Jump to content

SweetPacks Has a Sticky Residue


Recommended Posts

Despite its effects on Chrome, I realized this wasn't just any unsolicited, run of the mill toolbar, when uninstalling it prompted a response stating ( in so many words) the Administrator has chosen settings to keep it.

Any help to do otherwise would be greatly appreciated.

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 7.0.6001.18639

Run by mafineart at 13:11:40 on 2013-06-05

Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.894.148 [GMT -7:00]

.

AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

.

============== Running Processes ================

.

C:\PROGRA~1\AVG\AVG2013\avgrsx.exe

C:\Program Files\AVG\AVG2013\avgcsrvx.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\SLsvc.exe

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\AVG\AVG2013\avgidsagent.exe

C:\Program Files\AVG\AVG2013\avgwdsvc.exe

c:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Windows\system32\DRIVERS\xaudio.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files\AVG\AVG2013\avgnsx.exe

C:\Program Files\AVG\AVG2013\avgemcx.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\hp\support\hpsysdrv.exe

C:\hp\KBD\kbd.exe

C:\WINDOWS\RtHDVCpl.exe

C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files\AVG\AVG2013\avgui.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\Program Files\Adobe\Photoshop 7.0\Photoshop.exe

C:\Windows\System32\wsqmcons.exe

C:\Program Files\Windows Mail\WinMail.exe

C:\Program Files\AVG\AVG2013\avgcsrvx.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://google.com/

mStart Page = hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10045&barid={27AD4671-CCAA-11E2-9815-001A92405806}

mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=71&bd=Pavilion&pf=desktop

BHO: Yahoo! Toolbar Helper: {02478D38-C3F9-4EFB-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll

BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll

BHO: SweetPacks Browser Helper: {EEE6C35C-6118-11DC-9C72-001320C79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll

TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll

TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll

TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll

uRun: [HPAdvisor] c:\program files\hewlett-packard\hp advisor\HPAdvisor.exe

mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide

mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe

mRun: [KBD] c:\hp\kbd\KBD.EXE

mRun: [RtHDVCpl] RtHDVCpl.exe

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY

mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon

mRun: [CanonSolutionMenuEx] c:\program files\canon\solution menu ex\CNSEMAIN.EXE /logon

mRunOnce: [Launcher] c:\windows\sminst\launcher.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe

mPolicies-System: EnableUIADesktopToggle = dword:0

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

TCP: NameServer = 209.18.47.61 209.18.47.62

TCP: Interfaces\{65CB202F-C53A-47EC-A58C-BF660DF2134C} : DHCPNameServer = 209.18.47.61 209.18.47.62

LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\27.0.1453.94\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-2-8 60216]

R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-2-8 245048]

R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-2-8 96568]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-2-8 39224]

R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-3-29 208184]

R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-3-1 22328]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-2-8 170808]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-3-21 182072]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-5-14 4937264]

R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-4-18 283136]

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-6-4 418376]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-6-4 22856]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-6-4 701512]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2013-06-04 21:13:33 -------- d-----w- c:\users\mafineart\appdata\roaming\Malwarebytes

2013-06-04 21:13:25 -------- d-----w- c:\programdata\Malwarebytes

2013-06-04 21:13:18 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-06-04 21:13:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2013-06-04 00:06:46 306688 ----a-w- c:\windows\IsUninst.exe

2013-06-04 00:03:53 -------- d-----w- c:\program files\SweetIM

2013-06-04 00:03:31 -------- d-----w- c:\users\mafineart\appdata\local\ExtractNow

2013-06-04 00:03:31 -------- d-----w- c:\program files\ExtractNow

2013-06-03 20:47:44 -------- d-----w- C:\AdobeTemp

2013-05-31 23:27:08 231936 ----a-w- c:\windows\system32\msshsq.dll

2013-05-31 20:59:10 -------- d-----w- c:\users\mafineart\appdata\roaming\uTorrent

2013-05-31 10:30:30 80896 ----a-w- c:\windows\system32\MSNP.ax

2013-05-31 10:30:23 293376 ----a-w- c:\windows\system32\psisdecd.dll

2013-05-31 10:30:22 217088 ----a-w- c:\windows\system32\psisrndr.ax

2013-05-31 10:21:10 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll

2013-05-31 10:21:10 295264 ----a-w- c:\windows\system32\PresentationHost.exe

2013-05-31 10:21:09 49472 ----a-w- c:\windows\system32\netfxperf.dll

2013-05-31 10:21:09 297808 ----a-w- c:\windows\system32\mscoree.dll

2013-05-31 10:21:09 1130824 ----a-w- c:\windows\system32\dfshim.dll

2013-05-31 10:08:09 2048 ----a-w- c:\windows\system32\winrsmgr.dll

2013-05-31 10:03:59 1181696 ----a-w- c:\windows\system32\WsmSvc.dll

2013-05-30 23:44:24 49152 ----a-w- c:\windows\system32\csrsrv.dll

2013-05-30 23:44:24 375808 ----a-w- c:\windows\system32\winsrv.dll

2013-05-30 23:43:57 168960 ----a-w- c:\program files\windows media player\wmplayer.exe

2013-05-30 23:43:52 8147456 ----a-w- c:\windows\system32\wmploc.DLL

2013-05-30 23:42:27 125952 ----a-w- c:\windows\system32\srvsvc.dll

2013-05-30 23:42:26 17920 ----a-w- c:\windows\system32\netevent.dll

2013-05-30 23:42:05 501760 ----a-w- c:\windows\system32\usp10.dll

2013-05-30 23:40:58 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll

2013-05-30 23:39:54 304640 ----a-w- c:\windows\system32\drivers\srv.sys

2013-05-30 23:39:47 213504 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys

2013-05-30 23:39:44 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys

2013-05-30 23:39:44 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2013-05-30 23:39:32 86528 ----a-w- c:\windows\system32\dnsrslvr.dll

2013-05-30 23:39:32 25088 ----a-w- c:\windows\system32\dnscacheugc.exe

2013-05-30 23:39:21 67072 ----a-w- c:\windows\system32\asycfilt.dll

2013-05-30 23:39:07 1315840 ----a-w- c:\windows\system32\ole32.dll

2013-05-30 23:39:06 339968 ----a-w- c:\program files\windows nt\accessories\wordpad.exe

2013-05-30 23:39:00 126464 ----a-w- c:\windows\system32\spoolsv.exe

2013-05-30 23:38:57 157184 ----a-w- c:\windows\system32\t2embed.dll

2013-05-30 23:38:49 2042368 ----a-w- c:\windows\system32\win32k.sys

2013-05-30 23:38:35 273408 ----a-w- c:\windows\system32\drivers\afd.sys

2013-05-30 23:37:47 269312 ----a-w- c:\windows\system32\es.dll

2013-05-30 23:37:36 1169408 ----a-w- c:\windows\system32\sdclt.exe

2013-05-30 23:37:11 10926592 ----a-w- c:\program files\movie maker\MOVIEMK.dll

2013-05-30 23:37:09 150016 ----a-w- c:\program files\movie maker\MOVIEMK.exe

2013-05-30 23:37:07 146432 ----a-w- c:\windows\system32\drivers\srv2.sys

2013-05-30 23:37:06 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys

2013-05-30 23:37:04 766464 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll

2013-05-30 23:36:55 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL

2013-05-30 23:36:47 430080 ----a-w- c:\windows\system32\vbscript.dll

2013-05-30 23:36:29 563200 ----a-w- c:\windows\system32\oleaut32.dll

2013-05-30 23:36:21 954752 ----a-w- c:\windows\system32\mfc40.dll

2013-05-30 23:36:20 954288 ----a-w- c:\windows\system32\mfc40u.dll

2013-05-30 23:36:04 36352 ----a-w- c:\windows\system32\rtutils.dll

2013-05-30 23:35:30 28672 ----a-w- c:\windows\system32\Apphlpdm.dll

2013-05-30 23:35:22 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll

2013-05-30 23:35:13 866816 ----a-w- c:\windows\system32\wmpmde.dll

2013-05-30 23:35:10 429056 ----a-w- c:\windows\system32\EncDec.dll

2013-05-30 23:35:09 323072 ----a-w- c:\windows\system32\sbe.dll

2013-05-30 23:35:09 177664 ----a-w- c:\windows\system32\mpg2splt.ax

2013-05-30 23:35:09 153088 ----a-w- c:\windows\system32\sbeio.dll

2013-05-30 23:33:48 1314816 ----a-w- c:\windows\system32\quartz.dll

2013-05-30 23:33:23 603648 ----a-w- c:\windows\system32\schedsvc.dll

2013-05-30 23:33:22 357376 ----a-w- c:\windows\system32\taskschd.dll

2013-05-30 23:33:21 345088 ----a-w- c:\windows\system32\wmicmiplugin.dll

2013-05-30 23:33:20 270336 ----a-w- c:\windows\system32\taskcomp.dll

2013-05-30 23:33:20 171520 ----a-w- c:\windows\system32\taskeng.exe

2013-05-30 23:33:15 738816 ----a-w- c:\windows\system32\inetcomm.dll

2013-05-30 23:33:08 81920 ----a-w- c:\windows\system32\consent.exe

2013-05-30 23:32:53 1257472 ----a-w- c:\windows\system32\msxml3.dll

2013-05-30 23:32:47 147456 ----a-w- c:\windows\system32\Faultrep.dll

2013-05-30 23:32:47 125952 ----a-w- c:\windows\system32\wersvc.dll

2013-05-30 23:32:44 565248 ----a-w- c:\windows\system32\emdmgmt.dll

2013-05-30 23:32:43 625152 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2013-05-30 23:32:43 45056 ----a-w- c:\windows\system32\dataclen.dll

2013-05-30 23:32:42 36864 ----a-w- c:\windows\system32\cdd.dll

2013-05-30 23:32:42 148480 ----a-w- c:\windows\system32\drivers\nwifi.sys

2013-05-30 23:32:36 2048 ----a-w- c:\windows\system32\tzres.dll

2013-05-30 23:31:35 90112 ----a-w- c:\windows\system32\wshext.dll

2013-05-30 23:31:35 180224 ----a-w- c:\windows\system32\scrobj.dll

2013-05-30 23:31:35 172032 ----a-w- c:\windows\system32\scrrun.dll

2013-05-30 23:31:35 155648 ----a-w- c:\windows\system32\wscript.exe

2013-05-30 23:31:35 135168 ----a-w- c:\windows\system32\wshom.ocx

2013-05-30 23:31:35 135168 ----a-w- c:\windows\system32\cscript.exe

2013-05-30 23:31:19 2067456 ----a-w- c:\windows\system32\mstscax.dll

2013-05-30 23:31:17 677888 ----a-w- c:\windows\system32\mstsc.exe

2013-05-30 23:31:09 898952 ----a-w- c:\windows\system32\drivers\tcpip.sys

2013-05-30 23:30:56 531968 ----a-w- c:\windows\system32\comctl32.dll

2013-05-30 23:18:43 276992 ----a-w- c:\windows\system32\schannel.dll

2013-05-30 22:38:22 303104 ----a-w- c:\windows\system32\CNMXLMAN.DLL

2013-05-30 22:38:03 -------- d--h--w- c:\programdata\CanonIJFAX

2013-05-30 22:36:02 -------- d-----w- c:\program files\common files\CANON

2013-05-30 22:35:50 -------- d-----w- c:\programdata\CanonIJWSpt

2013-05-30 22:34:30 74752 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\CNMPPAN.DLL

2013-05-30 22:34:30 28672 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\CNMPDAN.DLL

2013-05-30 22:32:35 315392 ----a-w- c:\windows\system32\CNC880L.dll

2013-05-30 22:32:35 1347584 ----a-w- c:\windows\system32\CNC880C.dll

2013-05-30 22:32:35 114688 ----a-w- c:\windows\system32\CNC880I.dll

2013-05-30 22:32:35 106496 ----a-w- c:\windows\system32\CNC880U.dll

2013-05-30 22:32:34 15872 ----a-w- c:\windows\system32\CNHMCA.dll

2013-05-30 22:29:51 303104 ----a-w- c:\windows\system32\CNMLMAN.DLL

2013-05-30 22:29:08 257024 ----a-w- c:\windows\system32\CNCALAN.DLL

2013-05-30 22:29:04 94208 ----a-w- c:\windows\system32\CNC880O.dll

2013-05-30 22:29:02 180224 ----a-w- c:\windows\system32\CNMIUAN.DLL

2013-05-30 22:28:40 34816 ----a-w- c:\windows\system32\CNMNPUI.DLL

2013-05-30 22:28:40 -------- d-----w- c:\windows\system32\STRING

2013-05-30 22:26:07 -------- d-----w- c:\program files\Canon

2013-05-30 18:05:17 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-05-30 18:05:17 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-05-30 15:00:11 -------- d-----w- C:\PerfLogs

2013-05-30 14:53:09 98304 ----a-w- c:\windows\RTKAUDIOSERVICE.EXE

2013-05-30 14:32:08 47560 ----a-w- c:\windows\system32\SPReview.exe

2013-05-30 14:32:07 152576 ----a-w- c:\windows\system32\SPWizUI.dll

2013-05-30 14:07:32 193024 ----a-w- c:\windows\system32\recdisc.exe

2013-05-30 14:07:30 6656 ----a-w- c:\windows\system32\sdspres.dll

2013-05-30 14:07:11 599552 ----a-w- c:\windows\system32\vsp1cln.exe

2013-05-30 14:07:08 28160 ----a-w- c:\windows\system32\sxproxy.dll

2013-05-30 14:07:07 142336 ----a-w- c:\windows\system32\spp.dll

2013-05-30 14:05:59 97792 ----a-w- c:\windows\system32\cryptnet.dll

2013-05-30 14:04:59 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll

2013-05-30 14:02:40 44032 ----a-w- c:\windows\system32\cbsra.exe

2013-05-30 13:57:36 -------- d-----w- C:\2f11ee228e24c198718f2cd121456559

2013-05-30 13:09:21 -------- d-----w- c:\windows\CheckSur

2013-05-30 12:11:40 -------- d-----w- c:\users\mafineart\New Pics

2013-05-30 12:10:32 -------- d-----w- c:\users\mafineart\Gregs Place

2013-05-30 12:09:57 -------- d-----w- c:\users\mafineart\JNCASE

2013-05-30 11:56:37 -------- d-----w- c:\users\mafineart\Accounts

2013-05-30 11:24:40 -------- d-----w- c:\users\mafineart\Images

2013-05-30 11:23:19 -------- d-----w- c:\users\mafineart\appdata\local\Adobe

2013-05-30 10:34:57 -------- d-----w- C:\System Recovery files

2013-05-30 10:19:39 -------- d-----w- c:\users\mafineart\backup files

2013-05-30 09:51:15 532480 ----a-w- c:\windows\system32\RTSndMgr.cpl

2013-05-30 09:51:14 636416 ----a-w- c:\windows\system32\RtkPgExt.dll

2013-05-30 09:51:14 4874240 ----a-w- c:\windows\RtHDVCpl.exe

2013-05-30 09:51:14 29696 ----a-w- c:\windows\system32\RtkCoInst.dll

2013-05-30 09:51:14 2156544 ----a-w- c:\windows\system32\RtkAPO.dll

2013-05-30 09:51:14 2047576 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys

2013-05-30 09:51:14 1191936 ----a-w- c:\windows\RtlUpd.exe

2013-05-30 09:51:12 315392 ----a-w- c:\windows\HideWin.exe

2013-05-30 09:50:54 -------- d-----w- c:\users\mafineart\appdata\roaming\WinBatch

2013-05-30 09:35:08 -------- d-----w- C:\swsetup

2013-05-30 09:04:28 71680 ----a-w- c:\windows\system32\atl.dll

2013-05-30 08:48:36 28672 ----a-w- c:\windows\system32\FwRemoteSvr.dll

2013-05-30 08:48:35 61440 ----a-w- c:\windows\system32\winipsec.dll

2013-05-30 08:48:35 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL

2013-05-30 08:48:35 272896 ----a-w- c:\windows\system32\polstore.dll

2013-05-30 08:46:26 23040 ----a-w- c:\program files\movie maker\WMM2EXT.dll

2013-05-30 08:46:25 195072 ----a-w- c:\program files\movie maker\WMM2AE.dll

2013-05-30 06:45:37 4984 ----a-w- c:\windows\system32\drivers\nvphy.bin

2013-05-30 06:09:12 -------- d-----w- c:\users\mafineart\appdata\local\Google

2013-05-30 06:08:57 -------- d-----w- c:\users\mafineart\appdata\local\Apps

2013-05-30 06:08:56 -------- d-----w- c:\users\mafineart\appdata\local\Deployment

2013-05-30 05:44:46 -------- d-----w- c:\programdata\ErrorEND

2013-05-30 04:22:27 23552 ----a-w- c:\windows\system32\lpk.dll

2013-05-30 04:22:27 10240 ----a-w- c:\windows\system32\dciman32.dll

2013-05-30 04:19:57 72704 ----a-w- c:\windows\system32\admparse.dll

2013-05-30 04:19:50 48128 ----a-w- c:\windows\system32\mshtmler.dll

2013-05-30 04:19:44 129536 ----a-w- c:\program files\internet explorer\sqmapi.dll

2013-05-30 04:15:41 94720 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll

2013-05-30 04:15:41 241152 ----a-w- c:\windows\system32\PortableDeviceApi.dll

2013-05-30 04:15:41 160768 ----a-w- c:\windows\system32\PortableDeviceTypes.dll

2013-05-30 04:13:35 11264 ----a-w- c:\windows\system32\MRINFO.EXE

2013-05-30 04:13:34 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE

2013-05-30 04:13:34 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE

2013-05-30 04:13:34 27136 ----a-w- c:\windows\system32\NETSTAT.EXE

2013-05-30 04:13:34 19968 ----a-w- c:\windows\system32\ARP.EXE

2013-05-30 04:13:34 17920 ----a-w- c:\windows\system32\ROUTE.EXE

2013-05-30 04:13:34 104960 ----a-w- c:\windows\system32\netiohlp.dll

2013-05-30 04:13:34 10240 ----a-w- c:\windows\system32\finger.exe

2013-05-30 04:10:38 127488 ----a-w- c:\windows\system32\L2SecHC.dll

2013-05-30 04:10:37 68096 ----a-w- c:\windows\system32\wlanhlp.dll

2013-05-30 04:10:37 64512 ----a-w- c:\windows\system32\wlanapi.dll

2013-05-30 04:10:37 293376 ----a-w- c:\windows\system32\wlanmsm.dll

2013-05-30 04:10:36 513024 ----a-w- c:\windows\system32\wlansvc.dll

2013-05-30 04:10:36 302592 ----a-w- c:\windows\system32\wlansec.dll

2013-05-30 04:10:36 15181 ----a-w- c:\windows\system32\gatherWirelessInfo.vbs

2013-05-30 04:09:41 2048 ----a-w- c:\windows\system32\msxml3r.dll

2013-05-30 04:09:40 1399296 ----a-w- c:\windows\system32\msxml6.dll

2013-05-30 04:09:39 2048 ----a-w- c:\windows\system32\msxml6r.dll

2013-05-30 04:08:45 213504 ----a-w- c:\windows\system32\msv1_0.dll

2013-05-30 04:06:06 98816 ----a-w- c:\windows\system32\mfps.dll

2013-05-30 04:06:06 2868224 ----a-w- c:\windows\system32\mf.dll

2013-05-30 04:06:05 53248 ----a-w- c:\windows\system32\rrinstaller.exe

2013-05-30 04:06:05 24576 ----a-w- c:\windows\system32\mfpmp.exe

2013-05-30 04:06:05 2048 ----a-w- c:\windows\system32\mferror.dll

2013-05-30 03:59:52 296960 ----a-w- c:\windows\system32\gdi32.dll

2013-05-30 03:57:16 562176 ----a-w- c:\windows\system32\msdtcprx.dll

2013-05-30 03:57:16 38912 ----a-w- c:\windows\system32\xolehlp.dll

2013-05-30 03:56:33 160256 ----a-w- c:\windows\system32\wkssvc.dll

2013-05-30 03:55:42 53248 ----a-w- c:\windows\system32\tsgqec.dll

2013-05-30 03:55:42 136192 ----a-w- c:\windows\system32\aaclient.dll

2013-05-30 03:54:56 303616 ----a-w- c:\windows\system32\wmpeffects.dll

2013-05-30 03:52:45 714240 ----a-w- c:\windows\system32\timedate.cpl

2013-05-30 03:46:35 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax

2013-05-30 03:46:35 57856 ----a-w- c:\windows\system32\MSDvbNP.ax

2013-05-30 03:43:37 636928 ----a-w- c:\windows\system32\localspl.dll

2013-05-30 03:41:10 2927104 ----a-w- c:\windows\explorer.exe

2013-05-30 03:39:37 499712 ----a-w- c:\windows\system32\kerberos.dll

2013-05-30 03:39:36 9728 ----a-w- c:\windows\system32\lsass.exe

2013-05-30 03:39:36 72704 ----a-w- c:\windows\system32\secur32.dll

2013-05-30 03:39:36 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2013-05-30 03:39:36 175104 ----a-w- c:\windows\system32\wdigest.dll

2013-05-30 03:39:36 1256448 ----a-w- c:\windows\system32\lsasrv.dll

2013-05-30 03:36:59 1452544 ----a-w- c:\windows\system32\NlsLexicons0003.dll

2013-05-30 03:33:43 6656 ----a-w- c:\windows\system32\kbd106n.dll

2013-05-30 03:33:34 988216 ----a-w- c:\windows\system32\winload.exe

2013-05-30 03:33:34 927288 ----a-w- c:\windows\system32\winresume.exe

2013-05-30 03:33:33 40960 ----a-w- c:\windows\system32\srclient.dll

2013-05-30 03:33:33 378368 ----a-w- c:\windows\system32\srcore.dll

2013-05-30 03:33:33 318464 ----a-w- c:\windows\system32\rstrui.exe

2013-05-30 03:33:33 14848 ----a-w- c:\windows\system32\srdelayed.exe

2013-05-30 03:33:32 19000 ----a-w- c:\windows\system32\kd1394.dll

2013-05-30 03:33:31 46592 ----a-w- c:\windows\system32\setbcdlocale.dll

2013-05-30 03:33:30 615992 ----a-w- c:\windows\system32\ci.dll

2013-05-30 03:32:16 551424 ----a-w- c:\windows\system32\rpcss.dll

2013-05-30 03:32:15 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll

2013-05-30 03:32:14 666624 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe

2013-05-30 03:32:13 615424 ----a-w- c:\windows\system32\wbem\fastprox.dll

2013-05-30 03:32:13 499200 ----a-w- c:\windows\system32\wbem\WmiPrvSD.dll

2013-05-30 03:32:13 247296 ----a-w- c:\windows\system32\wbem\WmiPrvSE.exe

2013-05-30 03:32:13 129024 ----a-w- c:\windows\system32\wbem\WmiDcPrv.dll

2013-05-30 03:32:12 54784 ----a-w- c:\windows\system32\iasads.dll

2013-05-30 03:32:12 44032 ----a-w- c:\windows\system32\iasdatastore.dll

2013-05-30 03:32:12 17408 ----a-w- c:\windows\system32\iashost.exe

2013-05-30 03:32:11 98304 ----a-w- c:\windows\system32\iasrecst.dll

2013-05-30 03:32:11 183296 ----a-w- c:\windows\system32\sdohlp.dll

2013-05-30 03:31:37 62464 ----a-w- c:\windows\system32\l3codeca.acm

2013-05-30 03:31:37 220672 ----a-w- c:\windows\system32\l3codecp.acm

2013-05-30 03:30:31 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys

2013-05-30 03:30:31 190464 ----a-w- c:\windows\system32\iphlpsvc.dll

2013-05-30 03:30:31 15360 ----a-w- c:\windows\system32\drivers\TUNMP.SYS

2013-05-30 03:29:27 454656 ----a-w- c:\program files\common files\system\msadc\msadce.dll

2013-05-30 03:28:27 24064 ----a-w- c:\windows\system32\amxread.dll

2013-05-30 03:28:27 13824 ----a-w- c:\windows\system32\apilogen.dll

2013-05-30 03:27:05 425472 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll

2013-05-30 03:27:04 712704 ----a-w- c:\windows\system32\WindowsCodecs.dll

2013-05-30 03:27:03 347136 ----a-w- c:\windows\system32\WindowsCodecsExt.dll

2013-05-30 03:24:50 443392 ----a-w- c:\windows\system32\win32spl.dll

2013-05-30 03:24:50 37888 ----a-w- c:\windows\system32\printcom.dll

2013-05-30 03:24:08 14848 ----a-w- c:\windows\system32\wshrm.dll

2013-05-30 03:24:08 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys

2013-05-30 03:23:18 43520 ----a-w- c:\windows\system32\msdxm.tlb

2013-05-30 03:23:18 313344 ----a-w- c:\windows\system32\wmpdxm.dll

2013-05-30 03:23:18 18432 ----a-w- c:\windows\system32\amcompat.tlb

2013-05-30 03:22:42 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe

2013-05-30 03:22:42 329216 ----a-w- c:\windows\system32\msdrm.dll

2013-05-30 03:22:42 151040 ----a-w- c:\windows\system32\secproc_ssp.dll

2013-05-30 03:22:41 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe

2013-05-30 03:22:41 151040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll

2013-05-30 03:22:40 511488 ----a-w- c:\windows\system32\RMActivate.exe

2013-05-30 03:22:40 472064 ----a-w- c:\windows\system32\secproc.dll

2013-05-30 03:22:39 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe

2013-05-30 03:22:39 472576 ----a-w- c:\windows\system32\secproc_isv.dll

2013-05-30 03:19:54 634656 ----a-w- c:\windows\system32\nvvsvc.exe

2013-05-30 03:19:54 62752 ----a-w- c:\windows\system32\nvshext.dll

2013-05-30 03:19:53 2557728 ----a-w- c:\windows\system32\nvsvcr.dll

2013-05-30 03:18:51 53024 ----a-w- c:\windows\system32\OpenCL.dll

2013-05-30 03:17:06 -------- d-----w- c:\programdata\NVIDIA Corporation

2013-05-30 03:16:46 -------- d-----w- c:\program files\NVIDIA Corporation

2013-05-30 03:05:53 622080 ----a-w- c:\windows\system32\icardagt.exe

2013-05-30 03:05:52 97800 ----a-w- c:\windows\system32\infocardapi.dll

2013-05-30 03:05:52 37384 ----a-w- c:\windows\system32\infocardcpl.cpl

2013-05-30 03:05:52 11264 ----a-w- c:\windows\system32\icardres.dll

2013-05-30 03:05:38 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll

2013-05-30 03:05:33 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll

2013-05-30 02:43:10 158720 ----a-w- c:\windows\system32\mscorier.dll

2013-05-30 02:43:09 83968 ----a-w- c:\windows\system32\mscories.dll

2013-05-29 12:15:18 1695744 ----a-w- c:\windows\system32\gameux.dll

2013-05-29 12:14:42 94720 ----a-w- c:\windows\system32\logagent.exe

2013-05-29 12:14:41 996352 ----a-w- c:\windows\system32\WMNetMgr.dll

2013-05-29 12:13:55 84480 ----a-w- c:\windows\system32\INETRES.dll

2013-05-29 12:02:49 61440 ----a-w- c:\windows\system32\msasn1.dll

2013-05-29 12:02:28 1645568 ----a-w- c:\windows\system32\connect.dll

2013-05-29 12:01:45 784896 ----a-w- c:\windows\system32\rpcrt4.dll

2013-05-29 12:00:41 281600 ----a-w- c:\windows\system32\raschap.dll

2013-05-29 12:00:40 244224 ----a-w- c:\windows\system32\rastls.dll

2013-05-29 12:00:20 351232 ----a-w- c:\windows\system32\WSDApi.dll

2013-05-29 11:58:39 91136 ----a-w- c:\windows\system32\avifil32.dll

2013-05-29 11:58:39 82944 ----a-w- c:\windows\system32\mciavi32.dll

2013-05-29 11:58:39 65024 ----a-w- c:\windows\system32\avicap32.dll

2013-05-29 11:58:39 31744 ----a-w- c:\windows\system32\msvidc32.dll

2013-05-29 11:58:39 13312 ----a-w- c:\windows\system32\msrle32.dll

2013-05-29 11:58:39 123904 ----a-w- c:\windows\system32\msvfw32.dll

2013-05-29 11:58:37 50176 ----a-w- c:\windows\system32\iyuv_32.dll

2013-05-29 11:58:37 22528 ----a-w- c:\windows\system32\msyuv.dll

2013-05-29 11:58:37 11776 ----a-w- c:\windows\system32\tsbyuv.dll

2013-05-29 11:58:03 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL

2013-05-29 11:57:06 7680 ----a-w- c:\windows\system32\spwmp.dll

2013-05-29 11:57:06 107520 ----a-w- c:\program files\windows media player\wmpshare.exe

2013-05-29 11:57:05 4096 ----a-w- c:\windows\system32\msdxm.ocx

2013-05-29 11:57:05 4096 ----a-w- c:\windows\system32\dxmasf.dll

2013-05-29 11:57:05 107520 ----a-w- c:\program files\windows media player\wmpconfig.exe

2013-05-29 11:56:58 1418752 ----a-w- c:\program files\windows media player\setup_wm.exe

2013-05-29 11:56:57 310784 ----a-w- c:\windows\system32\unregmp2.exe

2013-05-29 11:31:56 -------- d-----w- c:\users\mafineart\appdata\roaming\AVG2013

2013-05-29 11:29:51 -------- d-----w- c:\users\mafineart\appdata\roaming\TuneUp Software

2013-05-29 11:27:29 -------- d--h--w- C:\$AVG

2013-05-29 11:27:29 -------- d-----w- c:\programdata\AVG2013

2013-05-29 11:23:53 -------- d-----w- c:\program files\AVG

2013-05-29 11:19:57 -------- d--h--w- c:\programdata\Common Files

2013-05-29 11:19:56 -------- d-----w- c:\users\mafineart\appdata\local\MFAData

2013-05-29 11:19:56 -------- d-----w- c:\users\mafineart\appdata\local\Avg2013

2013-05-29 11:19:56 -------- d-----w- c:\programdata\MFAData

2013-05-29 10:15:54 171520 ----a-w- c:\windows\system32\wintrust.dll

2013-05-29 10:15:26 98304 ----a-w- c:\windows\system32\cabview.dll

2013-05-29 10:14:10 411136 ----a-w- c:\windows\system32\drivers\http.sys

2013-05-29 10:14:10 31232 ----a-w- c:\windows\system32\httpapi.dll

2013-05-29 10:14:09 24064 ----a-w- c:\windows\system32\nshhttp.dll

2013-05-29 10:05:59 -------- d-----w- c:\program files\MSXML 4.0

2013-05-29 09:51:49 -------- d-----w- c:\users\mafineart\appdata\local\WindowsUpdate

2013-05-29 09:13:47 -------- d-----w- c:\users\mafineart\appdata\local\Hewlett-Packard

2013-05-29 07:16:40 -------- d-----w- c:\windows\system32\oem

2013-05-29 06:47:16 -------- d-----w- c:\users\mafineart\appdata\local\VirtualStore

2013-05-29 06:30:36 -------- d-sh--we C:\Documents and Settings

.

==================== Find3M ====================

.

2013-05-30 14:43:29 101888 ----a-w- c:\windows\system32\ifxcardm.dll

2013-05-30 14:43:13 82432 ----a-w- c:\windows\system32\axaltocm.dll

2013-05-30 09:51:17 319456 ----a-w- c:\windows\DIFxAPI.dll

2013-05-30 03:36:59 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll

2013-05-30 03:28:27 40960 ----a-w- c:\windows\apppatch\apihex86.dll

2013-05-29 12:15:33 2560 ----a-w- c:\windows\apppatch\AcRes.dll

2013-03-29 09:53:48 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys

2013-03-21 10:08:24 182072 ----a-w- c:\windows\system32\drivers\avgtdix.sys

.

============= FINISH: 13:13:34.02 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft® Windows Vista™ Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 5/28/2013 11:22:46 PM

System Uptime: 6/5/2013 12:16:13 PM (1 hours ago)

.

Motherboard: ASUSTek Computer INC. | | NODUSM3

Processor: AMD Athlon 64 X2 Dual Core Processor 4200+ | Socket AM2 | 2000/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 292 GiB total, 208.833 GiB free.

D: is FIXED (NTFS) - 6 GiB total, 0.877 GiB free.

E: is CDROM (CDFS)

F: is Removable

G: is Removable

H: is Removable

I: is Removable

J: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

.

==== Installed Programs ======================

.

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Media Player

Adobe Photoshop 7.0

Adobe Reader 7.0.8

AutoUpdate

AVG 2013

Canon MP Navigator EX 4.1

Canon MX880 series MP Drivers

Canon MX880 series User Registration

Canon My Printer

Canon Solution Menu EX

DivX

Enhanced Multimedia Keyboard Solution

ExtractNow

Google Chrome

Google Update Helper

Hardware Diagnostic Tools

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

HP Connections (remove only)

HP Customer Experience Enhancements

HP Customer Feedback

HP Easy Setup - Core

HP Easy Setup - Frontend

HP Picasso Media Center Add-In

HP Product Detection

HP Update

Internet Explorer Toolbar 4.8 by SweetPacks

LightScribe 1.4.124.1

Malwarebytes Anti-Malware version 1.75.0.1300

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Works

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

muvee autoProducer 5.0

My HP Games

NVIDIA Control Panel 307.83

NVIDIA Drivers

NVIDIA Graphics Driver 307.83

NVIDIA Install Application

NVIDIA Update 1.10.8

NVIDIA Update Components

OcxSetup

Python 2.4.3

Realtek High Definition Audio Driver

Roxio Creator Audio

Roxio Creator Basic v9

Roxio Creator Copy

Roxio Creator Data

Roxio Creator EasyArchive

Roxio Creator Tools

Roxio Express Labeler 3

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Soft Data Fax Modem with SmartCP

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Yahoo! Toolbar

Yahoo! Toolbar for Internet Explorer

.

==== End Of File ===========================

Link to post
Share on other sites

Hello Buddahass and welcome to Malwarebytes!

I am D-FRED-BROWN and I will be helping you. :)

Please print or save this topic. It will make it easier for you to follow the instructions and complete all of the necessary steps.

----------Step 1----------------

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!

  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

----------Step 2----------------

Please download Malwarebytes Anti-Rootkit from HERE

  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt

----------Step 3----------------

Please download ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingc...to-use-combofix

***IMPORTANT: save ComboFix to your Desktop***

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please go here to see a list of programs that should be disabled.

**Note: Do not mouseclick ComboFix's window while it's running. That may cause it to stall**

Please include the C:\ComboFix.txt in your next reply for further review.

NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.

----------Step 4----------------

Please download Security Check by screen317 from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

----------Step 5----------------

In your next reply, please include the following:

  • TDSSKiller's logfile
  • MBAR mbar-log.txt and system-log.txt
  • ComboFix's report (C:\ComboFix.txt)
  • Security Check checkup.txt

After that, please let me know: How is your computer running now? Do you have any questions or concerns you'd like me to address? Don't hesitate to ask. :)

-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Note:

Please make sure you are subscribed to this topic: Click on the "Follow This Topic" Button (at the top right of this page), make sure that the "Receive notification" box is checked and that it is set to "Instantly"

-------> Your topic will be closed if you haven't replied within 3 days! <--------

(If I don't respond within 24 hours, please send me a PM)

-DFB

Link to post
Share on other sites

Thanks D-FRED for your assistance, I posted here as it was the only forum I could find, that seemed to have any experience defeating it.

I'm not sure if these did however, but as requested, the results are posted below.

00:57:16.0878 5368 TDSS rootkit removing tool 2.8.17.0 Apr 11 2013 11:56:34

00:57:17.0658 5368 ============================================================

00:57:17.0658 5368 Current date / time: 2013/06/07 00:57:17.0658

00:57:17.0673 5368 SystemInfo:

00:57:17.0673 5368

00:57:17.0673 5368 OS Version: 6.0.6001 ServicePack: 1.0

00:57:17.0673 5368 Product type: Workstation

00:57:17.0673 5368 ComputerName: MAFINEART-PC

00:57:17.0673 5368 UserName: mafineart

00:57:17.0673 5368 Windows directory: C:\Windows

00:57:17.0673 5368 System windows directory: C:\Windows

00:57:17.0673 5368 Processor architecture: Intel x86

00:57:17.0673 5368 Number of processors: 2

00:57:17.0673 5368 Page size: 0x1000

00:57:17.0673 5368 Boot type: Normal boot

00:57:17.0673 5368 ============================================================

00:57:18.0469 5368 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

00:57:18.0562 5368 Drive \Device\Harddisk5\DR5 - Size: 0x3BA800000 (14.91 Gb), SectorSize: 0x200, Cylinders: 0x79A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

00:57:18.0578 5368 ============================================================

00:57:18.0578 5368 \Device\Harddisk0\DR0:

00:57:18.0578 5368 MBR partitions:

00:57:18.0578 5368 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x247A9091

00:57:18.0578 5368 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x247A90D0, BlocksNum 0xC845F1

00:57:18.0578 5368 \Device\Harddisk5\DR5:

00:57:18.0578 5368 MBR partitions:

00:57:18.0578 5368 \Device\Harddisk5\DR5\Partition1: MBR, Type 0xC, StartLBA 0x1F80, BlocksNum 0x1DD2080

00:57:18.0578 5368 ============================================================

00:57:18.0672 5368 C: <-> \Device\Harddisk0\DR0\Partition1

00:57:18.0796 5368 D: <-> \Device\Harddisk0\DR0\Partition2

00:57:18.0796 5368 ============================================================

00:57:18.0796 5368 Initialize success

00:57:18.0796 5368 ============================================================

00:57:37.0532 5452 ============================================================

00:57:37.0532 5452 Scan started

00:57:37.0532 5452 Mode: Manual;

00:57:37.0532 5452 ============================================================

00:57:38.0546 5452 ================ Scan system memory ========================

00:57:38.0546 5452 System memory - ok

00:57:38.0546 5452 ================ Scan services =============================

00:57:38.0733 5452 [ FCB8C7210F0135E24C6580F7F649C73C ] ACPI C:\Windows\system32\drivers\acpi.sys

00:57:38.0764 5452 ACPI - ok

00:57:38.0780 5452 adfs - ok

00:57:38.0842 5452 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys

00:57:38.0858 5452 adp94xx - ok

00:57:38.0905 5452 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys

00:57:38.0920 5452 adpahci - ok

00:57:38.0936 5452 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys

00:57:38.0952 5452 adpu160m - ok

00:57:38.0983 5452 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys

00:57:38.0998 5452 adpu320 - ok

00:57:39.0045 5452 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

00:57:39.0045 5452 AeLookupSvc - ok

00:57:39.0092 5452 [ 48EB99503533C27AC6135648E5474457 ] AFD C:\Windows\system32\drivers\afd.sys

00:57:39.0170 5452 AFD - ok

00:57:39.0201 5452 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys

00:57:39.0217 5452 agp440 - ok

00:57:39.0248 5452 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys

00:57:39.0248 5452 aic78xx - ok

00:57:39.0310 5452 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe

00:57:39.0310 5452 ALG - ok

00:57:39.0342 5452 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys

00:57:39.0357 5452 aliide - ok

00:57:39.0373 5452 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys

00:57:39.0388 5452 amdagp - ok

00:57:39.0420 5452 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys

00:57:39.0420 5452 amdide - ok

00:57:39.0466 5452 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys

00:57:39.0513 5452 AmdK7 - ok

00:57:39.0560 5452 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

00:57:39.0591 5452 AmdK8 - ok

00:57:39.0622 5452 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll

00:57:39.0638 5452 Appinfo - ok

00:57:39.0685 5452 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys

00:57:39.0685 5452 arc - ok

00:57:39.0716 5452 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys

00:57:39.0716 5452 arcsas - ok

00:57:39.0778 5452 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

00:57:39.0778 5452 AsyncMac - ok

00:57:39.0841 5452 [ 2D9C903DC76A66813D350A562DE40ED9 ] atapi C:\Windows\system32\drivers\atapi.sys

00:57:39.0841 5452 atapi - ok

00:57:39.0872 5452 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

00:57:39.0919 5452 AudioEndpointBuilder - ok

00:57:39.0966 5452 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] Audiosrv C:\Windows\System32\Audiosrv.dll

00:57:39.0966 5452 Audiosrv - ok

00:57:40.0246 5452 [ 50185186719134FA8F307D269106A51C ] AVGIDSAgent C:\Program Files\AVG\AVG2013\avgidsagent.exe

00:57:40.0418 5452 AVGIDSAgent - ok

00:57:40.0465 5452 [ 4750A2A188D39034F5DDDDAE1BF38BF8 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys

00:57:40.0480 5452 AVGIDSDriver - ok

00:57:40.0512 5452 [ B0DEF92F4E1E6B9242E6C8FAB82703F7 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys

00:57:40.0527 5452 AVGIDSHX - ok

00:57:40.0543 5452 [ A426B2DC795531D99E2EE1952AEC051A ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys

00:57:40.0558 5452 AVGIDSShim - ok

00:57:40.0574 5452 [ 08FA13787D77A75DC413E27FD92B44E8 ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys

00:57:40.0590 5452 Avgldx86 - ok

00:57:40.0605 5452 [ 3E587EE55C70E6DB78A98D7121D3052E ] Avglogx C:\Windows\system32\DRIVERS\avglogx.sys

00:57:40.0621 5452 Avglogx - ok

00:57:40.0636 5452 [ 5AC56B2CF8EE751796C5A8FC5C631B66 ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys

00:57:40.0652 5452 Avgmfx86 - ok

00:57:40.0668 5452 [ C29E6070396E437FDE184D739CCBA2C7 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys

00:57:40.0668 5452 Avgrkx86 - ok

00:57:40.0699 5452 [ 14370FB29526F593C04FA48B5D69F7F0 ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys

00:57:40.0699 5452 Avgtdix - ok

00:57:40.0746 5452 [ 3A0977CB68AF13E2579E47EB8984056B ] avgwd C:\Program Files\AVG\AVG2013\avgwdsvc.exe

00:57:40.0746 5452 avgwd - ok

00:57:40.0792 5452 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys

00:57:40.0824 5452 Beep - ok

00:57:40.0870 5452 [ 8582E233C346AEFE759833E8A30DD697 ] BFE C:\Windows\System32\bfe.dll

00:57:40.0886 5452 BFE - ok

00:57:40.0917 5452 [ 02ED7B4DBC2A3232A389106DA7515C3D ] BITS C:\Windows\System32\qmgr.dll

00:57:40.0948 5452 BITS - ok

00:57:40.0964 5452 blbdrive - ok

00:57:41.0011 5452 [ 8153396D5551276227FA146900F734E6 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

00:57:41.0042 5452 bowser - ok

00:57:41.0073 5452 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys

00:57:41.0104 5452 BrFiltLo - ok

00:57:41.0120 5452 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys

00:57:41.0182 5452 BrFiltUp - ok

00:57:41.0245 5452 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll

00:57:41.0245 5452 Browser - ok

00:57:41.0260 5452 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys

00:57:41.0307 5452 Brserid - ok

00:57:41.0354 5452 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys

00:57:41.0401 5452 BrSerWdm - ok

00:57:41.0416 5452 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys

00:57:41.0432 5452 BrUsbMdm - ok

00:57:41.0463 5452 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys

00:57:41.0510 5452 BrUsbSer - ok

00:57:41.0572 5452 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys

00:57:41.0604 5452 BTHMODEM - ok

00:57:41.0635 5452 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

00:57:41.0682 5452 cdfs - ok

00:57:41.0697 5452 [ 1EC25CEA0DE6AC4718BF89F9E1778B57 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

00:57:41.0728 5452 cdrom - ok

00:57:41.0775 5452 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] CertPropSvc C:\Windows\System32\certprop.dll

00:57:41.0775 5452 CertPropSvc - ok

00:57:41.0806 5452 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys

00:57:41.0822 5452 circlass - ok

00:57:41.0869 5452 [ 465745561C832B29F7C48B488AAB3842 ] CLFS C:\Windows\system32\CLFS.sys

00:57:41.0900 5452 CLFS - ok

00:57:41.0962 5452 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

00:57:41.0978 5452 clr_optimization_v2.0.50727_32 - ok

00:57:42.0040 5452 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

00:57:42.0103 5452 clr_optimization_v4.0.30319_32 - ok

00:57:42.0150 5452 CLTNetCnService - ok

00:57:42.0181 5452 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys

00:57:42.0212 5452 cmdide - ok

00:57:42.0243 5452 [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt C:\Windows\system32\drivers\compbatt.sys

00:57:42.0243 5452 Compbatt - ok

00:57:42.0259 5452 COMSysApp - ok

00:57:42.0290 5452 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys

00:57:42.0306 5452 crcdisk - ok

00:57:42.0352 5452 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys

00:57:42.0384 5452 Crusoe - ok

00:57:42.0430 5452 [ 6DE363F9F99334514C46AEC02D3E3678 ] CryptSvc C:\Windows\system32\cryptsvc.dll

00:57:42.0430 5452 CryptSvc - ok

00:57:42.0540 5452 [ 301AE00E12408650BADDC04DBC832830 ] DcomLaunch C:\Windows\system32\rpcss.dll

00:57:42.0571 5452 DcomLaunch - ok

00:57:42.0602 5452 [ A3E9FA213F443AC77C7746119D13FEEC ] DfsC C:\Windows\system32\Drivers\dfsc.sys

00:57:42.0602 5452 DfsC - ok

00:57:42.0696 5452 [ FA3463F25F9CC9C3BCF1E7912FEFF099 ] DFSR C:\Windows\system32\DFSR.exe

00:57:42.0836 5452 DFSR - ok

00:57:42.0883 5452 [ 43A988A9C10333476CB5FB667CBD629D ] Dhcp C:\Windows\System32\dhcpcsvc.dll

00:57:42.0898 5452 Dhcp - ok

00:57:42.0930 5452 [ 64109E623ABD6955C8FB110B592E68B7 ] disk C:\Windows\system32\drivers\disk.sys

00:57:42.0945 5452 disk - ok

00:57:42.0976 5452 [ 4805D9A6D281C7A7DEFD9094DEC6AF7D ] Dnscache C:\Windows\System32\dnsrslvr.dll

00:57:42.0992 5452 Dnscache - ok

00:57:43.0039 5452 [ 5AF620A08C614E24206B79E8153CF1A8 ] dot3svc C:\Windows\System32\dot3svc.dll

00:57:43.0039 5452 dot3svc - ok

00:57:43.0070 5452 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll

00:57:43.0070 5452 DPS - ok

00:57:43.0117 5452 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

00:57:43.0132 5452 drmkaud - ok

00:57:43.0179 5452 [ 85F33880B8CFB554BD3D9CCDB486845A ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

00:57:43.0288 5452 DXGKrnl - ok

00:57:43.0335 5452 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys

00:57:43.0382 5452 E1G60 - ok

00:57:43.0413 5452 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll

00:57:43.0413 5452 EapHost - ok

00:57:43.0444 5452 [ DD2CD259D83D8B72C02C5F2331FF9D68 ] Ecache C:\Windows\system32\drivers\ecache.sys

00:57:43.0460 5452 Ecache - ok

00:57:43.0507 5452 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

00:57:43.0522 5452 ehRecvr - ok

00:57:43.0538 5452 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe

00:57:43.0554 5452 ehSched - ok

00:57:43.0569 5452 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll

00:57:43.0569 5452 ehstart - ok

00:57:43.0616 5452 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys

00:57:43.0632 5452 elxstor - ok

00:57:43.0663 5452 [ 70B1A86DF0C8EAD17D2BC332EDAE2C7C ] EMDMgmt C:\Windows\system32\emdmgmt.dll

00:57:43.0678 5452 EMDMgmt - ok

00:57:43.0725 5452 [ 3CB3343D720168B575133A0A20DC2465 ] EventSystem C:\Windows\system32\es.dll

00:57:43.0725 5452 EventSystem - ok

00:57:43.0772 5452 [ 0D858EB20589A34EFB25695ACAA6AA2D ] exfat C:\Windows\system32\drivers\exfat.sys

00:57:43.0803 5452 exfat - ok

00:57:43.0834 5452 [ 3C489390C2E2064563727752AF8EAB9E ] fastfat C:\Windows\system32\drivers\fastfat.sys

00:57:43.0866 5452 fastfat - ok

00:57:43.0897 5452 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys

00:57:43.0897 5452 fdc - ok

00:57:43.0912 5452 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll

00:57:43.0912 5452 fdPHost - ok

00:57:43.0928 5452 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll

00:57:43.0928 5452 FDResPub - ok

00:57:43.0959 5452 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

00:57:43.0959 5452 FileInfo - ok

00:57:43.0975 5452 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys

00:57:43.0990 5452 Filetrace - ok

00:57:44.0022 5452 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

00:57:44.0084 5452 flpydisk - ok

00:57:44.0100 5452 [ 05EA53AFE985443011E36DAB07343B46 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

00:57:44.0100 5452 FltMgr - ok

00:57:44.0162 5452 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

00:57:44.0193 5452 FontCache3.0.0.0 - ok

00:57:44.0224 5452 [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

00:57:44.0271 5452 Fs_Rec - ok

00:57:44.0318 5452 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys

00:57:44.0318 5452 gagp30kx - ok

00:57:44.0334 5452 [ D9F1113D9401185245573350712F92FC ] gpsvc C:\Windows\System32\gpsvc.dll

00:57:44.0349 5452 gpsvc - ok

00:57:44.0396 5452 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe

00:57:44.0412 5452 gupdate - ok

00:57:44.0427 5452 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe

00:57:44.0443 5452 gupdatem - ok

00:57:44.0474 5452 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

00:57:44.0505 5452 HdAudAddService - ok

00:57:44.0521 5452 [ C87B1EE051C0464491C1A7B03FA0BC99 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys

00:57:44.0568 5452 HDAudBus - ok

00:57:44.0583 5452 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys

00:57:44.0614 5452 HidBth - ok

00:57:44.0646 5452 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys

00:57:44.0677 5452 HidIr - ok

00:57:44.0708 5452 [ 8FA640195279ACE21BEA91396A0054FC ] hidserv C:\Windows\system32\hidserv.dll

00:57:44.0708 5452 hidserv - ok

00:57:44.0739 5452 [ 3C64042B95E583B366BA4E5D2450235E ] HidUsb C:\Windows\system32\drivers\hidusb.sys

00:57:44.0755 5452 HidUsb - ok

00:57:44.0770 5452 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll

00:57:44.0786 5452 hkmsvc - ok

00:57:44.0802 5452 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys

00:57:44.0802 5452 HpCISSs - ok

00:57:44.0864 5452 [ 88749FBF8BEB18C90E7D6626C8C1910B ] HSF_DP C:\Windows\system32\DRIVERS\HSX_DP.sys

00:57:44.0958 5452 HSF_DP - ok

00:57:44.0989 5452 [ FE440536BD98AF772130DC3A6FE1915F ] HSXHWBS2 C:\Windows\system32\DRIVERS\HSXHWBS2.sys

00:57:45.0036 5452 HSXHWBS2 - ok

00:57:45.0067 5452 [ 96E241624C71211A79C84F50A8E71CAB ] HTTP C:\Windows\system32\drivers\HTTP.sys

00:57:45.0082 5452 HTTP - ok

00:57:45.0129 5452 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys

00:57:45.0129 5452 i2omp - ok

00:57:45.0160 5452 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys

00:57:45.0223 5452 i8042prt - ok

00:57:45.0254 5452 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys

00:57:45.0270 5452 iaStorV - ok

00:57:45.0332 5452 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

00:57:45.0379 5452 idsvc - ok

00:57:45.0410 5452 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys

00:57:45.0426 5452 iirsp - ok

00:57:45.0488 5452 [ A3BC480A2BF8AA8E4DABD2D5DCE0AFAC ] IKEEXT C:\Windows\System32\ikeext.dll

00:57:45.0504 5452 IKEEXT - ok

00:57:45.0613 5452 [ EDC37B918E583A5A813C53D4F5588255 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys

00:57:45.0862 5452 IntcAzAudAddService - ok

00:57:45.0878 5452 [ 97469037714070E45194ED318D636401 ] intelide C:\Windows\system32\drivers\intelide.sys

00:57:45.0894 5452 intelide - ok

00:57:45.0909 5452 [ CE44CC04262F28216DD4341E9E36A16F ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

00:57:45.0940 5452 intelppm - ok

00:57:45.0987 5452 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll

00:57:45.0987 5452 IPBusEnum - ok

00:57:46.0018 5452 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

00:57:46.0096 5452 IpFilterDriver - ok

00:57:46.0128 5452 [ 6A35D233693EDC29A12742049BC5E37F ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

00:57:46.0143 5452 iphlpsvc - ok

00:57:46.0143 5452 IpInIp - ok

00:57:46.0174 5452 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys

00:57:46.0190 5452 IPMIDRV - ok

00:57:46.0237 5452 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys

00:57:46.0237 5452 IPNAT - ok

00:57:46.0268 5452 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

00:57:46.0299 5452 IRENUM - ok

00:57:46.0377 5452 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys

00:57:46.0377 5452 isapnp - ok

00:57:46.0424 5452 [ F247EEC28317F6C739C16DE420097301 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys

00:57:46.0440 5452 iScsiPrt - ok

00:57:46.0471 5452 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys

00:57:46.0486 5452 iteatapi - ok

00:57:46.0518 5452 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys

00:57:46.0518 5452 iteraid - ok

00:57:46.0564 5452 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

00:57:46.0564 5452 kbdclass - ok

00:57:46.0580 5452 [ D2600CB17B7408B4A83F231DC9A11AC3 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys

00:57:46.0611 5452 kbdhid - ok

00:57:46.0642 5452 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] KeyIso C:\Windows\system32\lsass.exe

00:57:46.0642 5452 KeyIso - ok

00:57:46.0674 5452 [ 7A0CF7908B6824D6A2A1D313E5AE3DCA ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

00:57:46.0705 5452 KSecDD - ok

00:57:46.0752 5452 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll

00:57:46.0767 5452 KtmRm - ok

00:57:46.0830 5452 [ 1925E63C91CF1610AE41BFD539062079 ] LanmanServer C:\Windows\system32\srvsvc.dll

00:57:46.0830 5452 LanmanServer - ok

00:57:46.0876 5452 [ 2AE2E1628C5D3F1C0A46A67C9FA1DF15 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

00:57:46.0876 5452 LanmanWorkstation - ok

00:57:46.0939 5452 [ 6E5DAC168D1FF9843E84A59D51D31107 ] LightScribeService c:\Program Files\Common Files\LightScribe\LSSrvc.exe

00:57:46.0954 5452 LightScribeService - ok

00:57:46.0986 5452 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

00:57:46.0986 5452 lltdio - ok

00:57:47.0032 5452 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll

00:57:47.0064 5452 lltdsvc - ok

00:57:47.0095 5452 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll

00:57:47.0095 5452 lmhosts - ok

00:57:47.0142 5452 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys

00:57:47.0157 5452 LSI_FC - ok

00:57:47.0188 5452 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys

00:57:47.0204 5452 LSI_SAS - ok

00:57:47.0235 5452 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys

00:57:47.0235 5452 LSI_SCSI - ok

00:57:47.0266 5452 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys

00:57:47.0266 5452 luafv - ok

00:57:47.0344 5452 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\Windows\system32\drivers\mbam.sys

00:57:47.0344 5452 MBAMProtector - ok

00:57:47.0407 5452 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

00:57:47.0407 5452 MBAMScheduler - ok

00:57:47.0469 5452 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

00:57:47.0516 5452 MBAMService - ok

00:57:47.0563 5452 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

00:57:47.0594 5452 Mcx2Svc - ok

00:57:47.0625 5452 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys

00:57:47.0656 5452 mdmxsdk - ok

00:57:47.0703 5452 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys

00:57:47.0703 5452 megasas - ok

00:57:47.0734 5452 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll

00:57:47.0734 5452 MMCSS - ok

00:57:47.0750 5452 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys

00:57:47.0766 5452 Modem - ok

00:57:47.0797 5452 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys

00:57:47.0828 5452 monitor - ok

00:57:47.0844 5452 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

00:57:47.0859 5452 mouclass - ok

00:57:47.0890 5452 [ A3A6DFF7E9E757DB3DF51A833BC28885 ] mouhid C:\Windows\system32\drivers\mouhid.sys

00:57:47.0922 5452 mouhid - ok

00:57:47.0953 5452 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys

00:57:47.0953 5452 MountMgr - ok

00:57:47.0984 5452 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys

00:57:47.0984 5452 mpio - ok

00:57:48.0015 5452 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

00:57:48.0031 5452 mpsdrv - ok

00:57:48.0062 5452 [ D1639BA315B0D79DEC49A4B0E1FB929B ] MpsSvc C:\Windows\system32\mpssvc.dll

00:57:48.0078 5452 MpsSvc - ok

00:57:48.0124 5452 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys

00:57:48.0140 5452 Mraid35x - ok

00:57:48.0171 5452 [ AE3DE84536B6799D2267443CEC8EDBB9 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

00:57:48.0218 5452 MRxDAV - ok

00:57:48.0249 5452 [ 5734A0F2BE7E495F7D3ED6EFD4B9F5A1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

00:57:48.0312 5452 mrxsmb - ok

00:57:48.0327 5452 [ 6B5FA5ADFACAC9DBBE0991F4566D7D55 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

00:57:48.0358 5452 mrxsmb10 - ok

00:57:48.0374 5452 [ 5C80D8159181C7ABF1B14BA703B01E0B ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

00:57:48.0421 5452 mrxsmb20 - ok

00:57:48.0468 5452 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys

00:57:48.0483 5452 msahci - ok

00:57:48.0530 5452 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys

00:57:48.0530 5452 msdsm - ok

00:57:48.0592 5452 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe

00:57:48.0624 5452 MSDTC - ok

00:57:48.0670 5452 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys

00:57:48.0748 5452 Msfs - ok

00:57:48.0764 5452 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

00:57:48.0764 5452 msisadrv - ok

00:57:48.0811 5452 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

00:57:48.0811 5452 MSiSCSI - ok

00:57:48.0826 5452 msiserver - ok

00:57:48.0873 5452 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

00:57:48.0873 5452 MSKSSRV - ok

00:57:48.0920 5452 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

00:57:48.0936 5452 MSPCLOCK - ok

00:57:48.0951 5452 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

00:57:48.0982 5452 MSPQM - ok

00:57:49.0014 5452 [ B5614AECB05A9340AA0FB55BF561CC63 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

00:57:49.0029 5452 MsRPC - ok

00:57:49.0045 5452 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys

00:57:49.0045 5452 mssmbios - ok

00:57:49.0076 5452 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

00:57:49.0076 5452 MSTEE - ok

00:57:49.0107 5452 [ 6DFD1D322DE55B0B7DB7D21B90BEC49C ] Mup C:\Windows\system32\Drivers\mup.sys

00:57:49.0123 5452 Mup - ok

00:57:49.0154 5452 [ C43B25863FBD65B6D2A142AF3AE320CA ] napagent C:\Windows\system32\qagentRT.dll

00:57:49.0170 5452 napagent - ok

00:57:49.0216 5452 [ 3C21CE48FF529BB73DADB98770B54025 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

00:57:49.0263 5452 NativeWifiP - ok

00:57:49.0310 5452 [ 9BDC71790FA08F0A0B5F10462B1BD0B1 ] NDIS C:\Windows\system32\drivers\ndis.sys

00:57:49.0326 5452 NDIS - ok

00:57:49.0357 5452 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

00:57:49.0372 5452 NdisTapi - ok

00:57:49.0388 5452 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

00:57:49.0388 5452 Ndisuio - ok

00:57:49.0404 5452 [ 3D14C3B3496F88890D431E8AA022A411 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

00:57:49.0450 5452 NdisWan - ok

00:57:49.0466 5452 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

00:57:49.0482 5452 NDProxy - ok

00:57:49.0497 5452 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

00:57:49.0497 5452 NetBIOS - ok

00:57:49.0513 5452 [ 7C5FEE5B1C5728507CD96FB4A13E7A02 ] netbt C:\Windows\system32\DRIVERS\netbt.sys

00:57:49.0528 5452 netbt - ok

00:57:49.0544 5452 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] Netlogon C:\Windows\system32\lsass.exe

00:57:49.0544 5452 Netlogon - ok

00:57:49.0575 5452 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll

00:57:49.0575 5452 Netman - ok

00:57:49.0622 5452 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll

00:57:49.0622 5452 netprofm - ok

00:57:49.0669 5452 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

00:57:49.0669 5452 NetTcpPortSharing - ok

00:57:49.0716 5452 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys

00:57:49.0716 5452 nfrd960 - ok

00:57:49.0747 5452 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll

00:57:49.0762 5452 NlaSvc - ok

00:57:49.0794 5452 [ ECB5003F484F9ED6C608D6D6C7886CBB ] Npfs C:\Windows\system32\drivers\Npfs.sys

00:57:49.0809 5452 Npfs - ok

00:57:49.0840 5452 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll

00:57:49.0840 5452 nsi - ok

00:57:49.0856 5452 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

00:57:49.0856 5452 nsiproxy - ok

00:57:49.0903 5452 [ B4EFFE29EB4F15538FD8A9681108492D ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

00:57:49.0950 5452 Ntfs - ok

00:57:49.0981 5452 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys

00:57:49.0996 5452 ntrigdigi - ok

00:57:50.0012 5452 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys

00:57:50.0028 5452 Null - ok

00:57:50.0090 5452 [ D958A2B5F6AD5C3B8CCDC4D7DA62466C ] NVENETFD C:\Windows\system32\DRIVERS\nvmfdx32.sys

00:57:50.0152 5452 NVENETFD - ok

00:57:50.0511 5452 [ 9A77B1C13BCCEDDF78DFD7AFC25B4F5E ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys

00:57:50.0761 5452 nvlddmkm - ok

00:57:50.0808 5452 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys

00:57:50.0808 5452 nvraid - ok

00:57:50.0823 5452 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys

00:57:50.0839 5452 nvstor - ok

00:57:50.0870 5452 [ 7EBA6C9A0A295B1559EFB9062E701218 ] nvstor32 C:\Windows\system32\DRIVERS\nvstor32.sys

00:57:50.0886 5452 nvstor32 - ok

00:57:50.0917 5452 [ 31B8835B003CAA6D31BEAD83DDBF98E5 ] nvsvc C:\Windows\system32\nvvsvc.exe

00:57:50.0948 5452 nvsvc - ok

00:57:51.0026 5452 [ F935E817409F78FA50C5921DB39124B3 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

00:57:51.0057 5452 nvUpdatusService - ok

00:57:51.0088 5452 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

00:57:51.0104 5452 nv_agp - ok

00:57:51.0104 5452 NwlnkFlt - ok

00:57:51.0120 5452 NwlnkFwd - ok

00:57:51.0166 5452 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys

00:57:51.0182 5452 ohci1394 - ok

00:57:51.0213 5452 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2pimsvc C:\Windows\system32\p2psvc.dll

00:57:51.0244 5452 p2pimsvc - ok

00:57:51.0260 5452 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2psvc C:\Windows\system32\p2psvc.dll

00:57:51.0276 5452 p2psvc - ok

00:57:51.0291 5452 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys

00:57:51.0338 5452 Parport - ok

00:57:51.0385 5452 [ 3B38467E7C3DAED009DFE359E17F139F ] partmgr C:\Windows\system32\drivers\partmgr.sys

00:57:51.0400 5452 partmgr - ok

00:57:51.0447 5452 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys

00:57:51.0463 5452 Parvdm - ok

00:57:51.0478 5452 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll

00:57:51.0478 5452 PcaSvc - ok

00:57:51.0525 5452 [ 01B94418DEB235DFF777CC80076354B4 ] pci C:\Windows\system32\drivers\pci.sys

00:57:51.0541 5452 pci - ok

00:57:51.0556 5452 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys

00:57:51.0556 5452 pciide - ok

00:57:51.0588 5452 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys

00:57:51.0603 5452 pcmcia - ok

00:57:51.0666 5452 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys

00:57:51.0712 5452 PEAUTH - ok

00:57:51.0790 5452 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll

00:57:51.0853 5452 pla - ok

00:57:51.0884 5452 [ 78F975CB6D18265BE6F492EDB2D7BC7B ] PlugPlay C:\Windows\system32\umpnpmgr.dll

00:57:51.0884 5452 PlugPlay - ok

00:57:51.0915 5452 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll

00:57:51.0931 5452 PNRPAutoReg - ok

00:57:51.0946 5452 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPsvc C:\Windows\system32\p2psvc.dll

00:57:51.0962 5452 PNRPsvc - ok

00:57:51.0993 5452 [ 47B8F37AA18B74D8C2E1BC1A7A2C8F8A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

00:57:52.0009 5452 PolicyAgent - ok

00:57:52.0040 5452 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

00:57:52.0056 5452 PptpMiniport - ok

00:57:52.0087 5452 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys

00:57:52.0102 5452 Processor - ok

00:57:52.0134 5452 [ B627E4FC8585E8843C5905D4D3587A90 ] ProfSvc C:\Windows\system32\profsvc.dll

00:57:52.0134 5452 ProfSvc - ok

00:57:52.0149 5452 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] ProtectedStorage C:\Windows\system32\lsass.exe

00:57:52.0149 5452 ProtectedStorage - ok

00:57:52.0196 5452 [ 390C204CED3785609AB24E9C52054A84 ] Ps2 C:\Windows\system32\DRIVERS\PS2.sys

00:57:52.0212 5452 Ps2 - ok

00:57:52.0243 5452 [ BFEF604508A0ED1EAE2A73E872555FFB ] PSched C:\Windows\system32\DRIVERS\pacer.sys

00:57:52.0243 5452 PSched - ok

00:57:52.0258 5452 [ FEFFCFDC528764A04C8ED63D5FA6E711 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys

00:57:52.0368 5452 PxHelp20 - ok

00:57:52.0461 5452 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys

00:57:52.0492 5452 ql2300 - ok

00:57:52.0524 5452 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys

00:57:52.0539 5452 ql40xx - ok

00:57:52.0570 5452 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll

00:57:52.0586 5452 QWAVE - ok

00:57:52.0617 5452 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

00:57:52.0617 5452 QWAVEdrv - ok

00:57:52.0633 5452 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

00:57:52.0680 5452 RasAcd - ok

00:57:52.0695 5452 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll

00:57:52.0695 5452 RasAuto - ok

00:57:52.0726 5452 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

00:57:52.0742 5452 Rasl2tp - ok

00:57:52.0773 5452 [ 6E7C284FC5C4EC07AD164D93810385A6 ] RasMan C:\Windows\System32\rasmans.dll

00:57:52.0789 5452 RasMan - ok

00:57:52.0804 5452 [ 3E9D9B048107B40D87B97DF2E48E0744 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

00:57:52.0836 5452 RasPppoe - ok

00:57:52.0851 5452 [ A7D141684E9500AC928A772ED8E6B671 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

00:57:52.0867 5452 RasSstp - ok

00:57:52.0882 5452 [ 6E1C5D0457622F9EE35F683110E93D14 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

00:57:52.0914 5452 rdbss - ok

00:57:52.0929 5452 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

00:57:52.0929 5452 RDPCDD - ok

00:57:52.0960 5452 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys

00:57:52.0976 5452 rdpdr - ok

00:57:52.0992 5452 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

00:57:52.0992 5452 RDPENCDD - ok

00:57:53.0023 5452 [ E1C18F4097A5ABCEC941DC4B2F99DB7E ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

00:57:53.0054 5452 RDPWD - ok

00:57:53.0116 5452 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll

00:57:53.0116 5452 RemoteAccess - ok

00:57:53.0132 5452 [ CC4E32400F3C7253400CF8F3F3A0B676 ] RemoteRegistry C:\Windows\system32\regsvc.dll

00:57:53.0132 5452 RemoteRegistry - ok

00:57:53.0163 5452 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe

00:57:53.0163 5452 RpcLocator - ok

00:57:53.0194 5452 [ 301AE00E12408650BADDC04DBC832830 ] RpcSs C:\Windows\system32\rpcss.dll

00:57:53.0194 5452 RpcSs - ok

00:57:53.0226 5452 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

00:57:53.0226 5452 rspndr - ok

00:57:53.0241 5452 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] SamSs C:\Windows\system32\lsass.exe

00:57:53.0257 5452 SamSs - ok

00:57:53.0272 5452 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

00:57:53.0272 5452 sbp2port - ok

00:57:53.0288 5452 [ 11387E32642269C7E62E8B52C060B3C6 ] SCardSvr C:\Windows\System32\SCardSvr.dll

00:57:53.0304 5452 SCardSvr - ok

00:57:53.0335 5452 [ 7B587B8A6D4A99F79D2902D0385F29BD ] Schedule C:\Windows\system32\schedsvc.dll

00:57:53.0350 5452 Schedule - ok

00:57:53.0382 5452 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] SCPolicySvc C:\Windows\System32\certprop.dll

00:57:53.0382 5452 SCPolicySvc - ok

00:57:53.0397 5452 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll

00:57:53.0413 5452 SDRSVC - ok

00:57:53.0428 5452 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys

00:57:53.0444 5452 secdrv - ok

00:57:53.0460 5452 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll

00:57:53.0460 5452 seclogon - ok

00:57:53.0475 5452 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll

00:57:53.0475 5452 SENS - ok

00:57:53.0491 5452 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys

00:57:53.0491 5452 Serenum - ok

00:57:53.0522 5452 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys

00:57:53.0569 5452 Serial - ok

00:57:53.0600 5452 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys

00:57:53.0600 5452 sermouse - ok

00:57:53.0647 5452 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll

00:57:53.0647 5452 SessionEnv - ok

00:57:53.0662 5452 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

00:57:53.0662 5452 sffdisk - ok

00:57:53.0678 5452 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

00:57:53.0709 5452 sffp_mmc - ok

00:57:53.0725 5452 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

00:57:53.0740 5452 sffp_sd - ok

00:57:53.0756 5452 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys

00:57:53.0772 5452 sfloppy - ok

00:57:53.0803 5452 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll

00:57:53.0818 5452 SharedAccess - ok

00:57:53.0850 5452 [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

00:57:53.0881 5452 ShellHWDetection - ok

00:57:53.0912 5452 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys

00:57:53.0912 5452 sisagp - ok

00:57:53.0943 5452 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys

00:57:53.0943 5452 SiSRaid2 - ok

00:57:53.0943 5452 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys

00:57:53.0959 5452 SiSRaid4 - ok

00:57:54.0052 5452 [ 0BA91E1358AD25236863039BB2609A2E ] slsvc C:\Windows\system32\SLsvc.exe

00:57:54.0130 5452 slsvc - ok

00:57:54.0162 5452 [ 7C6DC44CA0BFA6291629AB764200D1D4 ] SLUINotify C:\Windows\system32\SLUINotify.dll

00:57:54.0162 5452 SLUINotify - ok

00:57:54.0177 5452 [ 031E6BCD53C9B2B9ACE111EAFEC347B6 ] Smb C:\Windows\system32\DRIVERS\smb.sys

00:57:54.0177 5452 Smb - ok

00:57:54.0208 5452 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe

00:57:54.0224 5452 SNMPTRAP - ok

00:57:54.0240 5452 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys

00:57:54.0255 5452 spldr - ok

00:57:54.0286 5452 [ 3665F79026A3F91FBCA63F2C65A09B19 ] Spooler C:\Windows\System32\spoolsv.exe

00:57:54.0286 5452 Spooler - ok

00:57:54.0318 5452 [ 2252AEF839B1093D16761189F45AF885 ] srv C:\Windows\system32\DRIVERS\srv.sys

00:57:54.0318 5452 srv - ok

00:57:54.0349 5452 [ B7FF59408034119476B00A81BB53D5D1 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

00:57:54.0349 5452 srv2 - ok

00:57:54.0364 5452 [ 2ACCC9B12AF02030F531E6CCA6F8B76E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

00:57:54.0364 5452 srvnet - ok

00:57:54.0396 5452 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

00:57:54.0411 5452 SSDPSRV - ok

00:57:54.0427 5452 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll

00:57:54.0442 5452 SstpSvc - ok

00:57:54.0520 5452 [ 7DD08A597BC56051F320DA0BAF69E389 ] stisvc C:\Windows\System32\wiaservc.dll

00:57:54.0536 5452 stisvc - ok

00:57:54.0567 5452 [ D4CE4D370A26AE1BF41BE9F69D24D049 ] stllssvr c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

00:57:54.0583 5452 stllssvr - ok

00:57:54.0614 5452 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys

00:57:54.0614 5452 swenum - ok

00:57:54.0661 5452 [ B36C7CDB86F7F7A8E884479219766950 ] swprv C:\Windows\System32\swprv.dll

00:57:54.0676 5452 swprv - ok

00:57:54.0708 5452 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys

00:57:54.0723 5452 Symc8xx - ok

00:57:54.0739 5452 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys

00:57:54.0739 5452 Sym_hi - ok

00:57:54.0770 5452 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys

00:57:54.0770 5452 Sym_u3 - ok

00:57:54.0832 5452 [ 8710A92D0024B03B5FB9540DF1F71F1D ] SysMain C:\Windows\system32\sysmain.dll

00:57:54.0848 5452 SysMain - ok

00:57:54.0879 5452 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll

00:57:54.0879 5452 TabletInputService - ok

00:57:54.0926 5452 [ 680916BB09EE0F3A6ACA7C274B0D633F ] TapiSrv C:\Windows\System32\tapisrv.dll

00:57:54.0942 5452 TapiSrv - ok

00:57:54.0957 5452 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll

00:57:54.0973 5452 TBS - ok

00:57:55.0035 5452 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

00:57:55.0113 5452 Tcpip - ok

00:57:55.0144 5452 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys

00:57:55.0160 5452 Tcpip6 - ok

00:57:55.0191 5452 [ D4A2E4A4B011F3A883AF77315A5AE76B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

00:57:55.0207 5452 tcpipreg - ok

00:57:55.0222 5452 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

00:57:55.0238 5452 TDPIPE - ok

00:57:55.0269 5452 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

00:57:55.0269 5452 TDTCP - ok

00:57:55.0300 5452 [ D09276B1FAB033CE1D40DCBDF303D10F ] tdx C:\Windows\system32\DRIVERS\tdx.sys

00:57:55.0316 5452 tdx - ok

00:57:55.0347 5452 [ A048056F5E1A96A9BF3071B91741A5AA ] TermDD C:\Windows\system32\DRIVERS\termdd.sys

00:57:55.0363 5452 TermDD - ok

00:57:55.0410 5452 [ D605031E225AACCBCEB5B76A4F1603A6 ] TermService C:\Windows\System32\termsrv.dll

00:57:55.0425 5452 TermService - ok

00:57:55.0456 5452 [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] Themes C:\Windows\system32\shsvcs.dll

00:57:55.0472 5452 Themes - ok

00:57:55.0503 5452 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll

00:57:55.0503 5452 THREADORDER - ok

00:57:55.0534 5452 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll

00:57:55.0534 5452 TrkWks - ok

00:57:55.0581 5452 [ 16613A1BAD034D4ECF957AF18B7C2FF5 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

00:57:55.0581 5452 TrustedInstaller - ok

00:57:55.0597 5452 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

00:57:55.0628 5452 tssecsrv - ok

00:57:55.0659 5452 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys

00:57:55.0675 5452 tunmp - ok

00:57:55.0690 5452 [ 6042505FF6FA9AC1EF7684D0E03B6940 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

00:57:55.0706 5452 tunnel - ok

00:57:55.0753 5452 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys

00:57:55.0753 5452 uagp35 - ok

00:57:55.0784 5452 [ 8B5088058FA1D1CD897A2113CCFF6C58 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

00:57:55.0800 5452 udfs - ok

00:57:55.0831 5452 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe

00:57:55.0831 5452 UI0Detect - ok

00:57:55.0846 5452 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

00:57:55.0862 5452 uliagpkx - ok

00:57:55.0878 5452 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys

00:57:55.0878 5452 uliahci - ok

00:57:55.0909 5452 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys

00:57:55.0909 5452 UlSata - ok

00:57:55.0940 5452 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys

00:57:55.0940 5452 ulsata2 - ok

00:57:55.0971 5452 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

00:57:55.0987 5452 umbus - ok

00:57:56.0018 5452 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll

00:57:56.0034 5452 upnphost - ok

00:57:56.0065 5452 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

00:57:56.0096 5452 usbccgp - ok

00:57:56.0127 5452 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys

00:57:56.0174 5452 usbcir - ok

00:57:56.0205 5452 [ CEBE90821810E76320155BEBA722FCF9 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

00:57:56.0205 5452 usbehci - ok

00:57:56.0236 5452 [ CC6B28E4CE39951357963119CE47B143 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

00:57:56.0252 5452 usbhub - ok

00:57:56.0252 5452 [ 7BDB7B0E7D45AC0402D78B90789EF47C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys

00:57:56.0268 5452 usbohci - ok

00:57:56.0299 5452 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

00:57:56.0299 5452 usbprint - ok

00:57:56.0314 5452 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys

00:57:56.0330 5452 usbscan - ok

00:57:56.0361 5452 [ 87BA6B83C5D19B69160968D07D6E2982 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

00:57:56.0377 5452 USBSTOR - ok

00:57:56.0408 5452 [ 325DBBACB8A36AF9988CCF40EAC228CC ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys

00:57:56.0424 5452 usbuhci - ok

00:57:56.0470 5452 [ 032A0ACC3909AE7215D524E29D536797 ] UxSms C:\Windows\System32\uxsms.dll

00:57:56.0470 5452 UxSms - ok

00:57:56.0517 5452 [ B13BC395B9D6116628F5AF47E0802AC4 ] vds C:\Windows\System32\vds.exe

00:57:56.0548 5452 vds - ok

00:57:56.0580 5452 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

00:57:56.0595 5452 vga - ok

00:57:56.0626 5452 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys

00:57:56.0626 5452 VgaSave - ok

00:57:56.0673 5452 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys

00:57:56.0673 5452 viaagp - ok

00:57:56.0704 5452 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys

00:57:56.0736 5452 ViaC7 - ok

00:57:56.0767 5452 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys

00:57:56.0798 5452 viaide - ok

00:57:56.0845 5452 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys

00:57:56.0845 5452 volmgr - ok

00:57:56.0892 5452 [ 98F5FFE6316BD74E9E2C97206C190196 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

00:57:56.0923 5452 volmgrx - ok

00:57:56.0970 5452 [ D8B4A53DD2769F226B3EB374374987C9 ] volsnap C:\Windows\system32\drivers\volsnap.sys

00:57:56.0985 5452 volsnap - ok

00:57:57.0016 5452 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys

00:57:57.0032 5452 vsmraid - ok

00:57:57.0094 5452 [ D5FB73D19C46ADE183F968E13F186B23 ] VSS C:\Windows\system32\vssvc.exe

00:57:57.0126 5452 VSS - ok

00:57:57.0157 5452 [ 1CF9206966A8458CDA9A8B20DF8AB7D3 ] W32Time C:\Windows\system32\w32time.dll

00:57:57.0172 5452 W32Time - ok

00:57:57.0204 5452 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys

00:57:57.0235 5452 WacomPen - ok

00:57:57.0266 5452 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys

00:57:57.0297 5452 Wanarp - ok

00:57:57.0313 5452 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

00:57:57.0313 5452 Wanarpv6 - ok

00:57:57.0344 5452 [ F3A5C2E1A6533192B070D06ECF6BE796 ] wcncsvc C:\Windows\System32\wcncsvc.dll

00:57:57.0360 5452 wcncsvc - ok

00:57:57.0391 5452 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

00:57:57.0406 5452 WcsPlugInService - ok

00:57:57.0438 5452 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys

00:57:57.0453 5452 Wd - ok

00:57:57.0500 5452 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

00:57:57.0516 5452 Wdf01000 - ok

00:57:57.0531 5452 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll

00:57:57.0547 5452 WdiServiceHost - ok

00:57:57.0562 5452 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll

00:57:57.0562 5452 WdiSystemHost - ok

00:57:57.0578 5452 [ CF9A5F41789B642DB967021DE06A2713 ] WebClient C:\Windows\System32\webclnt.dll

00:57:57.0594 5452 WebClient - ok

00:57:57.0625 5452 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll

00:57:57.0640 5452 Wecsvc - ok

00:57:57.0656 5452 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll

00:57:57.0656 5452 wercplsupport - ok

00:57:57.0687 5452 [ FD1965AAA112C6818A30AB02742D0461 ] WerSvc C:\Windows\System32\WerSvc.dll

00:57:57.0703 5452 WerSvc - ok

00:57:57.0734 5452 [ 72CC6A8CA7891031D6380DB5025C773C ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys

00:57:57.0781 5452 winachsf - ok

00:57:57.0843 5452 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll

00:57:57.0859 5452 WinDefend - ok

00:57:57.0874 5452 WinHttpAutoProxySvc - ok

00:57:57.0937 5452 [ 00B79A7C984678F24CF052E5BEB3A2F5 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

00:57:57.0937 5452 Winmgmt - ok

00:57:57.0999 5452 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll

00:57:58.0046 5452 WinRM - ok

00:57:58.0108 5452 [ 275F4346E569DF56CFB95243BD6F6FF0 ] Wlansvc C:\Windows\System32\wlansvc.dll

00:57:58.0124 5452 Wlansvc - ok

00:57:58.0171 5452 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

00:57:58.0186 5452 WmiAcpi - ok

00:57:58.0218 5452 [ ABA4CF9F856D9A3A25F4DDD7690A6E9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

00:57:58.0233 5452 wmiApSrv - ok

00:57:58.0296 5452 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe

00:57:58.0327 5452 WMPNetworkSvc - ok

00:57:58.0374 5452 [ 5D94CD167751294962BA238D82DD1BB8 ] WPCSvc C:\Windows\System32\wpcsvc.dll

00:57:58.0374 5452 WPCSvc - ok

00:57:58.0389 5452 [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

00:57:58.0405 5452 WPDBusEnum - ok

00:57:58.0483 5452 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

00:57:58.0561 5452 WPFFontCache_v0400 - ok

00:57:58.0592 5452 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

00:57:58.0608 5452 ws2ifsl - ok

00:57:58.0654 5452 [ 683DD16B590372F2C9661D277F35E49C ] wscsvc C:\Windows\System32\wscsvc.dll

00:57:58.0670 5452 wscsvc - ok

00:57:58.0670 5452 WSearch - ok

00:57:58.0779 5452 [ D79538B67FA641E986855DEF651E78FE ] wuauserv C:\Windows\system32\wuaueng.dll

00:57:58.0842 5452 wuauserv - ok

00:57:58.0873 5452 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

00:57:58.0873 5452 WUDFRd - ok

00:57:58.0904 5452 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll

00:57:58.0904 5452 wudfsvc - ok

00:57:58.0951 5452 [ DAB33CFA9DD24251AAA389FF36B64D4B ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys

00:57:58.0951 5452 XAudio - ok

00:57:58.0982 5452 [ CD5F291A1161F15896D1A4D63DAFF5DF ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe

00:57:58.0998 5452 XAudioService - ok

00:57:59.0029 5452 ================ Scan global ===============================

00:57:59.0060 5452 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll

00:57:59.0107 5452 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll

00:57:59.0138 5452 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll

00:57:59.0185 5452 [ 2B336AB6286D6C81FA02CBAB914E3C6C ] C:\Windows\system32\services.exe

00:57:59.0200 5452 [Global] - ok

00:57:59.0200 5452 ================ Scan MBR ==================================

00:57:59.0216 5452 [ 8913823FF508CCF109DB74B636C301DA ] \Device\Harddisk0\DR0

00:57:59.0700 5452 \Device\Harddisk0\DR0 - ok

00:57:59.0715 5452 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk5\DR5

00:57:59.0715 5452 \Device\Harddisk5\DR5 - ok

00:57:59.0715 5452 ================ Scan VBR ==================================

00:57:59.0731 5452 [ C81469B2C7A3FB12CD4360F32F7CFEE6 ] \Device\Harddisk0\DR0\Partition1

00:57:59.0731 5452 \Device\Harddisk0\DR0\Partition1 - ok

00:57:59.0762 5452 [ 9886964C7E63330EBA20FBD5271A95B1 ] \Device\Harddisk0\DR0\Partition2

00:57:59.0762 5452 \Device\Harddisk0\DR0\Partition2 - ok

00:57:59.0778 5452 [ E543324A9E6EC2285C00F4D623767712 ] \Device\Harddisk5\DR5\Partition1

00:57:59.0778 5452 \Device\Harddisk5\DR5\Partition1 - ok

00:57:59.0778 5452 ============================================================

00:57:59.0778 5452 Scan finished

00:57:59.0778 5452 ============================================================

00:57:59.0793 5444 Detected object count: 0

00:57:59.0793 5444 Actual detected object count: 0

00:58:38.0325 5356 Deinitialize success

Malwarebytes Anti-Rootkit BETA 1.06.0.1003

www.malwarebytes.org

Database version: v2013.06.07.04

Windows Vista Service Pack 1 x86 NTFS

Internet Explorer 7.0.6001.18000

mafineart :: MAFINEART-PC [administrator]

6/7/2013 1:02:58 AM

mbar-log-2013-06-07 (01-02-58).txt

Scan type: Quick scan

Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P

Scan options disabled: Deep Anti-Rootkit Scan | PUP

Objects scanned: 221621

Time elapsed: 15 minute(s), 42 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

Physical Sectors Detected: 0

(No malicious items detected)

(end)

Link to post
Share on other sites

---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.06.0.1003

© Malwarebytes Corporation 2011-2012

OS version: 6.0.6001 Windows Vista Service Pack 1 x86

Account is Administrative

Internet Explorer version: 7.0.6001.18000

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED

CPU speed: 2.204000 GHz

Memory total: 937234432, free: 297144320

Downloaded database version: v2013.06.07.04

Downloaded database version: v2013.05.22.01

Initializing...

------------ Kernel report ------------

06/07/2013 01:02:52

------------ Loaded modules -----------

\SystemRoot\system32\ntkrnlpa.exe

\SystemRoot\system32\hal.dll

\SystemRoot\system32\kdcom.dll

\SystemRoot\system32\PSHED.dll

\SystemRoot\system32\BOOTVID.dll

\SystemRoot\system32\CLFS.SYS

\SystemRoot\system32\CI.dll

\SystemRoot\system32\drivers\Wdf01000.sys

\SystemRoot\system32\drivers\WDFLDR.SYS

\SystemRoot\system32\drivers\acpi.sys

\SystemRoot\system32\drivers\WMILIB.SYS

\SystemRoot\system32\drivers\msisadrv.sys

\SystemRoot\system32\drivers\pci.sys

\SystemRoot\System32\drivers\partmgr.sys

\SystemRoot\system32\drivers\volmgr.sys

\SystemRoot\System32\drivers\volmgrx.sys

\SystemRoot\system32\drivers\pciide.sys

\SystemRoot\system32\drivers\PCIIDEX.SYS

\SystemRoot\System32\drivers\mountmgr.sys

\SystemRoot\system32\drivers\atapi.sys

\SystemRoot\system32\drivers\ataport.SYS

\SystemRoot\system32\DRIVERS\nvstor32.sys

\SystemRoot\system32\DRIVERS\storport.sys

\SystemRoot\system32\drivers\fltmgr.sys

\SystemRoot\system32\drivers\fileinfo.sys

\SystemRoot\System32\Drivers\PxHelp20.sys

\SystemRoot\System32\Drivers\ksecdd.sys

\SystemRoot\system32\drivers\ndis.sys

\SystemRoot\system32\drivers\msrpc.sys

\SystemRoot\system32\drivers\NETIO.SYS

\SystemRoot\System32\drivers\tcpip.sys

\SystemRoot\System32\drivers\fwpkclnt.sys

\SystemRoot\System32\Drivers\Ntfs.sys

\SystemRoot\system32\drivers\volsnap.sys

\SystemRoot\System32\Drivers\spldr.sys

\SystemRoot\System32\Drivers\mup.sys

\SystemRoot\System32\drivers\ecache.sys

\SystemRoot\system32\drivers\disk.sys

\SystemRoot\system32\drivers\CLASSPNP.SYS

\SystemRoot\system32\drivers\crcdisk.sys

\SystemRoot\system32\DRIVERS\avgrkx86.sys

\SystemRoot\system32\DRIVERS\avglogx.sys

\SystemRoot\system32\DRIVERS\avgmfx86.sys

\SystemRoot\system32\DRIVERS\avgidshx.sys

\SystemRoot\system32\DRIVERS\tunnel.sys

\SystemRoot\system32\DRIVERS\tunmp.sys

\SystemRoot\system32\DRIVERS\amdk8.sys

\SystemRoot\system32\DRIVERS\nvlddmkm.sys

\SystemRoot\System32\drivers\dxgkrnl.sys

\SystemRoot\System32\drivers\watchdog.sys

\SystemRoot\system32\DRIVERS\usbohci.sys

\SystemRoot\system32\DRIVERS\USBPORT.SYS

\SystemRoot\system32\DRIVERS\usbehci.sys

\SystemRoot\system32\DRIVERS\cdrom.sys

\SystemRoot\system32\DRIVERS\ohci1394.sys

\SystemRoot\system32\DRIVERS\1394BUS.SYS

\SystemRoot\system32\DRIVERS\HSXHWBS2.sys

\SystemRoot\system32\DRIVERS\ks.sys

\SystemRoot\system32\DRIVERS\HSX_DP.sys

\SystemRoot\system32\DRIVERS\HSX_CNXT.sys

\SystemRoot\system32\drivers\modem.sys

\SystemRoot\system32\DRIVERS\HDAudBus.sys

\SystemRoot\system32\DRIVERS\nvmfdx32.sys

\SystemRoot\system32\DRIVERS\i8042prt.sys

\SystemRoot\system32\DRIVERS\mouclass.sys

\SystemRoot\system32\DRIVERS\PS2.sys

\SystemRoot\system32\DRIVERS\kbdclass.sys

\SystemRoot\system32\DRIVERS\msiscsi.sys

\SystemRoot\system32\DRIVERS\TDI.SYS

\SystemRoot\system32\DRIVERS\rasl2tp.sys

\SystemRoot\system32\DRIVERS\ndistapi.sys

\SystemRoot\system32\DRIVERS\ndiswan.sys

\SystemRoot\system32\DRIVERS\raspppoe.sys

\SystemRoot\system32\DRIVERS\raspptp.sys

\SystemRoot\system32\DRIVERS\rassstp.sys

\SystemRoot\system32\DRIVERS\termdd.sys

\SystemRoot\system32\DRIVERS\swenum.sys

\SystemRoot\system32\DRIVERS\mssmbios.sys

\SystemRoot\system32\DRIVERS\umbus.sys

\SystemRoot\system32\DRIVERS\usbhub.sys

\SystemRoot\System32\Drivers\NDProxy.SYS

\SystemRoot\system32\drivers\RTKVHDA.sys

\SystemRoot\system32\drivers\portcls.sys

\SystemRoot\system32\drivers\drmk.sys

\SystemRoot\system32\DRIVERS\USBSTOR.SYS

\SystemRoot\system32\DRIVERS\USBD.SYS

\SystemRoot\System32\Drivers\Fs_Rec.SYS

\SystemRoot\System32\Drivers\Null.SYS

\SystemRoot\System32\Drivers\Beep.SYS

\SystemRoot\System32\drivers\vga.sys

\SystemRoot\System32\drivers\VIDEOPRT.SYS

\SystemRoot\System32\DRIVERS\RDPCDD.sys

\SystemRoot\system32\drivers\rdpencdd.sys

\SystemRoot\System32\Drivers\Msfs.SYS

\SystemRoot\System32\Drivers\Npfs.SYS

\SystemRoot\System32\DRIVERS\rasacd.sys

\SystemRoot\system32\DRIVERS\tdx.sys

\SystemRoot\system32\DRIVERS\smb.sys

\SystemRoot\system32\DRIVERS\avgtdix.sys

\SystemRoot\System32\DRIVERS\netbt.sys

\SystemRoot\system32\drivers\afd.sys

\SystemRoot\system32\DRIVERS\pacer.sys

\SystemRoot\system32\DRIVERS\netbios.sys

\SystemRoot\system32\DRIVERS\wanarp.sys

\SystemRoot\system32\DRIVERS\rdbss.sys

\SystemRoot\system32\drivers\nsiproxy.sys

\SystemRoot\System32\Drivers\dfsc.sys

\SystemRoot\system32\DRIVERS\avgldx86.sys

\SystemRoot\system32\DRIVERS\avgidsshimx.sys

\SystemRoot\system32\DRIVERS\avgidsdriverx.sys

\SystemRoot\system32\DRIVERS\cdfs.sys

\SystemRoot\System32\Drivers\crashdmp.sys

\SystemRoot\System32\Drivers\dump_diskdump.sys

\SystemRoot\System32\Drivers\dump_nvstor32.sys

\SystemRoot\System32\win32k.sys

\SystemRoot\System32\drivers\Dxapi.sys

\SystemRoot\system32\DRIVERS\monitor.sys

\SystemRoot\System32\TSDDD.dll

\SystemRoot\System32\cdd.dll

\SystemRoot\System32\ATMFD.DLL

\SystemRoot\system32\drivers\luafv.sys

\??\C:\Windows\system32\drivers\mbam.sys

\SystemRoot\system32\drivers\spsys.sys

\SystemRoot\system32\DRIVERS\lltdio.sys

\SystemRoot\system32\DRIVERS\rspndr.sys

\SystemRoot\system32\drivers\HTTP.sys

\SystemRoot\System32\DRIVERS\srvnet.sys

\SystemRoot\system32\DRIVERS\bowser.sys

\SystemRoot\System32\drivers\mpsdrv.sys

\SystemRoot\system32\drivers\mrxdav.sys

\SystemRoot\system32\DRIVERS\mrxsmb.sys

\SystemRoot\system32\DRIVERS\mrxsmb10.sys

\SystemRoot\system32\DRIVERS\mrxsmb20.sys

\SystemRoot\System32\DRIVERS\srv2.sys

\SystemRoot\System32\DRIVERS\srv.sys

\SystemRoot\system32\DRIVERS\mdmxsdk.sys

\SystemRoot\system32\drivers\peauth.sys

\SystemRoot\System32\Drivers\secdrv.SYS

\SystemRoot\System32\drivers\tcpipreg.sys

\SystemRoot\system32\DRIVERS\xaudio.sys

\SystemRoot\system32\DRIVERS\WUDFRd.sys

\SystemRoot\system32\DRIVERS\WUDFPf.sys

\SystemRoot\System32\Drivers\fastfat.SYS

\??\C:\Windows\system32\drivers\mbamchameleon.sys

\??\C:\Windows\system32\drivers\mbamswissarmy.sys

\WINDOWS\System32\ntdll.dll

----------- End -----------

Done!

<<<1>>>

Upper Device Name: \Device\Harddisk5\DR5

Upper Device Object: 0xffffffff83dd2ac8

Upper Device Driver Name: \Driver\disk\

Lower Device Name: \Device\00000068\

Lower Device Object: 0xffffffff85052cd0

Lower Device Driver Name: \Driver\USBSTOR\

<<<1>>>

Upper Device Name: \Device\Harddisk4\DR4

Upper Device Object: 0xffffffff8b9d3560

Upper Device Driver Name: \Driver\disk\

Lower Device Name: \Device\0000005d\

Lower Device Object: 0xffffffff8b3b4970

Lower Device Driver Name: \Driver\USBSTOR\

<<<1>>>

Upper Device Name: \Device\Harddisk3\DR3

Upper Device Object: 0xffffffff8b9d3ac8

Upper Device Driver Name: \Driver\disk\

Lower Device Name: \Device\0000005c\

Lower Device Object: 0xffffffff8b3b4cd0

Lower Device Driver Name: \Driver\USBSTOR\

<<<1>>>

Upper Device Name: \Device\Harddisk2\DR2

Upper Device Object: 0xffffffff8b211ac8

Upper Device Driver Name: \Driver\disk\

Lower Device Name: \Device\0000005b\

Lower Device Object: 0xffffffff8b2e2cd0

Lower Device Driver Name: \Driver\USBSTOR\

<<<1>>>

Upper Device Name: \Device\Harddisk1\DR1

Upper Device Object: 0xffffffff8b3b9ac8

Upper Device Driver Name: \Driver\disk\

Lower Device Name: \Device\0000005a\

Lower Device Object: 0xffffffff8b12e480

Lower Device Driver Name: \Driver\USBSTOR\

<<<1>>>

Upper Device Name: \Device\Harddisk0\DR0

Upper Device Object: 0xffffffff856d2ac8

Upper Device Driver Name: \Driver\disk\

Lower Device Name: \Device\00000050\

Lower Device Object: 0xffffffff84634b88

Lower Device Driver Name: \Driver\nvstor32\

<<<2>>>

Device number: 0, partition: 1

Physical Sector Size: 512

Drive: 0, DevicePointer: 0xffffffff856d2ac8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff856d27b8, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xffffffff856d2ac8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\

DevicePointer: 0xffffffff83c9b4f8, DeviceName: Unknown, DriverName: \Driver\ACPI\

DevicePointer: 0xffffffff84634b88, DeviceName: \Device\00000050\, DriverName: \Driver\nvstor32\

------------ End ----------

Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\

Upper DeviceData: 0x0, 0x0, 0x0

Lower DeviceData: 0x0, 0x0, 0x0

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

<<<2>>>

Device number: 0, partition: 1

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Scanning drivers directory: C:\Windows\system32\drivers...

<<<2>>>

Device number: 0, partition: 1

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Done!

Drive 0

Scanning MBR on drive 0...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: 1549F232

Partition information:

Partition 0 type is Primary (0x7)

Partition is ACTIVE.

Partition starts at LBA: 63 Numsec = 612012177

Partition file system is NTFS

Partition is bootable

Partition 1 type is Primary (0x7)

Partition is NOT ACTIVE.

Partition starts at LBA: 612012240 Numsec = 13125105

Partition 2 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Disk Size: 320072933376 bytes

Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-625122448-625142448)...

Done!

Physical Sector Size: 0

Drive: 1, DevicePointer: 0xffffffff8b3b9ac8, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff8b2e98f0, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xffffffff8b3b9ac8, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\

DevicePointer: 0xffffffff8b12e480, DeviceName: \Device\0000005a\, DriverName: \Driver\USBSTOR\

------------ End ----------

Physical Sector Size: 0

Drive: 2, DevicePointer: 0xffffffff8b211ac8, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff8b2ea8f0, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xffffffff8b211ac8, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\

DevicePointer: 0xffffffff8b2e2cd0, DeviceName: \Device\0000005b\, DriverName: \Driver\USBSTOR\

------------ End ----------

Physical Sector Size: 0

Drive: 3, DevicePointer: 0xffffffff8b9d3ac8, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff8b3be8d8, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xffffffff8b9d3ac8, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\disk\

DevicePointer: 0xffffffff8b3b4cd0, DeviceName: \Device\0000005c\, DriverName: \Driver\USBSTOR\

------------ End ----------

Physical Sector Size: 0

Drive: 4, DevicePointer: 0xffffffff8b9d3560, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff8b2e8878, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xffffffff8b9d3560, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\disk\

DevicePointer: 0xffffffff8b3b4970, DeviceName: \Device\0000005d\, DriverName: \Driver\USBSTOR\

------------ End ----------

Physical Sector Size: 512

Drive: 5, DevicePointer: 0xffffffff83dd2ac8, DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff83dd2020, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xffffffff83dd2ac8, DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\disk\

DevicePointer: 0xffffffff85052cd0, DeviceName: \Device\00000068\, DriverName: \Driver\USBSTOR\

------------ End ----------

Alternate DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\disk\

Upper DeviceData: 0x0, 0x0, 0x0

Lower DeviceData: 0x0, 0x0, 0x0

Drive 5

Scanning MBR on drive 5...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: C3072E18

Partition information:

Partition 0 type is Other (0xc)

Partition is NOT ACTIVE.

Partition starts at LBA: 8064 Numsec = 31268992

Partition 1 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Disk Size: 16013852672 bytes

Sector size: 512 bytes

Done!

Read File: File "c:\programdata\avg2013\chjw\26240a7d240a4feb.dat:8edad50a-98a8-4646-a5df-81719811ab3c" is sparse (flags = 32768)

Scan finished

=======================================

Removal queue found; removal started

Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_i.mbam...

Removing c:\programdata\malwarebytes' anti-malware (portable)\bootstrap_0_0_63_i.mbam...

Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_r.mbam...

Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_5_i.mbam...

Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_5_r.mbam...

Removal finished

ComboFix 13-06-06.04 - mafineart 06/07/2013 1:32.1.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.894.368 [GMT -7:00]

Running from: c:\users\mafineart\Desktop\ComboFix.exe

AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

.

.

((((((((((((((((((((((((( Files Created from 2013-05-07 to 2013-06-07 )))))))))))))))))))))))))))))))

.

.

2013-06-07 08:41 . 2013-06-07 08:41 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-06-07 08:02 . 2013-06-07 08:19 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)

2013-06-04 21:13 . 2013-06-04 21:13 -------- d-----w- c:\programdata\Malwarebytes

2013-06-04 21:13 . 2013-06-04 21:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2013-06-04 21:13 . 2013-04-04 21:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-06-04 00:06 . 1998-10-29 23:45 306688 ----a-w- c:\windows\IsUninst.exe

2013-06-04 00:03 . 2013-06-04 00:03 -------- d-----w- c:\program files\SweetIM

2013-06-04 00:03 . 2013-06-04 00:03 -------- d-----w- c:\program files\ExtractNow

2013-06-03 20:47 . 2013-06-03 21:15 -------- d-----w- C:\AdobeTemp

2013-06-03 20:15 . 2013-06-03 20:15 -------- d-----w- c:\programdata\FLEXnet

2013-06-03 19:44 . 2013-06-03 19:44 -------- d-----w- c:\program files\Microsoft.NET

2013-06-01 00:22 . 2013-06-01 00:22 -------- d-----w- c:\program files\Adobe Media Player

2013-06-01 00:19 . 2013-06-01 00:19 -------- d-----w- c:\program files\Common Files\Adobe AIR

2013-05-31 23:27 . 2010-09-20 09:25 231936 ----a-w- c:\windows\system32\msshsq.dll

2013-05-31 10:30 . 2010-04-14 17:46 80896 ----a-w- c:\windows\system32\MSNP.ax

2013-05-31 10:30 . 2010-04-14 17:47 293376 ----a-w- c:\windows\system32\psisdecd.dll

2013-05-31 10:30 . 2010-04-14 17:47 217088 ----a-w- c:\windows\system32\psisrndr.ax

2013-05-31 10:21 . 2009-11-08 17:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll

2013-05-31 10:21 . 2009-11-08 17:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe

2013-05-31 10:21 . 2009-11-08 17:55 49472 ----a-w- c:\windows\system32\netfxperf.dll

2013-05-31 10:21 . 2009-11-08 17:55 297808 ----a-w- c:\windows\system32\mscoree.dll

2013-05-31 10:21 . 2009-11-08 17:55 1130824 ----a-w- c:\windows\system32\dfshim.dll

2013-05-31 10:08 . 2009-10-09 21:56 2048 ----a-w- c:\windows\system32\winrsmgr.dll

2013-05-31 10:03 . 2009-10-09 21:56 1181696 ----a-w- c:\windows\system32\WsmSvc.dll

2013-05-30 23:44 . 2011-04-20 14:47 375808 ----a-w- c:\windows\system32\winsrv.dll

2013-05-30 23:44 . 2011-04-20 14:44 49152 ----a-w- c:\windows\system32\csrsrv.dll

2013-05-30 23:43 . 2010-09-10 16:35 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe

2013-05-30 23:43 . 2010-09-10 16:37 8147456 ----a-w- c:\windows\system32\wmploc.DLL

2013-05-30 23:42 . 2010-09-06 16:24 125952 ----a-w- c:\windows\system32\srvsvc.dll

2013-05-30 23:42 . 2010-09-06 16:23 17920 ----a-w- c:\windows\system32\netevent.dll

2013-05-30 23:42 . 2010-04-16 16:10 501760 ----a-w- c:\windows\system32\usp10.dll

2013-05-30 23:40 . 2010-12-28 14:56 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll

2013-05-30 23:39 . 2011-02-18 13:31 304640 ----a-w- c:\windows\system32\drivers\srv.sys

2013-05-30 23:39 . 2011-07-06 14:56 213504 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys

2013-05-30 23:39 . 2011-04-29 12:49 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys

2013-05-30 23:39 . 2011-04-29 12:49 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2013-05-30 23:39 . 2011-03-02 14:49 86528 ----a-w- c:\windows\system32\dnsrslvr.dll

2013-05-30 23:39 . 2009-05-04 10:11 25088 ----a-w- c:\windows\system32\dnscacheugc.exe

2013-05-30 23:39 . 2010-04-05 16:07 67072 ----a-w- c:\windows\system32\asycfilt.dll

2013-05-30 23:39 . 2010-06-28 16:15 1315840 ----a-w- c:\windows\system32\ole32.dll

2013-05-30 23:39 . 2010-06-28 14:31 339968 ----a-w- c:\program files\Windows NT\Accessories\wordpad.exe

2013-05-30 23:39 . 2010-08-17 13:32 126464 ----a-w- c:\windows\system32\spoolsv.exe

2013-05-30 23:38 . 2010-08-26 16:07 157184 ----a-w- c:\windows\system32\t2embed.dll

2013-05-30 23:38 . 2011-06-02 12:59 2042368 ----a-w- c:\windows\system32\win32k.sys

2013-05-30 23:38 . 2011-04-21 13:16 273408 ----a-w- c:\windows\system32\drivers\afd.sys

2013-05-30 23:37 . 2008-04-18 05:48 269312 ----a-w- c:\windows\system32\es.dll

2013-05-30 23:37 . 2010-12-14 15:49 1169408 ----a-w- c:\windows\system32\sdclt.exe

2013-05-30 23:37 . 2010-06-17 17:15 10926592 ----a-w- c:\program files\Movie Maker\MOVIEMK.dll

2013-05-30 23:37 . 2010-06-17 15:49 150016 ----a-w- c:\program files\Movie Maker\MOVIEMK.exe

2013-05-30 23:37 . 2011-04-29 12:49 146432 ----a-w- c:\windows\system32\drivers\srv2.sys

2013-05-30 23:37 . 2011-04-29 12:49 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys

2013-05-30 23:37 . 2011-05-02 16:00 766464 ----a-w- c:\program files\Common Files\Microsoft Shared\vgx\VGX.dll

2013-05-30 23:36 . 2010-04-05 16:08 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL

2013-05-30 23:36 . 2011-02-16 15:35 430080 ----a-w- c:\windows\system32\vbscript.dll

2013-05-30 23:36 . 2010-12-20 15:39 563200 ----a-w- c:\windows\system32\oleaut32.dll

2013-05-30 23:36 . 2010-08-31 15:41 954752 ----a-w- c:\windows\system32\mfc40.dll

2013-05-30 23:36 . 2010-08-31 15:41 954288 ----a-w- c:\windows\system32\mfc40u.dll

2013-05-30 23:36 . 2010-06-18 16:43 36352 ----a-w- c:\windows\system32\rtutils.dll

2013-05-30 23:35 . 2011-03-03 14:56 28672 ----a-w- c:\windows\system32\Apphlpdm.dll

2013-05-30 23:35 . 2011-03-03 13:01 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll

2013-05-30 23:35 . 2010-08-20 15:21 866816 ----a-w- c:\windows\system32\wmpmde.dll

2013-05-30 23:35 . 2010-12-29 17:41 429056 ----a-w- c:\windows\system32\EncDec.dll

2013-05-30 23:35 . 2010-12-29 17:41 323072 ----a-w- c:\windows\system32\sbe.dll

2013-05-30 23:35 . 2010-12-29 17:41 153088 ----a-w- c:\windows\system32\sbeio.dll

2013-05-30 23:35 . 2010-12-29 17:39 177664 ----a-w- c:\windows\system32\mpg2splt.ax

2013-05-30 23:33 . 2010-04-16 16:10 1314816 ----a-w- c:\windows\system32\quartz.dll

2013-05-30 23:33 . 2010-11-06 11:09 603648 ----a-w- c:\windows\system32\schedsvc.dll

2013-05-30 23:33 . 2010-11-06 11:10 357376 ----a-w- c:\windows\system32\taskschd.dll

2013-05-30 23:33 . 2010-11-06 11:10 345088 ----a-w- c:\windows\system32\wmicmiplugin.dll

2013-05-30 23:33 . 2010-11-06 11:10 270336 ----a-w- c:\windows\system32\taskcomp.dll

2013-05-30 23:33 . 2010-11-05 00:53 171520 ----a-w- c:\windows\system32\taskeng.exe

2013-05-30 23:33 . 2011-05-02 15:58 738816 ----a-w- c:\windows\system32\inetcomm.dll

2013-05-30 23:33 . 2010-10-18 14:01 81920 ----a-w- c:\windows\system32\consent.exe

2013-05-30 23:32 . 2010-06-11 15:30 1257472 ----a-w- c:\windows\system32\msxml3.dll

2013-05-30 23:32 . 2008-09-18 04:56 125952 ----a-w- c:\windows\system32\wersvc.dll

2013-05-30 23:32 . 2008-09-18 04:56 147456 ----a-w- c:\windows\system32\Faultrep.dll

2013-05-30 23:32 . 2008-06-26 03:29 565248 ----a-w- c:\windows\system32\emdmgmt.dll

2013-05-30 23:32 . 2008-08-02 01:01 625152 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2013-05-30 23:32 . 2008-06-26 03:29 45056 ----a-w- c:\windows\system32\dataclen.dll

2013-05-30 23:32 . 2008-08-02 03:26 36864 ----a-w- c:\windows\system32\cdd.dll

2013-05-30 23:32 . 2008-05-20 02:07 148480 ----a-w- c:\windows\system32\drivers\nwifi.sys

2013-05-30 23:32 . 2010-10-28 12:56 2048 ----a-w- c:\windows\system32\tzres.dll

2013-05-30 23:31 . 2008-05-08 21:59 90112 ----a-w- c:\windows\system32\wshext.dll

2013-05-30 23:31 . 2008-05-08 21:59 180224 ----a-w- c:\windows\system32\scrobj.dll

2013-05-30 23:31 . 2008-05-08 21:59 172032 ----a-w- c:\windows\system32\scrrun.dll

2013-05-30 23:31 . 2008-05-08 21:59 155648 ----a-w- c:\windows\system32\wscript.exe

2013-05-30 23:31 . 2008-05-08 21:58 135168 ----a-w- c:\windows\system32\cscript.exe

2013-05-30 23:31 . 2008-05-08 21:58 135168 ----a-w- c:\windows\system32\wshom.ocx

2013-05-30 23:31 . 2010-12-17 16:43 2067456 ----a-w- c:\windows\system32\mstscax.dll

2013-05-30 23:31 . 2010-12-17 15:06 677888 ----a-w- c:\windows\system32\mstsc.exe

2013-05-30 23:31 . 2010-06-16 15:59 898952 ----a-w- c:\windows\system32\drivers\tcpip.sys

2013-05-30 23:30 . 2010-08-31 15:40 531968 ----a-w- c:\windows\system32\comctl32.dll

2013-05-30 23:18 . 2011-04-29 14:54 276992 ----a-w- c:\windows\system32\schannel.dll

2013-05-30 22:38 . 2010-10-18 12:00 303104 ----a-w- c:\windows\system32\CNMXLMAN.DLL

2013-05-30 22:38 . 2013-05-30 22:38 -------- d--h--w- c:\programdata\CanonIJFAX

2013-05-30 22:36 . 2013-05-30 22:36 -------- d-----w- c:\program files\Common Files\CANON

2013-05-30 22:35 . 2013-05-30 22:35 -------- d-----w- c:\programdata\CanonIJWSpt

2013-05-30 22:34 . 2013-05-30 22:34 -------- d--h--w- c:\programdata\CanonBJ

2013-05-30 22:34 . 2010-10-18 12:00 74752 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPPAN.DLL

2013-05-30 22:34 . 2010-10-18 12:00 28672 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPDAN.DLL

2013-05-30 22:34 . 2013-05-30 22:34 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information

2013-05-30 22:32 . 2010-09-13 21:44 106496 ----a-w- c:\windows\system32\CNC880U.dll

2013-05-30 22:32 . 2010-09-13 21:42 1347584 ----a-w- c:\windows\system32\CNC880C.dll

2013-05-30 22:32 . 2010-09-13 21:42 114688 ----a-w- c:\windows\system32\CNC880I.dll

2013-05-30 22:32 . 2010-09-07 00:03 315392 ----a-w- c:\windows\system32\CNC880L.dll

2013-05-30 22:32 . 2008-08-26 01:02 15872 ----a-w- c:\windows\system32\CNHMCA.dll

2013-05-30 22:29 . 2010-10-18 12:00 303104 ----a-w- c:\windows\system32\CNMLMAN.DLL

2013-05-30 22:29 . 2010-10-19 12:00 257024 ----a-w- c:\windows\system32\CNCALAN.DLL

2013-05-30 22:29 . 2010-06-03 15:11 94208 ----a-w- c:\windows\system32\CNC880O.dll

2013-05-30 22:29 . 2010-09-07 10:58 180224 ----a-w- c:\windows\system32\CNMIUAN.DLL

2013-05-30 22:28 . 2013-05-30 22:28 -------- d-----w- c:\windows\system32\STRING

2013-05-30 22:28 . 2010-09-08 16:26 34816 ----a-w- c:\windows\system32\CNMNPUI.DLL

2013-05-30 22:26 . 2013-05-30 22:36 -------- d-----w- c:\program files\Canon

2013-05-30 18:05 . 2013-05-30 18:05 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-05-30 18:05 . 2013-05-30 18:05 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-05-30 15:00 . 2013-05-30 15:00 -------- d-----w- C:\PerfLogs

2013-05-30 14:53 . 2008-01-08 20:10 98304 ----a-w- c:\windows\RTKAUDIOSERVICE.EXE

2013-05-30 14:32 . 2013-05-30 13:57 47560 ----a-w- c:\windows\system32\SPReview.exe

2013-05-30 14:32 . 2013-05-30 13:57 152576 ----a-w- c:\windows\system32\SPWizUI.dll

2013-05-30 14:07 . 2008-01-19 06:33 193024 ----a-w- c:\windows\system32\recdisc.exe

2013-05-30 14:07 . 2008-01-19 06:36 6656 ----a-w- c:\windows\system32\sdspres.dll

2013-05-30 14:07 . 2008-01-19 06:33 599552 ----a-w- c:\windows\system32\vsp1cln.exe

2013-05-30 14:07 . 2008-01-19 06:36 28160 ----a-w- c:\windows\system32\sxproxy.dll

2013-05-30 14:07 . 2008-01-19 06:36 142336 ----a-w- c:\windows\system32\spp.dll

2013-05-30 14:05 . 2008-01-19 06:36 975360 ----a-w- c:\windows\system32\RASMM.dll

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-05-30 14:43 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll

2013-05-30 14:43 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll

2013-05-30 09:51 . 2006-12-09 20:17 319456 ----a-w- c:\windows\DIFxAPI.dll

2013-05-30 03:28 . 2013-05-30 03:28 40960 ----a-w- c:\windows\apppatch\apihex86.dll

2013-05-29 12:15 . 2013-05-29 12:15 2560 ----a-w- c:\windows\apppatch\AcRes.dll

2013-03-29 09:53 . 2013-03-29 09:53 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys

2013-03-21 10:08 . 2013-03-21 10:08 182072 ----a-w- c:\windows\system32\drivers\avgtdix.sys

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2006-09-28 65536]

"KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440]

"RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 4874240]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-17 49152]

"AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2013-04-29 4408368]

"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-07-26 2569616]

"CanonSolutionMenuEx"="c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-09-15 1213848]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"Launcher"="c:\windows\SMINST\launcher.exe" [2006-11-25 44136]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2013-6-3 113664]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - 80223447

*Deregistered* - 80223447

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-06-07 08:14 1165776 ----a-w- c:\program files\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe

.

Contents of the 'Scheduled Tasks' folder

.

2013-06-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2013-05-30 06:09]

.

2013-06-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2013-05-30 06:09]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://google.com/

mStart Page = hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10045&barid={27AD4671-CCAA-11E2-9815-001A92405806}

TCP: DhcpNameServer = 209.18.47.61 209.18.47.62

.

- - - - ORPHANS REMOVED - - - -

.

HKCU-Run-HPAdvisor - c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2013-06-07 01:42

Windows 6.0.6001 Service Pack 1 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

Completion time: 2013-06-07 01:45:31

ComboFix-quarantined-files.txt 2013-06-07 08:45

.

Pre-Run: 217,718,603,776 bytes free

Post-Run: 219,075,817,472 bytes free

.

- - End Of File - - B5E692D8129C8884B294A74452DEF1EE

8913823FF508CCF109DB74B636C301DA

Results of screen317's Security Check version 0.99.64

Windows Vista Service Pack 1 x86 (UAC is enabled)

Out of date service pack!!

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

AVG AntiVirus Free Edition 2013

Antivirus up to date!

`````````Anti-malware/Other Utilities Check:`````````

Malwarebytes Anti-Malware version 1.75.0.1300

Adobe Reader 7 Adobe Reader out of Date!

Google Chrome 27.0.1453.110

Google Chrome 27.0.1453.94

````````Process Check: objlist.exe by Laurent````````

AVG avgwdsvc.exe

AVG avgrsx.exe

AVG avgnsx.exe

AVG avgemc.exe

Malwarebytes' Anti-Malware mbamscheduler.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: 1 %

````````````````````End of Log``````````````````````

Link to post
Share on other sites

Please do the following:

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

KILLALL::

Driver::

80223447

File::

C:\Windows\System32\Drivers\80223447.sys

Reboot::

Save this as CFScript.txt, in the same location as ComboFix.exe

CFScriptB-4.gif

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I shall require in your next reply.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

Please include the newly-created C:\ComboFix.txt in your next reply, and let me know how things are running now

Link to post
Share on other sites

Hi D-FRED, ran the script, and had AVG temporarily disabled.

Upon rebooting, my anti virus "did" activate, and did react to Combofix, momentarilly prompting me with the option to provide an exception for it.

I allowed it, then disabled it again. Combofix then proceeded unhindered to complete the log.

The toolbar is still listed among my programs, and Chrome still currently redirects to the Sweetpacks site.

ComboFix 13-06-07.03 - mafineart 06/08/2013 4:23.2.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.894.343 [GMT -7:00]

Running from: c:\users\mafineart\Desktop\ComboFix.exe

Command switches used :: c:\users\mafineart\Desktop\CFScript.txt

AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

.

FILE ::

"c:\windows\System32\Drivers\80223447.sys"

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Legacy_80223447

.

.

((((((((((((((((((((((((( Files Created from 2013-05-08 to 2013-06-08 )))))))))))))))))))))))))))))))

.

.

2013-06-08 11:34 . 2013-06-08 11:34 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-06-07 08:02 . 2013-06-07 08:19 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)

2013-06-04 21:13 . 2013-06-04 21:13 -------- d-----w- c:\programdata\Malwarebytes

2013-06-04 21:13 . 2013-06-04 21:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2013-06-04 21:13 . 2013-04-04 21:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-06-04 00:06 . 1998-10-29 23:45 306688 ----a-w- c:\windows\IsUninst.exe

2013-06-04 00:03 . 2013-06-04 00:03 -------- d-----w- c:\program files\SweetIM

2013-06-04 00:03 . 2013-06-04 00:03 -------- d-----w- c:\program files\ExtractNow

2013-06-03 20:47 . 2013-06-03 21:15 -------- d-----w- C:\AdobeTemp

2013-06-03 20:15 . 2013-06-03 20:15 -------- d-----w- c:\programdata\FLEXnet

2013-06-03 19:44 . 2013-06-03 19:44 -------- d-----w- c:\program files\Microsoft.NET

2013-06-01 00:22 . 2013-06-01 00:22 -------- d-----w- c:\program files\Adobe Media Player

2013-06-01 00:19 . 2013-06-01 00:19 -------- d-----w- c:\program files\Common Files\Adobe AIR

2013-05-31 23:27 . 2010-09-20 09:25 231936 ----a-w- c:\windows\system32\msshsq.dll

2013-05-31 10:30 . 2010-04-14 17:46 80896 ----a-w- c:\windows\system32\MSNP.ax

2013-05-31 10:30 . 2010-04-14 17:47 293376 ----a-w- c:\windows\system32\psisdecd.dll

2013-05-31 10:30 . 2010-04-14 17:47 217088 ----a-w- c:\windows\system32\psisrndr.ax

2013-05-31 10:21 . 2009-11-08 17:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll

2013-05-31 10:21 . 2009-11-08 17:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe

2013-05-31 10:21 . 2009-11-08 17:55 49472 ----a-w- c:\windows\system32\netfxperf.dll

2013-05-31 10:21 . 2009-11-08 17:55 297808 ----a-w- c:\windows\system32\mscoree.dll

2013-05-31 10:21 . 2009-11-08 17:55 1130824 ----a-w- c:\windows\system32\dfshim.dll

2013-05-31 10:08 . 2009-10-09 21:56 2048 ----a-w- c:\windows\system32\winrsmgr.dll

2013-05-31 10:03 . 2009-10-09 21:56 1181696 ----a-w- c:\windows\system32\WsmSvc.dll

2013-05-30 23:44 . 2011-04-20 14:47 375808 ----a-w- c:\windows\system32\winsrv.dll

2013-05-30 23:44 . 2011-04-20 14:44 49152 ----a-w- c:\windows\system32\csrsrv.dll

2013-05-30 23:43 . 2010-09-10 16:35 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe

2013-05-30 23:43 . 2010-09-10 16:37 8147456 ----a-w- c:\windows\system32\wmploc.DLL

2013-05-30 23:42 . 2010-09-06 16:24 125952 ----a-w- c:\windows\system32\srvsvc.dll

2013-05-30 23:42 . 2010-09-06 16:23 17920 ----a-w- c:\windows\system32\netevent.dll

2013-05-30 23:42 . 2010-04-16 16:10 501760 ----a-w- c:\windows\system32\usp10.dll

2013-05-30 23:40 . 2010-12-28 14:56 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll

2013-05-30 23:39 . 2011-02-18 13:31 304640 ----a-w- c:\windows\system32\drivers\srv.sys

2013-05-30 23:39 . 2011-07-06 14:56 213504 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys

2013-05-30 23:39 . 2011-04-29 12:49 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys

2013-05-30 23:39 . 2011-04-29 12:49 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2013-05-30 23:39 . 2011-03-02 14:49 86528 ----a-w- c:\windows\system32\dnsrslvr.dll

2013-05-30 23:39 . 2009-05-04 10:11 25088 ----a-w- c:\windows\system32\dnscacheugc.exe

2013-05-30 23:39 . 2010-04-05 16:07 67072 ----a-w- c:\windows\system32\asycfilt.dll

2013-05-30 23:39 . 2010-06-28 16:15 1315840 ----a-w- c:\windows\system32\ole32.dll

2013-05-30 23:39 . 2010-06-28 14:31 339968 ----a-w- c:\program files\Windows NT\Accessories\wordpad.exe

2013-05-30 23:39 . 2010-08-17 13:32 126464 ----a-w- c:\windows\system32\spoolsv.exe

2013-05-30 23:38 . 2010-08-26 16:07 157184 ----a-w- c:\windows\system32\t2embed.dll

2013-05-30 23:38 . 2011-06-02 12:59 2042368 ----a-w- c:\windows\system32\win32k.sys

2013-05-30 23:38 . 2011-04-21 13:16 273408 ----a-w- c:\windows\system32\drivers\afd.sys

2013-05-30 23:37 . 2008-04-18 05:48 269312 ----a-w- c:\windows\system32\es.dll

2013-05-30 23:37 . 2010-12-14 15:49 1169408 ----a-w- c:\windows\system32\sdclt.exe

2013-05-30 23:37 . 2010-06-17 17:15 10926592 ----a-w- c:\program files\Movie Maker\MOVIEMK.dll

2013-05-30 23:37 . 2010-06-17 15:49 150016 ----a-w- c:\program files\Movie Maker\MOVIEMK.exe

2013-05-30 23:37 . 2011-04-29 12:49 146432 ----a-w- c:\windows\system32\drivers\srv2.sys

2013-05-30 23:37 . 2011-04-29 12:49 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys

2013-05-30 23:37 . 2011-05-02 16:00 766464 ----a-w- c:\program files\Common Files\Microsoft Shared\vgx\VGX.dll

2013-05-30 23:36 . 2010-04-05 16:08 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL

2013-05-30 23:36 . 2011-02-16 15:35 430080 ----a-w- c:\windows\system32\vbscript.dll

2013-05-30 23:36 . 2010-12-20 15:39 563200 ----a-w- c:\windows\system32\oleaut32.dll

2013-05-30 23:36 . 2010-08-31 15:41 954752 ----a-w- c:\windows\system32\mfc40.dll

2013-05-30 23:36 . 2010-08-31 15:41 954288 ----a-w- c:\windows\system32\mfc40u.dll

2013-05-30 23:36 . 2010-06-18 16:43 36352 ----a-w- c:\windows\system32\rtutils.dll

2013-05-30 23:35 . 2011-03-03 14:56 28672 ----a-w- c:\windows\system32\Apphlpdm.dll

2013-05-30 23:35 . 2011-03-03 13:01 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll

2013-05-30 23:35 . 2010-08-20 15:21 866816 ----a-w- c:\windows\system32\wmpmde.dll

2013-05-30 23:35 . 2010-12-29 17:41 429056 ----a-w- c:\windows\system32\EncDec.dll

2013-05-30 23:35 . 2010-12-29 17:41 323072 ----a-w- c:\windows\system32\sbe.dll

2013-05-30 23:35 . 2010-12-29 17:41 153088 ----a-w- c:\windows\system32\sbeio.dll

2013-05-30 23:35 . 2010-12-29 17:39 177664 ----a-w- c:\windows\system32\mpg2splt.ax

2013-05-30 23:33 . 2010-04-16 16:10 1314816 ----a-w- c:\windows\system32\quartz.dll

2013-05-30 23:33 . 2010-11-06 11:09 603648 ----a-w- c:\windows\system32\schedsvc.dll

2013-05-30 23:33 . 2010-11-06 11:10 357376 ----a-w- c:\windows\system32\taskschd.dll

2013-05-30 23:33 . 2010-11-06 11:10 345088 ----a-w- c:\windows\system32\wmicmiplugin.dll

2013-05-30 23:33 . 2010-11-06 11:10 270336 ----a-w- c:\windows\system32\taskcomp.dll

2013-05-30 23:33 . 2010-11-05 00:53 171520 ----a-w- c:\windows\system32\taskeng.exe

2013-05-30 23:33 . 2011-05-02 15:58 738816 ----a-w- c:\windows\system32\inetcomm.dll

2013-05-30 23:33 . 2010-10-18 14:01 81920 ----a-w- c:\windows\system32\consent.exe

2013-05-30 23:32 . 2010-06-11 15:30 1257472 ----a-w- c:\windows\system32\msxml3.dll

2013-05-30 23:32 . 2008-09-18 04:56 125952 ----a-w- c:\windows\system32\wersvc.dll

2013-05-30 23:32 . 2008-09-18 04:56 147456 ----a-w- c:\windows\system32\Faultrep.dll

2013-05-30 23:32 . 2008-06-26 03:29 565248 ----a-w- c:\windows\system32\emdmgmt.dll

2013-05-30 23:32 . 2008-08-02 01:01 625152 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2013-05-30 23:32 . 2008-06-26 03:29 45056 ----a-w- c:\windows\system32\dataclen.dll

2013-05-30 23:32 . 2008-08-02 03:26 36864 ----a-w- c:\windows\system32\cdd.dll

2013-05-30 23:32 . 2008-05-20 02:07 148480 ----a-w- c:\windows\system32\drivers\nwifi.sys

2013-05-30 23:32 . 2010-10-28 12:56 2048 ----a-w- c:\windows\system32\tzres.dll

2013-05-30 23:31 . 2008-05-08 21:59 90112 ----a-w- c:\windows\system32\wshext.dll

2013-05-30 23:31 . 2008-05-08 21:59 180224 ----a-w- c:\windows\system32\scrobj.dll

2013-05-30 23:31 . 2008-05-08 21:59 172032 ----a-w- c:\windows\system32\scrrun.dll

2013-05-30 23:31 . 2008-05-08 21:59 155648 ----a-w- c:\windows\system32\wscript.exe

2013-05-30 23:31 . 2008-05-08 21:58 135168 ----a-w- c:\windows\system32\cscript.exe

2013-05-30 23:31 . 2008-05-08 21:58 135168 ----a-w- c:\windows\system32\wshom.ocx

2013-05-30 23:31 . 2010-12-17 16:43 2067456 ----a-w- c:\windows\system32\mstscax.dll

2013-05-30 23:31 . 2010-12-17 15:06 677888 ----a-w- c:\windows\system32\mstsc.exe

2013-05-30 23:31 . 2010-06-16 15:59 898952 ----a-w- c:\windows\system32\drivers\tcpip.sys

2013-05-30 23:30 . 2010-08-31 15:40 531968 ----a-w- c:\windows\system32\comctl32.dll

2013-05-30 23:18 . 2011-04-29 14:54 276992 ----a-w- c:\windows\system32\schannel.dll

2013-05-30 22:38 . 2010-10-18 12:00 303104 ----a-w- c:\windows\system32\CNMXLMAN.DLL

2013-05-30 22:38 . 2013-05-30 22:38 -------- d--h--w- c:\programdata\CanonIJFAX

2013-05-30 22:36 . 2013-05-30 22:36 -------- d-----w- c:\program files\Common Files\CANON

2013-05-30 22:35 . 2013-05-30 22:35 -------- d-----w- c:\programdata\CanonIJWSpt

2013-05-30 22:34 . 2013-05-30 22:34 -------- d--h--w- c:\programdata\CanonBJ

2013-05-30 22:34 . 2010-10-18 12:00 74752 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPPAN.DLL

2013-05-30 22:34 . 2010-10-18 12:00 28672 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPDAN.DLL

2013-05-30 22:34 . 2013-05-30 22:34 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information

2013-05-30 22:32 . 2010-09-13 21:44 106496 ----a-w- c:\windows\system32\CNC880U.dll

2013-05-30 22:32 . 2010-09-13 21:42 1347584 ----a-w- c:\windows\system32\CNC880C.dll

2013-05-30 22:32 . 2010-09-13 21:42 114688 ----a-w- c:\windows\system32\CNC880I.dll

2013-05-30 22:32 . 2010-09-07 00:03 315392 ----a-w- c:\windows\system32\CNC880L.dll

2013-05-30 22:32 . 2008-08-26 01:02 15872 ----a-w- c:\windows\system32\CNHMCA.dll

2013-05-30 22:29 . 2010-10-18 12:00 303104 ----a-w- c:\windows\system32\CNMLMAN.DLL

2013-05-30 22:29 . 2010-10-19 12:00 257024 ----a-w- c:\windows\system32\CNCALAN.DLL

2013-05-30 22:29 . 2010-06-03 15:11 94208 ----a-w- c:\windows\system32\CNC880O.dll

2013-05-30 22:29 . 2010-09-07 10:58 180224 ----a-w- c:\windows\system32\CNMIUAN.DLL

2013-05-30 22:28 . 2013-05-30 22:28 -------- d-----w- c:\windows\system32\STRING

2013-05-30 22:28 . 2010-09-08 16:26 34816 ----a-w- c:\windows\system32\CNMNPUI.DLL

2013-05-30 22:26 . 2013-05-30 22:36 -------- d-----w- c:\program files\Canon

2013-05-30 18:05 . 2013-05-30 18:05 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-05-30 18:05 . 2013-05-30 18:05 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-05-30 15:00 . 2013-05-30 15:00 -------- d-----w- C:\PerfLogs

2013-05-30 14:53 . 2008-01-08 20:10 98304 ----a-w- c:\windows\RTKAUDIOSERVICE.EXE

2013-05-30 14:32 . 2013-05-30 13:57 47560 ----a-w- c:\windows\system32\SPReview.exe

2013-05-30 14:32 . 2013-05-30 13:57 152576 ----a-w- c:\windows\system32\SPWizUI.dll

2013-05-30 14:07 . 2008-01-19 06:33 193024 ----a-w- c:\windows\system32\recdisc.exe

2013-05-30 14:07 . 2008-01-19 06:36 6656 ----a-w- c:\windows\system32\sdspres.dll

2013-05-30 14:07 . 2008-01-19 06:33 599552 ----a-w- c:\windows\system32\vsp1cln.exe

2013-05-30 14:07 . 2008-01-19 06:36 28160 ----a-w- c:\windows\system32\sxproxy.dll

2013-05-30 14:07 . 2008-01-19 06:36 142336 ----a-w- c:\windows\system32\spp.dll

2013-05-30 14:05 . 2008-01-19 06:36 975360 ----a-w- c:\windows\system32\RASMM.dll

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-05-30 14:43 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll

2013-05-30 14:43 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll

2013-05-30 09:51 . 2006-12-09 20:17 319456 ----a-w- c:\windows\DIFxAPI.dll

2013-05-30 03:28 . 2013-05-30 03:28 40960 ----a-w- c:\windows\apppatch\apihex86.dll

2013-05-29 12:15 . 2013-05-29 12:15 2560 ----a-w- c:\windows\apppatch\AcRes.dll

2013-03-29 09:53 . 2013-03-29 09:53 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys

2013-03-21 10:08 . 2013-03-21 10:08 182072 ----a-w- c:\windows\system32\drivers\avgtdix.sys

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2006-09-28 65536]

"KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440]

"RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 4874240]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-17 49152]

"AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2013-04-29 4408368]

"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-07-26 2569616]

"CanonSolutionMenuEx"="c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-09-15 1213848]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"Launcher"="c:\windows\SMINST\launcher.exe" [2006-11-25 44136]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2013-6-3 113664]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-06-07 08:14 1165776 ----a-w- c:\program files\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe

.

Contents of the 'Scheduled Tasks' folder

.

2013-06-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2013-05-30 06:09]

.

2013-06-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2013-05-30 06:09]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://google.com/

mStart Page = hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10045&barid={27AD4671-CCAA-11E2-9815-001A92405806}

TCP: DhcpNameServer = 209.18.47.61 209.18.47.62

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2013-06-08 04:38

Windows 6.0.6001 Service Pack 1 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

------------------------ Other Running Processes ------------------------

.

c:\windows\system32\nvvsvc.exe

c:\program files\NVIDIA Corporation\Display\nvxdsync.exe

c:\windows\system32\nvvsvc.exe

c:\program files\AVG\AVG2013\avgwdsvc.exe

c:\program files\Common Files\LightScribe\LSSrvc.exe

c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe

c:\windows\system32\DRIVERS\xaudio.exe

c:\windows\system32\WUDFHost.exe

c:\windows\RtHDVCpl.exe

c:\program files\NVIDIA Corporation\Display\nvtray.exe

c:\program files\AVG\AVG2013\avgcfgex.exe

c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

.

**************************************************************************

.

Completion time: 2013-06-08 04:43:53 - machine was rebooted

ComboFix-quarantined-files.txt 2013-06-08 11:43

ComboFix2.txt 2013-06-07 08:45

.

Pre-Run: 219,458,277,376 bytes free

Post-Run: 219,152,850,944 bytes free

.

- - End Of File - - 5E3949B8400E7937049262A2B7D795E3

8913823FF508CCF109DB74B636C301DA

Link to post
Share on other sites

Looks a whole lot better. I'd like to run a few more scans to verify we haven't missed anything.

----------Step 1----------------

We need to create a New FULL OTL Report

  • Please download OTL from here if you have not done so already:

    [*]Save it to your desktop.

    [*]Double click on the OTL icon on your desktop.

    [*]Click the "Scan All Users" checkbox.

    [*]Change the "Extra Registry" option to "SafeList"

    [*]Push the Run Scan button.

    [*]Two reports will open, copy and paste them in a reply here:

    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized

----------Step 2----------------

I'd like us to scan your machine with ESET OnlineScan

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the esetOnline.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetSmartInstallDesktopIcon.png icon on your desktop.

    [*]Check esetAcceptTerms.png

    [*]Click the esetStart.png button.

    [*]Accept any security warnings from your browser.

    [*]Check esetScanArchives.png

    [*]Push the Start button.

    [*]ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.

    [*]When the scan completes, push esetListThreats.png

    [*]Push esetExport.png, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.

    [*]Push the esetBack.png button.

    [*]Push esetFinish.png

A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt

----------Step 3----------------

Please post the OTL.txt and Extras.txt, and the ESET online scan log in your next reply.

Let me know how things go.

Link to post
Share on other sites

Looks a whole lot better. I'd like to run a few more scans to verify we haven't missed anything.

The toolbar is still listed among my programs, and Chrome still currently redirects to the Sweetpacks site.

Hi D-FRED, not sure if you saw this, as it probably should have been typed first, rather than midway through.

I'll run the OTL scan as soon as I get home. Thanks!

Link to post
Share on other sites

Hi D-FRED

The ESET scan found no threats, nor offered any option to save a log file.

OTL logfile created on: 6/8/2013 9:47:14 PM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\mafineart\Desktop

Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation

Internet Explorer (Version = 7.0.6001.18000)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

893.82 Mb Total Physical Memory | 298.88 Mb Available Physical Memory | 33.44% Memory free

2.00 Gb Paging File | 1.29 Gb Available in Paging File | 64.48% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 291.83 Gb Total Space | 207.04 Gb Free Space | 70.94% Space Free | Partition Type: NTFS

Drive D: | 6.26 Gb Total Space | 0.88 Gb Free Space | 14.01% Space Free | Partition Type: NTFS

Drive E: | 76.72 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: MAFINEART-PC | User Name: mafineart | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/06/08 21:44:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\mafineart\Desktop\OTL.exe

PRC - [2013/05/29 20:41:10 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2013/05/14 00:54:12 | 004,937,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe

PRC - [2013/04/29 00:58:42 | 004,408,368 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe

PRC - [2013/04/18 04:34:38 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe

PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

PRC - [2013/02/19 21:32:08 | 001,259,296 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

PRC - [2013/02/19 04:01:14 | 000,328,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcfgex.exe

PRC - [2013/01/31 02:01:06 | 000,865,056 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

PRC - [2013/01/31 02:01:05 | 001,821,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

PRC - [2010/07/25 19:08:00 | 002,569,616 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

PRC - [2008/01/15 11:26:18 | 004,874,240 | ---- | M] (Realtek Semiconductor) -- C:\WINDOWS\RtHDVCpl.exe

PRC - [2006/09/28 06:42:24 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe

========== Modules (No Company Name) ==========

========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon -- (CLTNetCnService)

SRV - [2013/05/14 00:54:12 | 004,937,264 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)

SRV - [2013/04/18 04:34:38 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)

SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)

SRV - [2013/02/19 21:32:08 | 001,259,296 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)

SRV - [2008/01/18 23:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)

DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)

DRV - File not found [Kernel | Auto | Stopped] -- -- (adfs)

DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\drivers\mbam.sys -- (MBAMProtector)

DRV - [2013/03/29 02:53:48 | 000,208,184 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)

DRV - [2013/03/21 03:08:24 | 000,182,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avgtdix.sys -- (Avgtdix)

DRV - [2013/03/01 10:32:20 | 000,022,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)

DRV - [2013/02/19 21:32:54 | 010,919,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2013/02/08 04:37:58 | 000,096,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\avgmfx86.sys -- (Avgmfx86)

DRV - [2013/02/08 04:37:56 | 000,245,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\avglogx.sys -- (Avglogx)

DRV - [2013/02/08 04:37:52 | 000,060,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\avgidshx.sys -- (AVGIDSHX)

DRV - [2013/02/08 04:37:44 | 000,170,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avgldx86.sys -- (Avgldx86)

DRV - [2013/02/08 04:37:40 | 000,039,224 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\avgrkx86.sys -- (Avgrkx86)

DRV - [2008/08/01 19:51:14 | 001,052,704 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvmfdx32.sys -- (NVENETFD)

DRV - [2008/05/08 05:05:18 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)

DRV - [2008/05/08 05:03:18 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSX_DP.sys -- (HSF_DP)

DRV - [2007/10/26 18:51:24 | 000,110,624 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\nvstor32.sys -- (nvstor32)

DRV - [2007/10/18 07:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)

DRV - [2005/12/12 09:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\PS2.sys -- (Ps2)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10045&barid={27AD4671-CCAA-11E2-9815-001A92405806}

IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}

IE - HKLM\..\SearchScopes\{5361745A-F6B9-4BC9-86D0-6B907ADF0567}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd

IE - HKLM\..\SearchScopes\{658C93D6-EB13-4DA5-8A2A-FA0164685CB4}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt

IE - HKLM\..\SearchScopes\{AD2D14A1-62D7-48D7-9A38-6AB5929C7185}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&entrypoint={referrer:source?}&FORM=HVDUS7

IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpacks.com/?src=6&q={searchTerms}&st=12&crg=3.5000006.10045&barid={27AD4671-CCAA-11E2-9815-001A92405806}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-4196601509-315295840-2269700814-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/

IE - HKU\S-1-5-21-4196601509-315295840-2269700814-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKU\S-1-5-21-4196601509-315295840-2269700814-1000\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}

IE - HKU\S-1-5-21-4196601509-315295840-2269700814-1000\..\SearchScopes\{5361745A-F6B9-4BC9-86D0-6B907ADF0567}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd

IE - HKU\S-1-5-21-4196601509-315295840-2269700814-1000\..\SearchScopes\{658C93D6-EB13-4DA5-8A2A-FA0164685CB4}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt

IE - HKU\S-1-5-21-4196601509-315295840-2269700814-1000\..\SearchScopes\{AD2D14A1-62D7-48D7-9A38-6AB5929C7185}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&entrypoint={referrer:source?}&FORM=HVDUS7

IE - HKU\S-1-5-21-4196601509-315295840-2269700814-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpacks.com/?src=6&q={searchTerms}&st=12&crg=3.5000006.10045&barid={27AD4671-CCAA-11E2-9815-001A92405806}

IE - HKU\S-1-5-21-4196601509-315295840-2269700814-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-4196601509-315295840-2269700814-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=71&bd=Pavilion&pf=desktop

IE - HKU\S-1-5-21-4196601509-315295840-2269700814-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=71&bd=Pavilion&pf=desktop

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\Program Files\Updater By SweetPacks\Firefox

========== Chrome ==========

CHR - default_search_provider: Bing (Enabled)

CHR - default_search_provider: search_url = http://start.sweetpacks.com/?src=6&q={searchTerms}&st=12&crg=3.5000006.10045&barid={27AD4671-CCAA-11E2-9815-001A92405806}

CHR - default_search_provider: suggest_url =

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll

CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.110\pdf.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - Extension: HP Product Detection Plugin = C:\Users\mafineart\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp\1.0.26.1_0\

CHR - Extension: Google Docs = C:\Users\mafineart\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\

CHR - Extension: Google Drive = C:\Users\mafineart\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\

CHR - Extension: YouTube = C:\Users\mafineart\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\

CHR - Extension: Google Search = C:\Users\mafineart\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\

CHR - Extension: Gmail = C:\Users\mafineart\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/06/08 04:37:19 | 000,000,027 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)

O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)

O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)

O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)

O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)

O4 - HKU\S-1-5-21-4196601509-315295840-2269700814-1001..\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe File not found

O4 - HKU\S-1-5-21-4196601509-315295840-2269700814-1001..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)

O4 - HKLM..\RunOnce: [Launcher] C:\WINDOWS\SMINST\Launcher.exe (soft thinks)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-4196601509-315295840-2269700814-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-4196601509-315295840-2269700814-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\S-1-5-21-4196601509-315295840-2269700814-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O15 - HKU\S-1-5-21-4196601509-315295840-2269700814-1001\..Trusted Ranges: Range1 ([http] in )

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{65CB202F-C53A-47EC-A58C-BF660DF2134C}: DhcpNameServer = 209.18.47.61 209.18.47.62

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\El Capitan.jpg

O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\El Capitan.jpg

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/12/09 13:23:40 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/06/08 21:44:08 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\mafineart\Desktop\OTL.exe

[2013/06/08 04:43:55 | 000,000,000 | ---D | C] -- C:\Windows\temp

[2013/06/08 04:43:55 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Local\temp

[2013/06/08 04:37:27 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

[2013/06/07 01:29:05 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe

[2013/06/07 01:29:05 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe

[2013/06/07 01:29:05 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe

[2013/06/07 01:28:53 | 000,000,000 | ---D | C] -- C:\Qoobox

[2013/06/07 01:28:24 | 000,000,000 | ---D | C] -- C:\Windows\erdnt

[2013/06/07 01:02:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)

[2013/06/07 00:48:05 | 005,078,746 | R--- | C] (Swearware) -- C:\Users\mafineart\Desktop\ComboFix.exe

[2013/06/07 00:40:09 | 000,000,000 | ---D | C] -- C:\Users\mafineart\Desktop\fix

[2013/06/07 00:39:28 | 002,240,352 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\mafineart\Desktop\tdsskiller.exe

[2013/06/05 13:23:01 | 000,000,000 | ---D | C] -- C:\Users\mafineart\Desktop\New Folder

[2013/06/04 14:13:33 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Roaming\Malwarebytes

[2013/06/04 14:13:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2013/06/04 14:13:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2013/06/04 14:13:18 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2013/06/04 14:13:18 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2013/06/03 17:06:46 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUninst.exe

[2013/06/03 17:03:53 | 000,000,000 | ---D | C] -- C:\Program Files\SweetIM

[2013/06/03 17:03:34 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ExtractNow

[2013/06/03 17:03:31 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Local\ExtractNow

[2013/06/03 17:03:31 | 000,000,000 | ---D | C] -- C:\Program Files\ExtractNow

[2013/06/03 13:47:44 | 000,000,000 | ---D | C] -- C:\AdobeTemp

[2013/06/03 13:15:35 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet

[2013/06/03 12:44:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET

[2013/05/31 17:22:21 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player

[2013/05/31 17:22:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe

[2013/05/31 17:19:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR

[2013/05/31 16:27:08 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll

[2013/05/31 13:59:10 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Roaming\uTorrent

[2013/05/31 03:40:14 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll

[2013/05/31 03:40:13 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll

[2013/05/31 03:40:12 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll

[2013/05/31 03:40:12 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll

[2013/05/31 03:40:12 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll

[2013/05/31 03:40:12 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll

[2013/05/31 03:40:12 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll

[2013/05/31 03:40:12 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll

[2013/05/31 03:40:12 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll

[2013/05/31 03:40:11 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll

[2013/05/31 03:40:11 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll

[2013/05/31 03:40:11 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll

[2013/05/31 03:40:11 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll

[2013/05/31 03:40:11 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll

[2013/05/31 03:40:11 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll

[2013/05/31 03:40:11 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll

[2013/05/31 03:40:10 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll

[2013/05/31 03:40:10 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll

[2013/05/31 03:40:10 | 001,582,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll

[2013/05/31 03:40:10 | 001,418,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll

[2013/05/31 03:40:10 | 000,670,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll

[2013/05/31 03:40:10 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll

[2013/05/31 03:40:10 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll

[2013/05/31 03:30:30 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax

[2013/05/31 03:30:23 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll

[2013/05/31 03:30:22 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax

[2013/05/31 03:21:10 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe

[2013/05/31 03:21:10 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll

[2013/05/31 03:21:09 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll

[2013/05/31 03:14:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell

[2013/05/31 03:08:09 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll

[2013/05/31 03:04:36 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe

[2013/05/31 03:04:35 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe

[2013/05/31 03:04:35 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe

[2013/05/31 03:04:29 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll

[2013/05/31 03:04:29 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll

[2013/05/31 03:04:22 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll

[2013/05/31 03:04:21 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll

[2013/05/31 03:04:21 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe

[2013/05/31 03:04:21 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll

[2013/05/31 03:04:20 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll

[2013/05/31 03:04:00 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll

[2013/05/31 03:04:00 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe

[2013/05/31 03:04:00 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll

[2013/05/31 03:04:00 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll

[2013/05/31 03:04:00 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll

[2013/05/30 16:44:24 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll

[2013/05/30 16:44:24 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll

[2013/05/30 16:43:52 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL

[2013/05/30 16:42:26 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll

[2013/05/30 16:41:48 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll

[2013/05/30 16:41:48 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll

[2013/05/30 16:41:48 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll

[2013/05/30 16:41:24 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll

[2013/05/30 16:41:20 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll

[2013/05/30 16:41:19 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll

[2013/05/30 16:41:16 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec

[2013/05/30 16:41:15 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll

[2013/05/30 16:41:14 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll

[2013/05/30 16:41:14 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll

[2013/05/30 16:41:12 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe

[2013/05/30 16:41:10 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll

[2013/05/30 16:41:10 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2013/05/30 16:41:09 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2013/05/30 16:40:41 | 003,600,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe

[2013/05/30 16:40:41 | 003,548,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe

[2013/05/30 16:40:34 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll

[2013/05/30 16:40:33 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll

[2013/05/30 16:40:19 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll

[2013/05/30 16:40:08 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pacerprf.dll

[2013/05/30 16:39:32 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe

[2013/05/30 16:39:21 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll

[2013/05/30 16:38:57 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll

[2013/05/30 16:38:49 | 002,042,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

[2013/05/30 16:37:36 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe

[2013/05/30 16:36:55 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL

[2013/05/30 16:36:21 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll

[2013/05/30 16:36:20 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll

[2013/05/30 16:35:30 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll

[2013/05/30 16:35:22 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll

[2013/05/30 16:35:13 | 000,866,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll

[2013/05/30 16:35:10 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll

[2013/05/30 16:35:09 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll

[2013/05/30 16:35:09 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax

[2013/05/30 16:35:09 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll

[2013/05/30 16:33:48 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll

[2013/05/30 16:33:22 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll

[2013/05/30 16:33:21 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll

[2013/05/30 16:33:20 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll

[2013/05/30 16:33:08 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe

[2013/05/30 16:32:47 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll

[2013/05/30 16:32:43 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll

[2013/05/30 16:32:42 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll

[2013/05/30 16:32:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll

[2013/05/30 16:31:35 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll

[2013/05/30 16:31:35 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe

[2013/05/30 15:38:22 | 000,303,104 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNMXLMAN.DLL

[2013/05/30 15:38:03 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJFAX

[2013/05/30 15:36:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX880 series User Registration

[2013/05/30 15:36:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON

[2013/05/30 15:35:50 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJWSpt

[2013/05/30 15:35:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities

[2013/05/30 15:34:39 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ

[2013/05/30 15:34:13 | 000,000,000 | -H-D | C] -- C:\Windows\System32\CanonIJ Uninstaller Information

[2013/05/30 15:34:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX880 series

[2013/05/30 15:32:35 | 001,347,584 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNC880C.dll

[2013/05/30 15:32:35 | 000,315,392 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNC880L.dll

[2013/05/30 15:32:35 | 000,114,688 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNC880I.dll

[2013/05/30 15:32:35 | 000,106,496 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNC880U.dll

[2013/05/30 15:32:34 | 000,015,872 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNHMCA.dll

[2013/05/30 15:29:51 | 000,303,104 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNMLMAN.DLL

[2013/05/30 15:29:08 | 000,257,024 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNCALAN.DLL

[2013/05/30 15:29:04 | 000,094,208 | ---- | C] (Canon Inc.) -- C:\Windows\System32\CNC880O.dll

[2013/05/30 15:29:02 | 000,180,224 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNMIUAN.DLL

[2013/05/30 15:28:54 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ

[2013/05/30 15:28:40 | 000,034,816 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNMNPUI.DLL

[2013/05/30 15:28:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\STRING

[2013/05/30 15:26:07 | 000,000,000 | ---D | C] -- C:\Program Files\Canon

[2013/05/30 11:16:32 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Roaming\Template

[2013/05/30 11:16:00 | 000,000,000 | ---D | C] -- C:\Users\mafineart\Desktop\Studio Phonebook

[2013/05/30 11:05:56 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Roaming\Macromedia

[2013/05/30 11:05:17 | 000,692,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe

[2013/05/30 11:05:17 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

[2013/05/30 08:00:11 | 000,000,000 | ---D | C] -- C:\PerfLogs

[2013/05/30 07:53:09 | 000,098,304 | ---- | C] (Realtek Semiconductor) -- C:\Windows\RTKAUDIOSERVICE.EXE

[2013/05/30 07:32:08 | 000,047,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SPReview.exe

[2013/05/30 07:32:07 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SPWizUI.dll

[2013/05/30 07:07:32 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recdisc.exe

[2013/05/30 07:07:30 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdspres.dll

[2013/05/30 07:07:11 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vsp1cln.exe

[2013/05/30 07:07:08 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxproxy.dll

[2013/05/30 07:06:52 | 000,647,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrepl40.dll

[2013/05/30 07:06:52 | 000,464,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msra.exe

[2013/05/30 07:06:52 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll

[2013/05/30 07:06:52 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd3x40.dll

[2013/05/30 07:06:52 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll

[2013/05/30 07:06:52 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssha.dll

[2013/05/30 07:06:52 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrdc.dll

[2013/05/30 07:06:51 | 001,386,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvbvm60.dll

[2013/05/30 07:06:51 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mycomput.dll

[2013/05/30 07:06:51 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mystify.scr

[2013/05/30 07:06:51 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPMONTR.DLL

[2013/05/30 07:06:51 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtstocom.exe

[2013/05/30 07:06:51 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPHLPR.DLL

[2013/05/30 07:06:51 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napdsnap.dll

[2013/05/30 07:06:51 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MuiUnattend.exe

[2013/05/30 07:06:51 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPCRYPT.DLL

[2013/05/30 07:06:51 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napipsec.dll

[2013/05/30 07:06:51 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxlegih.dll

[2013/05/30 07:06:51 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxdm.dll

[2013/05/30 07:06:50 | 000,450,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxbde40.dll

[2013/05/30 07:06:50 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstext40.dll

[2013/05/30 07:06:49 | 001,052,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll

[2013/05/30 07:06:49 | 000,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll

[2013/05/30 07:06:49 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexcl40.dll

[2013/05/30 07:06:49 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswmdm.dll

[2013/05/30 07:06:49 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcuiu.dll

[2013/05/30 07:06:49 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll

[2013/05/30 07:06:49 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcVSp1res.dll

[2013/05/30 07:06:49 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe

[2013/05/30 07:06:42 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdelta.dll

[2013/05/30 07:06:42 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdt.exe

[2013/05/30 07:06:42 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdadiag.dll

[2013/05/30 07:06:42 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdart.dll

[2013/05/30 07:06:42 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtclog.dll

[2013/05/30 07:06:42 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfui.dll

[2013/05/30 07:06:42 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll

[2013/05/30 07:06:41 | 000,588,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2VDEC.DLL

[2013/05/30 07:06:41 | 000,506,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ENC.DLL

[2013/05/30 07:06:41 | 000,485,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspaint.exe

[2013/05/30 07:06:41 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msidcrl30.dll

[2013/05/30 07:06:41 | 000,415,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll

[2013/05/30 07:06:41 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ADEC.DLL

[2013/05/30 07:06:41 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbde40.dll

[2013/05/30 07:06:41 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll

[2013/05/30 07:06:41 | 000,299,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjtes40.dll

[2013/05/30 07:06:41 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msltus40.dll

[2013/05/30 07:06:41 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdt.dll

[2013/05/30 07:06:41 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoeacct.dll

[2013/05/30 07:06:41 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msorcl32.dll

[2013/05/30 07:06:41 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll

[2013/05/30 07:06:41 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll

[2013/05/30 07:06:41 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoert2.dll

[2013/05/30 07:06:41 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll

[2013/05/30 07:06:41 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msident.dll

[2013/05/30 07:06:41 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll

[2013/05/30 07:06:41 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmmsp.dll

[2013/05/30 07:06:39 | 001,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjet40.dll

[2013/05/30 07:06:39 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe

[2013/05/30 07:06:39 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll

[2013/05/30 07:06:39 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msisip.dll

[2013/05/30 07:06:37 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Nlsdl.dll

[2013/05/30 07:06:35 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlmgp.dll

[2013/05/30 07:06:35 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlsbres.dll

[2013/05/30 07:06:33 | 000,531,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\objsel.dll

[2013/05/30 07:06:33 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll

[2013/05/30 07:06:33 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe

[2013/05/30 07:06:31 | 002,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll

[2013/05/30 07:06:31 | 000,520,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntvdm.exe

[2013/05/30 07:06:31 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshipsec.dll

[2013/05/30 07:06:31 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll

[2013/05/30 07:06:31 | 000,223,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys

[2013/05/30 07:06:31 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll

[2013/05/30 07:06:31 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll

[2013/05/30 07:06:31 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netid.dll

[2013/05/30 07:06:31 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll

[2013/05/30 07:06:31 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netdiagfx.dll

[2013/05/30 07:06:31 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcorehc.dll

[2013/05/30 07:06:31 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe

[2013/05/30 07:06:31 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll

[2013/05/30 07:06:31 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll

[2013/05/30 07:06:31 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe

[2013/05/30 07:06:31 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe

[2013/05/30 07:06:31 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netbtugc.exe

[2013/05/30 07:06:30 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll

[2013/05/30 07:06:30 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPSTAT.EXE

[2013/05/30 07:06:30 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll

[2013/05/30 07:06:30 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net1.exe

[2013/05/30 07:06:30 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll

[2013/05/30 07:06:30 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nci.dll

[2013/05/30 07:06:30 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net.exe

[2013/05/30 07:06:30 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ndfetw.dll

[2013/05/30 07:06:30 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NcdProp.dll

[2013/05/30 07:06:30 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nbtstat.exe

[2013/05/30 07:06:29 | 003,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll

[2013/05/30 07:06:29 | 001,086,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NetProjW.dll

[2013/05/30 07:06:29 | 000,939,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe

[2013/05/30 07:06:29 | 000,669,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netprof.dll

[2013/05/30 07:06:29 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll

[2013/05/30 07:06:29 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ndfapi.dll

[2013/05/30 07:06:29 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\luainstall.dll

[2013/05/30 07:06:29 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\makecab.exe

[2013/05/30 07:06:29 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll

[2013/05/30 07:06:29 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Netplwiz.exe

[2013/05/30 07:06:29 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsmproxy.dll

[2013/05/30 07:06:28 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localsec.dll

[2013/05/30 07:06:28 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe

[2013/05/30 07:06:28 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\loghours.dll

[2013/05/30 07:06:28 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe

[2013/05/30 07:06:28 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpremove.exe

[2013/05/30 07:06:28 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lodctr.exe

[2013/05/30 07:06:28 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localui.dll

[2013/05/30 07:06:27 | 005,714,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logon.scr

[2013/05/30 07:06:27 | 000,614,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFWMAAEC.DLL

[2013/05/30 07:06:27 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll

[2013/05/30 07:06:27 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll

[2013/05/30 07:06:27 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfvdsp.dll

[2013/05/30 07:06:26 | 000,852,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll

[2013/05/30 07:06:26 | 000,376,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll

[2013/05/30 07:06:26 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe

[2013/05/30 07:06:26 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mdminst.dll

[2013/05/30 07:06:26 | 000,129,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\McxDriv.dll

[2013/05/30 07:06:26 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MdSched.exe

[2013/05/30 07:06:26 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mcd.sys

[2013/05/30 07:06:25 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll

[2013/05/30 07:06:25 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsiwmi.dll

[2013/05/30 07:06:24 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\intl.cpl

[2013/05/30 07:06:24 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll

[2013/05/30 07:06:24 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsium.dll

[2013/05/30 07:06:24 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsilog.dll

[2013/05/30 07:06:24 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsied.dll

[2013/05/30 07:06:23 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsecsnp.dll

[2013/05/30 07:06:23 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtrmgr.dll

[2013/05/30 07:06:23 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\keymgr.dll

[2013/05/30 07:06:23 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys

[2013/05/30 07:06:23 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksproxy.ax

[2013/05/30 07:06:23 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\loadperf.dll

[2013/05/30 07:06:23 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kstvtune.ax

[2013/05/30 07:06:23 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2gpstore.dll

[2013/05/30 07:06:23 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2nacp.dll

[2013/05/30 07:06:23 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksxbar.ax

[2013/05/30 07:06:23 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll

[2013/05/30 07:06:23 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lnkstub.exe

[2013/05/30 07:06:23 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lltdapi.dll

[2013/05/30 07:06:23 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipconfig.exe

[2013/05/30 07:06:23 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LangCleanupSysprepAction.dll

[2013/05/30 07:06:23 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ktmutil.exe

[2013/05/30 07:06:23 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ktmw32.dll

[2013/05/30 07:06:23 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtprio.dll

[2013/05/30 07:06:22 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\joy.cpl

[2013/05/30 07:06:22 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDJPN.DLL

[2013/05/30 07:06:21 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprmsg.dll

[2013/05/30 07:06:21 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprddm.dll

[2013/05/30 07:06:21 | 000,021,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdusb.dll

[2013/05/30 07:06:21 | 000,019,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdcom.dll

[2013/05/30 07:06:21 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDKOR.DLL

[2013/05/30 07:06:20 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MPG4DECD.DLL

[2013/05/30 07:06:20 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP43DECD.DLL

[2013/05/30 07:06:20 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP3DMOD.DLL

[2013/05/30 07:06:20 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mountvol.exe

[2013/05/30 07:06:19 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll

[2013/05/30 07:06:19 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msconfig.exe

[2013/05/30 07:06:19 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscandui.dll

[2013/05/30 07:06:18 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSAC3ENC.DLL

[2013/05/30 07:06:18 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaatext.dll

[2013/05/30 07:06:17 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe

[2013/05/30 07:06:17 | 000,301,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcbase.dll

[2013/05/30 07:06:16 | 002,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll

[2013/05/30 07:06:16 | 000,287,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\modemui.dll

[2013/05/30 07:06:16 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll

[2013/05/30 07:06:15 | 002,011,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll

[2013/05/30 07:06:15 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdshext.dll

[2013/05/30 07:06:15 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\migisol.dll

[2013/05/30 07:06:15 | 000,094,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MigAutoPlay.exe

[2013/05/30 07:06:15 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SecEdit.exe

[2013/05/30 07:06:14 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shrink.dll

[2013/05/30 07:06:13 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll

[2013/05/30 07:06:13 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shrpubw.exe

[2013/05/30 07:06:13 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll

[2013/05/30 07:06:13 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll

[2013/05/30 07:06:13 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shutdown.exe

[2013/05/30 07:06:12 | 000,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcc.dll

[2013/05/30 07:06:12 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll

[2013/05/30 07:06:12 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll

[2013/05/30 07:06:12 | 000,354,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe

[2013/05/30 07:06:12 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SnippingTool.exe

[2013/05/30 07:06:12 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe

[2013/05/30 07:06:12 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe

[2013/05/30 07:06:12 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiInstaller.dll

[2013/05/30 07:06:12 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCExt.dll

[2013/05/30 07:06:12 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll

[2013/05/30 07:06:12 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\softkbd.dll

[2013/05/30 07:06:12 | 000,083,456 | ---- | C] (Microsoft) -- C:\Windows\System32\SMBHelperClass.dll

[2013/05/30 07:06:12 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll

[2013/05/30 07:06:12 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll

[2013/05/30 07:06:12 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\smclib.sys

[2013/05/30 07:06:12 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll

[2013/05/30 07:06:11 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe

[2013/05/30 07:06:11 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcln.dll

[2013/05/30 07:06:11 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupugc.exe

[2013/05/30 07:06:11 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcl.exe

[2013/05/30 07:06:11 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sfc.exe

[2013/05/30 07:06:11 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\serialui.dll

[2013/05/30 07:06:11 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupSNK.exe

[2013/05/30 07:06:09 | 001,823,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll

[2013/05/30 07:06:09 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpui.dll

[2013/05/30 07:06:09 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll

[2013/05/30 07:06:09 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpsetup.dll

[2013/05/30 07:06:09 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys

[2013/05/30 07:06:09 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercfg.cpl

[2013/05/30 07:06:09 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssoc.dll

[2013/05/30 07:06:09 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe

[2013/05/30 07:06:09 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssocPrx.dll

[2013/05/30 07:06:09 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll

[2013/05/30 07:06:09 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPutil.exe

[2013/05/30 07:06:09 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pots.dll

[2013/05/30 07:06:09 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpts.dll

[2013/05/30 07:06:08 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll

[2013/05/30 07:06:08 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnntfy.dll

[2013/05/30 07:06:08 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcaui.dll

[2013/05/30 07:06:08 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2pcollab.dll

[2013/05/30 07:06:08 | 000,336,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2PGraph.dll

[2013/05/30 07:06:08 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiobj.dll

[2013/05/30 07:06:08 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2P.dll

[2013/05/30 07:06:08 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2phost.exe

[2013/05/30 07:06:08 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\provthrd.dll

[2013/05/30 07:06:08 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL

[2013/05/30 07:06:08 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiapi.dll

[2013/05/30 07:06:08 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationSettings.exe

[2013/05/30 07:06:08 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2pnetsh.dll

[2013/05/30 07:06:08 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWiaCompat.dll

[2013/05/30 07:06:08 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prntvpt.dll

[2013/05/30 07:06:08 | 000,051,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PSHED.DLL

[2013/05/30 07:06:08 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\profprov.dll

[2013/05/30 07:06:08 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcadm.dll

[2013/05/30 07:06:08 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe

[2013/05/30 07:06:08 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\procinst.dll

[2013/05/30 07:06:07 | 001,107,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ogldrv.dll

[2013/05/30 07:06:07 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OptionalFeatures.exe

[2013/05/30 07:06:07 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleprn.dll

[2013/05/30 07:06:07 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olecli32.dll

[2013/05/30 07:06:07 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olethk32.dll

[2013/05/30 07:06:07 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olesvr32.dll

[2013/05/30 07:06:06 | 002,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oobefldr.dll

[2013/05/30 07:06:06 | 001,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pidgenx.dll

[2013/05/30 07:06:06 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pintlgnt.ime

[2013/05/30 07:06:06 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osblprov.dll

[2013/05/30 07:06:06 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osbaseln.dll

[2013/05/30 07:06:06 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PING.EXE

[2013/05/30 07:06:05 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr

[2013/05/30 07:06:05 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe

[2013/05/30 07:06:05 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\phon.ime

[2013/05/30 07:06:05 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdhui.dll

[2013/05/30 07:06:05 | 000,045,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys

[2013/05/30 07:06:05 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PlaySndSrv.dll

[2013/05/30 07:06:04 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll

[2013/05/30 07:06:04 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Ribbons.scr

[2013/05/30 07:06:04 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RstrtMgr.dll

[2013/05/30 07:06:04 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfmon.exe

[2013/05/30 07:06:04 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtm.dll

[2013/05/30 07:06:04 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\runonce.exe

[2013/05/30 07:06:04 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfnet.dll

[2013/05/30 07:06:04 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfts.dll

[2013/05/30 07:06:03 | 000,730,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdengin2.dll

[2013/05/30 07:06:03 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll

[2013/05/30 07:06:03 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RESAMPLEDMO.DLL

[2013/05/30 07:06:03 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe

[2013/05/30 07:06:03 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rgb9rast.dll

[2013/05/30 07:06:03 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scksp.dll

[2013/05/30 07:06:03 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll

[2013/05/30 07:06:03 | 000,087,552 | ---- | C] (Microsoft) -- C:\Windows\System32\Robocopy.exe

[2013/05/30 07:06:03 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdchange.exe

[2013/05/30 07:06:03 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RpcPing.exe

[2013/05/30 07:06:03 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys

[2013/05/30 07:06:03 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbunattend.exe

[2013/05/30 07:06:03 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll

[2013/05/30 07:06:02 | 000,142,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\scsiport.sys

[2013/05/30 07:06:01 | 000,889,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll

[2013/05/30 07:06:01 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll

[2013/05/30 07:06:01 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll

[2013/05/30 07:06:01 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdv.dll

[2013/05/30 07:06:01 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qasf.dll

[2013/05/30 07:06:01 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcap.dll

[2013/05/30 07:06:01 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quick.ime

[2013/05/30 07:06:01 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qintlgnt.ime

[2013/05/30 07:06:01 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSVRMGMT.DLL

[2013/05/30 07:06:01 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rascfg.dll

[2013/05/30 07:06:01 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QCLIPROV.DLL

[2013/05/30 07:06:01 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll

[2013/05/30 07:06:01 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacAgent.exe

[2013/05/30 07:06:01 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasctrs.dll

[2013/05/30 07:06:00 | 000,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll

[2013/05/30 07:06:00 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelMon.dll

[2013/05/30 07:06:00 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSHVHOST.DLL

[2013/05/30 07:06:00 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPENCDD.dll

[2013/05/30 07:06:00 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll

[2013/05/30 07:06:00 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reg.exe

[2013/05/30 07:06:00 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regini.exe

[2013/05/30 07:06:00 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rekeywiz.exe

[2013/05/30 07:06:00 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegCtrl.dll

[2013/05/30 07:06:00 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrleakdiag.exe

[2013/05/30 07:05:59 | 001,855,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll

[2013/05/30 07:05:59 | 001,788,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll

[2013/05/30 07:05:59 | 001,039,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d8.dll

[2013/05/30 07:05:59 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll

[2013/05/30 07:05:59 | 000,975,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RASMM.dll

[2013/05/30 07:05:59 | 000,816,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dim700.dll

[2013/05/30 07:05:59 | 000,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasgcw.dll

[2013/05/30 07:05:59 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ddraw.dll

[2013/05/30 07:05:59 | 000,384,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dim.dll

[2013/05/30 07:05:59 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasplap.dll

[2013/05/30 07:05:59 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\desk.cpl

[2013/05/30 07:05:59 | 000,226,816 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\Defrag.exe

[2013/05/30 07:05:59 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll

[2013/05/30 07:05:59 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll

[2013/05/30 07:05:59 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raserver.exe

[2013/05/30 07:05:59 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll

[2013/05/30 07:05:59 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmontr.dll

[2013/05/30 07:05:59 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbnetlib.dll

[2013/05/30 07:05:59 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devenum.dll

[2013/05/30 07:05:59 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dxof.dll

[2013/05/30 07:05:59 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasphone.exe

[2013/05/30 07:05:59 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcfgex.dll

[2013/05/30 07:05:58 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgui.exe

[2013/05/30 07:05:58 | 000,377,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devmgr.dll

[2013/05/30 07:05:58 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe

[2013/05/30 07:05:58 | 000,163,840 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\DfrgNtfs.exe

[2013/05/30 07:05:58 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dinput8.dll

[2013/05/30 07:05:58 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispdiag.exe

[2013/05/30 07:05:58 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe

[2013/05/30 07:05:58 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diantz.exe

[2013/05/30 07:05:58 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsroam.dll

[2013/05/30 07:05:58 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrstub.exe

[2013/05/30 07:05:58 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfdts.dll

[2013/05/30 07:05:58 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispci.dll

[2013/05/30 07:05:58 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsjob.dll

[2013/05/30 07:05:58 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispex.dll

[2013/05/30 07:05:58 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys

[2013/05/30 07:05:57 | 001,078,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll

[2013/05/30 07:05:57 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdial32.dll

[2013/05/30 07:05:57 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe

[2013/05/30 07:05:57 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmipnpinstall.dll

[2013/05/30 07:05:57 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll

[2013/05/30 07:05:57 | 000,096,768 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\dfrgfat.exe

[2013/05/30 07:05:57 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdl32.exe

[2013/05/30 07:05:57 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DFDWiz.exe

[2013/05/30 07:05:57 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmifw.dll

[2013/05/30 07:05:57 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DHCPQEC.DLL

[2013/05/30 07:05:57 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpsapi.dll

[2013/05/30 07:05:57 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgifc.exe

[2013/05/30 07:05:57 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmmon32.exe

[2013/05/30 07:05:57 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmlua.dll

[2013/05/30 07:05:57 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmcfg32.dll

[2013/05/30 07:05:56 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CompatUI.dll

[2013/05/30 07:05:56 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compstui.dll

[2013/05/30 07:05:56 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comsnap.dll

[2013/05/30 07:05:56 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cic.dll

[2013/05/30 07:05:56 | 000,127,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys

[2013/05/30 07:05:56 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cintlgnt.ime

[2013/05/30 07:05:56 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comrepl.dll

[2013/05/30 07:05:56 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmicryptinstall.dll

[2013/05/30 07:05:56 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cipher.exe

[2013/05/30 07:05:56 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clfsw32.dll

[2013/05/30 07:05:56 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ComputerDefaults.exe

[2013/05/30 07:05:55 | 000,686,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\colorui.dll

[2013/05/30 07:05:55 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comuid.dll

[2013/05/30 07:05:55 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\COLORCNV.DLL

[2013/05/30 07:05:55 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CompMgmtLauncher.exe

[2013/05/30 07:05:55 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstp.exe

[2013/05/30 07:05:55 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conime.exe

[2013/05/30 07:05:55 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmutil.dll

[2013/05/30 07:05:55 | 000,036,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys

[2013/05/30 07:05:55 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cofiredm.dll

[2013/05/30 07:05:55 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmpbk32.dll

[2013/05/30 07:05:55 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll

[2013/05/30 07:05:55 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\convert.exe

[2013/05/30 07:05:55 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstplua.dll

[2013/05/30 07:05:54 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\els.dll

[2013/05/30 07:05:53 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDump.dll

[2013/05/30 07:05:53 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esentutl.exe

[2013/05/30 07:05:53 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\efsadu.dll

[2013/05/30 07:05:53 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EAPQEC.DLL

[2013/05/30 07:05:53 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esentprf.dll

[2013/05/30 07:05:52 | 002,585,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallControlPanel.exe

[2013/05/30 07:05:52 | 002,249,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Firewall.cpl

[2013/05/30 07:05:52 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll

[2013/05/30 07:05:52 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\filemgmt.dll

[2013/05/30 07:05:52 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallAPI.dll

[2013/05/30 07:05:52 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fde.dll

[2013/05/30 07:05:52 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll

[2013/05/30 07:05:52 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdSSDP.dll

[2013/05/30 07:05:52 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWSD.dll

[2013/05/30 07:05:52 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findnetprinters.dll

[2013/05/30 07:05:52 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe

[2013/05/30 07:05:52 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll

[2013/05/30 07:05:52 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll

[2013/05/30 07:05:52 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fmifs.dll

[2013/05/30 07:05:51 | 000,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmv2clt.dll

[2013/05/30 07:05:51 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapimig.exe

[2013/05/30 07:05:51 | 000,388,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdlgs.dll

[2013/05/30 07:05:51 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll

[2013/05/30 07:05:51 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll

[2013/05/30 07:05:51 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll

[2013/05/30 07:05:51 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3gpui.dll

[2013/05/30 07:05:51 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdskmgr.dll

[2013/05/30 07:05:51 | 000,178,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmime.dll

[2013/05/30 07:05:51 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DpiScaling.exe

[2013/05/30 07:05:51 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3ui.dll

[2013/05/30 07:05:51 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmvdsitf.dll

[2013/05/30 07:05:51 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\drmk.sys

[2013/05/30 07:05:51 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmsynth.dll

[2013/05/30 07:05:51 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmusic.dll

[2013/05/30 07:05:51 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmscript.dll

[2013/05/30 07:05:51 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll

[2013/05/30 07:05:51 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\driverquery.exe

[2013/05/30 07:05:51 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\extrac32.exe

[2013/05/30 07:05:51 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\expand.exe

[2013/05/30 07:05:51 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\System32\esrb.rs

[2013/05/30 07:05:51 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll

[2013/05/30 07:05:51 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnshc.dll

[2013/05/30 07:05:51 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3gpclnt.dll

[2013/05/30 07:05:51 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmocx.dll

[2013/05/30 07:05:51 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmloader.dll

[2013/05/30 07:05:51 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll

[2013/05/30 07:05:51 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eventcls.dll

[2013/05/30 07:05:51 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmutil.dll

[2013/05/30 07:05:51 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll

[2013/05/30 07:05:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdskres2.dll

[2013/05/30 07:05:50 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll

[2013/05/30 07:05:50 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll

[2013/05/30 07:05:50 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe

[2013/05/30 07:05:50 | 000,246,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll

[2013/05/30 07:05:50 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll

[2013/05/30 07:05:50 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll

[2013/05/30 07:05:50 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll

[2013/05/30 07:05:50 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll

[2013/05/30 07:05:50 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsdmo.dll

[2013/05/30 07:05:50 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll

[2013/05/30 07:05:50 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsprop.dll

[2013/05/30 07:05:50 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWWIN.EXE

[2013/05/30 07:05:50 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe

[2013/05/30 07:05:50 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll

[2013/05/30 07:05:50 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmview.ocx

[2013/05/30 07:05:50 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dskquota.dll

[2013/05/30 07:05:50 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll

[2013/05/30 07:05:50 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys

[2013/05/30 07:05:50 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxva2.dll

[2013/05/30 07:05:50 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsauth.dll

[2013/05/30 07:05:50 | 000,029,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys

[2013/05/30 07:05:50 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxapi.sys

[2013/05/30 07:05:49 | 004,595,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWSnapin.dll

[2013/05/30 07:05:49 | 001,370,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Aurora.scr

[2013/05/30 07:05:49 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWGP.dll

[2013/05/30 07:05:49 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll

[2013/05/30 07:05:49 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AUDIOKSE.dll

[2013/05/30 07:05:49 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authfwcfg.dll

[2013/05/30 07:05:49 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll

[2013/05/30 07:05:49 | 000,110,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys

[2013/05/30 07:05:49 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe

[2013/05/30 07:05:49 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe

[2013/05/30 07:05:49 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AtBroker.exe

[2013/05/30 07:05:49 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\at.exe

[2013/05/30 07:05:48 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe

[2013/05/30 07:05:48 | 000,334,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdedit.exe

[2013/05/30 07:05:48 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll

[2013/05/30 07:05:48 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsadmin.exe

[2013/05/30 07:05:48 | 000,131,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll

[2013/05/30 07:05:48 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdsrv.dll

[2013/05/30 07:05:48 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayApi.dll

[2013/05/30 07:05:48 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basesrv.dll

[2013/05/30 07:05:48 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe

[2013/05/30 07:05:48 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdprov.dll

[2013/05/30 07:05:48 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\batt.dll

[2013/05/30 07:05:48 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\bdasup.sys

[2013/05/30 07:05:47 | 001,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll

[2013/05/30 07:05:47 | 001,405,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActiveContentWizard.dll

[2013/05/30 07:05:47 | 001,186,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll

[2013/05/30 07:05:47 | 000,756,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll

[2013/05/30 07:05:47 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe

[2013/05/30 07:05:47 | 000,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll

[2013/05/30 07:05:47 | 000,317,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroleui.dll

[2013/05/30 07:05:47 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayDriverLib.dll

[2013/05/30 07:05:47 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionQueue.dll

[2013/05/30 07:05:47 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aclui.dll

[2013/05/30 07:05:47 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\activeds.tlb

[2013/05/30 07:05:47 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll

[2013/05/30 07:05:47 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ACW.exe

[2013/05/30 07:05:47 | 000,053,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\1394bus.sys

[2013/05/30 07:05:47 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AzSqlExt.dll

[2013/05/30 07:05:47 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll

[2013/05/30 07:05:46 | 002,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll

[2013/05/30 07:05:46 | 001,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apds.dll

[2013/05/30 07:05:46 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll

[2013/05/30 07:05:46 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsnt.dll

[2013/05/30 07:05:46 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apircl.dll

[2013/05/30 07:05:46 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apss.dll

[2013/05/30 07:05:46 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsmsext.dll

[2013/05/30 07:05:46 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amstream.dll

[2013/05/30 07:05:45 | 001,342,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcpl.dll

[2013/05/30 07:05:45 | 000,990,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl

[2013/05/30 07:05:45 | 000,879,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Bubbles.scr

[2013/05/30 07:05:45 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldp.dll

[2013/05/30 07:05:45 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\btpanui.dll

[2013/05/30 07:05:45 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cacls.exe

[2013/05/30 07:05:45 | 000,024,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BOOTVID.DLL

[2013/05/30 07:05:45 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\capisp.dll

[2013/05/30 07:05:45 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootstr.dll

[2013/05/30 07:05:44 | 001,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll

[2013/05/30 07:05:44 | 000,632,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollUI.dll

[2013/05/30 07:05:44 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certreq.exe

[2013/05/30 07:05:44 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcplsdw.dll

[2013/05/30 07:05:44 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthci.dll

[2013/05/30 07:05:44 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bridgeunattend.exe

[2013/05/30 07:05:44 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollCtrl.exe

[2013/05/30 07:05:43 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll

[2013/05/30 07:05:43 | 000,805,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll

[2013/05/30 07:05:43 | 000,798,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe

[2013/05/30 07:05:43 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cewmdm.dll

[2013/05/30 07:05:43 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chajei.ime

[2013/05/30 07:05:43 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cfgbkend.dll

[2013/05/30 07:05:42 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootcfg.exe

[2013/05/30 07:05:41 | 000,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll

[2013/05/30 07:05:41 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsigd.dll

[2013/05/30 07:05:37 | 000,882,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME

[2013/05/30 07:05:37 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10K.DLL

[2013/05/30 07:05:37 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll

[2013/05/30 07:05:35 | 001,827,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

[2013/05/30 07:05:35 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imagesp1.dll

[2013/05/30 07:05:35 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll

[2013/05/30 07:05:35 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll

[2013/05/30 07:05:35 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi.dll

[2013/05/30 07:05:35 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetmib1.dll

[2013/05/30 07:05:35 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetppui.dll

[2013/05/30 07:05:34 | 000,413,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime

[2013/05/30 07:05:34 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll

[2013/05/30 07:05:34 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll

[2013/05/30 07:05:34 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InfDefaultInstall.exe

[2013/05/30 07:05:33 | 000,251,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassdo.dll

[2013/05/30 07:05:33 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashlpr.dll

[2013/05/30 07:05:33 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll

[2013/05/30 07:05:33 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ias.dll

Link to post
Share on other sites

[2013/05/30 07:05:32 | 000,445,952 | ---- | C] (Microsoft) -- C:\Windows\System32\IasMigPlugin.dll

[2013/05/30 07:05:32 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassam.dll

[2013/05/30 07:05:32 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll

[2013/05/30 07:05:32 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasnap.dll

[2013/05/30 07:05:32 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassvcs.dll

[2013/05/30 07:05:32 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iaspolcy.dll

[2013/05/30 07:05:31 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icm32.dll

[2013/05/30 07:05:31 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe

[2013/05/30 07:05:31 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icsfiltr.dll

[2013/05/30 07:05:31 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifsutil.dll

[2013/05/30 07:05:31 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe

[2013/05/30 07:05:31 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll

[2013/05/30 07:05:31 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll

[2013/05/30 07:05:31 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifmon.dll

[2013/05/30 07:05:31 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icsunattend.exe

[2013/05/30 07:05:30 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll

[2013/05/30 07:05:30 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icfupgd.dll

[2013/05/30 07:05:30 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icacls.exe

[2013/05/30 07:05:30 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\idndl.dll

[2013/05/30 07:05:28 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hlink.dll

[2013/05/30 07:05:28 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll

[2013/05/30 07:05:28 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hnetmon.dll

[2013/05/30 07:05:27 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL

[2013/05/30 07:05:26 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedyn.dll

[2013/05/30 07:05:26 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe

[2013/05/30 07:05:26 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fphc.dll

[2013/05/30 07:05:26 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe

[2013/05/30 07:05:26 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framebuf.dll

[2013/05/30 07:05:23 | 000,936,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpedit.dll

[2013/05/30 07:05:23 | 000,498,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\HelpPane.exe

[2013/05/30 07:05:23 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll

[2013/05/30 07:05:23 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll

[2013/05/30 07:05:23 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpresult.exe

[2013/05/30 07:05:23 | 000,101,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS

[2013/05/30 07:05:23 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll

[2013/05/30 07:05:23 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\GuidedHelp.dll

[2013/05/30 07:05:23 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HelpPaneProxy.dll

[2013/05/30 07:05:23 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\getmac.exe

[2013/05/30 07:05:23 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\graftabl.com

[2013/05/30 07:05:23 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fwcfg.dll

[2013/05/30 07:05:23 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gacinstall.dll

[2013/05/30 07:05:23 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\g711codc.ax

[2013/05/30 07:05:23 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll

[2013/05/30 07:05:23 | 000,016,896 | ---- | C] (Microsoft) -- C:\Windows\System32\grb.rs

[2013/05/30 07:05:23 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpupdate.exe

[2013/05/30 07:05:23 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hcrstco.dll

[2013/05/30 07:05:23 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\fveupdate.exe

[2013/05/30 07:05:21 | 001,524,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll

[2013/05/30 07:05:21 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgrade.exe

[2013/05/30 07:05:20 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaaut.dll

[2013/05/30 07:05:20 | 000,415,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadefui.dll

[2013/05/30 07:05:20 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtutil.exe

[2013/05/30 07:05:20 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadss.dll

[2013/05/30 07:05:20 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaacmgr.exe

[2013/05/30 07:05:20 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe

[2013/05/30 07:05:20 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\whealogr.dll

[2013/05/30 07:05:20 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wfapigp.dll

[2013/05/30 07:05:19 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiascanprofiles.dll

[2013/05/30 07:05:19 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiarpc.dll

[2013/05/30 07:05:19 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WINSRPC.DLL

[2013/05/30 07:05:19 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winusb.dll

[2013/05/30 07:05:18 | 003,216,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe

[2013/05/30 07:05:18 | 000,628,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WLanConn.dll

[2013/05/30 07:05:18 | 000,383,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSATAPI.dll

[2013/05/30 07:05:18 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlancfg.dll

[2013/05/30 07:05:17 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe

[2013/05/30 07:05:17 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winethc.dll

[2013/05/30 07:05:16 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll

[2013/05/30 07:05:16 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wavemsp.dll

[2013/05/30 07:05:16 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w32tm.exe

[2013/05/30 07:05:16 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WavDest.dll

[2013/05/30 07:05:16 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys

[2013/05/30 07:05:16 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll

[2013/05/30 07:05:15 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe

[2013/05/30 07:05:15 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll

[2013/05/30 07:05:15 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe

[2013/05/30 07:05:15 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vssadmin.exe

[2013/05/30 07:05:15 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wermgr.exe

[2013/05/30 07:05:15 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\waitfor.exe

[2013/05/30 07:05:15 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\werdiagcontroller.dll

[2013/05/30 07:05:15 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vss_ps.dll

[2013/05/30 07:05:15 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wertargets.wtl

[2013/05/30 07:05:14 | 001,143,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe

[2013/05/30 07:05:14 | 001,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll

[2013/05/30 07:05:14 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll

[2013/05/30 07:05:14 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll

[2013/05/30 07:05:14 | 000,035,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys

[2013/05/30 07:05:13 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl

[2013/05/30 07:05:13 | 001,532,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz.dll

[2013/05/30 07:05:13 | 001,295,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsecedit.dll

[2013/05/30 07:05:13 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll

[2013/05/30 07:05:13 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDMon.dll

[2013/05/30 07:05:13 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscmisetup.dll

[2013/05/30 07:05:13 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshcon.dll

[2013/05/30 07:05:13 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll

[2013/05/30 07:05:13 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscisvif.dll

[2013/05/30 07:05:13 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscproxystub.dll

[2013/05/30 07:05:13 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll

[2013/05/30 07:05:12 | 001,580,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll

[2013/05/30 07:05:12 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll

[2013/05/30 07:05:12 | 000,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcao.dll

[2013/05/30 07:05:12 | 000,349,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll

[2013/05/30 07:05:12 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll

[2013/05/30 07:05:12 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpdwcn.dll

[2013/05/30 07:05:12 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpclsp.dll

[2013/05/30 07:05:12 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpnpinst.exe

[2013/05/30 07:05:11 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xcopy.exe

[2013/05/30 07:05:11 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe

[2013/05/30 07:05:09 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactsrv.dll

[2013/05/30 07:05:09 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlprovi.dll

[2013/05/30 07:05:08 | 001,675,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpssvcs.dll

[2013/05/30 07:05:08 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll

[2013/05/30 07:05:08 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wvc.dll

[2013/05/30 07:05:08 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll

[2013/05/30 07:05:08 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe

[2013/05/30 07:05:08 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll

[2013/05/30 07:05:08 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll

[2013/05/30 07:05:08 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe

[2013/05/30 07:05:08 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll

[2013/05/30 07:05:08 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll

[2013/05/30 07:05:08 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wzcdlg.dll

[2013/05/30 07:05:08 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll

[2013/05/30 07:05:08 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll

[2013/05/30 07:05:08 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll

[2013/05/30 07:05:07 | 000,534,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll

[2013/05/30 07:05:07 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xwizards.dll

[2013/05/30 07:05:07 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSTPager.ax

[2013/05/30 07:05:07 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe

[2013/05/30 07:05:06 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll

[2013/05/30 07:05:06 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlandlg.dll

[2013/05/30 07:05:06 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll

[2013/05/30 07:05:06 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll

[2013/05/30 07:05:06 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmidx.dll

[2013/05/30 07:05:06 | 000,041,472 | ---- | C] (Microsoft) -- C:\Windows\System32\WlanMmHC.dll

[2013/05/30 07:05:06 | 000,017,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\wmilib.sys

[2013/05/30 07:05:05 | 000,913,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WlanMM.dll

[2013/05/30 07:05:05 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOD.DLL

[2013/05/30 07:05:05 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll

[2013/05/30 07:05:05 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmdev.dll

[2013/05/30 07:05:05 | 000,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmnet.dll

[2013/05/30 07:05:05 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WLanHC.dll

[2013/05/30 07:05:04 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOE.DLL

[2013/05/30 07:05:04 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMASF.DLL

[2013/05/30 07:05:04 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlgpclnt.dll

[2013/05/30 07:05:03 | 001,329,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOE.DLL

[2013/05/30 07:05:03 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpsrcwp.dll

[2013/05/30 07:04:59 | 001,575,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL

[2013/05/30 07:04:59 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL

[2013/05/30 07:04:59 | 001,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL

[2013/05/30 07:04:59 | 000,767,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSENCD.DLL

[2013/05/30 07:04:59 | 000,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL

[2013/05/30 07:04:59 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wow32.dll

[2013/05/30 07:04:59 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmvdspa.dll

[2013/05/30 07:04:58 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll

[2013/05/30 07:04:58 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmiprop.dll

[2013/05/30 07:04:56 | 001,642,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPEncEn.dll

[2013/05/30 07:04:56 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpcm.dll

[2013/05/30 07:04:55 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systeminfo.exe

[2013/05/30 07:04:54 | 000,842,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll

[2013/05/30 07:04:54 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Tabbtn.dll

[2013/05/30 07:04:51 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll

[2013/05/30 07:04:51 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tasklist.exe

[2013/05/30 07:04:51 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskkill.exe

[2013/05/30 07:04:51 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tbs.dll

[2013/05/30 07:04:50 | 000,691,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabletPC.cpl

[2013/05/30 07:04:50 | 000,431,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll

[2013/05/30 07:04:50 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlcese30.dll

[2013/05/30 07:04:50 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srrstr.dll

[2013/05/30 07:04:50 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqmapi.dll

[2013/05/30 07:04:50 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TapiMigPlugin.dll

[2013/05/30 07:04:50 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tabcal.exe

[2013/05/30 07:04:50 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabbtnEx.dll

[2013/05/30 07:04:50 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\takeown.exe

[2013/05/30 07:04:50 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tape.sys

[2013/05/30 07:04:50 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdi.sys

[2013/05/30 07:04:49 | 008,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssBranded.scr

[2013/05/30 07:04:49 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlceqp30.dll

[2013/05/30 07:04:49 | 000,520,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll

[2013/05/30 07:04:49 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssText3d.scr

[2013/05/30 07:04:49 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SSShim.dll

[2013/05/30 07:04:49 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srwmi.dll

[2013/05/30 07:04:48 | 008,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizimg.dll

[2013/05/30 07:04:48 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys

[2013/05/30 07:04:48 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizeng.dll

[2013/05/30 07:04:48 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SoundRecorder.exe

[2013/05/30 07:04:48 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spbcd.dll

[2013/05/30 07:04:48 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppnp.dll

[2013/05/30 07:04:48 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spopk.dll

[2013/05/30 07:04:48 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizres.dll

[2013/05/30 07:04:47 | 002,204,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll

[2013/05/30 07:04:47 | 000,338,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SysFxUI.dll

[2013/05/30 07:04:47 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll

[2013/05/30 07:04:47 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxstrace.exe

[2013/05/30 07:04:47 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxsstore.dll

[2013/05/30 07:04:46 | 001,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll

[2013/05/30 07:04:46 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx

[2013/05/30 07:04:46 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sti_ci.dll

[2013/05/30 07:04:46 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys

[2013/05/30 07:04:46 | 000,123,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys

[2013/05/30 07:04:46 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Storprop.dll

[2013/05/30 07:04:46 | 000,052,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys

[2013/05/30 07:04:46 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syssetup.dll

[2013/05/30 07:04:46 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syskey.exe

[2013/05/30 07:04:45 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll

[2013/05/30 07:04:45 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll

[2013/05/30 07:04:45 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll

[2013/05/30 07:04:45 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xwtpw32.dll

[2013/05/30 07:04:45 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usbui.dll

[2013/05/30 07:04:45 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\userinit.exe

[2013/05/30 07:04:45 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\upnpcont.exe

[2013/05/30 07:04:45 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usbperf.dll

[2013/05/30 07:04:44 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VAN.dll

[2013/05/30 07:04:44 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VIDRESZR.DLL

[2013/05/30 07:04:44 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VBICodec.ax

[2013/05/30 07:04:44 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\videoprt.sys

[2013/05/30 07:04:44 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga256.dll

[2013/05/30 07:04:44 | 000,025,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys

[2013/05/30 07:04:44 | 000,025,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys

[2013/05/30 07:04:44 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga64k.dll

[2013/05/30 07:04:44 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys

[2013/05/30 07:04:44 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga.dll

[2013/05/30 07:04:44 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys

[2013/05/30 07:04:43 | 001,298,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TMM.dll

[2013/05/30 07:04:43 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Utilman.exe

[2013/05/30 07:04:43 | 000,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsdyn.dll

[2013/05/30 07:04:43 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tracerpt.exe

[2013/05/30 07:04:43 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\verifier.dll

[2013/05/30 07:04:43 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsbas.dll

[2013/05/30 07:04:43 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uudf.dll

[2013/05/30 07:04:43 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll

[2013/05/30 07:04:43 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\verifier.exe

[2013/05/30 07:04:43 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TpmInit.exe

[2013/05/30 07:04:43 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vfwwdm32.dll

[2013/05/30 07:04:43 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmredir.dll

[2013/05/30 07:04:43 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vds_ps.dll

[2013/05/30 07:04:43 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbisurf.ax

[2013/05/30 07:04:43 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\utildll.dll

[2013/05/30 07:04:43 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsldr.exe

[2013/05/30 07:04:43 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll

[2013/05/30 07:04:42 | 002,588,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIHub.dll

[2013/05/30 07:04:42 | 001,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll

[2013/05/30 07:04:42 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\termmgr.dll

[2013/05/30 07:04:42 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tintlgnt.ime

[2013/05/30 07:04:42 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ulib.dll

[2013/05/30 07:04:42 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscupgrd.exe

[2013/05/30 07:04:42 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\umb.dll

[2013/05/30 07:04:42 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TimeDateMUICallback.dll

[2013/05/30 07:04:42 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSTheme.exe

[2013/05/30 07:04:42 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsddd.dll

[2013/05/30 07:04:41 | 000,736,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unbcl.dll

[2013/05/30 07:04:41 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattend.dll

[2013/05/30 07:04:41 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\txflog.dll

[2013/05/30 07:04:41 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ucsvc.exe

[2013/05/30 07:04:41 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe

[2013/05/30 07:04:41 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsWpfWrp.exe

[2013/05/30 07:04:41 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattendedjoin.exe

[2013/05/30 07:04:41 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\txfw32.dll

[2013/05/30 07:04:40 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll

[2013/05/30 07:04:40 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll

[2013/05/30 07:04:40 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ufat.dll

[2013/05/30 07:04:40 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uexfat.dll

[2013/05/30 07:02:40 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cbsra.exe

[2013/05/30 06:57:36 | 000,000,000 | ---D | C] -- C:\2f11ee228e24c198718f2cd121456559

[2013/05/30 06:09:21 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur

[2013/05/30 05:11:40 | 000,000,000 | ---D | C] -- C:\Users\mafineart\New Pics

[2013/05/30 05:10:32 | 000,000,000 | ---D | C] -- C:\Users\mafineart\Gregs Place

[2013/05/30 05:09:57 | 000,000,000 | ---D | C] -- C:\Users\mafineart\JNCASE

[2013/05/30 05:07:57 | 000,000,000 | ---D | C] -- C:\Users\mafineart\Documents\Visa Rec

[2013/05/30 05:07:43 | 000,000,000 | ---D | C] -- C:\Users\mafineart\Documents\TAX FORMS & lICENSES

[2013/05/30 05:07:10 | 000,000,000 | ---D | C] -- C:\Users\mafineart\Documents\mc_records

[2013/05/30 05:06:55 | 000,000,000 | ---D | C] -- C:\Users\mafineart\Documents\LETTERS

[2013/05/30 05:06:39 | 000,000,000 | ---D | C] -- C:\Users\mafineart\Documents\LABELS

[2013/05/30 05:06:19 | 000,000,000 | ---D | C] -- C:\Users\mafineart\Documents\INVITATIONS

[2013/05/30 05:05:48 | 000,000,000 | ---D | C] -- C:\Users\mafineart\Documents\ENVELOPES

[2013/05/30 05:05:23 | 000,000,000 | ---D | C] -- C:\Users\mafineart\Documents\Certificates

[2013/05/30 05:04:49 | 000,000,000 | ---D | C] -- C:\Users\mafineart\Documents\BOOTH AND ARTIST Pics

[2013/05/30 04:56:37 | 000,000,000 | ---D | C] -- C:\Users\mafineart\Accounts

[2013/05/30 04:32:40 | 000,000,000 | ---D | C] -- C:\Users\mafineart\Documents\Mikes Photos

[2013/05/30 04:31:21 | 000,000,000 | ---D | C] -- C:\Users\mafineart\Desktop\Brochures

[2013/05/30 04:24:40 | 000,000,000 | ---D | C] -- C:\Users\mafineart\Images

[2013/05/30 04:24:10 | 000,000,000 | ---D | C] -- C:\Users\mafineart\Desktop\Gallery Folders

[2013/05/30 04:23:28 | 000,000,000 | ---D | C] -- C:\Users\mafineart\Desktop\client folders

[2013/05/30 04:23:19 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Roaming\Adobe

[2013/05/30 04:23:19 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Local\Adobe

[2013/05/30 03:34:57 | 000,000,000 | ---D | C] -- C:\System Recovery files

[2013/05/30 03:19:39 | 000,000,000 | ---D | C] -- C:\Users\mafineart\backup files

[2013/05/30 02:51:15 | 000,532,480 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl

[2013/05/30 02:51:14 | 004,874,240 | ---- | C] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe

[2013/05/30 02:51:14 | 002,156,544 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll

[2013/05/30 02:51:14 | 001,191,936 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlUpd.exe

[2013/05/30 02:51:14 | 000,636,416 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll

[2013/05/30 02:51:14 | 000,029,696 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll

[2013/05/30 02:51:12 | 000,315,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\HideWin.exe

[2013/05/30 02:50:54 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Roaming\WinBatch

[2013/05/30 02:35:08 | 000,000,000 | ---D | C] -- C:\swsetup

[2013/05/30 01:48:36 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll

[2013/05/30 01:48:35 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\polstore.dll

[2013/05/29 23:09:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

[2013/05/29 23:09:17 | 000,000,000 | ---D | C] -- C:\Program Files\Google

[2013/05/29 23:09:12 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Local\Google

[2013/05/29 23:08:57 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Local\Apps

[2013/05/29 23:08:56 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Local\Deployment

[2013/05/29 22:44:46 | 000,000,000 | ---D | C] -- C:\ProgramData\ErrorEND

[2013/05/29 21:22:27 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll

[2013/05/29 21:20:26 | 002,452,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat

[2013/05/29 21:19:57 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll

[2013/05/29 21:19:57 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll

[2013/05/29 21:19:53 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2013/05/29 21:19:50 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll

[2013/05/29 21:15:41 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll

[2013/05/29 21:15:41 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll

[2013/05/29 21:15:41 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll

[2013/05/29 21:13:35 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE

[2013/05/29 21:13:34 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll

[2013/05/29 21:13:34 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE

[2013/05/29 21:13:34 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE

[2013/05/29 21:13:34 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE

[2013/05/29 21:13:34 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe

[2013/05/29 21:13:34 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE

[2013/05/29 21:10:38 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll

[2013/05/29 21:10:37 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll

[2013/05/29 21:10:37 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll

[2013/05/29 21:10:37 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll

[2013/05/29 21:10:36 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll

[2013/05/29 21:09:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll

[2013/05/29 21:09:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll

[2013/05/29 21:06:06 | 002,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll

[2013/05/29 21:06:06 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll

[2013/05/29 21:06:05 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe

[2013/05/29 21:06:05 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe

[2013/05/29 21:06:05 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll

[2013/05/29 21:06:03 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL

[2013/05/29 20:57:16 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll

[2013/05/29 20:57:16 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll

[2013/05/29 20:55:42 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll

[2013/05/29 20:55:42 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll

[2013/05/29 20:54:56 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll

[2013/05/29 20:52:45 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl

[2013/05/29 20:46:35 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax

[2013/05/29 20:46:35 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax

[2013/05/29 20:41:10 | 002,927,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe

[2013/05/29 20:37:07 | 001,808,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0046.dll

[2013/05/29 20:37:07 | 001,793,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0045.dll

[2013/05/29 20:37:06 | 001,782,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0039.dll

[2013/05/29 20:37:06 | 001,558,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0049.dll

[2013/05/29 20:37:06 | 001,411,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0047.dll

[2013/05/29 20:37:06 | 001,236,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0020.dll

[2013/05/29 20:37:05 | 005,499,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0022.dll

[2013/05/29 20:37:05 | 002,136,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0021.dll

[2013/05/29 20:37:04 | 007,964,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0024.dll

[2013/05/29 20:37:04 | 005,791,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0026.dll

[2013/05/29 20:37:03 | 006,224,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0027.dll

[2013/05/29 20:37:03 | 004,175,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0010.dll

[2013/05/29 20:37:02 | 004,981,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0013.dll

[2013/05/29 20:37:02 | 003,331,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0018.dll

[2013/05/29 20:37:02 | 002,466,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0011.dll

[2013/05/29 20:37:01 | 006,781,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0019.dll

[2013/05/29 20:37:00 | 011,722,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0001.dll

[2013/05/29 20:37:00 | 004,164,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0002.dll

[2013/05/29 20:36:59 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll

[2013/05/29 20:36:59 | 001,452,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0003.dll

[2013/05/29 20:36:58 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll

[2013/05/29 20:36:57 | 004,093,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004c.dll

[2013/05/29 20:36:57 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004a.dll

[2013/05/29 20:36:57 | 001,702,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004b.dll

[2013/05/29 20:36:56 | 004,045,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons003e.dll

[2013/05/29 20:36:56 | 001,972,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004e.dll

[2013/05/29 20:36:56 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons002a.dll

[2013/05/29 20:36:55 | 006,585,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001b.dll

[2013/05/29 20:36:55 | 006,014,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001a.dll

[2013/05/29 20:36:54 | 009,892,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000a.dll

[2013/05/29 20:36:54 | 006,346,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001d.dll

[2013/05/29 20:36:53 | 006,237,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000c.dll

[2013/05/29 20:36:53 | 001,722,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000d.dll

[2013/05/29 20:36:52 | 005,654,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000f.dll

[2013/05/29 20:36:52 | 005,090,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0416.dll

[2013/05/29 20:36:52 | 004,616,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0414.dll

[2013/05/29 20:36:51 | 007,042,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons081a.dll

[2013/05/29 20:36:51 | 005,031,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0816.dll

[2013/05/29 20:36:50 | 005,071,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsModels0011.dll

[2013/05/29 20:36:50 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0046.dll

[2013/05/29 20:36:50 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0045.dll

[2013/05/29 20:36:49 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0047.dll

[2013/05/29 20:36:48 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0049.dll

[2013/05/29 20:36:48 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0039.dll

[2013/05/29 20:36:48 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0020.dll

[2013/05/29 20:36:48 | 001,801,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0021.dll

[2013/05/29 20:36:47 | 001,966,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0027.dll

[2013/05/29 20:36:47 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0026.dll

[2013/05/29 20:36:47 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0024.dll

[2013/05/29 20:36:47 | 001,801,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0022.dll

[2013/05/29 20:36:46 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0010.dll

[2013/05/29 20:36:46 | 002,657,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0011.dll

[2013/05/29 20:36:45 | 003,466,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0013.dll

[2013/05/29 20:36:45 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0018.dll

[2013/05/29 20:36:44 | 004,497,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0019.dll

[2013/05/29 20:36:44 | 002,599,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0001.dll

[2013/05/29 20:36:44 | 001,523,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0000.dll

[2013/05/29 20:36:43 | 002,243,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0007.dll

[2013/05/29 20:36:43 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0003.dll

[2013/05/29 20:36:43 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0002.dll

[2013/05/29 20:36:42 | 004,875,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0009.dll

[2013/05/29 20:36:42 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004b.dll

[2013/05/29 20:36:42 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004a.dll

[2013/05/29 20:36:41 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004e.dll

[2013/05/29 20:36:41 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004c.dll

[2013/05/29 20:36:41 | 001,801,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData003e.dll

[2013/05/29 20:36:40 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001d.dll

[2013/05/29 20:36:40 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001b.dll

[2013/05/29 20:36:40 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001a.dll

[2013/05/29 20:36:40 | 001,801,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData002a.dll

[2013/05/29 20:36:39 | 009,847,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000a.dll

[2013/05/29 20:36:39 | 002,643,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000c.dll

[2013/05/29 20:36:38 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0414.dll

[2013/05/29 20:36:38 | 002,342,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000d.dll

[2013/05/29 20:36:38 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000f.dll

[2013/05/29 20:36:37 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0816.dll

[2013/05/29 20:36:37 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0416.dll

[2013/05/29 20:36:37 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll

[2013/05/29 20:36:36 | 006,917,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0c1a.dll

[2013/05/29 20:36:36 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData081a.dll

[2013/05/29 20:36:35 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0c1a.dll

[2013/05/29 20:33:43 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll

[2013/05/29 20:33:34 | 000,988,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe

[2013/05/29 20:33:34 | 000,927,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe

[2013/05/29 20:33:33 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll

[2013/05/29 20:33:33 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe

[2013/05/29 20:33:33 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srdelayed.exe

[2013/05/29 20:33:32 | 000,019,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll

[2013/05/29 20:33:31 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll

[2013/05/29 20:33:30 | 000,615,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll

[2013/05/29 20:32:15 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll

[2013/05/29 20:32:14 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe

[2013/05/29 20:32:12 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll

[2013/05/29 20:32:12 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll

[2013/05/29 20:32:12 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe

[2013/05/29 20:32:11 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll

[2013/05/29 20:32:11 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll

[2013/05/29 20:31:37 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm

[2013/05/29 20:31:37 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm

[2013/05/29 20:28:27 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll

[2013/05/29 20:28:27 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll

[2013/05/29 20:27:05 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll

[2013/05/29 20:27:03 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll

[2013/05/29 20:24:50 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printcom.dll

[2013/05/29 20:24:08 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys

[2013/05/29 20:24:08 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshrm.dll

[2013/05/29 20:23:18 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb

[2013/05/29 20:23:18 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb

[2013/05/29 20:22:42 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe

[2013/05/29 20:22:42 | 000,329,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll

[2013/05/29 20:22:42 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll

[2013/05/29 20:22:41 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe

[2013/05/29 20:22:41 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll

[2013/05/29 20:22:40 | 000,511,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe

[2013/05/29 20:22:40 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll

[2013/05/29 20:22:39 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe

[2013/05/29 20:22:39 | 000,472,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll

[2013/05/29 20:20:33 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA

[2013/05/29 20:19:54 | 000,062,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll

[2013/05/29 20:19:53 | 002,557,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll

[2013/05/29 20:18:51 | 000,053,024 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll

[2013/05/29 20:17:06 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation

[2013/05/29 20:16:46 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation

[2013/05/29 20:05:53 | 000,622,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe

[2013/05/29 20:05:52 | 000,097,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll

[2013/05/29 20:05:52 | 000,037,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl

[2013/05/29 20:05:52 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll

[2013/05/29 20:05:38 | 000,105,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll

[2013/05/29 20:05:33 | 000,781,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll

[2013/05/29 19:43:10 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll

[2013/05/29 19:43:09 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll

[2013/05/29 05:15:18 | 001,695,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll

[2013/05/29 05:14:42 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe

[2013/05/29 05:14:41 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll

[2013/05/29 05:13:55 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll

[2013/05/29 05:02:28 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll

[2013/05/29 05:00:20 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll

[2013/05/29 04:58:39 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll

[2013/05/29 04:58:39 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll

[2013/05/29 04:58:03 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL

[2013/05/29 04:57:06 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll

[2013/05/29 04:57:05 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx

[2013/05/29 04:57:05 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll

[2013/05/29 04:56:57 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe

[2013/05/29 04:31:56 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Roaming\AVG2013

[2013/05/29 04:29:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

[2013/05/29 04:29:51 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Roaming\TuneUp Software

[2013/05/29 04:27:29 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013

[2013/05/29 04:27:29 | 000,000,000 | ---D | C] -- C:\$AVG

[2013/05/29 04:23:53 | 000,000,000 | ---D | C] -- C:\Program Files\AVG

[2013/05/29 04:19:57 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files

[2013/05/29 04:19:56 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Local\MFAData

[2013/05/29 04:19:56 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData

[2013/05/29 04:19:56 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Local\Avg2013

[2013/05/29 03:48:01 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Symantec

[2013/05/29 03:14:09 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll

[2013/05/29 03:05:59 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0

[2013/05/29 02:51:49 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Local\WindowsUpdate

[2013/05/29 02:13:47 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Local\Hewlett-Packard

[2013/05/29 02:12:36 | 000,000,000 | R--D | C] -- C:\Users\mafineart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

[2013/05/29 02:12:35 | 000,000,000 | R--D | C] -- C:\Users\mafineart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

[2013/05/29 02:12:35 | 000,000,000 | R--D | C] -- C:\Users\mafineart\Searches

[2013/05/29 02:12:29 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Roaming\Identities

[2013/05/29 02:12:26 | 000,000,000 | R--D | C] -- C:\Users\mafineart\Contacts

[2013/05/29 00:16:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\oem

[2013/05/28 23:47:16 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Local\VirtualStore

[2013/05/28 23:36:23 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Roaming\Hewlett-Packard

[2013/05/28 23:34:14 | 000,000,000 | --SD | C] -- C:\Users\mafineart\AppData\Roaming\Microsoft

[2013/05/28 23:34:14 | 000,000,000 | R--D | C] -- C:\Users\mafineart\Videos

[2013/05/28 23:34:14 | 000,000,000 | R--D | C] -- C:\Users\mafineart\Saved Games

[2013/05/28 23:34:14 | 000,000,000 | R--D | C] -- C:\Users\mafineart\Pictures

[2013/05/28 23:34:14 | 000,000,000 | R--D | C] -- C:\Users\mafineart\Music

[2013/05/28 23:34:14 | 000,000,000 | R--D | C] -- C:\Users\mafineart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

[2013/05/28 23:34:14 | 000,000,000 | R--D | C] -- C:\Users\mafineart\Links

[2013/05/28 23:34:14 | 000,000,000 | R--D | C] -- C:\Users\mafineart\Favorites

[2013/05/28 23:34:14 | 000,000,000 | R--D | C] -- C:\Users\mafineart\Downloads

[2013/05/28 23:34:14 | 000,000,000 | R--D | C] -- C:\Users\mafineart\Documents

[2013/05/28 23:34:14 | 000,000,000 | R--D | C] -- C:\Users\mafineart\Desktop

[2013/05/28 23:34:14 | 000,000,000 | R--D | C] -- C:\Users\mafineart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

[2013/05/28 23:34:14 | 000,000,000 | -HSD | C] -- C:\Users\mafineart\AppData\Local\Temporary Internet Files

[2013/05/28 23:34:14 | 000,000,000 | -HSD | C] -- C:\Users\mafineart\Templates

[2013/05/28 23:34:14 | 000,000,000 | -HSD | C] -- C:\Users\mafineart\Start Menu

[2013/05/28 23:34:14 | 000,000,000 | -HSD | C] -- C:\Users\mafineart\SendTo

[2013/05/28 23:34:14 | 000,000,000 | -HSD | C] -- C:\Users\mafineart\Recent

[2013/05/28 23:34:14 | 000,000,000 | -HSD | C] -- C:\Users\mafineart\PrintHood

[2013/05/28 23:34:14 | 000,000,000 | -HSD | C] -- C:\Users\mafineart\NetHood

[2013/05/28 23:34:14 | 000,000,000 | -HSD | C] -- C:\Users\mafineart\Documents\My Videos

[2013/05/28 23:34:14 | 000,000,000 | -HSD | C] -- C:\Users\mafineart\Documents\My Pictures

[2013/05/28 23:34:14 | 000,000,000 | -HSD | C] -- C:\Users\mafineart\Documents\My Music

[2013/05/28 23:34:14 | 000,000,000 | -HSD | C] -- C:\Users\mafineart\My Documents

[2013/05/28 23:34:14 | 000,000,000 | -HSD | C] -- C:\Users\mafineart\Local Settings

[2013/05/28 23:34:14 | 000,000,000 | -HSD | C] -- C:\Users\mafineart\AppData\Local\History

[2013/05/28 23:34:14 | 000,000,000 | -HSD | C] -- C:\Users\mafineart\Cookies

[2013/05/28 23:34:14 | 000,000,000 | -HSD | C] -- C:\Users\mafineart\Application Data

[2013/05/28 23:34:14 | 000,000,000 | -HSD | C] -- C:\Users\mafineart\AppData\Local\Application Data

[2013/05/28 23:34:14 | 000,000,000 | -H-D | C] -- C:\Users\mafineart\AppData

[2013/05/28 23:34:14 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Local\Microsoft

[2013/05/28 23:34:14 | 000,000,000 | ---D | C] -- C:\Users\mafineart\AppData\Roaming\Media Center Programs

[2013/05/28 23:30:36 | 000,000,000 | -HSD | C] -- C:\ProgramData\Templates

[2013/05/28 23:30:36 | 000,000,000 | -HSD | C] -- C:\ProgramData\Start Menu

[2013/05/28 23:30:36 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Videos

[2013/05/28 23:30:36 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Pictures

[2013/05/28 23:30:36 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Music

[2013/05/28 23:30:36 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favorites

[2013/05/28 23:30:36 | 000,000,000 | -HSD | C] -- C:\Documents and Settings

[2013/05/28 23:30:36 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documents

[2013/05/28 23:30:36 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop

[2013/05/28 23:30:36 | 000,000,000 | -HSD | C] -- C:\ProgramData\Application Data

[2013/05/28 23:22:23 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution

[2013/05/28 23:20:09 | 000,000,000 | -HSD | C] -- C:\System Volume Information

========== Files - Modified Within 30 Days ==========

[2013/06/08 21:45:57 | 000,604,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2013/06/08 21:45:57 | 000,103,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2013/06/08 21:44:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\mafineart\Desktop\OTL.exe

[2013/06/08 21:40:05 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2013/06/08 21:38:24 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2013/06/08 21:38:24 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2013/06/08 21:38:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013/06/08 21:38:11 | 938,008,576 | -HS- | M] () -- C:\hiberfil.sys

[2013/06/08 04:37:19 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts

[2013/06/08 04:19:02 | 005,078,746 | R--- | M] (Swearware) -- C:\Users\mafineart\Desktop\ComboFix.exe

[2013/06/08 04:14:27 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2013/06/08 04:14:06 | 000,001,699 | ---- | M] () -- C:\Users\mafineart\Desktop\Notepad (2).lnk

[2013/06/07 01:21:49 | 000,001,973 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2013/06/07 00:54:10 | 000,890,839 | ---- | M] () -- C:\Users\mafineart\Desktop\SecurityCheck.exe

[2013/06/07 00:39:39 | 002,240,352 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\mafineart\Desktop\tdsskiller.exe

[2013/06/05 17:20:01 | 001,036,579 | ---- | M] () -- C:\Users\mafineart\Desktop\DSCN8727.jpg

[2013/06/05 15:15:43 | 000,001,614 | ---- | M] () -- C:\Users\mafineart\Desktop\Calculator (2).lnk

[2013/06/04 16:06:26 | 000,000,450 | ---- | M] () -- C:\Users\mafineart\AppData\Roaming\wklnhst.dat

[2013/06/04 14:13:27 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2013/06/03 17:10:29 | 000,001,152 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk

[2013/06/03 17:03:34 | 000,000,830 | ---- | M] () -- C:\Users\mafineart\Desktop\ExtractNow.lnk

[2013/06/03 13:22:10 | 002,215,456 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2013/05/31 17:09:50 | 000,000,526 | ---- | M] () -- C:\Users\mafineart\Desktop\bs.rtf

[2013/05/31 16:25:11 | 000,000,593 | ---- | M] () -- C:\Users\mafineart\Desktop\piratebay.rtf

[2013/05/31 14:23:33 | 000,000,917 | ---- | M] () -- C:\Users\mafineart\Desktop\Windows Mail.lnk

[2013/05/31 13:04:30 | 000,000,240 | ---- | M] () -- C:\Users\mafineart\Desktop\Document.rtf

[2013/05/31 13:04:25 | 000,002,632 | ---- | M] () -- C:\Users\mafineart\Desktop\gmail account.eml

[2013/05/30 15:35:54 | 000,001,858 | ---- | M] () -- C:\Users\Public\Desktop\Canon Solution Menu EX.lnk

[2013/05/30 15:11:55 | 000,115,019 | ---- | M] () -- C:\Users\mafineart\Desktop\enchante.jpg

[2013/05/30 15:07:16 | 000,005,632 | ---- | M] () -- C:\Users\mafineart\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2013/05/30 14:36:58 | 000,002,659 | ---- | M] () -- C:\Users\mafineart\Desktop\Restoring Windows Mail Account Settings - TechSpot Forums.lnk

[2013/05/30 11:14:15 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf

[2013/05/30 11:05:17 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe

[2013/05/30 11:05:17 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

[2013/05/30 10:54:54 | 000,000,945 | ---- | M] () -- C:\Users\mafineart\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2013/05/30 07:43:29 | 000,101,888 | ---- | M] (Infineon Technologies AG) -- C:\Windows\System32\ifxcardm.dll

[2013/05/30 07:43:13 | 000,082,432 | ---- | M] (Gemalto, Inc.) -- C:\Windows\System32\axaltocm.dll

[2013/05/30 07:34:22 | 000,049,152 | ---- | M] () -- C:\Windows\SPInstall.etl

[2013/05/30 06:57:36 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SPWizUI.dll

[2013/05/30 06:57:36 | 000,047,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SPReview.exe

[2013/05/30 05:30:35 | 000,000,647 | ---- | M] () -- C:\Users\mafineart\Desktop\New Pics.lnk

[2013/05/30 05:18:24 | 000,000,945 | ---- | M] () -- C:\Users\mafineart\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser - Copy.lnk

[2013/05/30 04:24:56 | 000,000,635 | ---- | M] () -- C:\Users\mafineart\Desktop\Images - Shortcut.lnk

[2013/05/30 04:19:11 | 000,000,295 | ---- | M] () -- C:\Users\mafineart\Application Data\Microsoft\Internet Explorer\Quick Launch\HP © - Shortcut.lnk

[2013/05/30 03:56:51 | 000,000,295 | ---- | M] () -- C:\Users\mafineart\Desktop\HP © - Shortcut.lnk

[2013/05/30 02:51:17 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll

[2013/05/30 02:51:12 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\HideWin.exe

[2013/05/30 01:48:36 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll

[2013/05/30 01:48:35 | 000,272,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\polstore.dll

[2013/05/30 01:22:33 | 000,001,255 | ---- | M] () -- C:\Users\mafineart\Desktop\ERRORS.rtf

[2013/05/29 23:55:10 | 000,001,875 | ---- | M] () -- C:\Users\mafineart\Application Data\Microsoft\Internet Explorer\Quick Launch\Wordpad.lnk

[2013/05/29 23:54:51 | 000,001,614 | ---- | M] () -- C:\Users\mafineart\Desktop\Calculator.lnk

[2013/05/29 23:54:38 | 000,001,699 | ---- | M] () -- C:\Users\mafineart\Desktop\Notepad.lnk

[2013/05/29 23:54:25 | 000,001,875 | ---- | M] () -- C:\Users\mafineart\Desktop\Wordpad.lnk

[2013/05/29 23:51:17 | 000,001,997 | ---- | M] () -- C:\Users\mafineart\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2013/05/29 22:27:56 | 000,000,945 | ---- | M] () -- C:\Users\mafineart\Desktop\Launch Internet Explorer Browser.lnk

[2013/05/29 21:22:27 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll

[2013/05/29 21:20:26 | 002,452,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat

[2013/05/29 21:19:57 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll

[2013/05/29 21:19:57 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll

[2013/05/29 21:19:53 | 000,180,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2013/05/29 21:19:50 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll

[2013/05/29 21:17:25 | 000,001,820 | ---- | M] () -- C:\Windows\System32\rasctrnm.h

[2013/05/29 21:15:41 | 000,241,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll

[2013/05/29 21:15:41 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll

[2013/05/29 21:15:41 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll

[2013/05/29 21:13:35 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE

[2013/05/29 21:13:34 | 000,104,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll

[2013/05/29 21:13:34 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE

[2013/05/29 21:13:34 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE

[2013/05/29 21:13:34 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE

[2013/05/29 21:13:34 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\finger.exe

[2013/05/29 21:13:34 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE

[2013/05/29 21:10:38 | 002,501,921 | ---- | M] () -- C:\Windows\System32\wlan.tmf

[2013/05/29 21:10:38 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll

[2013/05/29 21:10:37 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll

[2013/05/29 21:10:37 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll

[2013/05/29 21:10:37 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll

[2013/05/29 21:10:36 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll

[2013/05/29 21:10:36 | 000,015,181 | ---- | M] () -- C:\Windows\System32\gatherWirelessInfo.vbs

[2013/05/29 21:09:41 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll

[2013/05/29 21:09:39 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll

[2013/05/29 21:06:06 | 002,868,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mf.dll

[2013/05/29 21:06:06 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll

[2013/05/29 21:06:05 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe

[2013/05/29 21:06:05 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe

[2013/05/29 21:06:05 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll

[2013/05/29 21:06:03 | 002,386,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL

[2013/05/29 20:57:17 | 000,562,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll

[2013/05/29 20:57:16 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll

[2013/05/29 20:55:42 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll

[2013/05/29 20:55:42 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll

[2013/05/29 20:54:56 | 000,303,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll

[2013/05/29 20:52:45 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl

[2013/05/29 20:46:35 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax

[2013/05/29 20:46:35 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax

[2013/05/29 20:41:10 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

[2013/05/29 20:37:07 | 001,808,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0046.dll

[2013/05/29 20:37:07 | 001,793,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0045.dll

[2013/05/29 20:37:06 | 001,782,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0039.dll

[2013/05/29 20:37:06 | 001,558,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0049.dll

[2013/05/29 20:37:06 | 001,411,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0047.dll

[2013/05/29 20:37:06 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0020.dll

[2013/05/29 20:37:05 | 007,964,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0024.dll

[2013/05/29 20:37:05 | 005,499,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0022.dll

[2013/05/29 20:37:05 | 002,136,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0021.dll

[2013/05/29 20:37:04 | 005,791,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0026.dll

[2013/05/29 20:37:03 | 006,224,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0027.dll

[2013/05/29 20:37:03 | 004,175,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0010.dll

[2013/05/29 20:37:02 | 004,981,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0013.dll

[2013/05/29 20:37:02 | 003,331,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0018.dll

[2013/05/29 20:37:02 | 002,466,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0011.dll

[2013/05/29 20:37:01 | 006,781,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0019.dll

[2013/05/29 20:37:00 | 011,722,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0001.dll

[2013/05/29 20:37:00 | 004,164,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0002.dll

[2013/05/29 20:36:59 | 012,240,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll

[2013/05/29 20:36:59 | 001,452,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0003.dll

[2013/05/29 20:36:58 | 003,419,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004a.dll

[2013/05/29 20:36:58 | 002,644,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll

[2013/05/29 20:36:57 | 004,093,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004c.dll

[2013/05/29 20:36:57 | 001,972,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004e.dll

[2013/05/29 20:36:57 | 001,702,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004b.dll

[2013/05/29 20:36:56 | 004,045,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons003e.dll

[2013/05/29 20:36:56 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons002a.dll

[2013/05/29 20:36:55 | 006,585,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001b.dll

[2013/05/29 20:36:55 | 006,346,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001d.dll

[2013/05/29 20:36:55 | 006,014,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001a.dll

[2013/05/29 20:36:54 | 009,892,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000a.dll

[2013/05/29 20:36:53 | 006,237,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000c.dll

[2013/05/29 20:36:53 | 005,654,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000f.dll

[2013/05/29 20:36:53 | 001,722,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000d.dll

[2013/05/29 20:36:52 | 005,090,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0416.dll

[2013/05/29 20:36:52 | 004,616,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0414.dll

[2013/05/29 20:36:51 | 007,042,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons081a.dll

[2013/05/29 20:36:51 | 005,031,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0816.dll

[2013/05/29 20:36:50 | 005,071,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsModels0011.dll

[2013/05/29 20:36:50 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0046.dll

[2013/05/29 20:36:50 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0045.dll

[2013/05/29 20:36:49 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0049.dll

[2013/05/29 20:36:49 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0047.dll

[2013/05/29 20:36:48 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0039.dll

[2013/05/29 20:36:48 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0020.dll

[2013/05/29 20:36:48 | 001,801,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0021.dll

[2013/05/29 20:36:47 | 001,966,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0027.dll

[2013/05/29 20:36:47 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0026.dll

[2013/05/29 20:36:47 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0024.dll

[2013/05/29 20:36:47 | 001,801,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0022.dll

[2013/05/29 20:36:46 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0010.dll

[2013/05/29 20:36:46 | 002,657,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0011.dll

[2013/05/29 20:36:45 | 003,466,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0013.dll

[2013/05/29 20:36:45 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0018.dll

[2013/05/29 20:36:45 | 001,523,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0000.dll

[2013/05/29 20:36:44 | 004,497,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0019.dll

[2013/05/29 20:36:44 | 002,599,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0001.dll

[2013/05/29 20:36:44 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0002.dll

[2013/05/29 20:36:43 | 004,875,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0009.dll

[2013/05/29 20:36:43 | 002,243,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0007.dll

[2013/05/29 20:36:43 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0003.dll

[2013/05/29 20:36:42 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004c.dll

[2013/05/29 20:36:42 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004b.dll

[2013/05/29 20:36:42 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004a.dll

[2013/05/29 20:36:41 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004e.dll

[2013/05/29 20:36:41 | 001,801,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData003e.dll

[2013/05/29 20:36:41 | 001,801,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData002a.dll

[2013/05/29 20:36:40 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData001d.dll

[2013/05/29 20:36:40 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData001b.dll

[2013/05/29 20:36:40 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData001a.dll

[2013/05/29 20:36:39 | 009,847,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000a.dll

[2013/05/29 20:36:39 | 002,643,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000c.dll

[2013/05/29 20:36:38 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0414.dll

[2013/05/29 20:36:38 | 002,342,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000d.dll

[2013/05/29 20:36:38 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000f.dll

[2013/05/29 20:36:37 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0816.dll

[2013/05/29 20:36:37 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0416.dll

[2013/05/29 20:36:37 | 000,801,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll

[2013/05/29 20:36:36 | 006,917,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0c1a.dll

[2013/05/29 20:36:36 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData081a.dll

[2013/05/29 20:36:35 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0c1a.dll

[2013/05/29 20:33:43 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll

[2013/05/29 20:33:34 | 000,988,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winload.exe

[2013/05/29 20:33:34 | 000,927,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe

[2013/05/29 20:33:33 | 000,378,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll

[2013/05/29 20:33:33 | 000,318,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe

[2013/05/29 20:33:33 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srdelayed.exe

[2013/05/29 20:33:32 | 000,019,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll

[2013/05/29 20:33:31 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll

[2013/05/29 20:33:30 | 000,615,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ci.dll

[2013/05/29 20:32:15 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll

[2013/05/29 20:32:14 | 000,666,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe

[2013/05/29 20:32:12 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll

[2013/05/29 20:32:12 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll

[2013/05/29 20:32:12 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe

[2013/05/29 20:32:11 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll

[2013/05/29 20:32:11 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll

[2013/05/29 20:31:37 | 000,220,672 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm

[2013/05/29 20:31:37 | 000,062,464 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm

[2013/05/29 20:28:27 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll

[2013/05/29 20:28:27 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll

[2013/05/29 20:27:05 | 000,425,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll

[2013/05/29 20:27:03 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll

[2013/05/29 20:24:50 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printcom.dll

[2013/05/29 20:24:08 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys

[2013/05/29 20:24:08 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wshrm.dll

[2013/05/29 20:23:18 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb

[2013/05/29 20:23:18 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb

[2013/05/29 20:22:42 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe

[2013/05/29 20:22:42 | 000,329,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll

[2013/05/29 20:22:42 | 000,151,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll

[2013/05/29 20:22:41 | 000,346,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe

[2013/05/29 20:22:41 | 000,151,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll

[2013/05/29 20:22:40 | 000,511,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe

[2013/05/29 20:22:40 | 000,472,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll

[2013/05/29 20:22:39 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe

[2013/05/29 20:22:39 | 000,472,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll

[2013/05/29 20:05:53 | 000,622,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe

[2013/05/29 20:05:52 | 000,097,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll

[2013/05/29 20:05:52 | 000,037,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl

[2013/05/29 20:05:52 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll

[2013/05/29 20:05:38 | 000,105,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll

[2013/05/29 20:05:33 | 000,781,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll

[2013/05/29 19:53:51 | 025,231,360 | ---- | M] () -- C:\Windows\ocsetup_install_NetFx3.etl

[2013/05/29 19:53:51 | 000,049,152 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf

[2013/05/29 19:53:51 | 000,016,384 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx

[2013/05/29 19:43:10 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll

[2013/05/29 19:43:09 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll

[2013/05/29 05:44:55 | 000,000,215 | ---- | M] () -- C:\Users\mafineart\Desktop\Download Windows Vista Service Pack 1 Five Language Standalone (KB936330) from Official Microsoft Download Center.url

[2013/05/29 05:15:18 | 001,695,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll

[2013/05/29 05:14:42 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe

[2013/05/29 05:14:41 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll

[2013/05/29 05:13:55 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll

[2013/05/29 05:02:28 | 001,645,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\connect.dll

[2013/05/29 05:00:20 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll

[2013/05/29 04:58:39 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll

[2013/05/29 04:58:39 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll

[2013/05/29 04:58:03 | 000,604,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL

[2013/05/29 04:57:06 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll

[2013/05/29 04:57:05 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx

[2013/05/29 04:56:57 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe

[2013/05/29 04:29:52 | 000,000,844 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk

[2013/05/29 03:14:09 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll

[2013/05/29 02:24:42 | 000,001,820 | RHS- | M] () -- C:\Windows\System32\drivers\103C_HP_CPC_RK573AA-ABA a1710n_YC_0Pavi_QCNH703_E71NAv3PrA2_49_INODUSM3_SASUSTek Computer INC._V1.05_B5.04_T061215_WUH0_L409_M895_J320_7AMD_8Athlon 64 X2 Dual Core_92.2_#070328_N10DE0269_Z14F12F20_G10DE0241.MRK

[2013/05/29 02:11:52 | 000,001,843 | ---- | M] () -- C:\Users\Public\Desktop\Easy Internet Services.lnk

[2013/05/29 02:10:45 | 000,000,044 | ---- | M] () -- C:\Windows\System\hpsysdrv.dat

========== Files Created - No Company Name ==========

[2013/06/08 04:14:06 | 000,001,699 | ---- | C] () -- C:\Users\mafineart\Desktop\Notepad (2).lnk

[2013/06/07 01:29:05 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe

[2013/06/07 01:29:05 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe

[2013/06/07 01:29:05 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe

[2013/06/07 01:29:05 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe

[2013/06/07 01:29:05 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe

[2013/06/07 00:54:05 | 000,890,839 | ---- | C] () -- C:\Users\mafineart\Desktop\SecurityCheck.exe

[2013/06/05 17:20:00 | 001,036,579 | ---- | C] () -- C:\Users\mafineart\Desktop\DSCN8727.jpg

[2013/06/05 15:15:43 | 000,001,614 | ---- | C] () -- C:\Users\mafineart\Desktop\Calculator (2).lnk

[2013/06/04 15:47:30 | 938,008,576 | -HS- | C] () -- C:\hiberfil.sys

[2013/06/04 14:13:27 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2013/06/03 17:10:29 | 000,001,152 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk

[2013/06/03 17:10:27 | 000,000,967 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady 7.0.lnk

[2013/06/03 17:10:27 | 000,000,962 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 7.0.lnk

[2013/06/03 17:03:34 | 000,000,830 | ---- | C] () -- C:\Users\mafineart\Desktop\ExtractNow.lnk

[2013/05/31 17:09:50 | 000,000,526 | ---- | C] () -- C:\Users\mafineart\Desktop\bs.rtf

[2013/05/31 16:45:40 | 000,115,019 | ---- | C] () -- C:\Users\mafineart\Desktop\enchante.jpg

[2013/05/31 16:22:41 | 000,000,593 | ---- | C] () -- C:\Users\mafineart\Desktop\prices ebay.rtf

[2013/05/31 14:23:33 | 000,000,917 | ---- | C] () -- C:\Users\mafineart\Desktop\Windows Mail.lnk

[2013/05/31 13:04:29 | 000,000,240 | ---- | C] () -- C:\Users\mafineart\Desktop\Document.rtf

[2013/05/31 13:04:24 | 000,002,632 | ---- | C] () -- C:\Users\mafineart\Desktop\gmail account.eml

[2013/05/31 03:40:14 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin

[2013/05/31 03:40:14 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin

[2013/05/31 03:40:11 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex

[2013/05/31 03:04:04 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs

[2013/05/31 03:04:04 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml

[2013/05/31 03:04:04 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl

[2013/05/30 15:35:54 | 000,001,858 | ---- | C] () -- C:\Users\Public\Desktop\Canon Solution Menu EX.lnk

[2013/05/30 15:32:34 | 000,015,872 | ---- | C] () -- C:\Windows\System32\CNC1750D.TBL

[2013/05/30 14:36:58 | 000,002,659 | ---- | C] () -- C:\Users\mafineart\Desktop\Restoring Windows Mail Account Settings - TechSpot Forums.lnk

[2013/05/30 11:16:33 | 000,000,450 | ---- | C] () -- C:\Users\mafineart\AppData\Roaming\wklnhst.dat

[2013/05/30 11:16:22 | 000,020,992 | ---- | C] () -- C:\Users\mafineart\Desktop\phonebook.wdb

[2013/05/30 11:14:15 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf

[2013/05/30 10:54:54 | 000,000,945 | ---- | C] () -- C:\Users\mafineart\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2013/05/30 07:06:43 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01007_Inbox_Critical.Wdf

[2013/05/30 07:06:12 | 000,080,047 | ---- | C] () -- C:\Windows\System32\slmgr.vbs

[2013/05/30 07:06:06 | 000,261,163 | ---- | C] () -- C:\Windows\System32\onex.tmf

[2013/05/30 07:06:04 | 000,145,455 | ---- | C] () -- C:\Windows\System32\perfmon.msc

[2013/05/30 07:06:01 | 000,009,987 | ---- | C] () -- C:\Windows\System32\RacUR.xml

[2013/05/30 07:06:01 | 000,000,150 | ---- | C] () -- C:\Windows\System32\RacUREx.xml

[2013/05/30 07:05:51 | 000,289,467 | ---- | C] () -- C:\Windows\System32\dot3.tmf

[2013/05/30 07:05:50 | 000,206,830 | ---- | C] () -- C:\Windows\System32\eaphost.tmf

[2013/05/30 07:05:26 | 000,144,909 | ---- | C] () -- C:\Windows\System32\fsmgmt.msc

[2013/05/30 07:05:23 | 000,012,198 | ---- | C] () -- C:\Windows\System32\gatherWiredInfo.vbs

[2013/05/30 07:05:20 | 000,175,508 | ---- | C] () -- C:\Windows\System32\WFP.TMF

[2013/05/30 07:04:54 | 000,132,148 | ---- | C] () -- C:\Windows\System32\systemsf.ebd

[2013/05/30 06:59:19 | 000,049,152 | ---- | C] () -- C:\Windows\SPInstall.etl

[2013/05/30 05:30:34 | 000,000,647 | ---- | C] () -- C:\Users\mafineart\Desktop\New Pics.lnk

[2013/05/30 05:18:24 | 000,000,945 | ---- | C] () -- C:\Users\mafineart\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser - Copy.lnk

[2013/05/30 05:09:02 | 000,024,255 | ---- | C] () -- C:\Users\mafineart\Documents\Consigns.pdf

[2013/05/30 05:08:43 | 000,014,848 | ---- | C] () -- C:\Users\mafineart\Documents\DAC invoice.xlr

[2013/05/30 05:08:21 | 000,035,840 | ---- | C] () -- C:\Users\mafineart\Documents\Bio.wps

[2013/05/30 05:08:21 | 000,032,993 | ---- | C] () -- C:\Users\mafineart\Documents\BIO.pdf

[2013/05/30 04:52:20 | 000,005,632 | ---- | C] () -- C:\Users\mafineart\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2013/05/30 04:32:06 | 000,770,136 | ---- | C] () -- C:\Users\mafineart\Desktop\darthy.jpg

[2013/05/30 04:24:56 | 000,000,635 | ---- | C] () -- C:\Users\mafineart\Desktop\Images - Shortcut.lnk

[2013/05/30 04:19:11 | 000,000,295 | ---- | C] () -- C:\Users\mafineart\Application Data\Microsoft\Internet Explorer\Quick Launch\HP © - Shortcut.lnk

[2013/05/30 03:56:51 | 000,000,295 | ---- | C] () -- C:\Users\mafineart\Desktop\HP © - Shortcut.lnk

[2013/05/30 02:53:00 | 000,000,553 | ---- | C] () -- C:\Windows\USetup.iss

[2013/05/30 00:18:32 | 000,001,255 | ---- | C] () -- C:\Users\mafineart\Desktop\ERRORS.rtf

[2013/05/29 23:55:10 | 000,001,875 | ---- | C] () -- C:\Users\mafineart\Application Data\Microsoft\Internet Explorer\Quick Launch\Wordpad.lnk

[2013/05/29 23:54:51 | 000,001,614 | ---- | C] () -- C:\Users\mafineart\Desktop\Calculator.lnk

[2013/05/29 23:54:38 | 000,001,699 | ---- | C] () -- C:\Users\mafineart\Desktop\Notepad.lnk

[2013/05/29 23:54:25 | 000,001,875 | ---- | C] () -- C:\Users\mafineart\Desktop\Wordpad.lnk

[2013/05/29 23:45:37 | 000,004,984 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin

[2013/05/29 23:09:57 | 000,001,997 | ---- | C] () -- C:\Users\mafineart\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2013/05/29 23:09:57 | 000,001,973 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2013/05/29 23:09:20 | 000,000,892 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2013/05/29 23:09:18 | 000,000,888 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2013/05/29 21:17:25 | 000,001,820 | ---- | C] () -- C:\Windows\System32\rasctrnm.h

[2013/05/29 21:10:38 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf

[2013/05/29 21:10:36 | 000,015,181 | ---- | C] () -- C:\Windows\System32\gatherWirelessInfo.vbs

[2013/05/29 19:47:44 | 025,231,360 | ---- | C] () -- C:\Windows\ocsetup_install_NetFx3.etl

[2013/05/29 19:47:44 | 000,049,152 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf

[2013/05/29 19:47:44 | 000,016,384 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx

[2013/05/29 05:44:54 | 000,000,215 | ---- | C] () -- C:\Users\mafineart\Desktop\Download Windows Vista Service Pack 1 Five Language Standalone (KB936330) from Official Microsoft Download Center.url

[2013/05/29 04:29:52 | 000,000,844 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2013.lnk

[2013/05/29 02:25:01 | 000,000,945 | ---- | C] () -- C:\Users\mafineart\Desktop\Launch Internet Explorer Browser.lnk

[2013/05/29 02:24:34 | 000,001,820 | RHS- | C] () -- C:\Windows\System32\drivers\103C_HP_CPC_RK573AA-ABA a1710n_YC_0Pavi_QCNH703_E71NAv3PrA2_49_INODUSM3_SASUSTek Computer INC._V1.05_B5.04_T061215_WUH0_L409_M895_J320_7AMD_8Athlon 64 X2 Dual Core_92.2_#070328_N10DE0269_Z14F12F20_G10DE0241.MRK

[2013/05/29 02:12:37 | 000,000,951 | ---- | C] () -- C:\Users\mafineart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

[2013/05/29 02:12:35 | 000,000,946 | ---- | C] () -- C:\Users\mafineart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

[2013/05/29 02:12:26 | 000,000,917 | ---- | C] () -- C:\Users\mafineart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk

[2013/05/29 02:11:52 | 000,002,059 | ---- | C] () -- C:\Users\Public\Desktop\eBay.lnk

[2013/05/29 02:11:52 | 000,002,057 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

[2013/05/29 02:11:52 | 000,001,994 | ---- | C] () -- C:\Users\Public\Desktop\MSN.lnk

[2013/05/29 02:11:52 | 000,001,917 | ---- | C] () -- C:\Users\Public\Desktop\Get Vonage.lnk

[2013/05/29 02:11:52 | 000,001,863 | ---- | C] () -- C:\Users\Public\Desktop\High-Speed Services.lnk

[2013/05/29 02:11:52 | 000,001,843 | ---- | C] () -- C:\Users\Public\Desktop\Easy Internet Services.lnk

[2013/05/29 02:11:52 | 000,001,817 | ---- | C] () -- C:\Users\Public\Desktop\AOL Sign-up.lnk

[2013/05/29 02:11:52 | 000,001,342 | ---- | C] () -- C:\Users\Public\Desktop\Snapfish Photos - First 25 Prints Free.lnk

[2013/05/29 02:10:45 | 000,000,044 | ---- | C] () -- C:\Windows\System\hpsysdrv.dat

[2013/05/28 23:34:14 | 000,000,258 | ---- | C] () -- C:\Users\mafineart\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk

[2013/05/28 23:34:14 | 000,000,240 | ---- | C] () -- C:\Users\mafineart\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk

========== ZeroAccess Check ==========

[2006/11/02 05:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2011/01/21 08:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/05/29 20:32:13 | 000,615,424 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/01/18 23:36:50 | 000,347,648 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

========== Alternate Data Streams ==========

@Alternate Data Stream - 777 bytes -> C:\Users\mafineart\Desktop\gmail account.eml:OECustomProperty

< End of report >

Link to post
Share on other sites

OTL Extras logfile created on: 6/8/2013 9:47:14 PM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\mafineart\Desktop

Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation

Internet Explorer (Version = 7.0.6001.18000)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

893.82 Mb Total Physical Memory | 298.88 Mb Available Physical Memory | 33.44% Memory free

2.00 Gb Paging File | 1.29 Gb Available in Paging File | 64.48% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 291.83 Gb Total Space | 207.04 Gb Free Space | 70.94% Space Free | Partition Type: NTFS

Drive D: | 6.26 Gb Total Space | 0.88 Gb Free Space | 14.01% Space Free | Partition Type: NTFS

Drive E: | 76.72 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: MAFINEART-PC | User Name: mafineart | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"FirewallDisableNotify" = 0

"AntiVirusDisableNotify" = 0

"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- (EarthLink, Inc.)

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{9EBDDD04-BC76-4FFF-94CC-0F3CF8A68AEE}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{005DE927-7EEF-40A6-8695-094A821735F5}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |

"{0B208427-AC56-4A1C-98E5-D523827AEC2B}" = protocol=6 | dir=in | app=c:\program files\hp connections\6811507\program\hp connections.exe |

"{1B757D18-5C6F-4F89-BB87-8FC947427FAF}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |

"{2B68D791-372B-4CEF-A81E-79B15CEEC8BC}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |

"{478C19C7-7CBC-4397-96E7-A9101ECAEAC8}" = protocol=17 | dir=in | app=c:\program files\hp connections\6811507\program\hp connections.exe |

"{4DE7F4DA-8162-4F58-9CE0-886C522659F5}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe |

"{554E93EA-97B8-445F-9D0E-06901AA38BE2}" = protocol=17 | dir=in | app=c:\program files\hp connections\6811507\program\hp connections.exe |

"{6519C6F7-0FDA-458D-BED2-A8849B40C38E}" = protocol=6 | dir=in | app=c:\program files\hp connections\6811507\program\hp connections.exe |

"{68053730-0728-44F9-B02D-B3C4ED7654B3}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |

"{6A7D98C7-5A2C-4FA7-8112-247C4DD7D547}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe |

"{6C5E5C9F-D414-4C37-8F62-87426374E445}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |

"{7313F568-2BD6-410A-8191-FC2053A81B84}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |

"{754BD211-0E80-4327-8DD8-C2D6B3CCD49A}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe |

"{77264ACE-CEF6-4EB4-8905-06A27E90D306}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |

"{80431B57-F86E-4C45-89BE-CBD932C34698}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |

"{8E0FFE10-86CD-4DC2-8940-459DF6B9FE21}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |

"{908201ED-415D-47A5-828F-C9F0DC2F7967}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe |

"{92F139A3-B9C8-4ABB-B741-1827023BA183}" = protocol=6 | dir=in | app=c:\program files\hp connections\6811507\program\hp connections.exe |

"{9721B0EC-B857-4CCB-95F4-87E2148199EF}" = dir=in | app=c:\program files\hp connections\6811507\program\hp connections |

"{A211B986-8547-41C3-A5C3-89CA0841A7EA}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |

"{AA5D352D-1E79-4622-8E25-18D68CDBB002}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe |

"{B03CDA11-2971-4DBB-98F3-34E824A76FDB}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe |

"{BD8BBA63-2431-4266-AFBB-AD3FA28E0744}" = protocol=17 | dir=in | app=c:\program files\hp connections\6811507\program\hp connections.exe |

"TCP Query User{BC82B270-5915-4A44-AB6B-36DF9E791684}C:\program files\hp\common\hpdevicedetection3.exe" = protocol=6 | dir=in | app=c:\program files\hp\common\hpdevicedetection3.exe |

"UDP Query User{B7C70818-4F19-45E6-96B9-E5223DE00506}C:\program files\hp\common\hpdevicedetection3.exe" = protocol=17 | dir=in | app=c:\program files\hp\common\hpdevicedetection3.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools

"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data

"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX880_series" = Canon MX880 series MP Drivers

"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive

"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate

"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR

"{2AE79B77-E3FA-4F9C-93D7-4FC643516D6A}" = AVG 2013

"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend

"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In

"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy

"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3

"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works

"{75E71ADD-042C-4F30-BFAC-A9EC42351313}" = Python 2.4.3

"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX

"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio

"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update

"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback

"{A34CC51D-C2FF-4E0E-9F27-28B0249A15DD}" = HP Product Detection

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements

"{AC76BA86-7AD7-1033-7B44-A70800000002}" = Adobe Reader 7.0.8

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 307.83

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 307.83

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components

"{B83A15A7-2BD5-4416-BC43-AF5F9A4B08A9}" = muvee autoProducer 5.0

"{C3DC29BC-A8CF-4578-9DFC-37F049C44771}" = OcxSetup

"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{DD85D6BF-4787-4A93-99A5-3F0CF0AE8834}" = Internet Explorer Toolbar 4.8 by SweetPacks

"{DEE76D44-8D7C-4A32-8FAE-A813817631FC}" = AVG 2013

"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe 1.4.124.1

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F94234DB-FD06-42C3-B88D-6FC4DC9F988C}" = HP Easy Setup - Core

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Photoshop 7.0" = Adobe Photoshop 7.0

"AVG" = AVG 2013

"Canon MX880 series User Registration" = Canon MX880 series User Registration

"CanonMyPrinter" = Canon My Printer

"CanonSolutionMenuEX" = Canon Solution Menu EX

"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Soft Data Fax Modem with SmartCP

"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player

"ExtractNow" = ExtractNow

"Google Chrome" = Google Chrome

"HPOOVClient-6811507 Uninstaller" = HP Connections (remove only)

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"MP Navigator EX 4.1" = Canon MP Navigator EX 4.1

"NVIDIA Drivers" = NVIDIA Drivers

"PC-Doctor 5 for Windows" = Hardware Diagnostic Tools

"WildTangent hpdesktop Master Uninstall" = My HP Games

"Yahoo! Companion" = Yahoo! Toolbar for Internet Explorer

"Yahoo! Toolbar" = Yahoo! Toolbar

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 6/4/2013 4:51:10 PM | Computer Name = mafineart-PC | Source = SideBySide | ID = 16842785

Description = Activation context generation failed for "C:\Program Files\Canon\Solution

Menu EX\MFC80U.DLL". Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"

could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 6/4/2013 5:12:55 PM | Computer Name = mafineart-PC | Source = SideBySide | ID = 16842785

Description = Activation context generation failed for "C:\Program Files\Canon\Solution

Menu EX\MFC80U.DLL". Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"

could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 6/4/2013 5:13:01 PM | Computer Name = mafineart-PC | Source = SideBySide | ID = 16842785

Description = Activation context generation failed for "C:\Program Files\Canon\Solution

Menu EX\MFC80U.DLL". Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"

could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 6/4/2013 6:44:34 PM | Computer Name = mafineart-PC | Source = EventSystem | ID = 4609

Description =

Error - 6/4/2013 6:48:56 PM | Computer Name = mafineart-PC | Source = SideBySide | ID = 16842785

Description = Activation context generation failed for "C:\Program Files\Canon\Solution

Menu EX\MFC80U.DLL". Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"

could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 6/4/2013 6:49:08 PM | Computer Name = mafineart-PC | Source = SideBySide | ID = 16842785

Description = Activation context generation failed for "C:\Program Files\Canon\Solution

Menu EX\MFC80U.DLL". Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"

could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 6/5/2013 2:59:53 PM | Computer Name = mafineart-PC | Source = SideBySide | ID = 16842785

Description = Activation context generation failed for "C:\Program Files\Canon\Solution

Menu EX\MFC80U.DLL". Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"

could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 6/5/2013 2:59:55 PM | Computer Name = mafineart-PC | Source = SideBySide | ID = 16842785

Description = Activation context generation failed for "C:\Program Files\Canon\Solution

Menu EX\MFC80U.DLL". Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"

could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 6/5/2013 3:17:35 PM | Computer Name = mafineart-PC | Source = SideBySide | ID = 16842785

Description = Activation context generation failed for "C:\Program Files\Canon\Solution

Menu EX\MFC80U.DLL". Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"

could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 6/5/2013 3:17:36 PM | Computer Name = mafineart-PC | Source = SideBySide | ID = 16842785

Description = Activation context generation failed for "C:\Program Files\Canon\Solution

Menu EX\MFC80U.DLL". Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"

could not be found. Please use sxstrace.exe for detailed diagnosis.

[ System Events ]

Error - 5/30/2013 6:46:53 AM | Computer Name = mafineart-PC | Source = Service Control Manager | ID = 7006

Description =

Error - 5/30/2013 6:47:50 AM | Computer Name = mafineart-PC | Source = ACPI | ID = 327686

Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot

2, function 0. Please contact your system vendor for technical assistance.

Error - 5/30/2013 6:47:50 AM | Computer Name = mafineart-PC | Source = ACPI | ID = 327686

Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot

4, function 0. Please contact your system vendor for technical assistance.

Error - 5/30/2013 6:49:51 AM | Computer Name = mafineart-PC | Source = Service Control Manager | ID = 7000

Description =

Error - 5/30/2013 8:36:27 AM | Computer Name = mafineart-PC | Source = Service Control Manager | ID = 7006

Description =

Error - 5/30/2013 8:48:10 AM | Computer Name = mafineart-PC | Source = Service Control Manager | ID = 7000

Description =

Error - 5/30/2013 9:48:26 AM | Computer Name = mafineart-PC | Source = Service Control Manager | ID = 7006

Description =

Error - 5/30/2013 9:49:36 AM | Computer Name = mafineart-PC | Source = ACPI | ID = 327686

Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot

2, function 0. Please contact your system vendor for technical assistance.

Error - 5/30/2013 9:49:36 AM | Computer Name = mafineart-PC | Source = ACPI | ID = 327686

Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot

4, function 0. Please contact your system vendor for technical assistance.

Error - 5/30/2013 10:02:28 AM | Computer Name = mafineart-PC | Source = DCOM | ID = 10010

Description =

< End of report >

Link to post
Share on other sites

Please download AdwCleaner by Xplode onto your desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.

Link to post
Share on other sites

# AdwCleaner v2.303 - Logfile created 06/09/2013 at 12:27:50

# Updated 08/06/2013 by Xplode

# Operating system : Windows Vista Home Premium Service Pack 1 (32 bits)

# User : mafineart - MAFINEART-PC

# Boot Mode : Normal

# Running from : C:\Users\mafineart\Desktop\AdwCleaner.exe

# Option [search]

***** [services] *****

***** [Files / Folders] *****

File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

File Found : C:\Users\Public\Desktop\eBay.lnk

Folder Found : C:\Program Files\SweetIM

Folder Found : C:\Users\mafineart\AppData\LocalLow\SweetIM

***** [Registry] *****

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{DD85D6BF-4787-4A93-99A5-3F0CF0AE8834}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Found : HKLM\Software\Classes\Installer\Features\FB6D58DD787439A4995AF3C00FEA8843

Key Found : HKLM\Software\Classes\Installer\Products\FB6D58DD787439A4995AF3C00FEA8843

Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}

Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}

Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FB6D58DD787439A4995AF3C00FEA8843

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DD85D6BF-4787-4A93-99A5-3F0CF0AE8834}

Key Found : HKLM\SOFTWARE\Software

Key Found : HKU\S-1-5-21-4196601509-315295840-2269700814-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}

Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]

Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]

***** [internet Browsers] *****

-\\ Internet Explorer v7.0.6001.18639

[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10045&barid={27AD4671-CCAA-11E2-9815-001A92405806}

-\\ Google Chrome v27.0.1453.110

File : C:\Users\mafineart\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found [l.66] : search_url = "hxxp://start.sweetpacks.com/?src=6&q={searchTerms}&st=12&crg=3.5000006.10045&barid={27AD4671-CCAA-11E2-9815-001A92405806}",

Found [l.2757] : urls_to_restore_on_startup = [ "hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10045&barid={27AD4671-CCAA-11E2-9815-001A92405806}" ]

*************************

AdwCleaner[R1].txt - [6527 octets] - [09/06/2013 12:27:50]

########## EOF - C:\AdwCleaner[R1].txt - [6587 octets] ##########

Link to post
Share on other sites

# AdwCleaner v2.303 - Logfile created 06/09/2013 at 12:27:50

# Updated 08/06/2013 by Xplode

# Operating system : Windows Vista Home Premium Service Pack 1 (32 bits)

# User : mafineart - MAFINEART-PC

# Boot Mode : Normal

# Running from : C:\Users\mafineart\Desktop\AdwCleaner.exe

# Option [search]

***** [services] *****

***** [Files / Folders] *****

File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

File Found : C:\Users\Public\Desktop\eBay.lnk

Folder Found : C:\Program Files\SweetIM

Folder Found : C:\Users\mafineart\AppData\LocalLow\SweetIM

***** [Registry] *****

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{DD85D6BF-4787-4A93-99A5-3F0CF0AE8834}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Found : HKLM\Software\Classes\Installer\Features\FB6D58DD787439A4995AF3C00FEA8843

Key Found : HKLM\Software\Classes\Installer\Products\FB6D58DD787439A4995AF3C00FEA8843

Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}

Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}

Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FB6D58DD787439A4995AF3C00FEA8843

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DD85D6BF-4787-4A93-99A5-3F0CF0AE8834}

Key Found : HKLM\SOFTWARE\Software

Key Found : HKU\S-1-5-21-4196601509-315295840-2269700814-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}

Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]

Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]

***** [internet Browsers] *****

-\\ Internet Explorer v7.0.6001.18639

[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10045&barid={27AD4671-CCAA-11E2-9815-001A92405806}

-\\ Google Chrome v27.0.1453.110

File : C:\Users\mafineart\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found [l.66] : search_url = "hxxp://start.sweetpacks.com/?src=6&q={searchTerms}&st=12&crg=3.5000006.10045&barid={27AD4671-CCAA-11E2-9815-001A92405806}",

Found [l.2757] : urls_to_restore_on_startup = [ "hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10045&barid={27AD4671-CCAA-11E2-9815-001A92405806}" ]

*************************

AdwCleaner[R1].txt - [6527 octets] - [09/06/2013 12:27:50]

########## EOF - C:\AdwCleaner[R1].txt - [6587 octets] ##########

Link to post
Share on other sites