Jump to content

An odd registry entry.


Recommended Posts

I wasn't sure where to post this, but I've recently run into a peculiar

Registry entry and I was hoping to understand it's origins..

REGREDFLAG.jpg

I already ran Avira AntiVir, and MalwareBytes and other than a few false-

positives the only other thing that MB found was this little gem:

"Registry Data Items Infected:

HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) ->

Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1")-> Quarantined and deleted successfully."

So I was wondering, what kind of program is this, I'll have to re-DL Hijack This

bust as it stands it seems my PC's safe enough....Though if worse comes to worse

I'll have to resort to deleting this Admin profile in favor of a new one, as this entry

doesn't show up in a newly created one...I just don't like the idea of Un/Reinstalling

well over a hundred programs!

Link to post
Share on other sites

Do you have vmware installed ?

Not as a stand-alone, but maybe it's part of a component installation that

I'm not aware of. If this looks to be a familiar Reg-entry then please, let

me know, as far as it VMWare I've never heard of it nor am I well-versed

in SQL or programs of that type, I'm more of a gamer/3D artist /Musician

type of PC user, and I'm not to familiar with programs out of my field, unless

it's a component needed for such devices/programs that I frequently use

and are familiar with.

Link to post
Share on other sites

After reading another thread about pop-ups from my MwB prog thatg seemed quite

similar to my own, I decided to post a DDS.scr log myself...Please tell me I've nothing to

worry about...Although, I know it's not the case! :blink:

DDS (Ver_10-12-12.02) - NTFS_AMD64

Run by Takezo Takemura at 19:42:33.59 on Fri 01/07/2011

Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_23

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4094.2150 [GMT -5:00]

AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}

SP: COMODO Defense+ *Enabled/Updated* {DC3D0F8D-B138-AAAA-0339-560EB3387C28}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}

FW: COMODO Firewall *Enabled* {5F676F4C-DD6D-A47C-12D6-C449366C71EE}

============== Running Processes ===============

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\System32\spoolsv.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

C:\Windows\system32\svchost.exe -k apphost

C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe

C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE

C:\Windows\SysWOW64\XSrvSetup.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

C:\Windows\system32\conhost.exe

C:\Program Files (x86)\Common Files\Motive\McciCMService.exe

C:\Program Files\Common Files\Motive\McciCMService.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe

C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Windows\system32\svchost.exe -k iissvcs

C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\DllHost.exe

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\COMODO\COMODO Internet Security\cfp.exe

C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\COMODO\COMODO Internet Security\cfp.exe

C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\taskhost.exe

C:\Users\Takezo Takemura\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Takezo Takemura\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Takezo Takemura\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Takezo Takemura\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Takezo Takemura\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Takezo Takemura\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Takezo Takemura\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Takezo Takemura\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Takezo Takemura\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Takezo Takemura\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\vssvc.exe

C:\Windows\System32\svchost.exe -k swprv

C:\Windows\system32\SearchProtocolHost.exe

D:\! TZO'S stuff\! TZO_(PROGS)\! TZO_SHIT_(SECURITY)\! TZO_DL PROGS\dds.scr

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = about:blank

uDefault_Page_URL = hxxp://www.msn.com

uURLSearchHooks: SearchHook Class: {bc86e1ab-eda5-4059-938f-ce307b0c6f0a} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform

\6.3.2348.0\npwinext.dll

TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

uRun: [AdobeBridge]

uRun: [Google Update] "C:\Users\Takezo Takemura\AppData\Local\Google\Update\GoogleUpdate.exe" /c

mRun: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

mRun: [bCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

LSP: C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.3.1.0.cab

TCP: {ED425BA8-E5AA-4EE9-B57F-4D5985277575} = 8.8.8.8,8.8.4.4

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

mRun-x64: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h

================= FIREFOX ===================

FF - ProfilePath - C:\Users\TAKEZO~1\AppData\Roaming\Mozilla\Firefox\Profiles\ypaimcfg.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=15627

FF - prefs.js: browser.search.selectedEngine - Ixquick

FF - prefs.js: browser.startup.homepage - hxxp://www.ixquick.com/

FF - prefs.js: keyword.URL - hxxp://utils.babylon.com/abt/index.php?url=

FF - prefs.js: network.proxy.ftp - 92.247.12.242

FF - prefs.js: network.proxy.gopher - 202.28.66.115

FF - prefs.js: network.proxy.http - 202.108.5.35

FF - prefs.js: network.proxy.http_port - 8080

FF - prefs.js: network.proxy.socks - 127.0.0.1

FF - prefs.js: network.proxy.socks_port - 9050

FF - prefs.js: network.proxy.ssl - 61.213.5.222

FF - prefs.js: network.proxy.type - 0

FF - component: C:\Users\Takezo Takemura\AppData\Roaming\Mozilla\Firefox\Profiles\ypaimcfg.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc

\components\ipc_fireftp.dll

FF - component: C:\Users\Takezo Takemura\AppData\Roaming\Mozilla\Firefox\Profiles\ypaimcfg.default\extensions\firedownload@mozilla.org\components\firedownload.dll

FF - component: C:\Users\Takezo Takemura\AppData\Roaming\Mozilla\Firefox\Profiles\ypaimcfg.default\extensions\firetorrent@radicalsoft.com\components\firetorrent.dll

FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Common Files\Motive\npMotive.dll

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Opera\program\plugins\np_gp.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Program Files\Microsoft\Web Platform Installer\NPWPIDetector.dll

FF - plugin: C:\Users\Takezo Takemura\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

FF - Ext: DownThemAll!: {DDC359D1-844A-42a7-9AA1-88A850A938A8} - %profile%\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}

FF - Ext: Download Statusbar: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} - %profile%\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}

FF - Ext: Easy Youtube Video Downloader: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} - %profile%\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}

FF - Ext: Ant Video Downloader: anttoolbar@ant.com - %profile%\extensions\anttoolbar@ant.com

FF - Ext: FoxyProxy Standard: foxyproxy@eric.h.jung - %profile%\extensions\foxyproxy@eric.h.jung

FF - Ext: FoxyProxy Basic: foxyproxy@eric.h.jung - %profile%\extensions\foxyproxy@eric.h.jung

FF - Ext: FireFTP: {a7c6cf7f-112c-4500-a7ea-39801a327e5f} - %profile%\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}

FF - Ext: Download Manager Tweak: {F8A55C97-3DB6-4961-A81D-0DE0080E53CB} - %profile%\extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}

FF - Ext: FireDownload: firedownload@mozilla.org - %profile%\extensions\firedownload@mozilla.org

FF - Ext: Flash Video Downloader - Youtube Downloader: artur.dubovoy@gmail.com - %profile%\extensions\artur.dubovoy@gmail.com

FF - Ext: FireTorrent: firetorrent@radicalsoft.com - %profile%\extensions\firetorrent@radicalsoft.com

FF - Ext: Embedded Objects: firefox@red-cog.com - %profile%\extensions\firefox@red-cog.com

FF - Ext: PageTweak: {15312e9a-4905-48da-aae4-15b24bdc2a24} - %profile%\extensions\{15312e9a-4905-48da-aae4-15b24bdc2a24}

FF - Ext: BYTubeD - Bulk YouTube video Downloader: bytubed@cs213.cse.iitk.ac.in - %profile%\extensions\bytubed@cs213.cse.iitk.ac.in

FF - Ext: Image and Flash Blocker: imgflashblocker@shimon.chohen - %profile%\extensions\imgflashblocker@shimon.chohen

FF - Ext: TweakTube: {15e67a59-bd3d-49ae-90dd-b3d3fd14c2ed} - %profile%\extensions\{15e67a59-bd3d-49ae-90dd-b3d3fd14c2ed}

FF - Ext: Aero Fox Silver XL: {5c876f30-10ce-11dd-bd0b-0800200c9a66} - %profile%\extensions\{5c876f30-10ce-11dd-bd0b-0800200c9a66}

FF - Ext: Aero Fox XL: {5c8bfb7c-9a54-11dc-8314-0800200c9a66} - %profile%\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}

FF - Ext: SmoothWheel (mozdev.org): {5F590AA2-1221-4113-A6F4-A4BB62414FAC} - %profile%\extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}

FF - Ext: SmoothWheel (AMO): {5F590AA2-1221-4113-A6F4-A4BB62414FAC} - %profile%\extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}

FF - Ext: Tab Mix Plus: {dc572301-7619-498c-a57d-39143191b318} - %profile%\extensions\{dc572301-7619-498c-a57d-39143191b318}

FF - Ext: Torbutton: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca} - %profile%\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}

FF - Ext: flv movies downloader: flvmoviesdownloader@rzll - %profile%\extensions\flvmoviesdownloader@rzll

FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}

FF - Ext: Pixlr Grabber: {d47a9f51-8281-43fa-f450-f28ef8735e9a} - %profile%\extensions\{d47a9f51-8281-43fa-f450-f28ef8735e9a}

FF - Ext: Screengrab: {02450954-cdd9-410f-b1da-db804e18c671} - %profile%\extensions\{02450954-cdd9-410f-b1da-db804e18c671}

FF - Ext: Bazzacuda Image Saver Plus: {FF2FA6A4-B3B1-11DD-B910-6C9A55D89593} - %profile%\extensions\{FF2FA6A4-B3B1-11DD-B910-6C9A55D89593}

---- FIREFOX POLICIES ----

FF - user.js: browser.blink_allowed - true

FF - user.js: network.prefetch-next - true

FF - user.js: nglayout.initialpaint.delay - 50

FF - user.js: layout.spellcheckDefault - 1

FF - user.js: browser.search.openintab - false

FF - user.js: browser.tabs.closeButtons - 1

FF - user.js: browser.tabs.opentabfor.middleclick - true

FF - user.js: browser.tabs.tabMinWidth - 100

FF - user.js: general.useragent.extra.brc - BRI/1

============= SERVICES / DRIVERS ===============

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-12-13 55280]

R1 AppleCharger;AppleCharger;C:\Windows\System32\drivers\AppleCharger.sys [2010-10-5 21544]

R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\System32\drivers\cmdGuard.sys [2010-9-10 249496]

R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\System32\drivers\cmdhlp.sys [2010-9-10 33208]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-11-25 203776]

R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2010-11-25 354304]

R2 AMD Reservation Manager;AMD Reservation Manager;C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-6-17 194496]

R2 AntiVirMailService;Avira AntiVir MailGuard;C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [2010-10-11 339624]

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2010-10-11 135336]

R2 AntiVirService;Avira AntiVir Guard;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2010-10-11 267944]

R2 AntiVirWebService;Avira AntiVir WebGuard;C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe [2010-10-11 403624]

R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2010-10-11 83120]

R2 BCUService;Browser Configuration Utility Service;C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-10-15 223464]

R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-2-28 821664]

R2 ES lite Service;ES lite Service for program management.;C:\Program Files (x86)\GIGABYTE\EasySaver\essvr.exe [2010-10-16 68136]

R2 JMB36X;JMB36X;C:\Windows\SysWOW64\XSrvSetup.exe [2010-10-5 72304]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-1-6 363344]

R2 McciCMService64;McciCMService64;C:\Program Files\Common Files\Motive\McciCMService.exe [2010-10-15 517632]

R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-4-24 483688]

R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2010-12-14 46136]

R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2010-11-25 8120320]

R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2010-11-25 289792]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2011-1-6 24152]

R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2009-11-20 75776]

R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2009-11-20 177152]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-10-5 347680]

R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2010-4-24 721768]

R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2010-4-24 269672]

R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2010-4-24 25960]

R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2010-4-24 22376]

R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-4-24 209768]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-22 1493352]

S2 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]

S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;C:\! TZO_VIDEOGAMES\Bioware\Dragon Age\bin_ship\daupdatersvc.service.exe [2010-11-3 25832]

S3 etdrv;etdrv;C:\Windows\etdrv.sys [2010-10-17 25640]

S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-12-19 1436424]

S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-10-23 48488]

S3 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-23 136176]

S3 GVTDrv64;GVTDrv64;C:\Windows\GVTDrv64.sys [2010-10-16 30528]

S3 mi-raysat_3dsMax2009_32;mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit;C:\! TZO_3D PROGS\Autodesk\3ds Max 2009_(32)\mentalray\satellite

\raysat_3dsMax2009_32server.exe [2008-3-9 65536]

S3 mi-raysat_3dsMax2009_64;mental ray 3.6 Satellite for Autodesk 3ds Max 2009 64-bit 64-bit;C:\! TZO_3D PROGS\Autodesk\3ds Max 2009_(64)\mentalray\satellite

\raysat_3dsMax2009_64server.exe [2008-3-9 65536]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 RaySat2011Server;mental ray Satellite 3.8.1 for Maya 2011 (64 bit);C:\Program Files\Autodesk\mrsat3.8.1-maya2011\bin\raysat2011server.exe [2010-8-24 96768]

S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2010-12-19 31800]

S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-5-24 1255736]

=============== Created Last 30 ================

2011-01-07 17:37:17 191488 ----a-w- C:\Windows\System32\unrar.dll

2011-01-07 17:37:16 136704 ----a-w- C:\Windows\System32\ff_vfw.dll

2011-01-07 17:37:15 -------- d-----w- C:\Program Files\KLCP64

2011-01-07 16:44:41 6851408 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll

2011-01-07 16:44:39 8199504 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{8D3068A2-BF2D-4D96-A1EB-78BBCD6C8E84}\mpengine.dll

2011-01-07 04:13:30 -------- d-----w- C:\Users\TAKEZO~1\AppData\Roaming\Malwarebytes

2011-01-07 04:13:23 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

2011-01-07 04:13:22 -------- d-----w- C:\PROGRA~3\Malwarebytes

2011-01-07 04:13:19 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys

2011-01-07 04:13:19 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2011-01-06 03:17:17 331908 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\isp238B.tmp\setup.dll

2011-01-06 01:51:58 -------- d-----w- C:\Program Files (x86)\RAR Password Recovery Magic

2011-01-05 19:36:46 -------- d-----w- C:\Program Files (x86)\PCPitstop

2011-01-05 19:36:46 -------- d-----w- C:\PROGRA~3\PCPitstop

2011-01-04 14:43:57 -------- d-----w- C:\Program Files (x86)\AoA Video Joiner

2011-01-01 14:20:22 -------- d-----w- C:\PROGRA~3\OptiTex

2010-12-29 15:16:04 -------- d-----w- C:\! TZO_PICS

2010-12-28 13:29:07 73216 ------w- C:\Windows\AKDeInstall.exe

2010-12-28 07:15:52 -------- d-----w- C:\Users\TAKEZO~1\AppData\Roaming\World Machine 2.2 Basic

2010-12-27 00:30:09 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2010-12-27 00:30:09 2048 ----a-w- C:\Windows\System32\tzres.dll

2010-12-27 00:19:59 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll

2010-12-27 00:19:59 496128 ----a-w- C:\Windows\SysWow64\taskschd.dll

2010-12-27 00:19:59 473600 ----a-w- C:\Windows\System32\taskcomp.dll

2010-12-27 00:19:59 464384 ----a-w- C:\Windows\System32\taskeng.exe

2010-12-27 00:19:59 1169408 ----a-w- C:\Windows\System32\taskschd.dll

2010-12-27 00:19:59 1114624 ----a-w- C:\Windows\System32\schedsvc.dll

2010-12-27 00:19:58 305152 ----a-w- C:\Windows\SysWow64\taskcomp.dll

2010-12-27 00:19:58 285696 ----a-w- C:\Windows\System32\schtasks.exe

2010-12-27 00:19:58 192000 ----a-w- C:\Windows\SysWow64\taskeng.exe

2010-12-27 00:19:58 179712 ----a-w- C:\Windows\SysWow64\schtasks.exe

2010-12-26 23:58:37 46080 ----a-w- C:\Windows\System32\atmlib.dll

2010-12-26 23:58:37 367104 ----a-w- C:\Windows\System32\atmfd.dll

2010-12-26 23:58:37 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll

2010-12-26 23:58:37 294400 ----a-w- C:\Windows\SysWow64\atmfd.dll

2010-12-26 23:58:34 3124224 ----a-w- C:\Windows\System32\win32k.sys

2010-12-26 23:51:28 395776 ----a-w- C:\Windows\System32\webio.dll

2010-12-26 23:51:28 314368 ----a-w- C:\Windows\SysWow64\webio.dll

2010-12-26 23:43:53 516096 ----a-w- C:\Program Files\Windows Mail\wab.exe

2010-12-26 23:43:53 516096 ----a-w- C:\Program Files (x86)\Windows Mail\wab.exe

2010-12-26 23:43:53 35328 ----a-w- C:\Program Files\Windows Mail\wabfind.dll

2010-12-26 23:43:52 112000 ----a-w- C:\Windows\System32\consent.exe

2010-12-25 02:09:25 -------- d-----w- C:\Users\TAKEZO~1\AppData\Local\Reality Pump

2010-12-24 02:54:26 -------- d-----w- C:\Users\TAKEZO~1\AppData\Roaming\com.gog.downloader.87F90EC6C28C7E479115BE2E026DB87A08BC420D.1

2010-12-24 02:54:23 -------- d-----w- C:\Program Files (x86)\GOG.com Downloader

2010-12-24 00:36:21 -------- d-----w- C:\Users\TAKEZO~1\AppData\Local\Microsoft Games

2010-12-19 22:54:57 -------- d-----w- C:\PROGRA~3\boost_interprocess

2010-12-19 22:44:44 -------- d-----w- C:\Program Files\Autodesk

2010-12-19 22:37:10 -------- d-----w- C:\Program Files (x86)\Common Files\Alias Shared

2010-12-19 22:32:03 -------- d-----w- C:\Program Files\Common Files\Macrovision Shared

2010-12-19 22:28:59 5081608 ----a-w- C:\Windows\System32\d3dx9_36.dll

2010-12-19 17:10:45 -------- d-----w- C:\Users\TAKEZO~1\AppData\Local\VS Revo Group

2010-12-19 17:10:43 31800 ----a-w- C:\Windows\System32\drivers\revoflt.sys

2010-12-19 17:10:41 -------- d-----w- C:\Program Files\VS Revo Group

2010-12-18 00:16:07 -------- d-----w- C:\! TZO_VIDS

2010-12-17 20:37:47 -------- d-----w- C:\! TZO_DOWLOADS

2010-12-16 17:46:21 -------- d-----w- C:\! TZO_SHIT_(TEMP DLS)

2010-12-16 16:23:49 -------- d-----w- C:\Users\TAKEZO~1\AppData\Local\Vincent_Bethmann

2010-12-16 16:22:28 -------- d-----w- C:\Program Files (x86)\GlassBench 4

2010-12-15 11:54:23 -------- d-----w- C:\Users\TAKEZO~1\AppData\Roaming\Adobe Mini Bridge CS5

2010-12-15 10:40:55 -------- d-----w- C:\Users\TAKEZO~1\AppData\Local\AMD

2010-12-15 10:38:15 -------- d-----w- C:\PROGRA~3\AMD

2010-12-14 23:01:35 72 ----a-w- C:\Windows\Vue 7.5 xStream.reg

2010-12-14 23:01:35 70 ----a-w- C:\Windows\Vue 6 xStream.reg

2010-12-14 23:01:35 -------- d-----w- C:\PROGRA~3\e-onsoftware

2010-12-14 19:59:34 -------- d-----w- C:\Users\TAKEZO~1\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1

2010-12-14 19:31:52 46136 ----a-w- C:\Windows\System32\drivers\amdiox64.sys

2010-12-14 19:29:04 -------- d-----w- C:\Program Files (x86)\ATI Stream

2010-12-14 19:26:27 -------- d-----w- C:\Program Files\Common Files\ATI Technologies

2010-12-14 19:26:27 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies

2010-12-14 19:24:29 -------- d-----w- C:\Program Files (x86)\ATI Technologies

2010-12-14 19:24:27 -------- d-----w- C:\Program Files\ATI

2010-12-14 19:23:34 -------- d-----w- C:\Program Files\ATI Technologies

2010-12-14 14:56:48 3584 ----a-r- C:\Users\TAKEZO~1\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe

2010-12-14 14:56:48 -------- d-----w- C:\Program Files (x86)\Windows Installer Clean Up

2010-12-14 14:53:05 -------- d-----w- C:\Program Files (x86)\MSECACHE

2010-12-14 14:06:46 -------- d-----w- C:\Users\TAKEZO~1\AppData\Roaming\ResourceCentral.E6E1B28A311BC518DB6C6883EA3757FDE0E90ADC.1

2010-12-14 14:04:24 -------- d-----w- C:\PROGRA~3\regid.1986-12.com.adobe

2010-12-14 11:59:13 -------- d-----w- C:\Program Files (x86)\Guitartab.co.uk

2010-12-14 11:39:00 -------- d-----w- C:\Users\TAKEZO~1\AppData\Roaming\Anvil Studio

2010-12-13 19:40:52 -------- d-----w- C:\Users\TAKEZO~1\AppData\Roaming\PACE Anti-Piracy

2010-12-13 19:40:52 -------- d-----w- C:\Users\TAKEZO~1\AppData\Local\PACE Anti-Piracy

2010-12-13 19:40:52 -------- d-----w- C:\PROGRA~3\PACE Anti-Piracy

2010-12-13 18:58:28 55280 ------w- C:\Windows\System32\drivers\PxHlpa64.sys

2010-12-13 18:58:28 10224 ------w- C:\Windows\System32\drivers\cdralw2k.sys

2010-12-13 18:58:28 10224 ------w- C:\Windows\System32\drivers\cdr4_xp.sys

2010-12-13 18:58:27 -------- d-----w- C:\Program Files (x86)\My Company Name

2010-12-13 18:58:27 -------- d-----w- C:\Program Files (x86)\Common Files\Sonic Shared

2010-12-13 18:58:27 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine

2010-12-13 10:13:17 -------- d-----w- C:\Program Files (x86)\MagicISO

2010-12-12 15:39:26 -------- d-----w- C:\! TZO_(SAMSUNG HDD PATCH)

2010-12-12 03:10:19 -------- d-----w- C:\Program Files (x86)\ASIO4ALL v2

2010-12-12 03:09:48 225280 ----a-w- C:\Windows\SysWow64\rewire.dll

2010-12-12 03:09:42 1554944 ----a-w- C:\Windows\SysWow64\vorbis.acm

2010-12-12 03:09:28 -------- d-----w- C:\Program Files (x86)\Outsim

2010-12-12 03:07:01 -------- d-----w- C:\Program Files (x86)\Image-Line

2010-12-11 23:49:16 -------- d-----w- C:\Windows\Recent

2010-12-11 23:49:13 5727 ----a-w- C:\Windows\SysWow64\VcakeD.vxd

2010-12-11 23:49:13 -------- d-----w- C:\Program Files (x86)\CakeWalk 9

2010-12-11 23:48:36 -------- d-----w- C:\audio

2010-12-09 11:10:00 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll

2010-12-09 11:10:00 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll

2010-12-09 01:18:36 -------- d-----w- C:\Program Files (x86)\virtuAMP

2010-12-09 01:10:29 -------- d-----w- C:\Program Files (x86)\Babya

==================== Find3M ====================

2011-01-07 16:20:14 25640 ----a-w- C:\Windows\gdrv.sys

2010-12-07 17:17:20 51200 ----a-w- C:\Windows\SysWow64\OpenCL.dll

2010-12-07 17:15:30 52736 ----a-w- C:\Windows\System32\OpenCL.dll

2010-12-04 21:07:31 83120 ----a-w- C:\Windows\System32\drivers\avgntflt.sys

2010-12-02 22:49:58 697690 ----a-w- C:\Windows\unins000.exe

2010-12-02 10:17:40 25640 ----a-w- C:\Windows\etdrv.sys

2010-12-02 08:43:09 30528 ----a-w- C:\Windows\GVTDrv64.sys

2010-11-26 04:20:20 8120320 ----a-w- C:\Windows\System32\drivers\atikmdag.sys

2010-11-26 03:19:32 21610496 ----a-w- C:\Windows\System32\atio6axx.dll

2010-11-26 03:02:08 16702976 ----a-w- C:\Windows\SysWow64\atioglxx.dll

2010-11-26 02:58:22 143360 ----a-w- C:\Windows\System32\atiapfxx.exe

2010-11-26 02:58:12 550400 ----a-w- C:\Windows\SysWow64\aticfx32.dll

2010-11-26 02:57:08 648704 ----a-w- C:\Windows\System32\aticfx64.dll

2010-11-26 02:54:58 462848 ----a-w- C:\Windows\System32\ATIDEMGX.dll

2010-11-26 02:54:48 478720 ----a-w- C:\Windows\System32\atieclxx.exe

2010-11-26 02:54:12 203776 ----a-w- C:\Windows\System32\atiesrxx.exe

2010-11-26 02:53:00 120320 ----a-w- C:\Windows\System32\atitmm64.dll

2010-11-26 02:52:42 423424 ----a-w- C:\Windows\System32\atipdl64.dll

2010-11-26 02:52:36 356352 ----a-w- C:\Windows\SysWow64\atipdlxx.dll

2010-11-26 02:52:26 278528 ----a-w- C:\Windows\SysWow64\Oemdspif.dll

2010-11-26 02:52:20 16384 ----a-w- C:\Windows\System32\atimuixx.dll

2010-11-26 02:52:16 59392 ----a-w- C:\Windows\System32\atiedu64.dll

2010-11-26 02:52:10 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll

2010-11-26 02:49:04 4066816 ----a-w- C:\Windows\SysWow64\atidxx32.dll

2010-11-26 02:40:14 4794368 ----a-w- C:\Windows\System32\atidxx64.dll

2010-11-26 02:30:20 51200 ----a-w- C:\Windows\System32\aticalrt64.dll

2010-11-26 02:30:20 4122624 ----a-w- C:\Windows\SysWow64\atiumdag.dll

2010-11-26 02:30:18 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll

2010-11-26 02:30:10 44544 ----a-w- C:\Windows\System32\aticalcl64.dll

2010-11-26 02:30:08 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll

2010-11-26 02:29:58 6815232 ----a-w- C:\Windows\System32\aticaldd64.dll

2010-11-26 02:29:52 3217408 ----a-w- C:\Windows\System32\atiumd6a.dll

2010-11-26 02:28:44 5441024 ----a-w- C:\Windows\SysWow64\aticaldd.dll

2010-11-26 02:24:38 58880 ----a-w- C:\Windows\System32\coinst.dll

2010-11-26 02:24:06 5258240 ----a-w- C:\Windows\System32\atiumd64.dll

2010-11-26 02:22:26 3460096 ----a-w- C:\Windows\SysWow64\atiumdva.dll

2010-11-26 02:17:28 351232 ----a-w- C:\Windows\System32\atiadlxx.dll

2010-11-26 02:17:20 249856 ----a-w- C:\Windows\SysWow64\atiadlxy.dll

2010-11-26 02:17:08 14848 ----a-w- C:\Windows\System32\atig6pxx.dll

2010-11-26 02:17:04 12800 ----a-w- C:\Windows\SysWow64\atiglpxx.dll

2010-11-26 02:17:04 12800 ----a-w- C:\Windows\System32\atiglpxx.dll

2010-11-26 02:17:00 31744 ----a-w- C:\Windows\System32\atig6txx.dll

2010-11-26 02:16:54 27136 ----a-w- C:\Windows\SysWow64\atigktxx.dll

2010-11-26 02:16:46 289792 ----a-w- C:\Windows\System32\drivers\atikmpag.sys

2010-11-26 02:16:04 39936 ----a-w- C:\Windows\System32\atiuxp64.dll

2010-11-26 02:15:58 30720 ----a-w- C:\Windows\SysWow64\atiuxpag.dll

2010-11-26 02:15:52 37888 ----a-w- C:\Windows\System32\atiu9p64.dll

2010-11-26 02:15:42 28672 ----a-w- C:\Windows\SysWow64\atiu9pag.dll

2010-11-26 02:15:00 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll

2010-11-26 02:09:18 53760 ----a-w- C:\Windows\System32\atimpc64.dll

2010-11-26 02:09:18 53760 ----a-w- C:\Windows\System32\amdpcom64.dll

2010-11-26 02:09:12 52736 ----a-w- C:\Windows\SysWow64\atimpc32.dll

2010-11-26 02:09:12 52736 ----a-w- C:\Windows\SysWow64\amdpcom32.dll

2010-11-24 08:00:00 108032 ----a-w- C:\Windows\SysWow64\ff_vfw.dll

2010-11-23 07:16:05 43520 ----a-w- C:\Windows\SysWow64\CmdLineExt03.dll

2010-11-22 18:16:36 2942464 ----a-w- C:\Windows\SysWow64\x264vfw.dll

2010-11-20 14:38:01 332288 ----a-w- C:\Windows\System32\uxtheme.dll

2010-11-20 14:37:57 2851328 ----a-w- C:\Windows\System32\themeui.dll

2010-11-20 14:37:54 44544 ----a-w- C:\Windows\System32\themeservice.dll

2010-11-12 23:53:06 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2010-11-04 06:35:53 1194496 ----a-w- C:\Windows\System32\wininet.dll

2010-11-04 06:31:34 57856 ----a-w- C:\Windows\System32\licmgr10.dll

2010-11-04 05:52:17 978944 ----a-w- C:\Windows\SysWow64\wininet.dll

2010-11-04 05:48:36 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll

2010-11-04 05:16:14 482816 ----a-w- C:\Windows\System32\html.iec

2010-11-04 04:41:26 386048 ----a-w- C:\Windows\SysWow64\html.iec

2010-11-04 04:35:37 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

2010-11-04 04:08:54 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2010-11-03 19:08:48 237568 ----a-w- C:\Windows\SysWow64\yv12vfw.dll

2010-10-27 20:15:54 17526024 ----a-w- C:\Program Files (x86)\tor-browser-1.3.11_en-US.exe

2010-10-19 15:41:44 270720 ------w- C:\Windows\System32\MpSigStub.exe

2010-10-17 22:25:42 242 ----a-w- C:\Windows\e-on Render Cow.reg

2010-10-17 22:17:26 334 ----a-w- C:\Windows\Vue 7 xStream.reg

2010-10-15 04:04:19 178800 ----a-w- C:\Windows\SysWow64\CmdLineExt_x64.dll

2010-10-14 06:36:52 15451288 ----a-w- C:\Windows\SysWow64\xlive.dll

2010-10-14 06:36:50 13642904 ----a-w- C:\Windows\SysWow64\xlivefnt.dll

2010-10-12 00:18:25 310728 ----a-w- C:\Windows\System32\drivers\atksgt.sys

2010-10-12 00:17:10 43168 ----a-w- C:\Windows\System32\drivers\lirsgt.sys

============= FINISH: 19:43:19.32 ===============

Link to post
Share on other sites

  • 2 weeks later...
  • 2 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.