor) -- C:\WINDOWS\RtHDVCpl.exePRC - [2006/09/28 06:42:24 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe========== Modules (No Company Name) ==================== Services (SafeList) ==========SRV - File not found [Auto | Stopped] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon -- (CLTNetCnService)SRV - [2013/05/14 00:54:12 | 004,937,264 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)SRV - [2013/04/18 04:34:38 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)SRV - [2013/02/19 21:32:08 | 001,259,296 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)SRV - [2008/01/18 23:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)========== Driver Services (SafeList) ==========DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)DRV - File not found [Kernel | Auto | Stopped] -- -- (adfs)DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\drivers\mbam.sys -- (MBAMProtector)DRV - [2013/03/29 02:53:48 | 000,208,184 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)DRV - [2013/03/21 03:08:24 | 000,182,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avgtdix.sys -- (Avgtdix)DRV - [2013/03/01 10:32:20 | 000,022,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)DRV - [2013/02/19 21:32:54 | 010,919,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvlddmkm.sys -- (nvlddmkm)DRV - [2013/02/08 04:37:58 | 000,096,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\avgmfx86.sys -- (Avgmfx86)DRV - [2013/02/08 04:37:56 | 000,245,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\avglogx.sys -- (Avglogx)DRV - [2013/02/08 04:37:52 | 000,060,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\avgidshx.sys -- (AVGIDSHX)DRV - [2013/02/08 04:37:44 | 000,170,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avgldx86.sys -- (Avgldx86)DRV - [2013/02/08 04:37:40 | 000,039,224 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\avgrkx86.sys -- (Avgrkx86)DRV - [2008/08/01 19:51:14 | 001,052,704 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvmfdx32.sys -- (NVENETFD)DRV - [2008/05/08 05:05:18 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)DRV - [2008/05/08 05:03:18 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSX_DP.sys -- (HSF_DP)DRV - [2007/10/26 18:51:24 | 000,110,624 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\nvstor32.sys -- (nvstor32)DRV - [2007/10/18 07:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)DRV - [2005/12/12 09:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\PS2.sys -- (Ps2)========== Standard Registry (SafeList) ==================== Internet Explorer ==========IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10045&barid={27AD4671-CCAA-11E2-9815-001A92405806}IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}IE - HKLM\..\SearchScopes\{5361745A-F6B9-4BC9-86D0-6B907ADF0567}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpdIE - HKLM\..\SearchScopes\{658C93D6-EB13-4DA5-8A2A-FA0164685CB4}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdtIE - HKLM\..\SearchScopes\{AD2D14A1-62D7-48D7-9A38-6AB5929C7185}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&entrypoint={referrer:source?}&FORM=HVDUS7IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpacks.com/?src=6&q={searchTerms}&st=12&crg=3.5000006.10045&barid={27AD4671-CCAA-11E2-9815-001A92405806}IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-21-4196601509-315295840-2269700814-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/IE - HKU\S-1-5-21-4196601509-315295840-2269700814-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1IE - HKU\S-1-5-21-4196601509-315295840-2269700814-1000\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}IE - HKU\S-1-5-21-4196601509-315295840-2269700814-1000\..\SearchScopes\{5361745A-F6B9-4BC9-86D0-6B907ADF0567}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpdIE - HKU\S-1-5-21-4196601509-315295840-2269700814-1000\..\SearchScopes\{658C93D6-EB13-4DA5-8A2A-FA0164685CB4}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdtIE - HKU\S-1-5-21-4196601509-315295840-2269700814-1000\..\SearchScopes\{AD2D14A1-62D7-48D7-9A38-6AB5929C7185}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&entrypoint={referrer:source?}&FORM=HVDUS7IE - HKU\S-1-5-21-4196601509-315295840-2269700814-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpacks.com/?src=6&q={searchTerms}&st=12&crg=3.5000006.10045&barid={27AD4671-CCAA-11E2-9815-001A92405806}IE - HKU\S-1-5-21-4196601509-315295840-2269700814-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-21-4196601509-315295840-2269700814-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=71&bd=Pavilion&pf=desktopIE - HKU\S-1-5-21-4196601509-315295840-2269700814-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=71&bd=Pavilion&pf=desktop========== FireFox ==========FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\Program Files\Updater By SweetPacks\Firefox========== Chrome ==========CHR - default_search_provider: Bing (Enabled)CHR - default_search_provider: search_url = http://start.sweetpacks.com/?src=6&q={searchTerms}&st=12&crg=3.5000006.10045&barid={27AD4671-CCAA-11E2-9815-001A92405806}CHR - default_search_provider: suggest_url = CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dllCHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewerCHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dllCHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.110\pdf.dllCHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dllCHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dllCHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dllCHR - Extension: HP Product Detection Plugin = C:\Users\mafineart\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp\1.0.26.1_0\CHR - Extension: Google Docs = C:\Users\mafineart\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\CHR - Extension: Google Drive = C:\Users\mafineart\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\CHR - Extension: YouTube = C:\Users\mafineart\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\CHR - Extension: Google Search = C:\Users\mafineart\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\CHR - Extension: Gmail = C:\Users\mafineart\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\O1 HOSTS File: ([2013/06/08 04:37:19 | 000,000,027 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hostsO1 - Hosts: 127.0.0.1 localhostO2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)O4 - HKU\S-1-5-21-4196601509-315295840-2269700814-1001..\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe File not foundO4 - HKU\S-1-5-21-4196601509-315295840-2269700814-1001..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)O4 - HKLM..\RunOnce: [Launcher] C:\WINDOWS\SMINST\Launcher.exe (soft thinks)O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions presentO6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-21-4196601509-315295840-2269700814-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-21-4196601509-315295840-2269700814-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0O7 - HKU\S-1-5-21-4196601509-315295840-2269700814-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO15 - HKU\S-1-5-21-4196601509-315295840-2269700814-1001\..Trusted Ranges: Range1 ([http] in )O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{65CB202F-C53A-47EC-A58C-BF660DF2134C}: DhcpNameServer = 209.18.47.61 209.18.47.62O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\El Capitan.jpgO24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\El Capitan.jpgO32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2006/12/09 13:23:40 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]O34 - HKLM BootExecute: (autocheck autochk *)O35 - HKLM\..comfile [open] -- "%1" %*O35 - HKLM\..exefile [open] -- "%1" %*O37 - HKLM\...com [@ = ComFile] -- "%1" %*O37 - HKLM\...exe [@ = exefile] -- "%1" %*O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)========== Files/Folders - Created Within 30 Days ==========[2013/06/08 21:44:08 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\mafineart\Desktop\OTL.exe[2013/06/08 04:43:55 | 000,000,000 | ---D | C] -- C:\Windows\temp[2013/06/08 04:43:55 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Local\temp[2013/06/08 04:37:27 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN[2013/06/07 01:29:05 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe[2013/06/07 01:29:05 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe[2013/06/07 01:29:05 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe[2013/06/07 01:28:53 | 000,000,000 | ---D | C] -- C:\Qoobox[2013/06/07 01:28:24 | 000,000,000 | ---D | C] -- C:\Windows\erdnt[2013/06/07 01:02:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)[2013/06/07 00:48:05 | 005,078,746 | R--- | C] (Swearware) -- C:\Users\mafineart\Desktop\ComboFix.exe[2013/06/07 00:40:09 | 000,000,000 | ---D | C] -- C:\Users\mafineart\Desktop\fix[2013/06/07 00:39:28 | 002,240,352 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\mafineart\Desktop\tdsskiller.exe[2013/06/05 13:23:01 | 000,000,000 | ---D | C] -- C:\Users\mafineart\Desktop\New Folder[2013/06/04 14:13:33 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Roaming\Malwarebytes[2013/06/04 14:13:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware[2013/06/04 14:13:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes[2013/06/04 14:13:18 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys[2013/06/04 14:13:18 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware[2013/06/03 17:06:46 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUninst.exe[2013/06/03 17:03:53 | 000,000,000 | ---D | C] -- C:\Program Files\SweetIM[2013/06/03 17:03:34 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ExtractNow[2013/06/03 17:03:31 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Local\ExtractNow[2013/06/03 17:03:31 | 000,000,000 | ---D | C] -- C:\Program Files\ExtractNow[2013/06/03 13:47:44 | 000,000,000 | ---D | C] -- C:\AdobeTemp[2013/06/03 13:15:35 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet[2013/06/03 12:44:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET[2013/05/31 17:22:21 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player[2013/05/31 17:22:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe[2013/05/31 17:19:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR[2013/05/31 16:27:08 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll[2013/05/31 13:59:10 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Roaming\uTorrent[2013/05/31 03:40:14 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll[2013/05/31 03:40:13 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll[2013/05/31 03:40:12 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll[2013/05/31 03:40:12 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll[2013/05/31 03:40:12 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll[2013/05/31 03:40:12 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll[2013/05/31 03:40:12 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll[2013/05/31 03:40:12 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll[2013/05/31 03:40:12 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll[2013/05/31 03:40:11 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll[2013/05/31 03:40:11 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll[2013/05/31 03:40:11 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll[2013/05/31 03:40:11 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll[2013/05/31 03:40:11 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll[2013/05/31 03:40:11 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll[2013/05/31 03:40:11 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll[2013/05/31 03:40:10 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll[2013/05/31 03:40:10 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll[2013/05/31 03:40:10 | 001,582,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll[2013/05/31 03:40:10 | 001,418,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll[2013/05/31 03:40:10 | 000,670,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll[2013/05/31 03:40:10 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll[2013/05/31 03:40:10 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll[2013/05/31 03:30:30 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax[2013/05/31 03:30:23 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll[2013/05/31 03:30:22 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax[2013/05/31 03:21:10 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe[2013/05/31 03:21:10 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll[2013/05/31 03:21:09 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll[2013/05/31 03:14:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell[2013/05/31 03:08:09 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll[2013/05/31 03:04:36 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe[2013/05/31 03:04:35 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe[2013/05/31 03:04:35 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe[2013/05/31 03:04:29 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll[2013/05/31 03:04:29 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll[2013/05/31 03:04:22 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll[2013/05/31 03:04:21 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll[2013/05/31 03:04:21 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe[2013/05/31 03:04:21 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll[2013/05/31 03:04:20 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll[2013/05/31 03:04:00 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll[2013/05/31 03:04:00 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe[2013/05/31 03:04:00 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll[2013/05/31 03:04:00 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll[2013/05/31 03:04:00 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll[2013/05/30 16:44:24 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll[2013/05/30 16:44:24 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll[2013/05/30 16:43:52 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL[2013/05/30 16:42:26 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll[2013/05/30 16:41:48 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll[2013/05/30 16:41:48 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll[2013/05/30 16:41:48 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll[2013/05/30 16:41:24 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll[2013/05/30 16:41:20 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll[2013/05/30 16:41:19 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll[2013/05/30 16:41:16 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec[2013/05/30 16:41:15 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll[2013/05/30 16:41:14 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll[2013/05/30 16:41:14 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll[2013/05/30 16:41:12 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe[2013/05/30 16:41:10 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll[2013/05/30 16:41:10 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll[2013/05/30 16:41:09 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb[2013/05/30 16:40:41 | 003,600,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe[2013/05/30 16:40:41 | 003,548,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe[2013/05/30 16:40:34 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll[2013/05/30 16:40:33 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll[2013/05/30 16:40:19 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll[2013/05/30 16:40:08 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pacerprf.dll[2013/05/30 16:39:32 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe[2013/05/30 16:39:21 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll[2013/05/30 16:38:57 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll[2013/05/30 16:38:49 | 002,042,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys[2013/05/30 16:37:36 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe[2013/05/30 16:36:55 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL[2013/05/30 16:36:21 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll[2013/05/30 16:36:20 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll[2013/05/30 16:35:30 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll[2013/05/30 16:35:22 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll[2013/05/30 16:35:13 | 000,866,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll[2013/05/30 16:35:10 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll[2013/05/30 16:35:09 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll[2013/05/30 16:35:09 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax[2013/05/30 16:35:09 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll[2013/05/30 16:33:48 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll[2013/05/30 16:33:22 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll[2013/05/30 16:33:21 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll[2013/05/30 16:33:20 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll[2013/05/30 16:33:08 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe[2013/05/30 16:32:47 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll[2013/05/30 16:32:43 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll[2013/05/30 16:32:42 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll[2013/05/30 16:32:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll[2013/05/30 16:31:35 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll[2013/05/30 16:31:35 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe[2013/05/30 15:38:22 | 000,303,104 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNMXLMAN.DLL[2013/05/30 15:38:03 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJFAX[2013/05/30 15:36:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX880 series User Registration[2013/05/30 15:36:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON[2013/05/30 15:35:50 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJWSpt[2013/05/30 15:35:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities[2013/05/30 15:34:39 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ[2013/05/30 15:34:13 | 000,000,000 | -H-D | C] -- C:\Windows\System32\CanonIJ Uninstaller Information[2013/05/30 15:34:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX880 series[2013/05/30 15:32:35 | 001,347,584 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNC880C.dll[2013/05/30 15:32:35 | 000,315,392 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNC880L.dll[2013/05/30 15:32:35 | 000,114,688 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNC880I.dll[2013/05/30 15:32:35 | 000,106,496 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNC880U.dll[2013/05/30 15:32:34 | 000,015,872 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNHMCA.dll[2013/05/30 15:29:51 | 000,303,104 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNMLMAN.DLL[2013/05/30 15:29:08 | 000,257,024 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNCALAN.DLL[2013/05/30 15:29:04 | 000,094,208 | ---- | C] (Canon Inc.) -- C:\Windows\System32\CNC880O.dll[2013/05/30 15:29:02 | 000,180,224 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNMIUAN.DLL[2013/05/30 15:28:54 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ[2013/05/30 15:28:40 | 000,034,816 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNMNPUI.DLL[2013/05/30 15:28:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\STRING[2013/05/30 15:26:07 | 000,000,000 | ---D | C] -- C:\Program Files\Canon[2013/05/30 11:16:32 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Roaming\Template[2013/05/30 11:16:00 | 000,000,000 | ---D | C] -- C:\Users\mafineart\Desktop\Studio Phonebook[2013/05/30 11:05:56 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Roaming\Macromedia[2013/05/30 11:05:17 | 000,692,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe[2013/05/30 11:05:17 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl[2013/05/30 08:00:11 | 000,000,000 | ---D | C] -- C:\PerfLogs[2013/05/30 07:53:09 | 000,098,304 | ---- | C] (Realtek Semiconductor) -- C:\Windows\RTKAUDIOSERVICE.EXE[2013/05/30 07:32:08 | 000,047,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SPReview.exe[2013/05/30 07:32:07 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SPWizUI.dll[2013/05/30 07:07:32 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recdisc.exe[2013/05/30 07:07:30 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdspres.dll[2013/05/30 07:07:11 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vsp1cln.exe[2013/05/30 07:07:08 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxproxy.dll[2013/05/30 07:06:52 | 000,647,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrepl40.dll[2013/05/30 07:06:52 | 000,464,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msra.exe[2013/05/30 07:06:52 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll[2013/05/30 07:06:52 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd3x40.dll[2013/05/30 07:06:52 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll[2013/05/30 07:06:52 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssha.dll[2013/05/30 07:06:52 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrdc.dll[2013/05/30 07:06:51 | 001,386,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvbvm60.dll[2013/05/30 07:06:51 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mycomput.dll[2013/05/30 07:06:51 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mystify.scr[2013/05/30 07:06:51 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPMONTR.DLL[2013/05/30 07:06:51 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtstocom.exe[2013/05/30 07:06:51 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPHLPR.DLL[2013/05/30 07:06:51 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napdsnap.dll[2013/05/30 07:06:51 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MuiUnattend.exe[2013/05/30 07:06:51 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPCRYPT.DLL[2013/05/30 07:06:51 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napipsec.dll[2013/05/30 07:06:51 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxlegih.dll[2013/05/30 07:06:51 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxdm.dll[2013/05/30 07:06:50 | 000,450,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxbde40.dll[2013/05/30 07:06:50 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstext40.dll[2013/05/30 07:06:49 | 001,052,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll[2013/05/30 07:06:49 | 000,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll[2013/05/30 07:06:49 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexcl40.dll[2013/05/30 07:06:49 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswmdm.dll[2013/05/30 07:06:49 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcuiu.dll[2013/05/30 07:06:49 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll[2013/05/30 07:06:49 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcVSp1res.dll[2013/05/30 07:06:49 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe[2013/05/30 07:06:42 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdelta.dll[2013/05/30 07:06:42 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdt.exe[2013/05/30 07:06:42 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdadiag.dll[2013/05/30 07:06:42 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdart.dll[2013/05/30 07:06:42 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtclog.dll[2013/05/30 07:06:42 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfui.dll[2013/05/30 07:06:42 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll[2013/05/30 07:06:41 | 000,588,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2VDEC.DLL[2013/05/30 07:06:41 | 000,506,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ENC.DLL[2013/05/30 07:06:41 | 000,485,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspaint.exe[2013/05/30 07:06:41 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msidcrl30.dll[2013/05/30 07:06:41 | 000,415,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll[2013/05/30 07:06:41 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ADEC.DLL[2013/05/30 07:06:41 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbde40.dll[2013/05/30 07:06:41 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll[2013/05/30 07:06:41 | 000,299,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjtes40.dll[2013/05/30 07:06:41 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msltus40.dll[2013/05/30 07:06:41 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdt.dll[2013/05/30 07:06:41 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoeacct.dll[2013/05/30 07:06:41 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msorcl32.dll[2013/05/30 07:06:41 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll[2013/05/30 07:06:41 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll[2013/05/30 07:06:41 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoert2.dll[2013/05/30 07:06:41 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll[2013/05/30 07:06:41 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msident.dll[2013/05/30 07:06:41 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll[2013/05/30 07:06:41 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmmsp.dll[2013/05/30 07:06:39 | 001,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjet40.dll[2013/05/30 07:06:39 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe[2013/05/30 07:06:39 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll[2013/05/30 07:06:39 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msisip.dll[2013/05/30 07:06:37 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Nlsdl.dll[2013/05/30 07:06:35 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlmgp.dll[2013/05/30 07:06:35 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlsbres.dll[2013/05/30 07:06:33 | 000,531,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\objsel.dll[2013/05/30 07:06:33 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll[2013/05/30 07:06:33 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe[2013/05/30 07:06:31 | 002,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll[2013/05/30 07:06:31 | 000,520,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntvdm.exe[2013/05/30 07:06:31 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshipsec.dll[2013/05/30 07:06:31 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll[2013/05/30 07:06:31 | 000,223,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys[2013/05/30 07:06:31 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll[2013/05/30 07:06:31 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll[2013/05/30 07:06:31 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netid.dll[2013/05/30 07:06:31 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll[2013/05/30 07:06:31 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netdiagfx.dll[2013/05/30 07:06:31 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcorehc.dll[2013/05/30 07:06:31 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe[2013/05/30 07:06:31 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll[2013/05/30 07:06:31 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll[2013/05/30 07:06:31 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe[2013/05/30 07:06:31 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe[2013/05/30 07:06:31 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netbtugc.exe[2013/05/30 07:06:30 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll[2013/05/30 07:06:30 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPSTAT.EXE[2013/05/30 07:06:30 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll[2013/05/30 07:06:30 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net1.exe[2013/05/30 07:06:30 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll[2013/05/30 07:06:30 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nci.dll[2013/05/30 07:06:30 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net.exe[2013/05/30 07:06:30 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ndfetw.dll[2013/05/30 07:06:30 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NcdProp.dll[2013/05/30 07:06:30 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nbtstat.exe[2013/05/30 07:06:29 | 003,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll[2013/05/30 07:06:29 | 001,086,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NetProjW.dll[2013/05/30 07:06:29 | 000,939,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe[2013/05/30 07:06:29 | 000,669,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netprof.dll[2013/05/30 07:06:29 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll[2013/05/30 07:06:29 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ndfapi.dll[2013/05/30 07:06:29 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\luainstall.dll[2013/05/30 07:06:29 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\makecab.exe[2013/05/30 07:06:29 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll[2013/05/30 07:06:29 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Netplwiz.exe[2013/05/30 07:06:29 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsmproxy.dll[2013/05/30 07:06:28 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localsec.dll[2013/05/30 07:06:28 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe[2013/05/30 07:06:28 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\loghours.dll[2013/05/30 07:06:28 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe[2013/05/30 07:06:28 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpremove.exe[2013/05/30 07:06:28 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lodctr.exe[2013/05/30 07:06:28 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localui.dll[2013/05/30 07:06:27 | 005,714,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logon.scr[2013/05/30 07:06:27 | 000,614,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFWMAAEC.DLL[2013/05/30 07:06:27 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll[2013/05/30 07:06:27 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll[2013/05/30 07:06:27 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfvdsp.dll[2013/05/30 07:06:26 | 000,852,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll[2013/05/30 07:06:26 | 000,376,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll[2013/05/30 07:06:26 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe[2013/05/30 07:06:26 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mdminst.dll[2013/05/30 07:06:26 | 000,129,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\McxDriv.dll[2013/05/30 07:06:26 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MdSched.exe[2013/05/30 07:06:26 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mcd.sys[2013/05/30 07:06:25 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll[2013/05/30 07:06:25 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsiwmi.dll[2013/05/30 07:06:24 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\intl.cpl[2013/05/30 07:06:24 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll[2013/05/30 07:06:24 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsium.dll[2013/05/30 07:06:24 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsilog.dll[2013/05/30 07:06:24 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsied.dll[2013/05/30 07:06:23 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsecsnp.dll[2013/05/30 07:06:23 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtrmgr.dll[2013/05/30 07:06:23 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\keymgr.dll[2013/05/30 07:06:23 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys[2013/05/30 07:06:23 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksproxy.ax[2013/05/30 07:06:23 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\loadperf.dll[2013/05/30 07:06:23 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kstvtune.ax[2013/05/30 07:06:23 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2gpstore.dll[2013/05/30 07:06:23 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2nacp.dll[2013/05/30 07:06:23 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksxbar.ax[2013/05/30 07:06:23 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll[2013/05/30 07:06:23 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lnkstub.exe[2013/05/30 07:06:23 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lltdapi.dll[2013/05/30 07:06:23 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipconfig.exe[2013/05/30 07:06:23 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LangCleanupSysprepAction.dll[2013/05/30 07:06:23 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ktmutil.exe[2013/05/30 07:06:23 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ktmw32.dll[2013/05/30 07:06:23 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtprio.dll[2013/05/30 07:06:22 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\joy.cpl[2013/05/30 07:06:22 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDJPN.DLL[2013/05/30 07:06:21 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprmsg.dll[2013/05/30 07:06:21 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprddm.dll[2013/05/30 07:06:21 | 000,021,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdusb.dll[2013/05/30 07:06:21 | 000,019,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdcom.dll[2013/05/30 07:06:21 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDKOR.DLL[2013/05/30 07:06:20 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MPG4DECD.DLL[2013/05/30 07:06:20 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP43DECD.DLL[2013/05/30 07:06:20 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP3DMOD.DLL[2013/05/30 07:06:20 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mountvol.exe[2013/05/30 07:06:19 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll[2013/05/30 07:06:19 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msconfig.exe[2013/05/30 07:06:19 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscandui.dll[2013/05/30 07:06:18 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSAC3ENC.DLL[2013/05/30 07:06:18 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaatext.dll[2013/05/30 07:06:17 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe[2013/05/30 07:06:17 | 000,301,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcbase.dll[2013/05/30 07:06:16 | 002,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll[2013/05/30 07:06:16 | 000,287,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\modemui.dll[2013/05/30 07:06:16 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll[2013/05/30 07:06:15 | 002,011,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll[2013/05/30 07:06:15 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdshext.dll[2013/05/30 07:06:15 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\migisol.dll[2013/05/30 07:06:15 | 000,094,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MigAutoPlay.exe[2013/05/30 07:06:15 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SecEdit.exe[2013/05/30 07:06:14 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shrink.dll[2013/05/30 07:06:13 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll[2013/05/30 07:06:13 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shrpubw.exe[2013/05/30 07:06:13 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll[2013/05/30 07:06:13 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll[2013/05/30 07:06:13 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shutdown.exe[2013/05/30 07:06:12 | 000,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcc.dll[2013/05/30 07:06:12 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll[2013/05/30 07:06:12 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll[2013/05/30 07:06:12 | 000,354,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe[2013/05/30 07:06:12 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SnippingTool.exe[2013/05/30 07:06:12 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe[2013/05/30 07:06:12 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe[2013/05/30 07:06:12 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiInstaller.dll[2013/05/30 07:06:12 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCExt.dll[2013/05/30 07:06:12 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll[2013/05/30 07:06:12 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\softkbd.dll[2013/05/30 07:06:12 | 000,083,456 | ---- | C] (Microsoft) -- C:\Windows\System32\SMBHelperClass.dll[2013/05/30 07:06:12 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll[2013/05/30 07:06:12 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll[2013/05/30 07:06:12 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\smclib.sys[2013/05/30 07:06:12 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll[2013/05/30 07:06:11 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe[2013/05/30 07:06:11 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcln.dll[2013/05/30 07:06:11 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupugc.exe[2013/05/30 07:06:11 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcl.exe[2013/05/30 07:06:11 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sfc.exe[2013/05/30 07:06:11 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\serialui.dll[2013/05/30 07:06:11 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupSNK.exe[2013/05/30 07:06:09 | 001,823,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll[2013/05/30 07:06:09 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpui.dll[2013/05/30 07:06:09 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll[2013/05/30 07:06:09 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpsetup.dll[2013/05/30 07:06:09 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys[2013/05/30 07:06:09 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercfg.cpl[2013/05/30 07:06:09 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssoc.dll[2013/05/30 07:06:09 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe[2013/05/30 07:06:09 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssocPrx.dll[2013/05/30 07:06:09 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll[2013/05/30 07:06:09 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPutil.exe[2013/05/30 07:06:09 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pots.dll[2013/05/30 07:06:09 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpts.dll[2013/05/30 07:06:08 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll[2013/05/30 07:06:08 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnntfy.dll[2013/05/30 07:06:08 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcaui.dll[2013/05/30 07:06:08 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2pcollab.dll[2013/05/30 07:06:08 | 000,336,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2PGraph.dll[2013/05/30 07:06:08 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiobj.dll[2013/05/30 07:06:08 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2P.dll[2013/05/30 07:06:08 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2phost.exe[2013/05/30 07:06:08 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\provthrd.dll[2013/05/30 07:06:08 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL[2013/05/30 07:06:08 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiapi.dll[2013/05/30 07:06:08 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationSettings.exe[2013/05/30 07:06:08 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2pnetsh.dll[2013/05/30 07:06:08 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWiaCompat.dll[2013/05/30 07:06:08 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prntvpt.dll[2013/05/30 07:06:08 | 000,051,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PSHED.DLL[2013/05/30 07:06:08 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\profprov.dll[2013/05/30 07:06:08 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcadm.dll[2013/05/30 07:06:08 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe[2013/05/30 07:06:08 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\procinst.dll[2013/05/30 07:06:07 | 001,107,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ogldrv.dll[2013/05/30 07:06:07 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OptionalFeatures.exe[2013/05/30 07:06:07 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleprn.dll[2013/05/30 07:06:07 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olecli32.dll[2013/05/30 07:06:07 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olethk32.dll[2013/05/30 07:06:07 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olesvr32.dll[2013/05/30 07:06:06 | 002,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oobefldr.dll[2013/05/30 07:06:06 | 001,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pidgenx.dll[2013/05/30 07:06:06 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pintlgnt.ime[2013/05/30 07:06:06 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osblprov.dll[2013/05/30 07:06:06 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osbaseln.dll[2013/05/30 07:06:06 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PING.EXE[2013/05/30 07:06:05 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr[2013/05/30 07:06:05 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe[2013/05/30 07:06:05 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\phon.ime[2013/05/30 07:06:05 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdhui.dll[2013/05/30 07:06:05 | 000,045,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys[2013/05/30 07:06:05 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PlaySndSrv.dll[2013/05/30 07:06:04 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll[2013/05/30 07:06:04 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Ribbons.scr[2013/05/30 07:06:04 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RstrtMgr.dll[2013/05/30 07:06:04 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfmon.exe[2013/05/30 07:06:04 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtm.dll[2013/05/30 07:06:04 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\runonce.exe[2013/05/30 07:06:04 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfnet.dll[2013/05/30 07:06:04 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfts.dll[2013/05/30 07:06:03 | 000,730,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdengin2.dll[2013/05/30 07:06:03 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll[2013/05/30 07:06:03 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RESAMPLEDMO.DLL[2013/05/30 07:06:03 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe[2013/05/30 07:06:03 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rgb9rast.dll[2013/05/30 07:06:03 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scksp.dll[2013/05/30 07:06:03 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll[2013/05/30 07:06:03 | 000,087,552 | ---- | C] (Microsoft) -- C:\Windows\System32\Robocopy.exe[2013/05/30 07:06:03 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdchange.exe[2013/05/30 07:06:03 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RpcPing.exe[2013/05/30 07:06:03 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys[2013/05/30 07:06:03 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbunattend.exe[2013/05/30 07:06:03 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll[2013/05/30 07:06:02 | 000,142,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\scsiport.sys[2013/05/30 07:06:01 | 000,889,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll[2013/05/30 07:06:01 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll[2013/05/30 07:06:01 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll[2013/05/30 07:06:01 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdv.dll[2013/05/30 07:06:01 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qasf.dll[2013/05/30 07:06:01 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcap.dll[2013/05/30 07:06:01 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quick.ime[2013/05/30 07:06:01 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qintlgnt.ime[2013/05/30 07:06:01 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSVRMGMT.DLL[2013/05/30 07:06:01 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rascfg.dll[2013/05/30 07:06:01 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QCLIPROV.DLL[2013/05/30 07:06:01 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll[2013/05/30 07:06:01 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacAgent.exe[2013/05/30 07:06:01 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasctrs.dll[2013/05/30 07:06:00 | 000,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll[2013/05/30 07:06:00 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelMon.dll[2013/05/30 07:06:00 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSHVHOST.DLL[2013/05/30 07:06:00 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPENCDD.dll[2013/05/30 07:06:00 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll[2013/05/30 07:06:00 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reg.exe[2013/05/30 07:06:00 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regini.exe[2013/05/30 07:06:00 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rekeywiz.exe[2013/05/30 07:06:00 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegCtrl.dll[2013/05/30 07:06:00 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrleakdiag.exe[2013/05/30 07:05:59 | 001,855,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll[2013/05/30 07:05:59 | 001,788,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll[2013/05/30 07:05:59 | 001,039,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d8.dll[2013/05/30 07:05:59 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll[2013/05/30 07:05:59 | 000,975,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RASMM.dll[2013/05/30 07:05:59 | 000,816,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dim700.dll[2013/05/30 07:05:59 | 000,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasgcw.dll[2013/05/30 07:05:59 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ddraw.dll[2013/05/30 07:05:59 | 000,384,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dim.dll[2013/05/30 07:05:59 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasplap.dll[2013/05/30 07:05:59 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\desk.cpl[2013/05/30 07:05:59 | 000,226,816 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\Defrag.exe[2013/05/30 07:05:59 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll[2013/05/30 07:05:59 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll[2013/05/30 07:05:59 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raserver.exe[2013/05/30 07:05:59 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll[2013/05/30 07:05:59 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmontr.dll[2013/05/30 07:05:59 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbnetlib.dll[2013/05/30 07:05:59 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devenum.dll[2013/05/30 07:05:59 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dxof.dll[2013/05/30 07:05:59 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasphone.exe[2013/05/30 07:05:59 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcfgex.dll[2013/05/30 07:05:58 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgui.exe[2013/05/30 07:05:58 | 000,377,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devmgr.dll[2013/05/30 07:05:58 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe[2013/05/30 07:05:58 | 000,163,840 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\DfrgNtfs.exe[2013/05/30 07:05:58 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dinput8.dll[2013/05/30 07:05:58 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispdiag.exe[2013/05/30 07:05:58 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe[2013/05/30 07:05:58 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diantz.exe[2013/05/30 07:05:58 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsroam.dll[2013/05/30 07:05:58 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrstub.exe[2013/05/30 07:05:58 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfdts.dll[2013/05/30 07:05:58 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispci.dll[2013/05/30 07:05:58 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsjob.dll[2013/05/30 07:05:58 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispex.dll[2013/05/30 07:05:58 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys[2013/05/30 07:05:57 | 001,078,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll[2013/05/30 07:05:57 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdial32.dll[2013/05/30 07:05:57 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe[2013/05/30 07:05:57 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmipnpinstall.dll[2013/05/30 07:05:57 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll[2013/05/30 07:05:57 | 000,096,768 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\dfrgfat.exe[2013/05/30 07:05:57 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdl32.exe[2013/05/30 07:05:57 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DFDWiz.exe[2013/05/30 07:05:57 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmifw.dll[2013/05/30 07:05:57 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DHCPQEC.DLL[2013/05/30 07:05:57 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpsapi.dll[2013/05/30 07:05:57 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgifc.exe[2013/05/30 07:05:57 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmmon32.exe[2013/05/30 07:05:57 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmlua.dll[2013/05/30 07:05:57 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmcfg32.dll[2013/05/30 07:05:56 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CompatUI.dll[2013/05/30 07:05:56 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compstui.dll[2013/05/30 07:05:56 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comsnap.dll[2013/05/30 07:05:56 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cic.dll[2013/05/30 07:05:56 | 000,127,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys[2013/05/30 07:05:56 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cintlgnt.ime[2013/05/30 07:05:56 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comrepl.dll[2013/05/30 07:05:56 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmicryptinstall.dll[2013/05/30 07:05:56 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cipher.exe[2013/05/30 07:05:56 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clfsw32.dll[2013/05/30 07:05:56 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ComputerDefaults.exe[2013/05/30 07:05:55 | 000,686,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\colorui.dll[2013/05/30 07:05:55 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comuid.dll[2013/05/30 07:05:55 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\COLORCNV.DLL[2013/05/30 07:05:55 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CompMgmtLauncher.exe[2013/05/30 07:05:55 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstp.exe[2013/05/30 07:05:55 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conime.exe[2013/05/30 07:05:55 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmutil.dll[2013/05/30 07:05:55 | 000,036,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys[2013/05/30 07:05:55 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cofiredm.dll[2013/05/30 07:05:55 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmpbk32.dll[2013/05/30 07:05:55 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll[2013/05/30 07:05:55 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\convert.exe[2013/05/30 07:05:55 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstplua.dll[2013/05/30 07:05:54 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\els.dll[2013/05/30 07:05:53 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDump.dll[2013/05/30 07:05:53 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esentutl.exe[2013/05/30 07:05:53 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\efsadu.dll[2013/05/30 07:05:53 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EAPQEC.DLL[2013/05/30 07:05:53 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esentprf.dll[2013/05/30 07:05:52 | 002,585,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallControlPanel.exe[2013/05/30 07:05:52 | 002,249,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Firewall.cpl[2013/05/30 07:05:52 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll[2013/05/30 07:05:52 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\filemgmt.dll[2013/05/30 07:05:52 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallAPI.dll[2013/05/30 07:05:52 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fde.dll[2013/05/30 07:05:52 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll[2013/05/30 07:05:52 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdSSDP.dll[2013/05/30 07:05:52 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWSD.dll[2013/05/30 07:05:52 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findnetprinters.dll[2013/05/30 07:05:52 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe[2013/05/30 07:05:52 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll[2013/05/30 07:05:52 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll[2013/05/30 07:05:52 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fmifs.dll[2013/05/30 07:05:51 | 000,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmv2clt.dll[2013/05/30 07:05:51 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapimig.exe[2013/05/30 07:05:51 | 000,388,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdlgs.dll[2013/05/30 07:05:51 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll[2013/05/30 07:05:51 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll[2013/05/30 07:05:51 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll[2013/05/30 07:05:51 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3gpui.dll[2013/05/30 07:05:51 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdskmgr.dll[2013/05/30 07:05:51 | 000,178,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmime.dll[2013/05/30 07:05:51 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DpiScaling.exe[2013/05/30 07:05:51 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3ui.dll[2013/05/30 07:05:51 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmvdsitf.dll[2013/05/30 07:05:51 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\drmk.sys[2013/05/30 07:05:51 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmsynth.dll[2013/05/30 07:05:51 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmusic.dll[2013/05/30 07:05:51 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmscript.dll[2013/05/30 07:05:51 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll[2013/05/30 07:05:51 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\driverquery.exe[2013/05/30 07:05:51 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\extrac32.exe[2013/05/30 07:05:51 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\expand.exe[2013/05/30 07:05:51 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\System32\esrb.rs[2013/05/30 07:05:51 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll[2013/05/30 07:05:51 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnshc.dll[2013/05/30 07:05:51 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3gpclnt.dll[2013/05/30 07:05:51 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmocx.dll[2013/05/30 07:05:51 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmloader.dll[2013/05/30 07:05:51 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll[2013/05/30 07:05:51 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eventcls.dll[2013/05/30 07:05:51 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmutil.dll[2013/05/30 07:05:51 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll[2013/05/30 07:05:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdskres2.dll[2013/05/30 07:05:50 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll[2013/05/30 07:05:50 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll[2013/05/30 07:05:50 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe[2013/05/30 07:05:50 | 000,246,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll[2013/05/30 07:05:50 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll[2013/05/30 07:05:50 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll[2013/05/30 07:05:50 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll[2013/05/30 07:05:50 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll[2013/05/30 07:05:50 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsdmo.dll[2013/05/30 07:05:50 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll[2013/05/30 07:05:50 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsprop.dll[2013/05/30 07:05:50 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWWIN.EXE[2013/05/30 07:05:50 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe[2013/05/30 07:05:50 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll[2013/05/30 07:05:50 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmview.ocx[2013/05/30 07:05:50 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dskquota.dll[2013/05/30 07:05:50 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll[2013/05/30 07:05:50 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys[2013/05/30 07:05:50 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxva2.dll[2013/05/30 07:05:50 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsauth.dll[2013/05/30 07:05:50 | 000,029,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys[2013/05/30 07:05:50 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxapi.sys[2013/05/30 07:05:49 | 004,595,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWSnapin.dll[2013/05/30 07:05:49 | 001,370,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Aurora.scr[2013/05/30 07:05:49 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWGP.dll[2013/05/30 07:05:49 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll[2013/05/30 07:05:49 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AUDIOKSE.dll[2013/05/30 07:05:49 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authfwcfg.dll[2013/05/30 07:05:49 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll[2013/05/30 07:05:49 | 000,110,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys[2013/05/30 07:05:49 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe[2013/05/30 07:05:49 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe[2013/05/30 07:05:49 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AtBroker.exe[2013/05/30 07:05:49 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\at.exe[2013/05/30 07:05:48 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe[2013/05/30 07:05:48 | 000,334,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdedit.exe[2013/05/30 07:05:48 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll[2013/05/30 07:05:48 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsadmin.exe[2013/05/30 07:05:48 | 000,131,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll[2013/05/30 07:05:48 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdsrv.dll[2013/05/30 07:05:48 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayApi.dll[2013/05/30 07:05:48 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basesrv.dll[2013/05/30 07:05:48 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe[2013/05/30 07:05:48 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdprov.dll[2013/05/30 07:05:48 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\batt.dll[2013/05/30 07:05:48 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\bdasup.sys[2013/05/30 07:05:47 | 001,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll[2013/05/30 07:05:47 | 001,405,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActiveContentWizard.dll[2013/05/30 07:05:47 | 001,186,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll[2013/05/30 07:05:47 | 000,756,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll[2013/05/30 07:05:47 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe[2013/05/30 07:05:47 | 000,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll[2013/05/30 07:05:47 | 000,317,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroleui.dll[2013/05/30 07:05:47 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayDriverLib.dll[2013/05/30 07:05:47 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionQueue.dll[2013/05/30 07:05:47 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aclui.dll[2013/05/30 07:05:47 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\activeds.tlb[2013/05/30 07:05:47 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll[2013/05/30 07:05:47 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ACW.exe[2013/05/30 07:05:47 | 000,053,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\1394bus.sys[2013/05/30 07:05:47 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AzSqlExt.dll[2013/05/30 07:05:47 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll[2013/05/30 07:05:46 | 002,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll[2013/05/30 07:05:46 | 001,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apds.dll[2013/05/30 07:05:46 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll[2013/05/30 07:05:46 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsnt.dll[2013/05/30 07:05:46 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apircl.dll[2013/05/30 07:05:46 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apss.dll[2013/05/30 07:05:46 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsmsext.dll[2013/05/30 07:05:46 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amstream.dll[2013/05/30 07:05:45 | 001,342,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcpl.dll[2013/05/30 07:05:45 | 000,990,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl[2013/05/30 07:05:45 | 000,879,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Bubbles.scr[2013/05/30 07:05:45 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldp.dll[2013/05/30 07:05:45 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\btpanui.dll[2013/05/30 07:05:45 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cacls.exe[2013/05/30 07:05:45 | 000,024,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BOOTVID.DLL[2013/05/30 07:05:45 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\capisp.dll[2013/05/30 07:05:45 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootstr.dll[2013/05/30 07:05:44 | 001,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll[2013/05/30 07:05:44 | 000,632,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollUI.dll[2013/05/30 07:05:44 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certreq.exe[2013/05/30 07:05:44 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcplsdw.dll[2013/05/30 07:05:44 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthci.dll[2013/05/30 07:05:44 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bridgeunattend.exe[2013/05/30 07:05:44 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollCtrl.exe[2013/05/30 07:05:43 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll[2013/05/30 07:05:43 | 000,805,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll[2013/05/30 07:05:43 | 000,798,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe[2013/05/30 07:05:43 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cewmdm.dll[2013/05/30 07:05:43 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chajei.ime[2013/05/30 07:05:43 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cfgbkend.dll[2013/05/30 07:05:42 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootcfg.exe[2013/05/30 07:05:41 | 000,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll[2013/05/30 07:05:41 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsigd.dll[2013/05/30 07:05:37 | 000,882,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME[2013/05/30 07:05:37 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10K.DLL[2013/05/30 07:05:37 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll[2013/05/30 07:05:35 | 001,827,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl[2013/05/30 07:05:35 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imagesp1.dll[2013/05/30 07:05:35 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll[2013/05/30 07:05:35 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll[2013/05/30 07:05:35 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi.dll[2013/05/30 07:05:35 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetmib1.dll[2013/05/30 07:05:35 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetppui.dll[2013/05/30 07:05:34 | 000,413,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime[2013/05/30 07:05:34 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll[2013/05/30 07:05:34 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll[2013/05/30 07:05:34 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InfDefaultInstall.exe[2013/05/30 07:05:33 | 000,251,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassdo.dll[2013/05/30 07:05:33 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashlpr.dll[2013/05/30 07:05:33 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll[2013/05/30 07:05:33 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ias.dll Link to post Share on other sites More sharing options...
Buddahass Posted June 9, 2013 Author ID:689086 Share Posted June 9, 2013 [2013/05/30 07:05:32 | 000,445,952 | ---- | C] (Microsoft) -- C:\Windows\System32\IasMigPlugin.dll[2013/05/30 07:05:32 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassam.dll[2013/05/30 07:05:32 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll[2013/05/30 07:05:32 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasnap.dll[2013/05/30 07:05:32 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassvcs.dll[2013/05/30 07:05:32 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iaspolcy.dll[2013/05/30 07:05:31 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icm32.dll[2013/05/30 07:05:31 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe[2013/05/30 07:05:31 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icsfiltr.dll[2013/05/30 07:05:31 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifsutil.dll[2013/05/30 07:05:31 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe[2013/05/30 07:05:31 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll[2013/05/30 07:05:31 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll[2013/05/30 07:05:31 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifmon.dll[2013/05/30 07:05:31 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icsunattend.exe[2013/05/30 07:05:30 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll[2013/05/30 07:05:30 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icfupgd.dll[2013/05/30 07:05:30 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icacls.exe[2013/05/30 07:05:30 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\idndl.dll[2013/05/30 07:05:28 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hlink.dll[2013/05/30 07:05:28 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll[2013/05/30 07:05:28 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hnetmon.dll[2013/05/30 07:05:27 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL[2013/05/30 07:05:26 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedyn.dll[2013/05/30 07:05:26 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe[2013/05/30 07:05:26 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fphc.dll[2013/05/30 07:05:26 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe[2013/05/30 07:05:26 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framebuf.dll[2013/05/30 07:05:23 | 000,936,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpedit.dll[2013/05/30 07:05:23 | 000,498,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\HelpPane.exe[2013/05/30 07:05:23 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll[2013/05/30 07:05:23 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll[2013/05/30 07:05:23 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpresult.exe[2013/05/30 07:05:23 | 000,101,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS[2013/05/30 07:05:23 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll[2013/05/30 07:05:23 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\GuidedHelp.dll[2013/05/30 07:05:23 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HelpPaneProxy.dll[2013/05/30 07:05:23 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\getmac.exe[2013/05/30 07:05:23 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\graftabl.com[2013/05/30 07:05:23 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fwcfg.dll[2013/05/30 07:05:23 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gacinstall.dll[2013/05/30 07:05:23 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\g711codc.ax[2013/05/30 07:05:23 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll[2013/05/30 07:05:23 | 000,016,896 | ---- | C] (Microsoft) -- C:\Windows\System32\grb.rs[2013/05/30 07:05:23 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpupdate.exe[2013/05/30 07:05:23 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hcrstco.dll[2013/05/30 07:05:23 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\fveupdate.exe[2013/05/30 07:05:21 | 001,524,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll[2013/05/30 07:05:21 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgrade.exe[2013/05/30 07:05:20 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaaut.dll[2013/05/30 07:05:20 | 000,415,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadefui.dll[2013/05/30 07:05:20 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtutil.exe[2013/05/30 07:05:20 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadss.dll[2013/05/30 07:05:20 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaacmgr.exe[2013/05/30 07:05:20 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe[2013/05/30 07:05:20 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\whealogr.dll[2013/05/30 07:05:20 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wfapigp.dll[2013/05/30 07:05:19 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiascanprofiles.dll[2013/05/30 07:05:19 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiarpc.dll[2013/05/30 07:05:19 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WINSRPC.DLL[2013/05/30 07:05:19 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winusb.dll[2013/05/30 07:05:18 | 003,216,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe[2013/05/30 07:05:18 | 000,628,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WLanConn.dll[2013/05/30 07:05:18 | 000,383,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSATAPI.dll[2013/05/30 07:05:18 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlancfg.dll[2013/05/30 07:05:17 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe[2013/05/30 07:05:17 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winethc.dll[2013/05/30 07:05:16 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll[2013/05/30 07:05:16 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wavemsp.dll[2013/05/30 07:05:16 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w32tm.exe[2013/05/30 07:05:16 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WavDest.dll[2013/05/30 07:05:16 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys[2013/05/30 07:05:16 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll[2013/05/30 07:05:15 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe[2013/05/30 07:05:15 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll[2013/05/30 07:05:15 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe[2013/05/30 07:05:15 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vssadmin.exe[2013/05/30 07:05:15 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wermgr.exe[2013/05/30 07:05:15 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\waitfor.exe[2013/05/30 07:05:15 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\werdiagcontroller.dll[2013/05/30 07:05:15 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vss_ps.dll[2013/05/30 07:05:15 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wertargets.wtl[2013/05/30 07:05:14 | 001,143,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe[2013/05/30 07:05:14 | 001,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll[2013/05/30 07:05:14 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll[2013/05/30 07:05:14 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll[2013/05/30 07:05:14 | 000,035,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys[2013/05/30 07:05:13 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl[2013/05/30 07:05:13 | 001,532,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz.dll[2013/05/30 07:05:13 | 001,295,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsecedit.dll[2013/05/30 07:05:13 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll[2013/05/30 07:05:13 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDMon.dll[2013/05/30 07:05:13 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscmisetup.dll[2013/05/30 07:05:13 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshcon.dll[2013/05/30 07:05:13 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll[2013/05/30 07:05:13 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscisvif.dll[2013/05/30 07:05:13 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscproxystub.dll[2013/05/30 07:05:13 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll[2013/05/30 07:05:12 | 001,580,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll[2013/05/30 07:05:12 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll[2013/05/30 07:05:12 | 000,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcao.dll[2013/05/30 07:05:12 | 000,349,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll[2013/05/30 07:05:12 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll[2013/05/30 07:05:12 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpdwcn.dll[2013/05/30 07:05:12 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpclsp.dll[2013/05/30 07:05:12 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpnpinst.exe[2013/05/30 07:05:11 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xcopy.exe[2013/05/30 07:05:11 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe[2013/05/30 07:05:09 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactsrv.dll[2013/05/30 07:05:09 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlprovi.dll[2013/05/30 07:05:08 | 001,675,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpssvcs.dll[2013/05/30 07:05:08 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll[2013/05/30 07:05:08 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wvc.dll[2013/05/30 07:05:08 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll[2013/05/30 07:05:08 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe[2013/05/30 07:05:08 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll[2013/05/30 07:05:08 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll[2013/05/30 07:05:08 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe[2013/05/30 07:05:08 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll[2013/05/30 07:05:08 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll[2013/05/30 07:05:08 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wzcdlg.dll[2013/05/30 07:05:08 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll[2013/05/30 07:05:08 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll[2013/05/30 07:05:08 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll[2013/05/30 07:05:07 | 000,534,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll[2013/05/30 07:05:07 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xwizards.dll[2013/05/30 07:05:07 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSTPager.ax[2013/05/30 07:05:07 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe[2013/05/30 07:05:06 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll[2013/05/30 07:05:06 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlandlg.dll[2013/05/30 07:05:06 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll[2013/05/30 07:05:06 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll[2013/05/30 07:05:06 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmidx.dll[2013/05/30 07:05:06 | 000,041,472 | ---- | C] (Microsoft) -- C:\Windows\System32\WlanMmHC.dll[2013/05/30 07:05:06 | 000,017,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\wmilib.sys[2013/05/30 07:05:05 | 000,913,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WlanMM.dll[2013/05/30 07:05:05 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOD.DLL[2013/05/30 07:05:05 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll[2013/05/30 07:05:05 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmdev.dll[2013/05/30 07:05:05 | 000,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmnet.dll[2013/05/30 07:05:05 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WLanHC.dll[2013/05/30 07:05:04 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOE.DLL[2013/05/30 07:05:04 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMASF.DLL[2013/05/30 07:05:04 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlgpclnt.dll[2013/05/30 07:05:03 | 001,329,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOE.DLL[2013/05/30 07:05:03 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpsrcwp.dll[2013/05/30 07:04:59 | 001,575,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL[2013/05/30 07:04:59 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL[2013/05/30 07:04:59 | 001,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL[2013/05/30 07:04:59 | 000,767,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSENCD.DLL[2013/05/30 07:04:59 | 000,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL[2013/05/30 07:04:59 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wow32.dll[2013/05/30 07:04:59 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmvdspa.dll[2013/05/30 07:04:58 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll[2013/05/30 07:04:58 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmiprop.dll[2013/05/30 07:04:56 | 001,642,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPEncEn.dll[2013/05/30 07:04:56 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpcm.dll[2013/05/30 07:04:55 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systeminfo.exe[2013/05/30 07:04:54 | 000,842,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll[2013/05/30 07:04:54 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Tabbtn.dll[2013/05/30 07:04:51 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll[2013/05/30 07:04:51 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tasklist.exe[2013/05/30 07:04:51 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskkill.exe[2013/05/30 07:04:51 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tbs.dll[2013/05/30 07:04:50 | 000,691,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabletPC.cpl[2013/05/30 07:04:50 | 000,431,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll[2013/05/30 07:04:50 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlcese30.dll[2013/05/30 07:04:50 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srrstr.dll[2013/05/30 07:04:50 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqmapi.dll[2013/05/30 07:04:50 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TapiMigPlugin.dll[2013/05/30 07:04:50 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tabcal.exe[2013/05/30 07:04:50 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabbtnEx.dll[2013/05/30 07:04:50 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\takeown.exe[2013/05/30 07:04:50 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tape.sys[2013/05/30 07:04:50 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdi.sys[2013/05/30 07:04:49 | 008,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssBranded.scr[2013/05/30 07:04:49 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlceqp30.dll[2013/05/30 07:04:49 | 000,520,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll[2013/05/30 07:04:49 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssText3d.scr[2013/05/30 07:04:49 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SSShim.dll[2013/05/30 07:04:49 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srwmi.dll[2013/05/30 07:04:48 | 008,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizimg.dll[2013/05/30 07:04:48 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys[2013/05/30 07:04:48 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizeng.dll[2013/05/30 07:04:48 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SoundRecorder.exe[2013/05/30 07:04:48 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spbcd.dll[2013/05/30 07:04:48 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppnp.dll[2013/05/30 07:04:48 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spopk.dll[2013/05/30 07:04:48 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizres.dll[2013/05/30 07:04:47 | 002,204,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll[2013/05/30 07:04:47 | 000,338,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SysFxUI.dll[2013/05/30 07:04:47 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll[2013/05/30 07:04:47 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxstrace.exe[2013/05/30 07:04:47 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxsstore.dll[2013/05/30 07:04:46 | 001,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll[2013/05/30 07:04:46 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx[2013/05/30 07:04:46 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sti_ci.dll[2013/05/30 07:04:46 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys[2013/05/30 07:04:46 | 000,123,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys[2013/05/30 07:04:46 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Storprop.dll[2013/05/30 07:04:46 | 000,052,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys[2013/05/30 07:04:46 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syssetup.dll[2013/05/30 07:04:46 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syskey.exe[2013/05/30 07:04:45 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll[2013/05/30 07:04:45 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll[2013/05/30 07:04:45 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll[2013/05/30 07:04:45 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xwtpw32.dll[2013/05/30 07:04:45 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usbui.dll[2013/05/30 07:04:45 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\userinit.exe[2013/05/30 07:04:45 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\upnpcont.exe[2013/05/30 07:04:45 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usbperf.dll[2013/05/30 07:04:44 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VAN.dll[2013/05/30 07:04:44 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VIDRESZR.DLL[2013/05/30 07:04:44 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VBICodec.ax[2013/05/30 07:04:44 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\videoprt.sys[2013/05/30 07:04:44 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga256.dll[2013/05/30 07:04:44 | 000,025,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys[2013/05/30 07:04:44 | 000,025,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys[2013/05/30 07:04:44 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga64k.dll[2013/05/30 07:04:44 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys[2013/05/30 07:04:44 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga.dll[2013/05/30 07:04:44 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys[2013/05/30 07:04:43 | 001,298,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TMM.dll[2013/05/30 07:04:43 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Utilman.exe[2013/05/30 07:04:43 | 000,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsdyn.dll[2013/05/30 07:04:43 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tracerpt.exe[2013/05/30 07:04:43 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\verifier.dll[2013/05/30 07:04:43 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsbas.dll[2013/05/30 07:04:43 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uudf.dll[2013/05/30 07:04:43 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll[2013/05/30 07:04:43 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\verifier.exe[2013/05/30 07:04:43 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TpmInit.exe[2013/05/30 07:04:43 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vfwwdm32.dll[2013/05/30 07:04:43 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmredir.dll[2013/05/30 07:04:43 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vds_ps.dll[2013/05/30 07:04:43 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbisurf.ax[2013/05/30 07:04:43 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\utildll.dll[2013/05/30 07:04:43 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsldr.exe[2013/05/30 07:04:43 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll[2013/05/30 07:04:42 | 002,588,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIHub.dll[2013/05/30 07:04:42 | 001,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll[2013/05/30 07:04:42 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\termmgr.dll[2013/05/30 07:04:42 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tintlgnt.ime[2013/05/30 07:04:42 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ulib.dll[2013/05/30 07:04:42 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscupgrd.exe[2013/05/30 07:04:42 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\umb.dll[2013/05/30 07:04:42 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TimeDateMUICallback.dll[2013/05/30 07:04:42 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSTheme.exe[2013/05/30 07:04:42 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsddd.dll[2013/05/30 07:04:41 | 000,736,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unbcl.dll[2013/05/30 07:04:41 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattend.dll[2013/05/30 07:04:41 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\txflog.dll[2013/05/30 07:04:41 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ucsvc.exe[2013/05/30 07:04:41 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe[2013/05/30 07:04:41 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsWpfWrp.exe[2013/05/30 07:04:41 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattendedjoin.exe[2013/05/30 07:04:41 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\txfw32.dll[2013/05/30 07:04:40 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll[2013/05/30 07:04:40 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll[2013/05/30 07:04:40 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ufat.dll[2013/05/30 07:04:40 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uexfat.dll[2013/05/30 07:02:40 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cbsra.exe[2013/05/30 06:57:36 | 000,000,000 | ---D | C] -- C:\2f11ee228e24c198718f2cd121456559[2013/05/30 06:09:21 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur[2013/05/30 05:11:40 | 000,000,000 | ---D | C] -- C:\Users\mafineart\New Pics[2013/05/30 05:10:32 | 000,000,000 | ---D | C] -- C:\Users\mafineart\Gregs Place[2013/05/30 05:09:57 | 000,000,000 | ---D | C] -- C:\Users\mafineart\JNCASE[2013/05/30 05:07:57 | 000,000,000 | ---D | C] -- C:\Users\mafineart\Documents\Visa Rec[2013/05/30 05:07:43 | 000,000,000 | ---D | C] -- C:\Users\mafineart\Documents\TAX FORMS & lICENSES[2013/05/30 05:07:10 | 000,000,000 | ---D | C] -- C:\Users\mafineart\Documents\mc_records[2013/05/30 05:06:55 | 000,000,000 | ---D | C] -- C:\Users\mafineart\Documents\LETTERS[2013/05/30 05:06:39 | 000,000,000 | ---D | C] -- C:\Users\mafineart\Documents\LABELS[2013/05/30 05:06:19 | 000,000,000 | ---D | C] -- C:\Users\mafineart\Documents\INVITATIONS[2013/05/30 05:05:48 | 000,000,000 | ---D | C] -- C:\Users\mafineart\Documents\ENVELOPES[2013/05/30 05:05:23 | 000,000,000 | ---D | C] -- C:\Users\mafineart\Documents\Certificates[2013/05/30 05:04:49 | 000,000,000 | ---D | C] -- C:\Users\mafineart\Documents\BOOTH AND ARTIST Pics[2013/05/30 04:56:37 | 000,000,000 | ---D | C] -- C:\Users\mafineart\Accounts[2013/05/30 04:32:40 | 000,000,000 | ---D | C] -- C:\Users\mafineart\Documents\Mikes Photos[2013/05/30 04:31:21 | 000,000,000 | ---D | C] -- C:\Users\mafineart\Desktop\Brochures[2013/05/30 04:24:40 | 000,000,000 | ---D | C] -- C:\Users\mafineart\Images[2013/05/30 04:24:10 | 000,000,000 | ---D | C] -- C:\Users\mafineart\Desktop\Gallery Folders[2013/05/30 04:23:28 | 000,000,000 | ---D | C] -- C:\Users\mafineart\Desktop\client folders[2013/05/30 04:23:19 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Roaming\Adobe[2013/05/30 04:23:19 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Local\Adobe[2013/05/30 03:34:57 | 000,000,000 | ---D | C] -- C:\System Recovery files[2013/05/30 03:19:39 | 000,000,000 | ---D | C] -- C:\Users\mafineart\backup files[2013/05/30 02:51:15 | 000,532,480 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl[2013/05/30 02:51:14 | 004,874,240 | ---- | C] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe[2013/05/30 02:51:14 | 002,156,544 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll[2013/05/30 02:51:14 | 001,191,936 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlUpd.exe[2013/05/30 02:51:14 | 000,636,416 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll[2013/05/30 02:51:14 | 000,029,696 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll[2013/05/30 02:51:12 | 000,315,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\HideWin.exe[2013/05/30 02:50:54 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Roaming\WinBatch[2013/05/30 02:35:08 | 000,000,000 | ---D | C] -- C:\swsetup[2013/05/30 01:48:36 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll[2013/05/30 01:48:35 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\polstore.dll[2013/05/29 23:09:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome[2013/05/29 23:09:17 | 000,000,000 | ---D | C] -- C:\Program Files\Google[2013/05/29 23:09:12 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Local\Google[2013/05/29 23:08:57 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Local\Apps[2013/05/29 23:08:56 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Local\Deployment[2013/05/29 22:44:46 | 000,000,000 | ---D | C] -- C:\ProgramData\ErrorEND[2013/05/29 21:22:27 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll[2013/05/29 21:20:26 | 002,452,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat[2013/05/29 21:19:57 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll[2013/05/29 21:19:57 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll[2013/05/29 21:19:53 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll[2013/05/29 21:19:50 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll[2013/05/29 21:15:41 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll[2013/05/29 21:15:41 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll[2013/05/29 21:15:41 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll[2013/05/29 21:13:35 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE[2013/05/29 21:13:34 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll[2013/05/29 21:13:34 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE[2013/05/29 21:13:34 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE[2013/05/29 21:13:34 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE[2013/05/29 21:13:34 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe[2013/05/29 21:13:34 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE[2013/05/29 21:10:38 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll[2013/05/29 21:10:37 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll[2013/05/29 21:10:37 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll[2013/05/29 21:10:37 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll[2013/05/29 21:10:36 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll[2013/05/29 21:09:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll[2013/05/29 21:09:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll[2013/05/29 21:06:06 | 002,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll[2013/05/29 21:06:06 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll[2013/05/29 21:06:05 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe[2013/05/29 21:06:05 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe[2013/05/29 21:06:05 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll[2013/05/29 21:06:03 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL[2013/05/29 20:57:16 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll[2013/05/29 20:57:16 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll[2013/05/29 20:55:42 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll[2013/05/29 20:55:42 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll[2013/05/29 20:54:56 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll[2013/05/29 20:52:45 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl[2013/05/29 20:46:35 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax[2013/05/29 20:46:35 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax[2013/05/29 20:41:10 | 002,927,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe[2013/05/29 20:37:07 | 001,808,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0046.dll[2013/05/29 20:37:07 | 001,793,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0045.dll[2013/05/29 20:37:06 | 001,782,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0039.dll[2013/05/29 20:37:06 | 001,558,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0049.dll[2013/05/29 20:37:06 | 001,411,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0047.dll[2013/05/29 20:37:06 | 001,236,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0020.dll[2013/05/29 20:37:05 | 005,499,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0022.dll[2013/05/29 20:37:05 | 002,136,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0021.dll[2013/05/29 20:37:04 | 007,964,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0024.dll[2013/05/29 20:37:04 | 005,791,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0026.dll[2013/05/29 20:37:03 | 006,224,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0027.dll[2013/05/29 20:37:03 | 004,175,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0010.dll[2013/05/29 20:37:02 | 004,981,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0013.dll[2013/05/29 20:37:02 | 003,331,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0018.dll[2013/05/29 20:37:02 | 002,466,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0011.dll[2013/05/29 20:37:01 | 006,781,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0019.dll[2013/05/29 20:37:00 | 011,722,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0001.dll[2013/05/29 20:37:00 | 004,164,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0002.dll[2013/05/29 20:36:59 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll[2013/05/29 20:36:59 | 001,452,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0003.dll[2013/05/29 20:36:58 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll[2013/05/29 20:36:57 | 004,093,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004c.dll[2013/05/29 20:36:57 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004a.dll[2013/05/29 20:36:57 | 001,702,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004b.dll[2013/05/29 20:36:56 | 004,045,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons003e.dll[2013/05/29 20:36:56 | 001,972,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004e.dll[2013/05/29 20:36:56 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons002a.dll[2013/05/29 20:36:55 | 006,585,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001b.dll[2013/05/29 20:36:55 | 006,014,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001a.dll[2013/05/29 20:36:54 | 009,892,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000a.dll[2013/05/29 20:36:54 | 006,346,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001d.dll[2013/05/29 20:36:53 | 006,237,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000c.dll[2013/05/29 20:36:53 | 001,722,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000d.dll[2013/05/29 20:36:52 | 005,654,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000f.dll[2013/05/29 20:36:52 | 005,090,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0416.dll[2013/05/29 20:36:52 | 004,616,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0414.dll[2013/05/29 20:36:51 | 007,042,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons081a.dll[2013/05/29 20:36:51 | 005,031,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0816.dll[2013/05/29 20:36:50 | 005,071,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsModels0011.dll[2013/05/29 20:36:50 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0046.dll[2013/05/29 20:36:50 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0045.dll[2013/05/29 20:36:49 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0047.dll[2013/05/29 20:36:48 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0049.dll[2013/05/29 20:36:48 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0039.dll[2013/05/29 20:36:48 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0020.dll[2013/05/29 20:36:48 | 001,801,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0021.dll[2013/05/29 20:36:47 | 001,966,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0027.dll[2013/05/29 20:36:47 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0026.dll[2013/05/29 20:36:47 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0024.dll[2013/05/29 20:36:47 | 001,801,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0022.dll[2013/05/29 20:36:46 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0010.dll[2013/05/29 20:36:46 | 002,657,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0011.dll[2013/05/29 20:36:45 | 003,466,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0013.dll[2013/05/29 20:36:45 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0018.dll[2013/05/29 20:36:44 | 004,497,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0019.dll[2013/05/29 20:36:44 | 002,599,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0001.dll[2013/05/29 20:36:44 | 001,523,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0000.dll[2013/05/29 20:36:43 | 002,243,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0007.dll[2013/05/29 20:36:43 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0003.dll[2013/05/29 20:36:43 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0002.dll[2013/05/29 20:36:42 | 004,875,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0009.dll[2013/05/29 20:36:42 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004b.dll[2013/05/29 20:36:42 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004a.dll[2013/05/29 20:36:41 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004e.dll[2013/05/29 20:36:41 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004c.dll[2013/05/29 20:36:41 | 001,801,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData003e.dll[2013/05/29 20:36:40 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001d.dll[2013/05/29 20:36:40 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001b.dll[2013/05/29 20:36:40 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001a.dll[2013/05/29 20:36:40 | 001,801,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData002a.dll[2013/05/29 20:36:39 | 009,847,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000a.dll[2013/05/29 20:36:39 | 002,643,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000c.dll[2013/05/29 20:36:38 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0414.dll[2013/05/29 20:36:38 | 002,342,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000d.dll[2013/05/29 20:36:38 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000f.dll[2013/05/29 20:36:37 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0816.dll[2013/05/29 20:36:37 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0416.dll[2013/05/29 20:36:37 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll[2013/05/29 20:36:36 | 006,917,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0c1a.dll[2013/05/29 20:36:36 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData081a.dll[2013/05/29 20:36:35 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0c1a.dll[2013/05/29 20:33:43 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll[2013/05/29 20:33:34 | 000,988,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe[2013/05/29 20:33:34 | 000,927,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe[2013/05/29 20:33:33 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll[2013/05/29 20:33:33 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe[2013/05/29 20:33:33 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srdelayed.exe[2013/05/29 20:33:32 | 000,019,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll[2013/05/29 20:33:31 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll[2013/05/29 20:33:30 | 000,615,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll[2013/05/29 20:32:15 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll[2013/05/29 20:32:14 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe[2013/05/29 20:32:12 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll[2013/05/29 20:32:12 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll[2013/05/29 20:32:12 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe[2013/05/29 20:32:11 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll[2013/05/29 20:32:11 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll[2013/05/29 20:31:37 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm[2013/05/29 20:31:37 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm[2013/05/29 20:28:27 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll[2013/05/29 20:28:27 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll[2013/05/29 20:27:05 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll[2013/05/29 20:27:03 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll[2013/05/29 20:24:50 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printcom.dll[2013/05/29 20:24:08 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys[2013/05/29 20:24:08 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshrm.dll[2013/05/29 20:23:18 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb[2013/05/29 20:23:18 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb[2013/05/29 20:22:42 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe[2013/05/29 20:22:42 | 000,329,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll[2013/05/29 20:22:42 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll[2013/05/29 20:22:41 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe[2013/05/29 20:22:41 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll[2013/05/29 20:22:40 | 000,511,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe[2013/05/29 20:22:40 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll[2013/05/29 20:22:39 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe[2013/05/29 20:22:39 | 000,472,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll[2013/05/29 20:20:33 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA[2013/05/29 20:19:54 | 000,062,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll[2013/05/29 20:19:53 | 002,557,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll[2013/05/29 20:18:51 | 000,053,024 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll[2013/05/29 20:17:06 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation[2013/05/29 20:16:46 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation[2013/05/29 20:05:53 | 000,622,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe[2013/05/29 20:05:52 | 000,097,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll[2013/05/29 20:05:52 | 000,037,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl[2013/05/29 20:05:52 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll[2013/05/29 20:05:38 | 000,105,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll[2013/05/29 20:05:33 | 000,781,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll[2013/05/29 19:43:10 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll[2013/05/29 19:43:09 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll[2013/05/29 05:15:18 | 001,695,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll[2013/05/29 05:14:42 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe[2013/05/29 05:14:41 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll[2013/05/29 05:13:55 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll[2013/05/29 05:02:28 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll[2013/05/29 05:00:20 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll[2013/05/29 04:58:39 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll[2013/05/29 04:58:39 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll[2013/05/29 04:58:03 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL[2013/05/29 04:57:06 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll[2013/05/29 04:57:05 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx[2013/05/29 04:57:05 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll[2013/05/29 04:56:57 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe[2013/05/29 04:31:56 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Roaming\AVG2013[2013/05/29 04:29:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG[2013/05/29 04:29:51 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Roaming\TuneUp Software[2013/05/29 04:27:29 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013[2013/05/29 04:27:29 | 000,000,000 | ---D | C] -- C:\$AVG[2013/05/29 04:23:53 | 000,000,000 | ---D | C] -- C:\Program Files\AVG[2013/05/29 04:19:57 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files[2013/05/29 04:19:56 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Local\MFAData[2013/05/29 04:19:56 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData[2013/05/29 04:19:56 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Local\Avg2013[2013/05/29 03:48:01 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Symantec[2013/05/29 03:14:09 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll[2013/05/29 03:05:59 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0[2013/05/29 02:51:49 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Local\WindowsUpdate[2013/05/29 02:13:47 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Local\Hewlett-Packard[2013/05/29 02:12:36 | 000,000,000 | R--D | C] -- C:\Users\mafineart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools[2013/05/29 02:12:35 | 000,000,000 | R--D | C] -- C:\Users\mafineart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup[2013/05/29 02:12:35 | 000,000,000 | R--D | C] -- C:\Users\mafineart\Searches[2013/05/29 02:12:29 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Roaming\Identities[2013/05/29 02:12:26 | 000,000,000 | R--D | C] -- C:\Users\mafineart\Contacts[2013/05/29 00:16:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\oem[2013/05/28 23:47:16 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Local\VirtualStore[2013/05/28 23:36:23 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Roaming\Hewlett-Packard[2013/05/28 23:34:14 | 000,000,000 | --SD | C] -- C:\Users\mafineart\AppData\Roaming\Microsoft[2013/05/28 23:34:14 | 000,000,000 | R--D | C] -- C:\Users\mafineart\Videos[2013/05/28 23:34:14 | 000,000,000 | R--D | C] -- C:\Users\mafineart\Saved Games[2013/05/28 23:34:14 | 000,000,000 | R--D | C] -- C:\Users\mafineart\Pictures[2013/05/28 23:34:14 | 000,000,000 | R--D | C] -- C:\Users\mafineart\Music[2013/05/28 23:34:14 | 000,000,000 | R--D | C] -- C:\Users\mafineart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance[2013/05/28 23:34:14 | 000,000,000 | R--D | C] -- C:\Users\mafineart\Links[2013/05/28 23:34:14 | 000,000,000 | R--D | C] -- C:\Users\mafineart\Favorites[2013/05/28 23:34:14 | 000,000,000 | R--D | C] -- C:\Users\mafineart\Downloads[2013/05/28 23:34:14 | 000,000,000 | R--D | C] -- C:\Users\mafineart\Documents[2013/05/28 23:34:14 | 000,000,000 | R--D | C] -- C:\Users\mafineart\Desktop[2013/05/28 23:34:14 | 000,000,000 | R--D | C] -- C:\Users\mafineart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories[2013/05/28 23:34:14 | 000,000,000 | -HSD | C] -- C:\Users\mafineart\AppData\Local\Temporary Internet Files[2013/05/28 23:34:14 | 000,000,000 | -HSD | C] -- C:\Users\mafineart\Templates[2013/05/28 23:34:14 | 000,000,000 | -HSD | C] -- C:\Users\mafineart\Start Menu[2013/05/28 23:34:14 | 000,000,000 | -HSD | C] -- C:\Users\mafineart\SendTo[2013/05/28 23:34:14 | 000,000,000 | -HSD | C] -- C:\Users\mafineart\Recent[2013/05/28 23:34:14 | 000,000,000 | -HSD | C] -- C:\Users\mafineart\PrintHood[2013/05/28 23:34:14 | 000,000,000 | -HSD | C] -- C:\Users\mafineart\NetHood[2013/05/28 23:34:14 | 000,000,000 | -HSD | C] -- C:\Users\mafineart\Documents\My Videos[2013/05/28 23:34:14 | 000,000,000 | -HSD | C] -- C:\Users\mafineart\Documents\My Pictures[2013/05/28 23:34:14 | 000,000,000 | -HSD | C] -- C:\Users\mafineart\Documents\My Music[2013/05/28 23:34:14 | 000,000,000 | -HSD | C] -- C:\Users\mafineart\My Documents[2013/05/28 23:34:14 | 000,000,000 | -HSD | C] -- C:\Users\mafineart\Local Settings[2013/05/28 23:34:14 | 000,000,000 | -HSD | C] -- C:\Users\mafineart\AppData\Local\History[2013/05/28 23:34:14 | 000,000,000 | -HSD | C] -- C:\Users\mafineart\Cookies[2013/05/28 23:34:14 | 000,000,000 | -HSD | C] -- C:\Users\mafineart\Application Data[2013/05/28 23:34:14 | 000,000,000 | -HSD | C] -- C:\Users\mafineart\AppData\Local\Application Data[2013/05/28 23:34:14 | 000,000,000 | -H-D | C] -- C:\Users\mafineart\AppData[2013/05/28 23:34:14 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Local\Microsoft[2013/05/28 23:34:14 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Roaming\Media Center Programs[2013/05/28 23:30:36 | 000,000,000 | -HSD | C] -- C:\ProgramData\Templates[2013/05/28 23:30:36 | 000,000,000 | -HSD | C] -- C:\ProgramData\Start Menu[2013/05/28 23:30:36 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Videos[2013/05/28 23:30:36 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Pictures[2013/05/28 23:30:36 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Music[2013/05/28 23:30:36 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favorites[2013/05/28 23:30:36 | 000,000,000 | -HSD | C] -- C:\Documents and Settings[2013/05/28 23:30:36 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documents[2013/05/28 23:30:36 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop[2013/05/28 23:30:36 | 000,000,000 | -HSD | C] -- C:\ProgramData\Application Data[2013/05/28 23:22:23 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution[2013/05/28 23:20:09 | 000,000,000 | -HSD | C] -- C:\System Volume Information========== Files - Modified Within 30 Days ==========[2013/06/08 21:45:57 | 000,604,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat[2013/06/08 21:45:57 | 000,103,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat[2013/06/08 21:44:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\mafineart\Desktop\OTL.exe[2013/06/08 21:40:05 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job[2013/06/08 21:38:24 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0[2013/06/08 21:38:24 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0[2013/06/08 21:38:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat[2013/06/08 21:38:11 | 938,008,576 | -HS- | M] () -- C:\hiberfil.sys[2013/06/08 04:37:19 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts[2013/06/08 04:19:02 | 005,078,746 | R--- | M] (Swearware) -- C:\Users\mafineart\Desktop\ComboFix.exe[2013/06/08 04:14:27 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job[2013/06/08 04:14:06 | 000,001,699 | ---- | M] () -- C:\Users\mafineart\Desktop\Notepad (2).lnk[2013/06/07 01:21:49 | 000,001,973 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk[2013/06/07 00:54:10 | 000,890,839 | ---- | M] () -- C:\Users\mafineart\Desktop\SecurityCheck.exe[2013/06/07 00:39:39 | 002,240,352 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\mafineart\Desktop\tdsskiller.exe[2013/06/05 17:20:01 | 001,036,579 | ---- | M] () -- C:\Users\mafineart\Desktop\DSCN8727.jpg[2013/06/05 15:15:43 | 000,001,614 | ---- | M] () -- C:\Users\mafineart\Desktop\Calculator (2).lnk[2013/06/04 16:06:26 | 000,000,450 | ---- | M] () -- C:\Users\mafineart\AppData\Roaming\wklnhst.dat[2013/06/04 14:13:27 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk[2013/06/03 17:10:29 | 000,001,152 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk[2013/06/03 17:03:34 | 000,000,830 | ---- | M] () -- C:\Users\mafineart\Desktop\ExtractNow.lnk[2013/06/03 13:22:10 | 002,215,456 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT[2013/05/31 17:09:50 | 000,000,526 | ---- | M] () -- C:\Users\mafineart\Desktop\bs.rtf[2013/05/31 16:25:11 | 000,000,593 | ---- | M] () -- C:\Users\mafineart\Desktop\piratebay.rtf[2013/05/31 14:23:33 | 000,000,917 | ---- | M] () -- C:\Users\mafineart\Desktop\Windows Mail.lnk[2013/05/31 13:04:30 | 000,000,240 | ---- | M] () -- C:\Users\mafineart\Desktop\Document.rtf[2013/05/31 13:04:25 | 000,002,632 | ---- | M] () -- C:\Users\mafineart\Desktop\gmail account.eml[2013/05/30 15:35:54 | 000,001,858 | ---- | M] () -- C:\Users\Public\Desktop\Canon Solution Menu EX.lnk[2013/05/30 15:11:55 | 000,115,019 | ---- | M] () -- C:\Users\mafineart\Desktop\enchante.jpg[2013/05/30 15:07:16 | 000,005,632 | ---- | M] () -- C:\Users\mafineart\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2013/05/30 14:36:58 | 000,002,659 | ---- | M] () -- C:\Users\mafineart\Desktop\Restoring Windows Mail Account Settings - TechSpot Forums.lnk[2013/05/30 11:14:15 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf[2013/05/30 11:05:17 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe[2013/05/30 11:05:17 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl[2013/05/30 10:54:54 | 000,000,945 | ---- | M] () -- C:\Users\mafineart\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk[2013/05/30 07:43:29 | 000,101,888 | ---- | M] (Infineon Technologies AG) -- C:\Windows\System32\ifxcardm.dll[2013/05/30 07:43:13 | 000,082,432 | ---- | M] (Gemalto, Inc.) -- C:\Windows\System32\axaltocm.dll[2013/05/30 07:34:22 | 000,049,152 | ---- | M] () -- C:\Windows\SPInstall.etl[2013/05/30 06:57:36 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SPWizUI.dll[2013/05/30 06:57:36 | 000,047,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SPReview.exe[2013/05/30 05:30:35 | 000,000,647 | ---- | M] () -- C:\Users\mafineart\Desktop\New Pics.lnk[2013/05/30 05:18:24 | 000,000,945 | ---- | M] () -- C:\Users\mafineart\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser - Copy.lnk[2013/05/30 04:24:56 | 000,000,635 | ---- | M] () -- C:\Users\mafineart\Desktop\Images - Shortcut.lnk[2013/05/30 04:19:11 | 000,000,295 | ---- | M] () -- C:\Users\mafineart\Application Data\Microsoft\Internet Explorer\Quick Launch\HP © - Shortcut.lnk[2013/05/30 03:56:51 | 000,000,295 | ---- | M] () -- C:\Users\mafineart\Desktop\HP © - Shortcut.lnk[2013/05/30 02:51:17 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll[2013/05/30 02:51:12 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\HideWin.exe[2013/05/30 01:48:36 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll[2013/05/30 01:48:35 | 000,272,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\polstore.dll[2013/05/30 01:22:33 | 000,001,255 | ---- | M] () -- C:\Users\mafineart\Desktop\ERRORS.rtf[2013/05/29 23:55:10 | 000,001,875 | ---- | M] () -- C:\Users\mafineart\Application Data\Microsoft\Internet Explorer\Quick Launch\Wordpad.lnk[2013/05/29 23:54:51 | 000,001,614 | ---- | M] () -- C:\Users\mafineart\Desktop\Calculator.lnk[2013/05/29 23:54:38 | 000,001,699 | ---- | M] () -- C:\Users\mafineart\Desktop\Notepad.lnk[2013/05/29 23:54:25 | 000,001,875 | ---- | M] () -- C:\Users\mafineart\Desktop\Wordpad.lnk[2013/05/29 23:51:17 | 000,001,997 | ---- | M] () -- C:\Users\mafineart\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk[2013/05/29 22:27:56 | 000,000,945 | ---- | M] () -- C:\Users\mafineart\Desktop\Launch Internet Explorer Browser.lnk[2013/05/29 21:22:27 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll[2013/05/29 21:20:26 | 002,452,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat[2013/05/29 21:19:57 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll[2013/05/29 21:19:57 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll[2013/05/29 21:19:53 | 000,180,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll[2013/05/29 21:19:50 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll[2013/05/29 21:17:25 | 000,001,820 | ---- | M] () -- C:\Windows\System32\rasctrnm.h[2013/05/29 21:15:41 | 000,241,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll[2013/05/29 21:15:41 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll[2013/05/29 21:15:41 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll[2013/05/29 21:13:35 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE[2013/05/29 21:13:34 | 000,104,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll[2013/05/29 21:13:34 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE[2013/05/29 21:13:34 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE[2013/05/29 21:13:34 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE[2013/05/29 21:13:34 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\finger.exe[2013/05/29 21:13:34 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE[2013/05/29 21:10:38 | 002,501,921 | ---- | M] () -- C:\Windows\System32\wlan.tmf[2013/05/29 21:10:38 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll[2013/05/29 21:10:37 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll[2013/05/29 21:10:37 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll[2013/05/29 21:10:37 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll[2013/05/29 21:10:36 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll[2013/05/29 21:10:36 | 000,015,181 | ---- | M] () -- C:\Windows\System32\gatherWirelessInfo.vbs[2013/05/29 21:09:41 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll[2013/05/29 21:09:39 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll[2013/05/29 21:06:06 | 002,868,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mf.dll[2013/05/29 21:06:06 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll[2013/05/29 21:06:05 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe[2013/05/29 21:06:05 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe[2013/05/29 21:06:05 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll[2013/05/29 21:06:03 | 002,386,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL[2013/05/29 20:57:17 | 000,562,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll[2013/05/29 20:57:16 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll[2013/05/29 20:55:42 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll[2013/05/29 20:55:42 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll[2013/05/29 20:54:56 | 000,303,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll[2013/05/29 20:52:45 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl[2013/05/29 20:46:35 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax[2013/05/29 20:46:35 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax[2013/05/29 20:41:10 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe[2013/05/29 20:37:07 | 001,808,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0046.dll[2013/05/29 20:37:07 | 001,793,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0045.dll[2013/05/29 20:37:06 | 001,782,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0039.dll[2013/05/29 20:37:06 | 001,558,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0049.dll[2013/05/29 20:37:06 | 001,411,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0047.dll[2013/05/29 20:37:06 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0020.dll[2013/05/29 20:37:05 | 007,964,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0024.dll[2013/05/29 20:37:05 | 005,499,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0022.dll[2013/05/29 20:37:05 | 002,136,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0021.dll[2013/05/29 20:37:04 | 005,791,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0026.dll[2013/05/29 20:37:03 | 006,224,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0027.dll[2013/05/29 20:37:03 | 004,175,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0010.dll[2013/05/29 20:37:02 | 004,981,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0013.dll[2013/05/29 20:37:02 | 003,331,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0018.dll[2013/05/29 20:37:02 | 002,466,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0011.dll[2013/05/29 20:37:01 | 006,781,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0019.dll[2013/05/29 20:37:00 | 011,722,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0001.dll[2013/05/29 20:37:00 | 004,164,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0002.dll[2013/05/29 20:36:59 | 012,240,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll[2013/05/29 20:36:59 | 001,452,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0003.dll[2013/05/29 20:36:58 | 003,419,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004a.dll[2013/05/29 20:36:58 | 002,644,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll[2013/05/29 20:36:57 | 004,093,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004c.dll[2013/05/29 20:36:57 | 001,972,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004e.dll[2013/05/29 20:36:57 | 001,702,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004b.dll[2013/05/29 20:36:56 | 004,045,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons003e.dll[2013/05/29 20:36:56 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons002a.dll[2013/05/29 20:36:55 | 006,585,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001b.dll[2013/05/29 20:36:55 | 006,346,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001d.dll[2013/05/29 20:36:55 | 006,014,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001a.dll[2013/05/29 20:36:54 | 009,892,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000a.dll[2013/05/29 20:36:53 | 006,237,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000c.dll[2013/05/29 20:36:53 | 005,654,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000f.dll[2013/05/29 20:36:53 | 001,722,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000d.dll[2013/05/29 20:36:52 | 005,090,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0416.dll[2013/05/29 20:36:52 | 004,616,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0414.dll[2013/05/29 20:36:51 | 007,042,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons081a.dll[2013/05/29 20:36:51 | 005,031,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0816.dll[2013/05/29 20:36:50 | 005,071,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsModels0011.dll[2013/05/29 20:36:50 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0046.dll[2013/05/29 20:36:50 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0045.dll[2013/05/29 20:36:49 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0049.dll[2013/05/29 20:36:49 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0047.dll[2013/05/29 20:36:48 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0039.dll[2013/05/29 20:36:48 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0020.dll[2013/05/29 20:36:48 | 001,801,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0021.dll[2013/05/29 20:36:47 | 001,966,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0027.dll[2013/05/29 20:36:47 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0026.dll[2013/05/29 20:36:47 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0024.dll[2013/05/29 20:36:47 | 001,801,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0022.dll[2013/05/29 20:36:46 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0010.dll[2013/05/29 20:36:46 | 002,657,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0011.dll[2013/05/29 20:36:45 | 003,466,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0013.dll[2013/05/29 20:36:45 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0018.dll[2013/05/29 20:36:45 | 001,523,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0000.dll[2013/05/29 20:36:44 | 004,497,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0019.dll[2013/05/29 20:36:44 | 002,599,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0001.dll[2013/05/29 20:36:44 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0002.dll[2013/05/29 20:36:43 | 004,875,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0009.dll[2013/05/29 20:36:43 | 002,243,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0007.dll[2013/05/29 20:36:43 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0003.dll[2013/05/29 20:36:42 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004c.dll[2013/05/29 20:36:42 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004b.dll[2013/05/29 20:36:42 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004a.dll[2013/05/29 20:36:41 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004e.dll[2013/05/29 20:36:41 | 001,801,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData003e.dll[2013/05/29 20:36:41 | 001,801,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData002a.dll[2013/05/29 20:36:40 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData001d.dll[2013/05/29 20:36:40 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData001b.dll[2013/05/29 20:36:40 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData001a.dll[2013/05/29 20:36:39 | 009,847,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000a.dll[2013/05/29 20:36:39 | 002,643,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000c.dll[2013/05/29 20:36:38 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0414.dll[2013/05/29 20:36:38 | 002,342,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000d.dll[2013/05/29 20:36:38 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000f.dll[2013/05/29 20:36:37 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0816.dll[2013/05/29 20:36:37 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0416.dll[2013/05/29 20:36:37 | 000,801,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll[2013/05/29 20:36:36 | 006,917,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0c1a.dll[2013/05/29 20:36:36 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData081a.dll[2013/05/29 20:36:35 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0c1a.dll[2013/05/29 20:33:43 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll[2013/05/29 20:33:34 | 000,988,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winload.exe[2013/05/29 20:33:34 | 000,927,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe[2013/05/29 20:33:33 | 000,378,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll[2013/05/29 20:33:33 | 000,318,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe[2013/05/29 20:33:33 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srdelayed.exe[2013/05/29 20:33:32 | 000,019,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll[2013/05/29 20:33:31 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll[2013/05/29 20:33:30 | 000,615,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ci.dll[2013/05/29 20:32:15 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll[2013/05/29 20:32:14 | 000,666,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe[2013/05/29 20:32:12 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll[2013/05/29 20:32:12 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll[2013/05/29 20:32:12 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe[2013/05/29 20:32:11 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll[2013/05/29 20:32:11 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll[2013/05/29 20:31:37 | 000,220,672 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm[2013/05/29 20:31:37 | 000,062,464 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm[2013/05/29 20:28:27 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll[2013/05/29 20:28:27 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll[2013/05/29 20:27:05 | 000,425,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll[2013/05/29 20:27:03 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll[2013/05/29 20:24:50 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printcom.dll[2013/05/29 20:24:08 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys[2013/05/29 20:24:08 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wshrm.dll[2013/05/29 20:23:18 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb[2013/05/29 20:23:18 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb[2013/05/29 20:22:42 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe[2013/05/29 20:22:42 | 000,329,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll[2013/05/29 20:22:42 | 000,151,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll[2013/05/29 20:22:41 | 000,346,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe[2013/05/29 20:22:41 | 000,151,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll[2013/05/29 20:22:40 | 000,511,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe[2013/05/29 20:22:40 | 000,472,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll[2013/05/29 20:22:39 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe[2013/05/29 20:22:39 | 000,472,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll[2013/05/29 20:05:53 | 000,622,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe[2013/05/29 20:05:52 | 000,097,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll[2013/05/29 20:05:52 | 000,037,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl[2013/05/29 20:05:52 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll[2013/05/29 20:05:38 | 000,105,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll[2013/05/29 20:05:33 | 000,781,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll[2013/05/29 19:53:51 | 025,231,360 | ---- | M] () -- C:\Windows\ocsetup_install_NetFx3.etl[2013/05/29 19:53:51 | 000,049,152 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf[2013/05/29 19:53:51 | 000,016,384 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx[2013/05/29 19:43:10 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll[2013/05/29 19:43:09 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll[2013/05/29 05:44:55 | 000,000,215 | ---- | M] () -- C:\Users\mafineart\Desktop\Download Windows Vista Service Pack 1 Five Language Standalone (KB936330) from Official Microsoft Download Center.url[2013/05/29 05:15:18 | 001,695,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll[2013/05/29 05:14:42 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe[2013/05/29 05:14:41 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll[2013/05/29 05:13:55 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll[2013/05/29 05:02:28 | 001,645,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\connect.dll[2013/05/29 05:00:20 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll[2013/05/29 04:58:39 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll[2013/05/29 04:58:39 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll[2013/05/29 04:58:03 | 000,604,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL[2013/05/29 04:57:06 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll[2013/05/29 04:57:05 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx[2013/05/29 04:56:57 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe[2013/05/29 04:29:52 | 000,000,844 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk[2013/05/29 03:14:09 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll[2013/05/29 02:24:42 | 000,001,820 | RHS- | M] () -- C:\Windows\System32\drivers\103C_HP_CPC_RK573AA-ABA a1710n_YC_0Pavi_QCNH703_E71NAv3PrA2_49_INODUSM3_SASUSTek Computer INC._V1.05_B5.04_T061215_WUH0_L409_M895_J320_7AMD_8Athlon 64 X2 Dual Core_92.2_#070328_N10DE0269_Z14F12F20_G10DE0241.MRK[2013/05/29 02:11:52 | 000,001,843 | ---- | M] () -- C:\Users\Public\Desktop\Easy Internet Services.lnk[2013/05/29 02:10:45 | 000,000,044 | ---- | M] () -- C:\Windows\System\hpsysdrv.dat========== Files Created - No Company Name ==========[2013/06/08 04:14:06 | 000,001,699 | ---- | C] () -- C:\Users\mafineart\Desktop\Notepad (2).lnk[2013/06/07 01:29:05 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe[2013/06/07 01:29:05 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe[2013/06/07 01:29:05 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe[2013/06/07 01:29:05 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe[2013/06/07 01:29:05 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe[2013/06/07 00:54:05 | 000,890,839 | ---- | C] () -- C:\Users\mafineart\Desktop\SecurityCheck.exe[2013/06/05 17:20:00 | 001,036,579 | ---- | C] () -- C:\Users\mafineart\Desktop\DSCN8727.jpg[2013/06/05 15:15:43 | 000,001,614 | ---- | C] () -- C:\Users\mafineart\Desktop\Calculator (2).lnk[2013/06/04 15:47:30 | 938,008,576 | -HS- | C] () -- C:\hiberfil.sys[2013/06/04 14:13:27 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk[2013/06/03 17:10:29 | 000,001,152 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk[2013/06/03 17:10:27 | 000,000,967 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady 7.0.lnk[2013/06/03 17:10:27 | 000,000,962 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 7.0.lnk[2013/06/03 17:03:34 | 000,000,830 | ---- | C] () -- C:\Users\mafineart\Desktop\ExtractNow.lnk[2013/05/31 17:09:50 | 000,000,526 | ---- | C] () -- C:\Users\mafineart\Desktop\bs.rtf[2013/05/31 16:45:40 | 000,115,019 | ---- | C] () -- C:\Users\mafineart\Desktop\enchante.jpg[2013/05/31 16:22:41 | 000,000,593 | ---- | C] () -- C:\Users\mafineart\Desktop\prices ebay.rtf[2013/05/31 14:23:33 | 000,000,917 | ---- | C] () -- C:\Users\mafineart\Desktop\Windows Mail.lnk[2013/05/31 13:04:29 | 000,000,240 | ---- | C] () -- C:\Users\mafineart\Desktop\Document.rtf[2013/05/31 13:04:24 | 000,002,632 | ---- | C] () -- C:\Users\mafineart\Desktop\gmail account.eml[2013/05/31 03:40:14 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin[2013/05/31 03:40:14 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin[2013/05/31 03:40:11 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex[2013/05/31 03:04:04 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs[2013/05/31 03:04:04 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml[2013/05/31 03:04:04 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl[2013/05/30 15:35:54 | 000,001,858 | ---- | C] () -- C:\Users\Public\Desktop\Canon Solution Menu EX.lnk[2013/05/30 15:32:34 | 000,015,872 | ---- | C] () -- C:\Windows\System32\CNC1750D.TBL[2013/05/30 14:36:58 | 000,002,659 | ---- | C] () -- C:\Users\mafineart\Desktop\Restoring Windows Mail Account Settings - TechSpot Forums.lnk[2013/05/30 11:16:33 | 000,000,450 | ---- | C] () -- C:\Users\mafineart\AppData\Roaming\wklnhst.dat[2013/05/30 11:16:22 | 000,020,992 | ---- | C] () -- C:\Users\mafineart\Desktop\phonebook.wdb[2013/05/30 11:14:15 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf[2013/05/30 10:54:54 | 000,000,945 | ---- | C] () -- C:\Users\mafineart\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk[2013/05/30 07:06:43 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01007_Inbox_Critical.Wdf[2013/05/30 07:06:12 | 000,080,047 | ---- | C] () -- C:\Windows\System32\slmgr.vbs[2013/05/30 07:06:06 | 000,261,163 | ---- | C] () -- C:\Windows\System32\onex.tmf[2013/05/30 07:06:04 | 000,145,455 | ---- | C] () -- C:\Windows\System32\perfmon.msc[2013/05/30 07:06:01 | 000,009,987 | ---- | C] () -- C:\Windows\System32\RacUR.xml[2013/05/30 07:06:01 | 000,000,150 | ---- | C] () -- C:\Windows\System32\RacUREx.xml[2013/05/30 07:05:51 | 000,289,467 | ---- | C] () -- C:\Windows\System32\dot3.tmf[2013/05/30 07:05:50 | 000,206,830 | ---- | C] () -- C:\Windows\System32\eaphost.tmf[2013/05/30 07:05:26 | 000,144,909 | ---- | C] () -- C:\Windows\System32\fsmgmt.msc[2013/05/30 07:05:23 | 000,012,198 | ---- | C] () -- C:\Windows\System32\gatherWiredInfo.vbs[2013/05/30 07:05:20 | 000,175,508 | ---- | C] () -- C:\Windows\System32\WFP.TMF[2013/05/30 07:04:54 | 000,132,148 | ---- | C] () -- C:\Windows\System32\systemsf.ebd[2013/05/30 06:59:19 | 000,049,152 | ---- | C] () -- C:\Windows\SPInstall.etl[2013/05/30 05:30:34 | 000,000,647 | ---- | C] () -- C:\Users\mafineart\Desktop\New Pics.lnk[2013/05/30 05:18:24 | 000,000,945 | ---- | C] () -- C:\Users\mafineart\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser - Copy.lnk[2013/05/30 05:09:02 | 000,024,255 | ---- | C] () -- C:\Users\mafineart\Documents\Consigns.pdf[2013/05/30 05:08:43 | 000,014,848 | ---- | C] () -- C:\Users\mafineart\Documents\DAC invoice.xlr[2013/05/30 05:08:21 | 000,035,840 | ---- | C] () -- C:\Users\mafineart\Documents\Bio.wps[2013/05/30 05:08:21 | 000,032,993 | ---- | C] () -- C:\Users\mafineart\Documents\BIO.pdf[2013/05/30 04:52:20 | 000,005,632 | ---- | C] () -- C:\Users\mafineart\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2013/05/30 04:32:06 | 000,770,136 | ---- | C] () -- C:\Users\mafineart\Desktop\darthy.jpg[2013/05/30 04:24:56 | 000,000,635 | ---- | C] () -- C:\Users\mafineart\Desktop\Images - Shortcut.lnk[2013/05/30 04:19:11 | 000,000,295 | ---- | C] () -- C:\Users\mafineart\Application Data\Microsoft\Internet Explorer\Quick Launch\HP © - Shortcut.lnk[2013/05/30 03:56:51 | 000,000,295 | ---- | C] () -- C:\Users\mafineart\Desktop\HP © - Shortcut.lnk[2013/05/30 02:53:00 | 000,000,553 | ---- | C] () -- C:\Windows\USetup.iss[2013/05/30 00:18:32 | 000,001,255 | ---- | C] () -- C:\Users\mafineart\Desktop\ERRORS.rtf[2013/05/29 23:55:10 | 000,001,875 | ---- | C] () -- C:\Users\mafineart\Application Data\Microsoft\Internet Explorer\Quick Launch\Wordpad.lnk[2013/05/29 23:54:51 | 000,001,614 | ---- | C] () -- C:\Users\mafineart\Desktop\Calculator.lnk[2013/05/29 23:54:38 | 000,001,699 | ---- | C] () -- C:\Users\mafineart\Desktop\Notepad.lnk[2013/05/29 23:54:25 | 000,001,875 | ---- | C] () -- C:\Users\mafineart\Desktop\Wordpad.lnk[2013/05/29 23:45:37 | 000,004,984 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin[2013/05/29 23:09:57 | 000,001,997 | ---- | C] () -- C:\Users\mafineart\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk[2013/05/29 23:09:57 | 000,001,973 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk[2013/05/29 23:09:20 | 000,000,892 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job[2013/05/29 23:09:18 | 000,000,888 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job[2013/05/29 21:17:25 | 000,001,820 | ---- | C] () -- C:\Windows\System32\rasctrnm.h[2013/05/29 21:10:38 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf[2013/05/29 21:10:36 | 000,015,181 | ---- | C] () -- C:\Windows\System32\gatherWirelessInfo.vbs[2013/05/29 19:47:44 | 025,231,360 | ---- | C] () -- C:\Windows\ocsetup_install_NetFx3.etl[2013/05/29 19:47:44 | 000,049,152 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf[2013/05/29 19:47:44 | 000,016,384 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx[2013/05/29 05:44:54 | 000,000,215 | ---- | C] () -- C:\Users\mafineart\Desktop\Download Windows Vista Service Pack 1 Five Language Standalone (KB936330) from Official Microsoft Download Center.url[2013/05/29 04:29:52 | 000,000,844 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2013.lnk[2013/05/29 02:25:01 | 000,000,945 | ---- | C] () -- C:\Users\mafineart\Desktop\Launch Internet Explorer Browser.lnk[2013/05/29 02:24:34 | 000,001,820 | RHS- | C] () -- C:\Windows\System32\drivers\103C_HP_CPC_RK573AA-ABA a1710n_YC_0Pavi_QCNH703_E71NAv3PrA2_49_INODUSM3_SASUSTek Computer INC._V1.05_B5.04_T061215_WUH0_L409_M895_J320_7AMD_8Athlon 64 X2 Dual Core_92.2_#070328_N10DE0269_Z14F12F20_G10DE0241.MRK[2013/05/29 02:12:37 | 000,000,951 | ---- | C] () -- C:\Users\mafineart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk[2013/05/29 02:12:35 | 000,000,946 | ---- | C] () -- C:\Users\mafineart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk[2013/05/29 02:12:26 | 000,000,917 | ---- | C] () -- C:\Users\mafineart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk[2013/05/29 02:11:52 | 000,002,059 | ---- | C] () -- C:\Users\Public\Desktop\eBay.lnk[2013/05/29 02:11:52 | 000,002,057 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk[2013/05/29 02:11:52 | 000,001,994 | ---- | C] () -- C:\Users\Public\Desktop\MSN.lnk[2013/05/29 02:11:52 | 000,001,917 | ---- | C] () -- C:\Users\Public\Desktop\Get Vonage.lnk[2013/05/29 02:11:52 | 000,001,863 | ---- | C] () -- C:\Users\Public\Desktop\High-Speed Services.lnk[2013/05/29 02:11:52 | 000,001,843 | ---- | C] () -- C:\Users\Public\Desktop\Easy Internet Services.lnk[2013/05/29 02:11:52 | 000,001,817 | ---- | C] () -- C:\Users\Public\Desktop\AOL Sign-up.lnk[2013/05/29 02:11:52 | 000,001,342 | ---- | C] () -- C:\Users\Public\Desktop\Snapfish Photos - First 25 Prints Free.lnk[2013/05/29 02:10:45 | 000,000,044 | ---- | C] () -- C:\Windows\System\hpsysdrv.dat[2013/05/28 23:34:14 | 000,000,258 | ---- | C] () -- C:\Users\mafineart\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk[2013/05/28 23:34:14 | 000,000,240 | ---- | C] () -- C:\Users\mafineart\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk========== ZeroAccess Check ==========[2006/11/02 05:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32][HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32][HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]"" = %SystemRoot%\system32\shell32.dll -- [2011/01/21 08:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Apartment[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/05/29 20:32:13 | 000,615,424 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Free[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/01/18 23:36:50 | 000,347,648 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Both========== Alternate Data Streams ==========@Alternate Data Stream - 777 bytes -> C:\Users\mafineart\Desktop\gmail account.eml:OECustomProperty< End of report > Link to post Share on other sites More sharing options...
Buddahass Posted June 9, 2013 Author ID:689087 Share Posted June 9, 2013 OTL Extras logfile created on: 6/8/2013 9:47:14 PM - Run 1OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\mafineart\DesktopWindows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstationInternet Explorer (Version = 7.0.6001.18000)Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy893.82 Mb Total Physical Memory | 298.88 Mb Available Physical Memory | 33.44% Memory free2.00 Gb Paging File | 1.29 Gb Available in Paging File | 64.48% Paging File freePaging file location(s): ?:\pagefile.sys [binary data]%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program FilesDrive C: | 291.83 Gb Total Space | 207.04 Gb Free Space | 70.94% Space Free | Partition Type: NTFSDrive D: | 6.26 Gb Total Space | 0.88 Gb Free Space | 14.01% Space Free | Partition Type: NTFSDrive E: | 76.72 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFSComputer Name: MAFINEART-PC | User Name: mafineart | Logged in as Administrator.Boot Mode: Normal | Scan Mode: All usersCompany Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days========== Extra Registry (SafeList) ==================== File Associations ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>].cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation).url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l========== Shell Spawning ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]batfile [open] -- "%1" %*cmdfile [open] -- "%1" %*comfile [open] -- "%1" %*cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*exefile [open] -- "%1" %*helpfile [open] -- Reg Error: Key error.hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)htmlfile [edit] -- Reg Error: Key error.inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %lpiffile [open] -- "%1" %*regfile [merge] -- Reg Error: Key error.scrfile [config] -- "%1"scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %lscrfile [open] -- "%1" /Stxtfile [edit] -- Reg Error: Key error.Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)========== Security Center Settings ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]"cval" = 1"FirewallDisableNotify" = 0"AntiVirusDisableNotify" = 0"UpdatesDisableNotify" = 0[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]"DisableMonitoring" = 1[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]"DisableMonitoring" = 1[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]"DisableMonitoring" = 1[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]"AntiVirusOverride" = 0"AntiSpywareOverride" = 0"FirewallOverride" = 0"VistaSp1" = Reg Error: Unknown registry data type -- File not found[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]========== System Restore Settings ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]"DisableSR" = 0========== Firewall Settings ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall][HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile][HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]"DisableNotifications" = 0"EnableFirewall" = 1[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]"DisableNotifications" = 0"EnableFirewall" = 1[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]"DisableNotifications" = 0"EnableFirewall" = 1========== Authorized Applications List ==========[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- (EarthLink, Inc.)========== Vista Active Open Ports Exception List ==========[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]"{9EBDDD04-BC76-4FFF-94CC-0F3CF8A68AEE}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 | ========== Vista Active Application Exception List ==========[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]"{005DE927-7EEF-40A6-8695-094A821735F5}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe | "{0B208427-AC56-4A1C-98E5-D523827AEC2B}" = protocol=6 | dir=in | app=c:\program files\hp connections\6811507\program\hp connections.exe | "{1B757D18-5C6F-4F89-BB87-8FC947427FAF}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe | "{2B68D791-372B-4CEF-A81E-79B15CEEC8BC}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe | "{478C19C7-7CBC-4397-96E7-A9101ECAEAC8}" = protocol=17 | dir=in | app=c:\program files\hp connections\6811507\program\hp connections.exe | "{4DE7F4DA-8162-4F58-9CE0-886C522659F5}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe | "{554E93EA-97B8-445F-9D0E-06901AA38BE2}" = protocol=17 | dir=in | app=c:\program files\hp connections\6811507\program\hp connections.exe | "{6519C6F7-0FDA-458D-BED2-A8849B40C38E}" = protocol=6 | dir=in | app=c:\program files\hp connections\6811507\program\hp connections.exe | "{68053730-0728-44F9-B02D-B3C4ED7654B3}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe | "{6A7D98C7-5A2C-4FA7-8112-247C4DD7D547}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe | "{6C5E5C9F-D414-4C37-8F62-87426374E445}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe | "{7313F568-2BD6-410A-8191-FC2053A81B84}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe | "{754BD211-0E80-4327-8DD8-C2D6B3CCD49A}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe | "{77264ACE-CEF6-4EB4-8905-06A27E90D306}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe | "{80431B57-F86E-4C45-89BE-CBD932C34698}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe | "{8E0FFE10-86CD-4DC2-8940-459DF6B9FE21}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe | "{908201ED-415D-47A5-828F-C9F0DC2F7967}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe | "{92F139A3-B9C8-4ABB-B741-1827023BA183}" = protocol=6 | dir=in | app=c:\program files\hp connections\6811507\program\hp connections.exe | "{9721B0EC-B857-4CCB-95F4-87E2148199EF}" = dir=in | app=c:\program files\hp connections\6811507\program\hp connections | "{A211B986-8547-41C3-A5C3-89CA0841A7EA}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe | "{AA5D352D-1E79-4622-8E25-18D68CDBB002}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe | "{B03CDA11-2971-4DBB-98F3-34E824A76FDB}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe | "{BD8BBA63-2431-4266-AFBB-AD3FA28E0744}" = protocol=17 | dir=in | app=c:\program files\hp connections\6811507\program\hp connections.exe | "TCP Query User{BC82B270-5915-4A44-AB6B-36DF9E791684}C:\program files\hp\common\hpdevicedetection3.exe" = protocol=6 | dir=in | app=c:\program files\hp\common\hpdevicedetection3.exe | "UDP Query User{B7C70818-4F19-45E6-96B9-E5223DE00506}C:\program files\hp\common\hpdevicedetection3.exe" = protocol=17 | dir=in | app=c:\program files\hp\common\hpdevicedetection3.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX880_series" = Canon MX880 series MP Drivers"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR"{2AE79B77-E3FA-4F9C-93D7-4FC643516D6A}" = AVG 2013"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works"{75E71ADD-042C-4F30-BFAC-A9EC42351313}" = Python 2.4.3"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback"{A34CC51D-C2FF-4E0E-9F27-28B0249A15DD}" = HP Product Detection"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements"{AC76BA86-7AD7-1033-7B44-A70800000002}" = Adobe Reader 7.0.8"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 307.83"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 307.83"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components"{B83A15A7-2BD5-4416-BC43-AF5F9A4B08A9}" = muvee autoProducer 5.0"{C3DC29BC-A8CF-4578-9DFC-37F049C44771}" = OcxSetup"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1"{DD85D6BF-4787-4A93-99A5-3F0CF0AE8834}" = Internet Explorer Toolbar 4.8 by SweetPacks"{DEE76D44-8D7C-4A32-8FAE-A813817631FC}" = AVG 2013"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe 1.4.124.1"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver"{F94234DB-FD06-42C3-B88D-6FC4DC9F988C}" = HP Easy Setup - Core"Adobe AIR" = Adobe AIR"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX"Adobe Photoshop 7.0" = Adobe Photoshop 7.0"AVG" = AVG 2013"Canon MX880 series User Registration" = Canon MX880 series User Registration"CanonMyPrinter" = Canon My Printer"CanonSolutionMenuEX" = Canon Solution Menu EX"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Soft Data Fax Modem with SmartCP"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player"ExtractNow" = ExtractNow"Google Chrome" = Google Chrome"HPOOVClient-6811507 Uninstaller" = HP Connections (remove only)"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile"MP Navigator EX 4.1" = Canon MP Navigator EX 4.1"NVIDIA Drivers" = NVIDIA Drivers"PC-Doctor 5 for Windows" = Hardware Diagnostic Tools"WildTangent hpdesktop Master Uninstall" = My HP Games"Yahoo! Companion" = Yahoo! Toolbar for Internet Explorer"Yahoo! Toolbar" = Yahoo! Toolbar========== Last 20 Event Log Errors ==========[ Application Events ]Error - 6/4/2013 4:51:10 PM | Computer Name = mafineart-PC | Source = SideBySide | ID = 16842785Description = Activation context generation failed for "C:\Program Files\Canon\Solution Menu EX\MFC80U.DLL". Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis.Error - 6/4/2013 5:12:55 PM | Computer Name = mafineart-PC | Source = SideBySide | ID = 16842785Description = Activation context generation failed for "C:\Program Files\Canon\Solution Menu EX\MFC80U.DLL". Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis.Error - 6/4/2013 5:13:01 PM | Computer Name = mafineart-PC | Source = SideBySide | ID = 16842785Description = Activation context generation failed for "C:\Program Files\Canon\Solution Menu EX\MFC80U.DLL". Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis.Error - 6/4/2013 6:44:34 PM | Computer Name = mafineart-PC | Source = EventSystem | ID = 4609Description = Error - 6/4/2013 6:48:56 PM | Computer Name = mafineart-PC | Source = SideBySide | ID = 16842785Description = Activation context generation failed for "C:\Program Files\Canon\Solution Menu EX\MFC80U.DLL". Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis.Error - 6/4/2013 6:49:08 PM | Computer Name = mafineart-PC | Source = SideBySide | ID = 16842785Description = Activation context generation failed for "C:\Program Files\Canon\Solution Menu EX\MFC80U.DLL". Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis.Error - 6/5/2013 2:59:53 PM | Computer Name = mafineart-PC | Source = SideBySide | ID = 16842785Description = Activation context generation failed for "C:\Program Files\Canon\Solution Menu EX\MFC80U.DLL". Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis.Error - 6/5/2013 2:59:55 PM | Computer Name = mafineart-PC | Source = SideBySide | ID = 16842785Description = Activation context generation failed for "C:\Program Files\Canon\Solution Menu EX\MFC80U.DLL". Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis.Error - 6/5/2013 3:17:35 PM | Computer Name = mafineart-PC | Source = SideBySide | ID = 16842785Description = Activation context generation failed for "C:\Program Files\Canon\Solution Menu EX\MFC80U.DLL". Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis.Error - 6/5/2013 3:17:36 PM | Computer Name = mafineart-PC | Source = SideBySide | ID = 16842785Description = Activation context generation failed for "C:\Program Files\Canon\Solution Menu EX\MFC80U.DLL". Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis.[ System Events ]Error - 5/30/2013 6:46:53 AM | Computer Name = mafineart-PC | Source = Service Control Manager | ID = 7006Description = Error - 5/30/2013 6:47:50 AM | Computer Name = mafineart-PC | Source = ACPI | ID = 327686Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 2, function 0. Please contact your system vendor for technical assistance.Error - 5/30/2013 6:47:50 AM | Computer Name = mafineart-PC | Source = ACPI | ID = 327686Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 4, function 0. Please contact your system vendor for technical assistance.Error - 5/30/2013 6:49:51 AM | Computer Name = mafineart-PC | Source = Service Control Manager | ID = 7000Description = Error - 5/30/2013 8:36:27 AM | Computer Name = mafineart-PC | Source = Service Control Manager | ID = 7006Description = Error - 5/30/2013 8:48:10 AM | Computer Name = mafineart-PC | Source = Service Control Manager | ID = 7000Description = Error - 5/30/2013 9:48:26 AM | Computer Name = mafineart-PC | Source = Service Control Manager | ID = 7006Description = Error - 5/30/2013 9:49:36 AM | Computer Name = mafineart-PC | Source = ACPI | ID = 327686Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 2, function 0. Please contact your system vendor for technical assistance.Error - 5/30/2013 9:49:36 AM | Computer Name = mafineart-PC | Source = ACPI | ID = 327686Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 4, function 0. Please contact your system vendor for technical assistance.Error - 5/30/2013 10:02:28 AM | Computer Name = mafineart-PC | Source = DCOM | ID = 10010Description = < End of report > Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted June 9, 2013 ID:689251 Share Posted June 9, 2013 Please download AdwCleaner by Xplode onto your desktop.Double click on AdwCleaner.exe to run the tool.Click on Search.A logfile will automatically open after the scan has finished.Please post the contents of that logfile with your next reply.You can find the logfile at C:\AdwCleaner[R1].txt as well. Link to post Share on other sites More sharing options...
Buddahass Posted June 9, 2013 Author ID:689275 Share Posted June 9, 2013 # AdwCleaner v2.303 - Logfile created 06/09/2013 at 12:27:50# Updated 08/06/2013 by Xplode# Operating system : Windows Vista Home Premium Service Pack 1 (32 bits)# User : mafineart - MAFINEART-PC# Boot Mode : Normal# Running from : C:\Users\mafineart\Desktop\AdwCleaner.exe# Option [search]***** [services] ********** [Files / Folders] *****File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnkFile Found : C:\Users\Public\Desktop\eBay.lnkFolder Found : C:\Program Files\SweetIMFolder Found : C:\Users\mafineart\AppData\LocalLow\SweetIM***** [Registry] *****Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{DD85D6BF-4787-4A93-99A5-3F0CF0AE8834}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}Key Found : HKLM\Software\Classes\Installer\Features\FB6D58DD787439A4995AF3C00FEA8843Key Found : HKLM\Software\Classes\Installer\Products\FB6D58DD787439A4995AF3C00FEA8843Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37DKey Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239EKey Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EAKey Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33EDKey Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351CKey Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10DKey Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FB6D58DD787439A4995AF3C00FEA8843Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DD85D6BF-4787-4A93-99A5-3F0CF0AE8834}Key Found : HKLM\SOFTWARE\SoftwareKey Found : HKU\S-1-5-21-4196601509-315295840-2269700814-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]***** [internet Browsers] *****-\\ Internet Explorer v7.0.6001.18639[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10045&barid={27AD4671-CCAA-11E2-9815-001A92405806}-\\ Google Chrome v27.0.1453.110File : C:\Users\mafineart\AppData\Local\Google\Chrome\User Data\Default\PreferencesFound [l.66] : search_url = "hxxp://start.sweetpacks.com/?src=6&q={searchTerms}&st=12&crg=3.5000006.10045&barid={27AD4671-CCAA-11E2-9815-001A92405806}",Found [l.2757] : urls_to_restore_on_startup = [ "hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10045&barid={27AD4671-CCAA-11E2-9815-001A92405806}" ]*************************AdwCleaner[R1].txt - [6527 octets] - [09/06/2013 12:27:50]########## EOF - C:\AdwCleaner[R1].txt - [6587 octets] ########## Link to post Share on other sites More sharing options...
Buddahass Posted June 9, 2013 Author ID:689277 Share Posted June 9, 2013 # AdwCleaner v2.303 - Logfile created 06/09/2013 at 12:27:50# Updated 08/06/2013 by Xplode# Operating system : Windows Vista Home Premium Service Pack 1 (32 bits)# User : mafineart - MAFINEART-PC# Boot Mode : Normal# Running from : C:\Users\mafineart\Desktop\AdwCleaner.exe# Option [search]***** [services] ********** [Files / Folders] *****File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnkFile Found : C:\Users\Public\Desktop\eBay.lnkFolder Found : C:\Program Files\SweetIMFolder Found : C:\Users\mafineart\AppData\LocalLow\SweetIM***** [Registry] *****Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{DD85D6BF-4787-4A93-99A5-3F0CF0AE8834}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}Key Found : HKLM\Software\Classes\Installer\Features\FB6D58DD787439A4995AF3C00FEA8843Key Found : HKLM\Software\Classes\Installer\Products\FB6D58DD787439A4995AF3C00FEA8843Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37DKey Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239EKey Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EAKey Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33EDKey Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351CKey Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10DKey Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FB6D58DD787439A4995AF3C00FEA8843Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DD85D6BF-4787-4A93-99A5-3F0CF0AE8834}Key Found : HKLM\SOFTWARE\SoftwareKey Found : HKU\S-1-5-21-4196601509-315295840-2269700814-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]***** [internet Browsers] *****-\\ Internet Explorer v7.0.6001.18639[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10045&barid={27AD4671-CCAA-11E2-9815-001A92405806}-\\ Google Chrome v27.0.1453.110File : C:\Users\mafineart\AppData\Local\Google\Chrome\User Data\Default\PreferencesFound [l.66] : search_url = "hxxp://start.sweetpacks.com/?src=6&q={searchTerms}&st=12&crg=3.5000006.10045&barid={27AD4671-CCAA-11E2-9815-001A92405806}",Found [l.2757] : urls_to_restore_on_startup = [ "hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10045&barid={27AD4671-CCAA-11E2-9815-001A92405806}" ]*************************AdwCleaner[R1].txt - [6527 octets] - [09/06/2013 12:27:50]########## EOF - C:\AdwCleaner[R1].txt - [6587 octets] ########## Link to post Share on other sites More sharing options...
Buddahass Posted June 9, 2013 Author ID:689280 Share Posted June 9, 2013 Arrgh...double post..... no edit functionality? Link to post Share on other sites More sharing options...
Buddahass Posted June 9, 2013 Author ID:689285 Share Posted June 9, 2013 The log is presented prior to "delete" found items, should I do so? Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted June 9, 2013 ID:689324 Share Posted June 9, 2013 Yes, go ahead and delete those items. Afterwards, please reboot and post a new log (don't delete any items this time). Link to post Share on other sites More sharing options...
Recommended Posts