Do I have malware?

[Cooper81]

Hello,

My wife and I have been experiencing slow and intermittent wireless speeds, and wonder if malware has a hand in it. Could someone please take a look at my logs? She works on a company PC, so I cannot install apps or make changes. Let me know if we should limit her net activity during this process.

I was not able to get dds.scr to produce an "attach.txt" file, and I think it may not be initializing correctly. Also the dds.scr file properties show it as an "AutoCAD LT Script." Do I need to do something in AutoCAD to disable scripting? I'm not sure how to check to see if scripting is enabled anywhere.

When I first tried to post this topic I got the following error message: "You have posted a message with more emoticons that this board allows. Please reduce the number of emoticons you've added to the message"

My only guess is it's due to the gibberish in the dds.txt file. I've deleted most of it in an attempt to get the first post created.

Thanks in advance!

MZ ÿÿ ¸ @ Ø º ´ Í!¸LÍ!This program cannot be run in DOS mode.

$ 1¸„:uÙêiuÙêiuÙêi¶ÖµiwÙêiuÙëiîÙêi¶Ö·idÙêi!úÚiÙêi²ßìitÙêiRichuÙêi PE L ÆãK à P   0ó ° @ O« € ` ` UPX0   € àUPX1 P ° F @ à.rsrc J @ À 3.07 UPX!

•» $И…‚Û 'C „ & "ÿ÷ÿU‹ìƒì\ƒ}t+F‹Eu

ƒH‹

¨>Bÿ¿lÿ ‰HPÿuÿHr@ é uSÝŒ}÷V‹5°E¤WPLƒeôíæl»1EäP‹}ð¿ý±·ðDp; ï¶FRVV¯Uuÿ¿ýè‹Ï+MèÁ‰M™÷ÿ3ÒŠðQùÛÍNUMèÁ‹Ê1T»vé>ŠÈPE3Áá×m··ÀÈsôPBø¢p‡™åìrEðPˆTßÞ¾½ÿÓè9}qŒwÿ ƒ~Xÿºûteÿv4½5…À3tnÛ¶/jWÇ:« èî"Ý͹*Ê )XWKpÛg›ÛÿXÖðh -P¹gWøjÿh 6%Xr¿9Yˆw¤\_^3À[ÉÛßð·Â_‹L$¡ÈF‹ÑSiÒAVûÝÿÿW‹TöÂtOq3ÿ;5ÌsB‹Îiɼ}YþD‹ÁGët Ûÿö/BO…Ét ë

u‹Ù3Úƒã9Ù´Û³÷‰F1ArÊt[Â…wÃ7îQQ‹U¿òiö˜{À3ÉóW?üB‹F¨^~ìö9Mt$¾B‰;„D‹ÂiÀ°ðýG|B‹‡

,RÛËö÷#ëu(›@ÿEüµwÍtëø;A‹Ðr¼ùÛ7

͈û,lü tóø·ù/ƒN@ëç‹€áƒÉ‰ëÙ?ö? V3öƒù s49Èv,Pö¿ð$¨uGÓç…züt~^°ÿ$þ‰FÂóÙò[Ù?á¡­seùZám†”ØB=#¼ïð+üß3Û9tK;ßsEÕrƒÆ5¶­°d„b(ý­pÛ <˜¦‹¾@ƒâÓàì…w¿«ü#È‹ÁÓâ;ÂvCÆxw[w{ßrÆt

÷ƒVã rŸßÚîmCüóŠ‹DÓN}@¹ÁmøÛ @eÁà

+ÈQ;JÙq³ôvt$öj‹ÆxÐkÀtÜ]¸øƒ8C\P!0=¯ÿökœiCu@FëH‹£ãÛÛð+&|$ž/Œ{jv7ž{w5th0u

u0q³±u/Ph¡ÿe…DÞ¯a{…ö}’Î^Š¸[ëõ»ïîÐ|'Ctlj…™hpŸ°sŽŸË? Qì¤o8^MÊ¡"JØWjc»°ðY}ØNÌKó¥ñÜcÿûmàš‹úÁæ

ë‰]üÁç

ñùMû…ïú܉

h›M؃ÁþÚA‡˜ý×·½$(Sá?(

ÿlÌlÛß½9]Ì„c

!SÇø¶9vBH-…’9Öðw_‡S

Õƒø±P8³-½×ˆ|„ÌFüÜ¿-¼

‚^äu"‹ˆ ?ö·s7yˆ`<‹§-k±±)‹Ö{/ó4…a‹;Ë”À#¬¾Ç¶…C…6ÿ4•VÆ[ø/WpÊ]`xl†Ö7+tRQ%„ÇœëÎ<„ÿ>[jð=V·}‚ò«àº„š…ÝØ=ÈÎ!X‹øWFéþ—ï_f;ótBj\V

€SWŠˆˆEc³Ù:€u |=·÷j5Û†ªW

x¨,ø…{¦Š'ˆF:Ãu¾àtjæBw„ÿmWh ˜Kb.t<>Äîjõ`SnN]ŸµcovjÐjß}‹ø»E¶#WV„pòjã<1×Íoíâê?Ø¿fk

ÔWH°jäaniM~P‹·¥o:éHl#“;Æv%8²cþ³!C;ÃtƒÀ,`²ëVþvÛ ÇØìˆm…£D#6I7WÌhÿdÈBÇ{QVzSmdÍ>9o,jïíŸhü

ÁÞ¢j1žÁƒàV‰uø³cÿkøzFÂV¾p›¥VŠ‘ÞY„IP"ÂÙwðßK~MÄ¿p£­}|1ʸm]‡Ì“èÏQw7·iü`‹Èñý

Ñ€#ÁÆÞ\ã÷ØÒoÚu•ÖuÜ5C•êh$@íÛ´19þÿuv(S†ˆÅF–@WV

-ùEZ1ðÝ„WPâÃÞØÁøPD#ƒ6·/е§S'HVjúé<ŽlúN/øjâsÁ±¤‹|ƒ´(êóîÓfTSSzuäÿ

ÖÖ·6èÿ(Äì^‘

îÂëèP…¢ßŒ¹¨øì;ûÞ$ƒ~ÌÅþÿþujéV®`~ëjî~¤%ÎhR pSë4

±[¦'ÜPÃYçVjØÂiD;¹Jò´¹…ìè†Wîðw’2Îø1‡'î ÇzsKx´j!jõ6G0º ïnÔ·J”}•td*[woh37Áäøˆ;ø~vx¼µ/sÔÇUnoc—»â„û}x,y‰»soC‹ûÿ›ÿˆ7’ÖMN: o1vìIÛÉR‰ððpÐä5±Ù"ôëì)W²äNŠ)KP¸Oøl,6w´Vô?à]

Úy¸Bžÿ m9{KOæoÕð-Ùnÿ;ð|~–ësoèv†''œ,JìÕ¼À7ÄÔøwmè…¥)ÚÞ  ëb+^ÉÏ‹¡-lWäÇЖÛímù/ëJF#B3>Z04Û[îv+ÜuêÉë+ tø/>é

¹ôÕ8 úëE‹ƒÔùë&9Ù½ÓÿWŒ]òP†À¾— °ÄÌ›Ú-p¯}DH‹ßÝ|·Ž?uñ

ÑƒÇ–Þ #ÜW³¡.•ýî]ÖKVP­;Ót%}ú8ù

.GçW£6<dë'…ühj@ÖåpàŽ“ªóF.ÞG¾R„‰‰5÷Ƙé„T× ö¸\¬!ÃË„3á פëD8•íCÂm!ÿuDŽMðÁù'fjjðUøŠ™kɆf™…`¹qÂæ²?Dë,E/ôFƒìŠ‡ÙÉŠöf›5v1Q#Í/-v©

CY&Üh&ß㌦ª‡FPg6Ê­s(rQTý1àù&ÌN¬%,J¹8’p¡ègîöð&ÛëA0Rq«Â/*.Àiv\5. j[ m0Û ÈS¶S 5븙4hr)VÛOfû|P HjZ°f{c\8.@P¥áÂáÐS*’£tž\¥î˜£„ Š ?½ûF­¥ÊÆ‹ˆ

ˆ6÷Fî£h‰«çšm¢Š8·B„¦))6ïnèÞ‡lC¶ô`

<S [\X

jËئ

‘8ÈjìÒ¥bpؖ訬îþZ%

S#Æp\΋[KŸ!hu

gD pH„VvÇUp~ÃCÂ)T,ä¶øzî8FÓ9øãn‹jÀ½jdÖ=p'[m[tëöø#ôä(¸`b

0J©Å¶Ðø¯€Å$Œ$ìyaÍÞZ±p Öÿs:ꊱN¢¿‰îÊÐ}Q6ZP…`ík8ø!aß7ØÌœ jƈ4ð5¹“Ô6J4nÐ0‰¼÷N@‰Í÷™DTÿpÙÍÆÜ„ÝÃ|ç&Šq9XÙsÉÜŒ¶U­]ÍŽoÑ

©qøÙ[wîjStzOWØ:ß=ketVW8œAÎb1íÄ«+(Ôªh(o=ÌâÄíÖÖáë

[screen317]

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Download OTL.exe by OldTimer to your Desktop.

• Close all windows and double click OTL.exe.
  
• Click Run Scan and let the program run uninterrupted.
  
• It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  
• You may need to use two posts to get it all.
  

[Cooper81]

Thanks Screen317!

Malwarebytes' Anti-Malware 1.51.1.1800

www.malwarebytes.org

Database version: 7430

Windows 6.1.7601 Service Pack 1

Internet Explorer 9.0.8112.16421

8/10/2011 7:26:05 PM

mbam-log-2011-08-10 (19-26-05).txt

Scan type: Quick scan

Objects scanned: 187720

Time elapsed: 2 minute(s), 50 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

[screen317]

Please post OTL's main log too.

[Cooper81]

I'm having trouble posting the OTL.txt file, both by attachment and copy/paste. I even tried pasting about 10% of the text and still got an error. I'll keep trying unless I hear something from you.

[Cooper81]

Here's a try for OTL.txt part 1

OTL logfile created on: 8/10/2011 7:32:15 PM - Run 1

OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Cooper\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.99 Gb Total Physical Memory | 2.47 Gb Available Physical Memory | 61.90% Memory free

7.98 Gb Paging File | 6.06 Gb Available in Paging File | 75.95% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 452.95 Gb Total Space | 397.30 Gb Free Space | 87.71% Space Free | Partition Type: NTFS

Computer Name: COOPER-LAPTOP | User Name: Cooper | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 1 Day

========== Processes (SafeList) ==========

PRC - File not found --

PRC - [2011/08/10 19:31:30 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Cooper\Desktop\OTL.exe

PRC - [2011/06/30 13:48:18 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2011/06/02 18:32:44 | 000,123,320 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe

PRC - [2011/05/01 17:58:20 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

PRC - [2011/03/18 01:26:14 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe

PRC - [2011/03/18 01:24:50 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe

PRC - [2011/03/04 14:36:51 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

PRC - [2010/05/20 19:15:00 | 000,110,736 | R--- | M] (InterVideo) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

PRC - [2010/03/11 17:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

PRC - [2009/08/24 18:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe

========== Modules (SafeList) ==========

MOD - [2011/08/10 19:31:30 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Cooper\Desktop\OTL.exe

MOD - [2011/06/16 17:23:25 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll

MOD - [2011/06/16 17:23:25 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll

MOD - [2011/02/15 11:25:56 | 000,640,504 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\WOW64\Plugins\ISWSHEX.dll

MOD - [2010/11/20 08:21:36 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll

MOD - [2010/11/20 07:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/02/15 11:26:18 | 000,822,264 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)

SRV:64bit: - [2010/10/28 06:14:30 | 000,357,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)

SRV:64bit: - [2010/09/27 09:37:32 | 004,180,576 | ---- | M] (SafeNet Inc.) [Auto | Running] -- C:\windows\SysNative\hasplms.exe -- (hasplms)

SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)

SRV:64bit: - [2010/07/28 13:27:16 | 000,267,192 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)

SRV:64bit: - [2010/07/22 19:36:16 | 000,822,192 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)

SRV:64bit: - [2010/02/05 20:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)

SRV:64bit: - [2009/11/06 01:05:28 | 000,489,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)

SRV:64bit: - [2009/10/21 12:30:36 | 000,531,520 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\ThpSrv.exe -- (Thpsrv)

SRV:64bit: - [2009/07/28 18:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)

SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV:64bit: - [2007/02/12 19:43:00 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Windows\SysNative\drivers\o2flash.exe -- (O2FLASH)

SRV - [2011/06/30 13:48:18 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2011/06/02 18:32:44 | 000,123,320 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe -- (Norton PC Checkup Application Launcher)

SRV - [2011/05/01 17:58:20 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2011/03/23 01:05:10 | 000,077,944 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)

SRV - [2011/03/18 01:26:14 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe -- (vsmon)

SRV - [2011/02/11 13:45:52 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)

SRV - [2010/05/20 19:15:00 | 000,110,736 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)

SRV - [2010/04/12 13:45:00 | 000,196,976 | ---- | M] (TOSHIBA CORPORATION) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)

SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010/03/11 17:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)

SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)

SRV - [2009/08/24 18:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) [unknown | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe -- (PCCUJobMgr)

SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/06/30 13:48:19 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)

DRV:64bit: - [2011/06/30 13:48:19 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)

DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2011/03/03 11:59:18 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)

DRV:64bit: - [2011/02/18 16:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2011/02/15 11:25:38 | 000,033,528 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)

DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010/11/20 05:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)

DRV:64bit: - [2010/11/16 16:00:50 | 000,077,032 | ---- | M] (O2Micro ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\o2mdgx64.sys -- (O2MDGRDR)

DRV:64bit: - [2010/09/27 14:26:04 | 000,131,072 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksfridge.sys -- (aksfridge)

DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)

DRV:64bit: - [2010/08/30 16:47:16 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)

DRV:64bit: - [2010/08/24 13:29:32 | 000,057,936 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)

DRV:64bit: - [2010/08/24 13:29:10 | 000,063,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)

DRV:64bit: - [2010/07/27 10:36:22 | 000,075,648 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksdf.sys -- (aksdf)

DRV:64bit: - [2010/06/22 16:28:06 | 000,729,216 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)

DRV:64bit: - [2010/06/18 19:45:58 | 000,018,872 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfec.sys -- (tosrfec)

DRV:64bit: - [2010/05/15 16:30:52 | 000,458,840 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant)

DRV:64bit: - [2010/05/13 22:20:42 | 000,059,704 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfusb.sys -- (Tosrfusb)

DRV:64bit: - [2010/05/08 21:38:56 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)

DRV:64bit: - [2010/04/26 17:23:08 | 001,103,904 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192se.sys -- (rtl8192se)

DRV:64bit: - [2010/04/26 14:48:40 | 000,063,488 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TosRfSnd.sys -- (TosRfSnd)

DRV:64bit: - [2010/04/07 13:51:50 | 000,214,248 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfbd.sys -- (tosrfbd)

DRV:64bit: - [2010/03/24 16:55:56 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2009/11/23 17:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)

DRV:64bit: - [2009/11/23 17:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)

DRV:64bit: - [2009/08/18 21:41:06 | 000,049,568 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2sdgx64.sys -- (O2SDGRDR)

DRV:64bit: - [2009/07/30 23:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)

DRV:64bit: - [2009/07/30 21:20:18 | 000,281,648 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)

DRV:64bit: - [2009/07/28 23:02:00 | 000,081,768 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tosrfcom.sys -- (Tosrfcom)

DRV:64bit: - [2009/07/24 14:33:00 | 000,026,472 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfnds.sys -- (tosrfnds)

DRV:64bit: - [2009/07/14 18:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)

DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/07/13 20:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)

DRV:64bit: - [2009/06/29 19:16:20 | 000,014,784 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Thpevm.sys -- (Thpevm)

DRV:64bit: - [2009/06/29 13:25:22 | 000,034,880 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\thpdrv.sys -- (Thpdrv)

DRV:64bit: - [2009/06/22 20:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)

DRV:64bit: - [2009/06/19 22:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)

DRV:64bit: - [2009/06/19 13:00:00 | 000,094,336 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Tosrfhid.sys -- (Tosrfhid)

DRV:64bit: - [2009/06/19 12:59:00 | 000,050,664 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfbnp.sys -- (tosrfbnp)

DRV:64bit: - [2009/06/17 15:01:00 | 000,054,664 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosporte.sys -- (tosporte)

DRV:64bit: - [2009/06/15 16:58:50 | 000,012,800 | ---- | M] (TOSHIBA) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\QIOMem.sys -- (QIOMem)

DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)

DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 16:34:18 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)

DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2009/03/13 11:55:38 | 000,318,464 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hardlock.sys -- (hardlock)

DRV:64bit: - [2009/03/13 11:55:38 | 000,053,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\akshasp.sys -- (akshasp)

DRV:64bit: - [2009/03/13 11:55:38 | 000,025,344 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aksusb.sys -- (aksusb)

DRV:64bit: - [2007/07/23 15:13:06 | 000,056,960 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\akshhl.sys -- (akshhl)

DRV:64bit: - [2007/04/27 07:40:00 | 000,142,120 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\sentinel64.sys -- (Sentinel64)

DRV:64bit: - [2007/04/17 14:51:50 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSND&bmod=TSND

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=TSND&bmod=TSND

IE - HKLM\..\URLSearchHook: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\tbZone.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSND&bmod=TSND

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=TSND&bmod=TSND

IE - HKCU\..\URLSearchHook: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\tbZone.dll (Conduit Ltd.)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

[Cooper81]

part 2

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll ()

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER [2011/03/31 18:32:04 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker [2011/03/31 18:22:52 | 000,000,000 | ---D | M]

O1 HOSTS File: ([2011/01/27 15:00:58 | 000,001,211 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: 127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com

O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com

O1 - Hosts: 127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com

O1 - Hosts: 127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com

O1 - Hosts: 127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com

O1 - Hosts: 127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net

O2:64bit: - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - File not found

O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)

O2:64bit: - BHO: (LastPass Browser Helper Object) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPBar64.dll (LastPass)

O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - File not found

O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)

O2 - BHO: (ZoneAlarm Security Toolbar) - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\tbZone.dll (Conduit Ltd.)

O2 - BHO: (LastPass Browser Helper Object) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPBar.dll (LastPass)

O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)

O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3:64bit: - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar64.dll (LastPass)

O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (ZoneAlarm Security Toolbar) - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\tbZone.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar.dll (LastPass)

O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Toolbar) - {91DA5E8A-3318-4F8C-B67E-5964DE3AB546} - C:\Program Files (x86)\ZoneAlarm_Security\tbZone.dll (Conduit Ltd.)

O3:64bit: - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)

O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)

O4:64bit: - HKLM..\Run: [] File not found

O4:64bit: - HKLM..\Run: [Epson Stylus C88 Series] C:\windows\SysNative\spool\DRIVERS\x64\3\E_FATIABA.EXE (SEIKO EPSON CORPORATION)

O4:64bit: - HKLM..\Run: [EPSON Stylus C88 Series (Copy 1)] C:\windows\SysNative\spool\DRIVERS\x64\3\E_FATIABA.EXE (SEIKO EPSON CORPORATION)

O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)

O4:64bit: - HKLM..\Run: [iSW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)

O4:64bit: - HKLM..\Run: [smartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()

O4:64bit: - HKLM..\Run: [smartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)

O4:64bit: - HKLM..\Run: [ThpSrv] C:\windows\SysNative\thpsrv.exe (TOSHIBA Corporation)

O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)

O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)

O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [TUSBSleepChargeSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe (TOSHIBA)

O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)

O4 - HKCU..\Run: [LightScribe Control Panel] File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O9:64bit: - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPBar64.dll (LastPass)

O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPBar.dll (LastPass)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O13 - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62

O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within (All) ==========

[2011/08/10 19:31:33 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\Cooper\Desktop\OTL.exe

[2011/08/10 16:44:16 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtml.tlb

[2011/08/10 16:44:16 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtml.tlb

[2011/08/10 16:44:16 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll

[2011/08/10 16:44:16 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll

[2011/08/10 16:44:15 | 002,143,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iertutil.dll

[2011/08/10 16:44:15 | 001,791,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iertutil.dll

[2011/08/10 16:44:14 | 002,303,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll

[2011/08/10 16:44:14 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9.dll

[2011/08/10 16:44:14 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll

[2011/08/10 16:44:14 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll

[2011/08/10 16:44:14 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll

[2011/08/10 16:44:14 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll

[2011/08/10 16:44:14 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll

[2011/08/10 16:44:13 | 001,389,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wininet.dll

[2011/08/10 16:44:13 | 001,344,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\urlmon.dll

[2011/08/10 16:44:13 | 001,126,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wininet.dll

[2011/08/10 16:44:13 | 001,102,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\urlmon.dll

[2011/08/10 16:44:13 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll

[2011/08/10 16:44:13 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jsproxy.dll

[2011/08/10 16:44:12 | 012,273,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtml.dll

[2011/08/10 16:44:12 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jsproxy.dll

[2011/08/10 16:44:10 | 017,782,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtml.dll

[2011/08/10 16:44:10 | 009,704,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieframe.dll

[2011/08/10 16:44:09 | 010,886,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieframe.dll

[2011/08/09 17:41:09 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xmllite.dll

[2011/08/09 17:41:09 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xmllite.dll

[2011/08/09 17:41:07 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbcjt32.dll

[2011/08/09 17:41:07 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbctrac.dll

[2011/08/09 17:41:07 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbctrac.dll

[2011/08/09 17:41:07 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbccp32.dll

[2011/08/09 17:41:07 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbccp32.dll

[2011/08/09 17:41:07 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbccu32.dll

[2011/08/09 17:41:07 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbccr32.dll

[2011/08/09 17:41:07 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbccu32.dll

[2011/08/09 17:41:07 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbccr32.dll

[2011/08/09 17:39:40 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\mrxsmb10.sys

[2011/08/09 17:34:18 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll

[2011/08/09 17:34:18 | 001,114,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\kernel32.dll

[2011/08/09 17:34:18 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll

[2011/08/09 17:34:18 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64win.dll

[2011/08/09 17:34:18 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe

[2011/08/09 17:34:18 | 000,272,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KernelBase.dll

[2011/08/09 17:34:18 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll

[2011/08/09 17:34:18 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll

[2011/08/09 17:34:18 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe

[2011/08/09 17:34:18 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntvdm64.dll

[2011/08/09 17:34:18 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll

[2011/08/09 17:34:18 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64cpu.dll

[2011/08/09 17:34:18 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll

[2011/08/09 17:34:18 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll

[2011/08/09 17:34:18 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll

[2011/08/09 17:34:17 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

[2011/08/09 17:34:17 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-security-base-l1-1-0.dll

[2011/08/09 17:34:17 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-file-l1-1-0.dll

[2011/08/09 17:34:17 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

[2011/08/09 17:34:17 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll

[2011/08/09 17:34:17 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll

[2011/08/09 17:34:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll

[2011/08/09 17:34:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll

[2011/08/09 17:34:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll

[2011/08/09 17:34:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-synch-l1-1-0.dll

[2011/08/09 17:34:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll

[2011/08/09 17:34:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll

[2011/08/09 17:34:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll

[2011/08/09 17:34:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll

[2011/08/09 17:34:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localization-l1-1-0.dll

[2011/08/09 17:34:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

[2011/08/09 17:34:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll

[2011/08/09 17:34:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll

[2011/08/09 17:34:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll

[2011/08/09 17:34:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll

[2011/08/09 17:34:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll

[2011/08/09 17:34:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-misc-l1-1-0.dll

[2011/08/09 17:34:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll

[2011/08/09 17:34:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-memory-l1-1-0.dll

[2011/08/09 17:34:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll

[2011/08/09 17:34:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll

[2011/08/09 17:34:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll

[2011/08/09 17:34:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll

[2011/08/09 17:34:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-heap-l1-1-0.dll

[2011/08/09 17:34:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll

[2011/08/09 17:34:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

[2011/08/09 17:34:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-util-l1-1-0.dll

[2011/08/09 17:34:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll

[2011/08/09 17:34:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-string-l1-1-0.dll

[2011/08/09 17:34:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll

[2011/08/09 17:34:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll

[2011/08/09 17:34:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-profile-l1-1-0.dll

[2011/08/09 17:34:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll

[2011/08/09 17:34:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-io-l1-1-0.dll

[2011/08/09 17:34:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll

[2011/08/09 17:34:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll

[2011/08/09 17:34:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-handle-l1-1-0.dll

[2011/08/09 17:34:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll

[2011/08/09 17:34:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll

[2011/08/09 17:34:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll

[2011/08/09 17:34:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll

[2011/08/09 17:34:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll

[2011/08/09 17:34:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll

[2011/08/09 17:34:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll

[2011/08/09 17:34:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-debug-l1-1-0.dll

[2011/08/09 17:34:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll

[2011/08/09 17:34:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll

[2011/08/09 17:34:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll

[2011/08/09 17:34:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-console-l1-1-0.dll

[2011/08/09 17:34:16 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe

[2011/08/09 17:34:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe

[2011/08/09 17:32:31 | 001,923,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\tcpip.sys

[2011/08/09 17:21:46 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe

[2011/08/09 17:21:45 | 005,561,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe

[2011/08/09 17:21:45 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe

[2011/07/18 18:54:55 | 000,078,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll

[2011/07/18 18:54:55 | 000,050,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll

[2011/07/18 18:54:44 | 000,111,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll

[2011/07/18 18:54:44 | 000,079,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll

[2011/07/18 18:53:54 | 000,000,000 | ---D | C] -- C:\windows\SysNative\RsFx

[2011/07/18 18:52:57 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\1033

[2011/07/18 18:52:57 | 000,000,000 | ---D | C] -- C:\windows\SysNative\1033

[2011/07/18 18:47:32 | 000,000,000 | ---D | C] -- C:\Users\Cooper\Documents\Visual Studio 2010

[2011/07/18 18:45:18 | 000,000,000 | ---D | C] -- C:\windows\symbols

[2011/07/18 07:37:27 | 003,137,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32k.sys

[2011/07/05 18:06:24 | 000,000,000 | ---D | C] -- C:\Users\Cooper\Desktop\VBA for Dummies

[2011/07/05 18:03:24 | 000,000,000 | ---D | C] -- C:\Intel

[2011/06/30 14:55:02 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysWow64\drivers\mbamswissarmy.sys

[2011/06/29 14:13:53 | 000,119,808 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\windows\SysNative\E_ILMABA.DLL

[2011/06/29 14:13:53 | 000,086,528 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\windows\SysNative\E_IBCBABA.DLL

[2011/06/29 14:13:43 | 000,000,000 | ---D | C] -- C:\epson

[2011/06/29 12:30:21 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tquery.dll

[2011/06/29 12:30:20 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssrch.dll

[2011/06/29 12:30:20 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tquery.dll

[2011/06/29 12:30:20 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssrch.dll

[2011/06/29 12:30:20 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssvp.dll

[2011/06/29 12:30:20 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssvp.dll

[2011/06/29 12:30:20 | 000,591,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SearchIndexer.exe

[2011/06/29 12:30:20 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssph.dll

[2011/06/29 12:30:20 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SearchIndexer.exe

[2011/06/29 12:30:20 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssph.dll

[2011/06/29 12:30:20 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssphtb.dll

[2011/06/29 12:30:20 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SearchProtocolHost.exe

[2011/06/29 12:30:20 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssphtb.dll

[2011/06/29 12:30:20 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SearchProtocolHost.exe

[2011/06/29 12:30:20 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SearchFilterHost.exe

[2011/06/29 12:30:20 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SearchFilterHost.exe

[2011/06/29 12:30:20 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msscntrs.dll

[2011/06/29 12:30:19 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msscntrs.dll

[2011/06/29 12:30:18 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\umpnpmgr.dll

[2011/06/29 12:30:18 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\drvinst.exe

[2011/06/29 12:30:18 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cfgmgr32.dll

[2011/06/29 12:30:18 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\devobj.dll

[2011/06/29 12:30:18 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\devrtl.dll

[2011/06/22 18:59:02 | 003,703,136 | ---- | C] (Intel) -- C:\windows\SysNative\AutoPartNt.exe

[2011/06/21 20:15:00 | 000,000,000 | ---D | C] -- C:\Users\Cooper\Documents\Bluetooth

[2011/06/21 20:03:58 | 000,000,000 | ---D | C] -- C:\Users\Cooper\Documents\Corel DVD MovieFactory

[2011/06/15 18:26:14 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\mrxsmb.sys

[2011/06/15 18:26:14 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\mrxsmb20.sys

[2011/06/15 18:26:13 | 000,499,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\afd.sys

[2011/06/15 18:26:10 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\oleaut32.dll

[2011/06/15 18:26:10 | 000,571,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\oleaut32.dll

[2011/06/15 18:26:10 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\srv.sys

[2011/06/15 18:26:10 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\srv2.sys

[2011/06/15 18:26:10 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\srvnet.sys

[Cooper81]

part3

[2011/06/15 18:26:09 | 000,976,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcomm.dll

[2011/06/15 18:26:09 | 000,741,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcomm.dll

[2011/05/29 15:46:28 | 000,000,000 | ---D | C] -- C:\Users\Cooper\Documents\Untitled

[2011/05/24 21:12:18 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Diskdump.sys

[2011/05/14 00:24:36 | 000,000,000 | ---D | C] -- C:\Users\Cooper\Documents\Adobe

[2011/05/11 17:02:31 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\poqexec.exe

[2011/05/11 17:02:31 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\poqexec.exe

[2011/05/10 23:49:33 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbhub.sys

[2011/05/10 23:49:33 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbport.sys

[2011/05/10 23:49:33 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbccgp.sys

[2011/05/10 23:49:33 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbehci.sys

[2011/05/10 23:49:33 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbuhci.sys

[2011/05/10 23:49:33 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbohci.sys

[2011/05/10 23:49:33 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbd.sys

[2011/05/04 22:46:57 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\windows\SysNative\GEARAspi64.dll

[2011/05/04 22:46:57 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\windows\SysWow64\GEARAspi.dll

[2011/05/04 22:46:57 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\windows\SysNative\drivers\GEARAspiWDM.sys

[2011/04/27 11:51:41 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\windows\explorer.exe

[2011/04/27 11:51:41 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\explorer.exe

[2011/04/27 11:51:39 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsPrint.dll

[2011/04/27 11:51:39 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsPrint.dll

[2011/04/27 11:51:24 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\esent.dll

[2011/04/27 11:51:24 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\esent.dll

[2011/04/27 11:51:24 | 001,659,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\ntfs.sys

[2011/04/27 11:51:24 | 000,410,496 | ---- | C] (Intel Corporation) -- C:\windows\SysNative\drivers\iaStorV.sys

[2011/04/27 11:51:24 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\storport.sys

[2011/04/27 11:51:24 | 000,148,352 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\drivers\nvraid.sys

[2011/04/27 11:51:24 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fsutil.exe

[2011/04/27 11:51:24 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\windows\SysNative\drivers\amdxata.sys

[2011/04/27 11:51:23 | 000,166,272 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\drivers\nvstor.sys

[2011/04/27 11:51:23 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\windows\SysNative\drivers\amdsata.sys

[2011/04/27 11:51:23 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\USBSTOR.SYS

[2011/04/27 11:51:23 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fsutil.exe

[2011/04/27 11:51:20 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\prevhost.exe

[2011/04/27 11:51:20 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\prevhost.exe

[2011/04/25 10:03:41 | 000,000,000 | ---D | C] -- C:\Users\Cooper\Documents\Hardware-Software Errors

[2011/04/25 10:00:45 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat

[2011/04/25 10:00:45 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl

[2011/04/25 10:00:45 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeeds.dll

[2011/04/25 10:00:45 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll

[2011/04/25 10:00:45 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\vbscript.dll

[2011/04/25 10:00:45 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec

[2011/04/25 10:00:45 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dxtmsft.dll

[2011/04/25 10:00:45 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iedkcs32.dll

[2011/04/25 10:00:45 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieaksie.dll

[2011/04/25 10:00:45 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dxtrans.dll

[2011/04/25 10:00:45 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll

[2011/04/25 10:00:45 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\webcheck.dll

[2011/04/25 10:00:45 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll

[2011/04/25 10:00:45 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieakui.dll

[2011/04/25 10:00:45 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll

[2011/04/25 10:00:45 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msls31.dll

[2011/04/25 10:00:45 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe

[2011/04/25 10:00:45 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe

[2011/04/25 10:00:45 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe

[2011/04/25 10:00:45 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieakeng.dll

[2011/04/25 10:00:45 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll

[2011/04/25 10:00:45 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll

[2011/04/25 10:00:45 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll

[2011/04/25 10:00:45 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\admparse.dll

[2011/04/25 10:00:45 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe

[2011/04/25 10:00:45 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll

[2011/04/25 10:00:45 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll

[2011/04/25 10:00:45 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe

[2011/04/25 10:00:45 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe

[2011/04/25 10:00:45 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll

[2011/04/25 10:00:45 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ie4uinit.exe

[2011/04/25 10:00:45 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll

[2011/04/25 10:00:45 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx

[2011/04/25 10:00:45 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll

[2011/04/25 10:00:45 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll

[2011/04/25 10:00:45 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedsbs.dll

[2011/04/25 10:00:45 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\imgutil.dll

[2011/04/25 10:00:45 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll

[2011/04/25 10:00:45 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll

[2011/04/25 10:00:45 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshta.exe

[2011/04/25 10:00:45 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe

[2011/04/25 10:00:44 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat

[2011/04/25 10:00:44 | 001,492,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl

[2011/04/25 10:00:44 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll

[2011/04/25 10:00:44 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll

[2011/04/25 10:00:44 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll

[2011/04/25 10:00:44 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll

[2011/04/25 10:00:44 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\html.iec

[2011/04/25 10:00:44 | 000,403,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iedkcs32.dll

[2011/04/25 10:00:44 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll

[2011/04/25 10:00:44 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieaksie.dll

[2011/04/25 10:00:44 | 000,249,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\webcheck.dll

[2011/04/25 10:00:44 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe

[2011/04/25 10:00:44 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe

[2011/04/25 10:00:44 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieakui.dll

[2011/04/25 10:00:44 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe

[2011/04/25 10:00:44 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieakeng.dll

[2011/04/25 10:00:44 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll

[2011/04/25 10:00:44 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll

[2011/04/25 10:00:44 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll

[2011/04/25 10:00:44 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\admparse.dll

[2011/04/25 10:00:44 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll

[2011/04/25 10:00:44 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll

[2011/04/25 10:00:44 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe

[2011/04/25 10:00:44 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe

[2011/04/25 10:00:44 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll

[2011/04/25 10:00:44 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll

[2011/04/25 10:00:44 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx

[2011/04/25 10:00:44 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll

[2011/04/25 10:00:44 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeedsbs.dll

[2011/04/25 10:00:44 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll

[2011/04/25 10:00:44 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll

[2011/04/25 10:00:44 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll

[2011/04/25 10:00:44 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll

[2011/04/25 10:00:44 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe

[2011/04/25 10:00:44 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe

[2011/04/25 09:50:05 | 000,000,000 | ---D | C] -- C:\windows\SysNative\SPReview

[2011/04/25 09:49:20 | 000,000,000 | ---D | C] -- C:\windows\SysNative\EventProviders

[2011/04/25 09:45:42 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dfshim.dll

[2011/04/25 09:45:42 | 000,048,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netfxperf.dll

[2011/04/25 09:45:37 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dfshim.dll

[2011/04/25 09:45:34 | 003,715,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstscax.dll

[2011/04/25 09:45:34 | 001,838,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10warp.dll

[2011/04/25 09:45:34 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\TsUsbFlt.sys

[2011/04/25 09:45:34 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll

[2011/04/25 09:45:32 | 003,215,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstscax.dll

[2011/04/25 09:45:30 | 001,171,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d10warp.dll

[2011/04/25 09:45:29 | 014,174,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shell32.dll

[2011/04/25 09:45:29 | 001,743,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sysmain.dll

[2011/04/25 09:45:29 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc40.dll

[2011/04/25 09:45:29 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc40u.dll

[2011/04/25 09:45:28 | 003,650,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSVidCtl.dll

[2011/04/25 09:45:27 | 014,633,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmp.dll

[2011/04/25 09:45:26 | 003,205,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mmcndmgr.dll

[2011/04/25 09:45:26 | 001,731,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll

[2011/04/25 09:45:26 | 000,444,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mscoree.dll

[2011/04/25 09:45:25 | 004,120,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mf.dll

[2011/04/25 09:45:25 | 003,008,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xpsservices.dll

[2011/04/25 09:45:25 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc.dll

[2011/04/25 09:45:25 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc_isv.dll

[2011/04/25 09:45:25 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc_isv.dll

[2011/04/25 09:45:25 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate_isv.exe

[2011/04/25 09:45:25 | 000,359,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate.exe

[2011/04/25 09:45:24 | 012,872,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\shell32.dll

[2011/04/25 09:45:24 | 001,219,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rpcrt4.dll

[2011/04/25 09:45:24 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc.dll

[2011/04/25 09:45:24 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate_isv.exe

[2011/04/25 09:45:23 | 002,086,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ole32.dll

[2011/04/25 09:45:23 | 001,110,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\schedsvc.dll

[2011/04/25 09:45:23 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate.exe

[2011/04/25 09:45:22 | 001,197,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskschd.dll

[2011/04/25 09:45:22 | 000,297,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscoree.dll

[2011/04/25 09:45:22 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spwizui.dll

[2011/04/25 09:45:21 | 003,207,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mf.dll

[2011/04/25 09:45:21 | 001,866,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ExplorerFrame.dll

[2011/04/25 09:45:21 | 001,646,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wevtsvc.dll

[2011/04/25 09:45:21 | 001,556,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RacEngn.dll

[2011/04/25 09:45:21 | 001,340,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\diagperf.dll

[2011/04/25 09:45:20 | 001,881,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml3.dll

[2011/04/25 09:45:20 | 001,753,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vssapi.dll

[2011/04/25 09:45:19 | 003,860,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UIRibbon.dll

[2011/04/25 09:45:19 | 001,334,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\CertEnroll.dll

[2011/04/25 09:45:19 | 001,326,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\NaturalLanguage6.dll

[2011/04/25 09:45:19 | 000,299,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mcupdate_GenuineIntel.dll

[2011/04/25 09:45:19 | 000,273,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\msiscsi.sys

[2011/04/25 09:45:18 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmp.dll

[2011/04/25 09:45:17 | 003,027,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMVCORE.DLL

[2011/04/25 09:45:17 | 002,018,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WsmSvc.dll

[2011/04/25 09:45:17 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PresentationHost.exe

[2011/04/25 09:45:17 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PresentationHost.exe

[2011/04/25 09:45:17 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpdd.dll

[2011/04/25 09:45:17 | 000,109,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PresentationHostProxy.dll

[2011/04/25 09:45:17 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PresentationHostProxy.dll

[2011/04/25 09:45:16 | 003,957,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WinSAT.exe

[2011/04/25 09:45:16 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\CertEnroll.dll

[2011/04/25 09:45:16 | 000,828,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MPSSVC.dll

[2011/04/25 09:45:16 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spinstall.exe

[2011/04/25 09:45:16 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spreview.exe

[2011/04/25 09:45:15 | 002,067,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d9.dll

[2011/04/25 09:45:15 | 002,004,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml6.dll

[2011/04/25 09:45:15 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMVDECOD.DLL

[2011/04/25 09:45:15 | 001,115,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RacEngn.dll

[2011/04/25 09:45:15 | 000,867,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SearchFolder.dll

[2011/04/25 09:45:15 | 000,853,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IKEEXT.DLL

[2011/04/25 09:45:14 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AuthFWSnapin.dll

[2011/04/25 09:45:14 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AuthFWSnapin.dll

[2011/04/25 09:45:14 | 000,777,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gpsvc.dll

[2011/04/25 09:45:13 | 003,391,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dbgeng.dll

[2011/04/25 09:45:13 | 001,632,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dwmcore.dll

[2011/04/25 09:45:13 | 001,600,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\VSSVC.exe

[2011/04/25 09:45:13 | 000,753,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\http.sys

[2011/04/25 09:45:12 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ExplorerFrame.dll

[2011/04/25 09:45:12 | 001,456,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\crypt32.dll

[2011/04/25 09:45:12 | 000,951,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\ndis.sys

[2011/04/25 09:45:11 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll

[2011/04/25 09:45:11 | 001,414,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ole32.dll

[2011/04/25 09:45:11 | 000,958,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\actxprxy.dll

[2011/04/25 09:45:11 | 000,849,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qmgr.dll

[2011/04/25 09:45:11 | 000,750,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TSWorkspace.dll

[2011/04/25 09:45:11 | 000,680,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\termsrv.dll

[2011/04/25 09:45:11 | 000,679,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\audiosrv.dll

[2011/04/25 09:45:11 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\schannel.dll

[2011/04/25 09:45:10 | 001,244,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imapi2fs.dll

[2011/04/25 09:45:10 | 001,116,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstsc.exe

[2011/04/25 09:45:10 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netlogon.dll

[2011/04/25 09:45:10 | 000,244,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sqmapi.dll

[2011/04/25 09:45:09 | 001,900,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\setupapi.dll

[2011/04/25 09:45:09 | 001,828,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d9.dll

[2011/04/25 09:45:09 | 001,504,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wbengine.exe

[2011/04/25 09:45:09 | 001,212,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\propsys.dll

[2011/04/25 09:45:09 | 001,128,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\vssapi.dll

[2011/04/25 09:45:09 | 000,787,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d11.dll

[2011/04/25 09:45:09 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SearchFolder.dll

[2011/04/25 09:45:09 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rpcss.dll

[2011/04/25 09:45:09 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\taskschd.dll

[2011/04/25 09:45:09 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\QAGENTRT.DLL

[2011/04/25 09:45:09 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winhttp.dll

[2011/04/25 09:45:09 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msv1_0.dll

[2011/04/25 09:45:08 | 001,927,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\authui.dll

[2011/04/25 09:45:08 | 001,281,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\werconcpl.dll

[2011/04/25 09:45:06 | 001,154,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\crypt32.dll

[2011/04/25 09:45:06 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbc32.dll

[2011/04/25 09:45:06 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskeng.exe

[2011/04/25 09:45:05 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\certmgr.dll

[2011/04/25 09:45:05 | 001,292,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntdll.dll

[2011/04/25 09:45:05 | 001,049,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstsc.exe

[2011/04/25 09:45:05 | 001,008,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\user32.dll

[2011/04/25 09:45:05 | 000,577,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSDApi.dll

[2011/04/25 09:45:05 | 000,376,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\netio.sys

[2011/04/25 09:45:05 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dhcpcore.dll

[2011/04/25 09:45:05 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\netbt.sys

[2011/04/25 09:45:05 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scavengeui.dll

[2011/04/25 09:45:05 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\tdx.sys

[2011/04/25 09:45:04 | 001,390,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml6.dll

[2011/04/25 09:45:04 | 000,955,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\localspl.dll

[2011/04/25 09:45:04 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PortableDeviceApi.dll

[2011/04/25 09:45:04 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\webio.dll

[2011/04/25 09:45:04 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wer.dll

[2011/04/25 09:45:04 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\certcli.dll

[2011/04/25 09:45:04 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tsmf.dll

[2011/04/25 09:45:04 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncsi.dll

[2011/04/25 09:45:03 | 002,652,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netshell.dll

[2011/04/25 09:45:03 | 001,509,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdtctm.dll

[2011/04/25 09:45:03 | 001,371,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dwmcore.dll

[2011/04/25 09:45:03 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbc32.dll

[2011/04/25 09:45:03 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netcfgx.dll

[2011/04/25 09:45:03 | 000,459,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\cng.sys

[2011/04/25 09:45:03 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdrm.dll

[2011/04/25 09:45:03 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shlwapi.dll

[2011/04/25 09:45:03 | 000,295,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\framedynos.dll

[2011/04/25 09:45:03 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tcpmonui.dll

[2011/04/25 09:45:02 | 001,572,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\quartz.dll

[2011/04/25 09:45:02 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\quartz.dll

[2011/04/25 09:45:02 | 000,800,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usp10.dll

[2011/04/25 09:45:02 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxgi.dll

[2011/04/25 09:45:02 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\comdlg32.dll

[2011/04/25 09:45:02 | 000,390,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winlogon.exe

[2011/04/25 09:45:02 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsm.exe

[2011/04/25 09:45:02 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nlasvc.dll

[2011/04/25 09:45:02 | 000,297,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ws2_32.dll

[2011/04/25 09:45:01 | 002,543,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpdshext.dll

[2011/04/25 09:45:01 | 002,055,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Query.dll

[2011/04/25 09:45:01 | 001,667,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setupapi.dll

[2011/04/25 09:45:01 | 000,897,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\azroles.dll

[2011/04/25 09:45:01 | 000,705,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\BFE.DLL

[2011/04/25 09:45:01 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\TSWorkspace.dll

[2011/04/25 09:45:01 | 000,481,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpps.dll

[2011/04/25 09:45:01 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\winhttp.dll

[2011/04/25 09:45:01 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\apphelp.dll

[2011/04/25 09:45:01 | 000,326,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mswsock.dll

[2011/04/25 09:45:01 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tsmf.dll

[2011/04/25 09:45:01 | 000,266,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\QAGENT.DLL

[2011/04/25 09:45:01 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\rdpwd.sys

[2011/04/25 09:45:01 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dot3api.dll

[2011/04/25 09:45:00 | 002,522,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dbgeng.dll

[2011/04/25 09:45:00 | 002,291,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSVidCtl.dll

[2011/04/25 09:45:00 | 001,098,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Vault.dll

[2011/04/25 09:45:00 | 000,982,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dxgkrnl.sys

[2011/04/25 09:45:00 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\samsrv.dll

[2011/04/25 09:45:00 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32spl.dll

[2011/04/25 09:45:00 | 000,653,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lpksetup.exe

[2011/04/25 09:45:00 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cmd.exe

[2011/04/25 09:45:00 | 000,295,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\apphelp.dll

[2011/04/25 09:45:00 | 000,281,600 | ---- | C] (Microsoft) -- C:\windows\SysNative\DShowRdpFilter.dll

[2011/04/25 09:44:59 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMVDECOD.DLL

[2011/04/25 09:44:59 | 001,010,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WindowsCodecs.dll

[2011/04/25 09:44:59 | 000,563,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netlogon.dll

[2011/04/25 09:44:59 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d11.dll

[2011/04/25 09:44:59 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netcfgx.dll

[2011/04/25 09:44:59 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WebClnt.dll

[2011/04/25 09:44:58 | 001,363,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Query.dll

[2011/04/25 09:44:58 | 001,190,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecs.dll

[2011/04/25 09:44:58 | 001,175,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WsmSvc.dll

[2011/04/25 09:44:58 | 000,640,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\advapi32.dll

[2011/04/25 09:44:58 | 000,582,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sxs.dll

[2011/04/25 09:44:58 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskcomp.dll

[2011/04/25 09:44:58 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfds.dll

[2011/04/25 09:44:58 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\webio.dll

[2011/04/25 09:44:58 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Wldap32.dll

[2011/04/25 09:44:58 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mcbuilder.exe

[2011/04/25 09:44:58 | 000,215,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\vhdmp.sys

[2011/04/25 09:44:58 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\upnp.dll

[2011/04/25 09:44:57 | 002,420,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuaueng.dll

[2011/04/25 09:44:57 | 002,151,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mmcndmgr.dll

[2011/04/25 09:44:57 | 001,808,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pnidui.dll

[2011/04/25 09:44:57 | 001,158,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\webservices.dll

[2011/04/25 09:44:57 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\imapi2fs.dll

[2011/04/25 09:44:57 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ipsmsnap.dll

[2011/04/25 09:44:57 | 000,559,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spoolsv.exe

[2011/04/25 09:44:57 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msv1_0.dll

[2011/04/25 09:44:57 | 000,252,928 | ---- | C] (Microsoft) -- C:\windows\SysWow64\DShowRdpFilter.dll

[2011/04/25 09:44:57 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hgprint.dll

[2011/04/25 09:44:57 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\schannel.dll

[2011/04/25 09:44:57 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SessEnv.dll

[2011/04/25 09:44:57 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netfxperf.dll

[2011/04/25 09:44:56 | 001,792,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\authui.dll

[2011/04/25 09:44:56 | 000,933,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sqlsrv32.dll

[2011/04/25 09:44:56 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\usp10.dll

[2011/04/25 09:44:56 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PortableDeviceApi.dll

[2011/04/25 09:44:56 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gdi32.dll

[2011/04/25 09:44:56 | 000,366,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\msrpc.sys

[2011/04/25 09:44:56 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\shlwapi.dll

[2011/04/25 09:44:56 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fveapi.dll

[2011/04/25 09:44:56 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msdrm.dll

[2011/04/25 09:44:56 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsta.dll

[2011/04/25 09:44:56 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SessEnv.dll

[2011/04/25 09:44:56 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dot3api.dll

[2011/04/25 09:44:55 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\certmgr.dll

[2011/04/25 09:44:55 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlanpref.dll

[2011/04/25 09:44:55 | 001,243,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMNetMgr.dll

[2011/04/25 09:44:55 | 001,009,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mcmde.dll

[2011/04/25 09:44:55 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapi.dll

[2011/04/25 09:44:55 | 000,295,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\volsnap.sys

[2011/04/25 09:44:55 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSNP.ax

[2011/04/25 09:44:55 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\schtasks.exe

[2011/04/25 09:44:55 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vpnike.dll

[2011/04/25 09:44:55 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mcbuilder.exe

[2011/04/25 09:44:55 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\prncache.dll

[2011/04/25 09:44:55 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\userenv.dll

[2011/04/25 09:44:55 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\userenv.dll

[2011/04/25 09:44:54 | 001,712,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xpsservices.dll

[2011/04/25 09:44:54 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\evr.dll

[2011/04/25 09:44:54 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\comdlg32.dll

[2011/04/25 09:44:54 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\photowiz.dll

[2011/04/25 09:44:54 | 000,309,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\rdbss.sys

[2011/04/25 09:44:54 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\1394ohci.sys

[2011/04/25 09:44:54 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wintrust.dll

[2011/04/25 09:44:54 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WebClnt.dll

[2011/04/25 09:44:53 | 002,262,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SyncCenter.dll

[2011/04/25 09:44:53 | 002,072,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMPEncEn.dll

[2011/04/25 09:44:53 | 001,082,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppobjs.dll

[2011/04/25 09:44:53 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpmde.dll

[2011/04/25 09:44:53 | 000,689,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FXSSVC.exe

[2011/04/25 09:44:53 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpeffects.dll

[2011/04/25 09:44:53 | 000,501,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IPSECSVC.DLL

[2011/04/25 09:44:53 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll

[2011/04/25 09:44:53 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cmd.exe

[2011/04/25 09:44:53 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AudioSes.dll

[2011/04/25 09:44:53 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\framedyn.dll

[2011/04/25 09:44:53 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfreadwrite.dll

[2011/04/25 09:44:53 | 000,236,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srvsvc.dll

[2011/04/25 09:44:52 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll

[2011/04/25 09:44:52 | 000,370,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shsvcs.dll

[2011/04/25 09:44:52 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fde.dll

[2011/04/25 09:44:51 | 000,988,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\propsys.dll

[2011/04/25 09:44:51 | 000,833,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user32.dll

[2011/04/25 09:44:51 | 000,569,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iphlpsvc.dll

[2011/04/25 09:44:51 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\localsec.dll

[2011/04/25 09:44:51 | 000,503,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imapi2.dll

[2011/04/25 09:44:51 | 000,501,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WinSATAPI.dll

[2011/04/25 09:44:51 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\win32spl.dll

[2011/04/25 09:44:51 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\udfs.sys

[2011/04/25 09:44:51 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netdiagfx.dll

[2011/04/25 09:44:51 | 000,298,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bcryptprimitives.dll

[2011/04/25 09:44:51 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfds.dll

[2011/04/25 09:44:51 | 000,269,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Wldap32.dll

[2011/04/25 09:44:51 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\stobject.dll

[2011/04/25 09:44:51 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\framedynos.dll

[2011/04/25 09:44:51 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\credui.dll

[2011/04/25 09:44:51 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cdd.dll

[2011/04/25 09:44:50 | 000,762,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\azroles.dll

[2011/04/25 09:44:50 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\biocpl.dll

[2011/04/25 09:44:50 | 000,289,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\fltMgr.sys

[2011/04/25 09:44:50 | 000,253,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tcpipcfg.dll

[2011/04/25 09:44:50 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spp.dll

[2011/04/25 09:44:50 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\QSHVHOST.DLL

[2011/04/25 09:44:50 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetpp.dll

[2011/04/25 09:44:50 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netid.dll

[2011/04/25 09:44:50 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ncsi.dll

[2011/04/25 09:44:50 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\davclnt.dll

[2011/04/25 09:44:49 | 002,755,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\themeui.dll

[2011/04/25 09:44:49 | 002,746,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gameux.dll

[2011/04/25 09:44:49 | 001,389,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pla.dll

[2011/04/25 09:44:49 | 001,050,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\printui.dll

[2011/04/25 09:44:49 | 000,571,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mspbda.dll

[2011/04/25 09:44:49 | 000,477,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PhotoScreensaver.scr

[2011/04/25 09:44:49 | 000,378,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msinfo32.exe

[2011/04/25 09:44:49 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scansetting.dll

[2011/04/25 09:44:49 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dhcpcore.dll

[2011/04/25 09:44:49 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mswsock.dll

[2011/04/25 09:44:49 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\profsvc.dll

[2011/04/25 09:44:49 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\taskeng.exe

[2011/04/25 09:44:49 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\spp.dll

[2011/04/25 09:44:49 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\credui.dll

[2011/04/25 09:44:49 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\splwow64.exe

[2011/04/25 09:44:48 | 000,580,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wiaservc.dll

[2011/04/25 09:44:48 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdri.dll

[2011/04/25 09:44:48 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vds.exe

[2011/04/25 09:44:48 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wusa.exe

[2011/04/25 09:44:48 | 000,184,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\pci.sys

[2011/04/25 09:44:48 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wintrust.dll

[2011/04/25 09:44:48 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IPHLPAPI.DLL

[2011/04/25 09:44:48 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aitagent.exe

[2011/04/25 09:44:47 | 003,211,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msi.dll

[2011/04/25 09:44:47 | 001,236,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml3.dll

[2011/04/25 09:44:47 | 000,934,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FirewallControlPanel.dll

[2011/04/25 09:44:47 | 000,854,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dbghelp.dll

[2011/04/25 09:44:47 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\NaturalLanguage6.dll

[2011/04/25 09:44:47 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mscms.dll

[2011/04/25 09:44:47 | 000,508,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dxgi.dll

[2011/04/25 09:44:47 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\evr.dll

[2011/04/25 09:44:47 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winspool.drv

[2011/04/25 09:44:47 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wisptis.exe

[2011/04/25 09:44:47 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\taskcomp.dll

[2011/04/25 09:44:47 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsRasterService.dll

[2011/04/25 09:44:47 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfreadwrite.dll

[2011/04/25 09:44:47 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rpchttp.dll

[2011/04/25 09:44:47 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ocsetup.exe

[2011/04/25 09:44:47 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptsvc.dll

[2011/04/25 09:44:47 | 000,144,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\basecsp.dll

[2011/04/25 09:44:47 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\mrxdav.sys

[2011/04/25 09:44:47 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\rasl2tp.sys

[2011/04/25 09:44:46 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcore.dll

[2011/04/25 09:44:46 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\calc.exe

[2011/04/25 09:44:46 | 000,459,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DXP.dll

[2011/04/25 09:44:46 | 000,418,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppwinob.dll

[2011/04/25 09:44:46 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WinSATAPI.dll

[2011/04/25 09:44:46 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cfgmgr32.dll

[2011/04/25 09:44:46 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ocsetapi.dll

[2011/04/25 09:44:46 | 000,071,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\volmgr.sys

[2011/04/25 09:44:45 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UIRibbon.dll

[2011/04/25 09:44:45 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mmsys.cpl

[2011/04/25 09:44:45 | 000,780,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ci.dll

[2011/04/25 09:44:45 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sqlsrv32.dll

[2011/04/25 09:44:45 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntshrui.dll

[2011/04/25 09:44:45 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wcncsvc.dll

[2011/04/25 09:44:45 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\eapp3hst.dll

[2011/04/25 09:44:45 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\eapphost.dll

[2011/04/25 09:44:45 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\upnp.dll

[2011/04/25 09:44:45 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mprapi.dll

[2011/04/25 09:44:45 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\t2embed.dll

[2011/04/25 09:44:45 | 000,140,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\msdsm.sys

[2011/04/25 09:44:45 | 000,128,000 | ---- | C] (Microsoft) -- C:\windows\SysNative\Robocopy.exe

[2011/04/25 09:44:45 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpdbusenum.dll

[2011/04/25 09:44:44 | 002,494,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netshell.dll

[2011/04/25 09:44:44 | 001,457,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DxpTaskSync.dll

[2011/04/25 09:44:44 | 000,380,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sxs.dll

[2011/04/25 09:44:44 | 000,263,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hal.dll

[2011/04/25 09:44:44 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\stobject.dll

[2011/04/25 09:44:44 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ws2_32.dll

[2011/04/25 09:44:44 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cryptsvc.dll

[2011/04/25 09:44:44 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\thumbcache.dll

[2011/04/25 09:44:44 | 000,095,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\ksecdd.sys

[2011/04/25 09:44:44 | 000,078,720 | ---- | C] (Hewlett-Packard Company) -- C:\windows\SysNative\drivers\HpSAMD.sys

[2011/04/25 09:44:43 | 002,851,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\themeui.dll

[2011/04/25 09:44:43 | 002,341,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msi.dll

[2011/04/25 09:44:43 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSMPEG2ENC.DLL

[2011/04/25 09:44:43 | 000,932,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\printui.dll

[2011/04/25 09:44:43 | 000,675,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DXPTaskRingtone.dll

[2011/04/25 09:44:43 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PerfCenterCPL.dll

[2011/04/25 09:44:43 | 000,530,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\comctl32.dll

[2011/04/25 09:44:43 | 000,429,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\puiobj.dll

[2011/04/25 09:44:43 | 000,311,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\gdi32.dll

[2011/04/25 09:44:43 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\onex.dll

[2011/04/25 09:44:43 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scecli.dll

[2011/04/25 09:44:43 | 000,223,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\fvevol.sys

[2011/04/25 09:44:43 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iasrad.dll

[2011/04/25 09:44:43 | 000,179,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Classpnp.sys

[2011/04/25 09:44:43 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspicli.dll

[2011/04/25 09:44:43 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dwmredir.dll

[2011/04/25 09:44:43 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\prncache.dll

[2011/04/25 09:44:43 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\ipfltdrv.sys

[2011/04/25 09:44:43 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nlaapi.dll

[2011/04/25 09:44:43 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msasn1.dll

[2011/04/25 09:44:42 | 000,458,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WSDApi.dll

[2011/04/25 09:44:42 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpeffects.dll

[2011/04/25 09:44:42 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aaclient.dll

[2011/04/25 09:44:42 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\net1.exe

[2011/04/25 09:44:42 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rpchttp.dll

[2011/04/25 09:44:41 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netcenter.dll

[2011/04/25 09:44:41 | 001,363,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wdc.dll

[2011/04/25 09:44:41 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sdengin2.dll

[2011/04/25 09:44:41 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msftedit.dll

[2011/04/25 09:44:41 | 000,691,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\VAN.dll

[2011/04/25 09:44:41 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\StructuredQuery.dll

[2011/04/25 09:44:41 | 000,475,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlangpui.dll

[2011/04/25 09:44:41 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wiadefui.dll

[2011/04/25 09:44:41 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scesrv.dll

[2011/04/25 09:44:41 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rasmans.dll

[2011/04/25 09:44:41 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\scansetting.dll

[2011/04/25 09:44:41 | 000,239,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dskquoui.dll

[2011/04/25 09:44:40 | 002,504,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMVCORE.DLL

[2011/04/25 09:44:40 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlangpui.dll

[2011/04/25 09:44:40 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SndVol.exe

[2011/04/25 09:44:40 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MMDevAPI.dll

[2011/04/25 09:44:40 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\ndiswan.sys

[2011/04/25 09:44:40 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iasacct.dll

[2011/04/25 09:44:40 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\regapi.dll

[2011/04/25 09:44:40 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\davclnt.dll

[2011/04/25 09:44:40 | 000,075,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\partmgr.sys

[2011/04/25 09:44:40 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\samcli.dll

[2011/04/25 09:44:40 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wscapi.dll

[2011/04/25 09:44:39 | 002,621,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wucltux.dll

[2011/04/25 09:44:39 | 002,311,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wpdshext.dll

[2011/04/25 09:44:39 | 001,750,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pnidui.dll

[2011/04/25 09:44:39 | 000,782,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\webservices.dll

[2011/04/25 09:44:39 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\timedate.cpl

[2011/04/25 09:44:39 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rastls.dll

[2011/04/25 09:44:39 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srchadmin.dll

[2011/04/25 09:44:39 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wksprt.exe

[2011/04/25 09:44:39 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netdiagfx.dll

[2011/04/25 09:44:39 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\QSHVHOST.DLL

[2011/04/25 09:44:39 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\aaclient.dll

[2011/04/25 09:44:39 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fde.dll

[2011/04/25 09:44:39 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\consent.exe

[2011/04/25 09:44:39 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\t2embed.dll

[2011/04/25 09:44:39 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\QUTIL.DLL

[2011/04/25 09:44:39 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TabSvc.dll

[2011/04/25 09:44:39 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\setupcl.exe

[2011/04/25 09:44:39 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFSvc.dll

[2011/04/25 09:44:39 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskhost.exe

[2011/04/25 09:44:39 | 000,063,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\termdd.sys

[2011/04/25 09:44:39 | 000,031,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\msahci.sys

[2011/04/25 09:44:38 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SyncCenter.dll

[2011/04/25 09:44:38 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appwiz.cpl

[2011/04/25 09:44:38 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TabletPC.cpl

[2011/04/25 09:44:38 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapi.dll

[2011/04/25 09:44:38 | 000,334,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\acpi.sys

[2011/04/25 09:44:38 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wscapi.dll

[2011/04/25 09:44:37 | 001,508,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pla.dll

[2011/04/25 09:44:37 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hgcpl.dll

[2011/04/25 09:44:37 | 000,320,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\winspool.drv

[2011/04/25 09:44:37 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tapisrv.dll

[2011/04/25 09:44:37 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\clusapi.dll

[2011/04/25 09:44:37 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msconfig.exe

[2011/04/25 09:44:37 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\ks.sys

[2011/04/25 09:44:37 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ListSvc.dll

[2011/04/25 09:44:37 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wdmaud.drv

[2011/04/25 09:44:37 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netiohlp.dll

[2011/04/25 09:44:37 | 000,166,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\basecsp.dll

[2011/04/25 09:44:37 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WinSCard.dll

[2011/04/25 09:44:37 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\raspptp.sys

[2011/04/25 09:44:37 | 000,103,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\sbp2port.sys

[2011/04/25 09:44:37 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fdeploy.dll

[2011/04/25 09:44:37 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsmproxy.dll

[2011/04/25 09:44:37 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mimefilt.dll

[2011/04/25 09:44:37 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msasn1.dll

[2011/04/25 09:44:36 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSMPEG2ENC.DLL

[2011/04/25 09:44:36 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdpcore.dll

[2011/04/25 09:44:36 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AuxiliaryDisplayCpl.dll

[2011/04/25 09:44:36 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\imapi2.dll

[2011/04/25 09:44:36 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mtxclu.dll

[2011/04/25 09:44:36 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\winsta.dll

[2011/04/25 09:44:36 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TsUsbGDCoInstaller.dll

[2011/04/25 09:44:35 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\gameux.dll

[2011/04/25 09:44:35 | 000,633,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\riched20.dll

[2011/04/25 09:44:35 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\DXPTaskRingtone.dll

[2011/04/25 09:44:35 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\powercpl.dll

[2011/04/25 09:44:35 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntshrui.dll

[2011/04/25 09:44:35 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\onex.dll

[2011/04/25 09:44:35 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\logoncli.dll

[2011/04/25 09:44:35 | 000,152,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\ksecpkg.sys

[2011/04/25 09:44:35 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dnscmmc.dll

[2011/04/25 09:44:35 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RpcRtRemote.dll

[2011/04/25 09:44:34 | 002,250,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SensorsCpl.dll

[2011/04/25 09:44:34 | 002,193,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\themecpl.dll

[2011/04/25 09:44:34 | 001,624,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMPEncEn.dll

[2011/04/25 09:44:34 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\autofmt.exe

[2011/04/25 09:44:34 | 000,359,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\eudcedit.exe

[2011/04/25 09:44:34 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sharemediacpl.dll

[2011/04/25 09:44:34 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Faultrep.dll

[2011/04/25 09:44:34 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\shsvcs.dll

[2011/04/25 09:44:34 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\winmm.dll

[2011/04/25 09:44:34 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netjoin.dll

[2011/04/25 09:44:34 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nci.dll

[2011/04/25 09:44:34 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\hbaapi.dll

[2011/04/25 09:44:33 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Narrator.exe

[2011/04/25 09:44:33 | 000,777,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\autochk.exe

[2011/04/25 09:44:33 | 000,763,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\autofmt.exe

[2011/04/25 09:44:33 | 000,679,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\autoconv.exe

[2011/04/25 09:44:33 | 000,668,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\autochk.exe

[2011/04/25 09:44:33 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\comctl32.dll

[2011/04/25 09:44:33 | 000,303,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msinfo32.exe

[2011/04/25 09:44:33 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppcomapi.dll

[2011/04/25 09:44:33 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AudioSes.dll

[2011/04/25 09:44:33 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msutb.dll

[2011/04/25 09:44:33 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netiohlp.dll

[2011/04/25 09:44:33 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cabview.dll

[2011/04/25 09:44:33 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wkssvc.dll

[2011/04/25 09:44:33 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\IPHLPAPI.DLL

[2011/04/25 09:44:33 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\thumbcache.dll

[2011/04/25 09:44:33 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\regapi.dll

[2011/04/25 09:44:33 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\samcli.dll

[2011/04/25 09:44:33 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mimefilt.dll

[2011/04/25 09:44:33 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vpnikeapi.dll

[2011/04/25 09:44:33 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\proquota.exe

[2011/04/25 09:44:32 | 001,264,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sdclt.exe

[2011/04/25 09:44:32 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\autoconv.exe

[2011/04/25 09:44:32 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpd_ci.dll

[2011/04/25 09:44:32 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nshipsec.dll

[2011/04/25 09:44:32 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\powercpl.dll

[2011/04/25 09:44:32 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ipsmsnap.dll

[2011/04/25 09:44:32 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msihnd.dll

[2011/04/25 09:44:32 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\srchadmin.dll

[2011/04/25 09:44:32 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wcncsvc.dll

[2011/04/25 09:44:32 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\eapphost.dll

[2011/04/25 09:44:32 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\framedyn.dll

[2011/04/25 09:44:32 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tcpipcfg.dll

[2011/04/25 09:44:32 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\schtasks.exe

[2011/04/25 09:44:32 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bcdsrv.dll

[2011/04/25 09:44:32 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shsetup.dll

[2011/04/25 09:44:32 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\audiodg.exe

[2011/04/25 09:44:32 | 000,116,224 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\windows\SysNative\fms.dll

[2011/04/25 09:44:32 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\wanarp.sys

[2011/04/25 09:44:31 | 001,066,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Display.dll

[2011/04/25 09:44:31 | 000,905,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mmsys.cpl

[2011/04/25 09:44:31 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fontext.dll

[2011/04/25 09:44:31 | 000,665,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AuxiliaryDisplayCpl.dll

[2011/04/25 09:44:31 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qedit.dll

[2011/04/25 09:44:31 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\timedate.cpl

[2011/04/25 09:44:31 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlanui.dll

[2011/04/25 09:44:31 | 000,363,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\volmgrx.sys

[2011/04/25 09:44:31 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\actxprxy.dll

[2011/04/25 09:44:31 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wwanconn.dll

[2011/04/25 09:44:31 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mprddm.dll

[2011/04/25 09:44:31 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSNP.ax

[2011/04/25 09:44:31 | 000,184,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbvideo.sys

[2011/04/25 09:44:31 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\QAGENT.DLL

[2011/04/25 09:44:31 | 000,171,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\scsiport.sys

[2011/04/25 09:44:31 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dps.dll

[2011/04/25 09:44:31 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\prntvpt.dll

[2011/04/25 09:44:31 | 000,155,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscorier.dll

[2011/04/25 09:44:31 | 000,154,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mscorier.dll

[2011/04/25 09:44:31 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netid.dll

[2011/04/25 09:44:31 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AxInstSv.dll

[2011/04/25 09:44:31 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\winusb.sys

[2011/04/25 09:44:30 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wdc.dll

[2011/04/25 09:44:30 | 000,957,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mblctr.exe

[2011/04/25 09:44:30 | 000,749,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\batmeter.dll

[2011/04/25 09:44:30 | 000,363,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\StructuredQuery.dll

[2011/04/25 09:44:30 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\untfs.dll

[2011/04/25 09:44:30 | 000,307,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\scesrv.dll

[2011/04/25 09:44:30 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpsrcwp.dll

[2011/04/25 09:44:30 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\hidclass.sys

[2011/04/25 09:44:30 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\credssp.dll

[2011/04/25 09:44:29 | 002,217,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bootres.dll

[2011/04/25 09:44:29 | 001,326,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlanpref.dll

[2011/04/25 09:44:29 | 001,202,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DiagCpl.dll

[2011/04/25 09:44:29 | 001,003,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMNetMgr.dll

[2011/04/25 09:44:29 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Vault.dll

[2011/04/25 09:44:29 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usercpl.dll

[2011/04/25 09:44:29 | 000,433,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MCEWMDRMNDBootstrap.dll

[2011/04/25 09:44:29 | 000,372,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rastls.dll

[2011/04/25 09:44:29 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\provsvc.dll

[2011/04/25 09:44:29 | 000,098,816 | ---- | C] (Microsoft) -- C:\windows\SysWow64\Robocopy.exe

[2011/04/25 09:44:29 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSTPager.ax

[2011/04/25 09:44:29 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nci.dll

[2011/04/25 09:44:29 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rtutils.dll

[2011/04/25 09:44:29 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RpcRtRemote.dll

[2011/04/25 09:44:28 | 003,524,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppsvc.exe

[2011/04/25 09:44:28 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\DxpTaskSync.dll

[2011/04/25 09:44:28 | 000,812,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpccpl.dll

[2011/04/25 09:44:28 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ksproxy.ax

[2011/04/25 09:44:28 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\taskmgr.exe

[2011/04/25 09:44:28 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SndVolSSO.dll

[2011/04/25 09:44:28 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rasppp.dll

[2011/04/25 09:44:27 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Display.dll

[2011/04/25 09:44:27 | 000,416,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\prnfldr.dll

[2011/04/25 09:44:27 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\termmgr.dll

[2011/04/25 09:44:27 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\puiobj.dll

[2011/04/25 09:44:27 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mtxclu.dll

[2011/04/25 09:44:27 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\eudcedit.exe

[2011/04/25 09:44:27 | 000,279,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxdiagn.dll

[2011/04/25 09:44:27 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskmgr.exe

[2011/04/25 09:44:27 | 000,213,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\rdyboost.sys

[2011/04/25 09:44:27 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shdocvw.dll

[2011/04/25 09:44:27 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsRasterService.dll

[2011/04/25 09:44:27 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hbaapi.dll

[2011/04/25 09:44:27 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dot3cfg.dll

[2011/04/25 09:44:27 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\userinit.exe

[2011/04/25 09:44:26 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pdh.dll

[2011/04/25 09:44:26 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WPDShServiceObj.dll

[2011/04/25 09:44:26 | 000,094,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\mountmgr.sys

[2011/04/25 09:44:26 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\proquota.exe

[2011/04/25 09:44:25 | 003,745,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\accessibilitycpl.dll

[2011/04/25 09:44:25 | 000,856,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\FirewallControlPanel.dll

[2011/04/25 09:44:25 | 000,649,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\appwiz.cpl

[2011/04/25 09:44:25 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wiadefui.dll

[2011/04/25 09:44:25 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\untfs.dll

[2011/04/25 09:44:25 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSAC3ENC.DLL

[2011/04/25 09:44:25 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sppcomapi.dll

[2011/04/25 09:44:25 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rasppp.dll

[2011/04/25 09:44:25 | 000,155,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\ataport.sys

[2011/04/25 09:44:25 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorekmts.dll

[2011/04/25 09:44:25 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cabview.dll

[2011/04/25 09:44:25 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\logoncli.dll

[2011/04/25 09:44:25 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\shsetup.dll

[2011/04/25 09:44:25 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\userinit.exe

[2011/04/25 09:44:24 | 002,202,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SensorsCpl.dll

[2011/04/25 09:44:24 | 002,157,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\themecpl.dll

[2011/04/25 09:44:24 | 000,366,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\zipfldr.dll

[2011/04/25 09:44:24 | 000,349,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\slui.exe

[2011/04/25 09:44:24 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msieftp.dll

[2011/04/25 09:44:24 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\defaultlocationcpl.dll

[2011/04/25 09:44:24 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\FWPUCLNT.DLL

[2011/04/25 09:44:24 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dnscmmc.dll

[2011/04/25 09:44:23 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fontext.dll

[2011/04/25 09:44:23 | 000,769,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sud.dll

[2011/04/25 09:44:23 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DeviceCenter.dll

[2011/04/25 09:44:23 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscms.dll

[2011/04/25 09:44:23 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\localsec.dll

[2011/04/25 09:44:23 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PhotoScreensaver.scr

[2011/04/25 09:44:23 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\hgcpl.dll

[2011/04/25 09:44:23 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mprddm.dll

[2011/04/25 09:44:23 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dot3svc.dll

[2011/04/25 09:44:23 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tapisrv.dll

[2011/04/25 09:44:23 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\scecli.dll

[2011/04/25 09:44:23 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\psisrndr.ax

[2011/04/25 09:44:23 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Mpeg2Data.ax

[2011/04/25 09:44:23 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscories.dll

[2011/04/25 09:44:23 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\tssecsrv.sys

[2011/04/25 09:44:22 | 002,146,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\networkmap.dll

[2011/04/25 09:44:22 | 001,065,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptui.dll

[2011/04/25 09:44:22 | 000,780,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ActionCenter.dll

[2011/04/25 09:44:22 | 000,740,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\batmeter.dll

[2011/04/25 09:44:22 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\VAN.dll

[2011/04/25 09:44:22 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PerfCenterCPL.dll

[2011/04/25 09:44:22 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\usercpl.dll

[2011/04/25 09:44:22 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qedit.dll

[2011/04/25 09:44:22 | 000,503,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srcore.dll

[2011/04/25 09:44:22 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlanui.dll

[2011/04/25 09:44:22 | 000,373,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\intl.cpl

[2011/04/25 09:44:22 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qdvd.dll

[2011/04/25 09:44:22 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sysdm.cpl

[2011/04/25 09:44:22 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskbarcpl.dll

[2011/04/25 09:44:22 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\OnLineIDCpl.dll

[2011/04/25 09:44:22 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SndVolSSO.dll

[2011/04/25 09:44:22 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\twext.dll

[2011/04/25 09:44:22 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\prntvpt.dll

[2011/04/25 09:44:22 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iasacct.dll

[2011/04/25 09:44:22 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpwsx.dll

[2011/04/25 09:44:21 | 003,727,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\accessibilitycpl.dll

[2011/04/25 09:44:21 | 001,644,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netcenter.dll

[2011/04/25 09:44:21 | 000,898,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\OobeFldr.dll

[2011/04/25 09:44:21 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bthprops.cpl

[2011/04/25 09:44:21 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dsuiext.dll

[2011/04/25 09:44:21 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qdvd.dll

[2011/04/25 09:44:21 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\azroleui.dll

[2011/04/25 09:44:21 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\spwizeng.dll

[2011/04/25 09:44:21 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bcdedit.exe

[2011/04/25 09:44:21 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MediaMetadataHandler.dll

[2011/04/25 09:44:21 | 000,326,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sysdm.cpl

[2011/04/25 09:44:21 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SndVol.exe

[2011/04/25 09:44:21 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\azroleui.dll

[2011/04/25 09:44:21 | 000,304,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\efscore.dll

[2011/04/25 09:44:21 | 000,288,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\FWPKCLNT.SYS

[2011/04/25 09:44:21 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\VBICodec.ax

[2011/04/25 09:44:21 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\uxlib.dll

[2011/04/25 09:44:21 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\recovery.dll

[2011/04/25 09:44:21 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cca.dll

[2011/04/25 09:44:21 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\isoburn.exe

[2011/04/25 09:44:21 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\asycfilt.dll

[2011/04/25 09:44:21 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\w32tm.exe

[2011/04/25 09:44:21 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tzutil.exe

[2011/04/25 09:44:21 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sisbkup.dll

[2011/04/25 09:44:21 | 000,014,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\hwpolicy.sys

[2011/04/25 09:44:20 | 002,130,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\networkmap.dll

[2011/04/25 09:44:20 | 001,003,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cryptui.dll

[2011/04/25 09:44:20 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sdcpl.dll

[2011/04/25 09:44:20 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\main.cpl

[Cooper81]

So, my internet gave out last night. I'm at work now. Would I be taking a big risk by putting the OTL.txt file on a USB drive and uploading it from my work PC? I don't want to risk putting my machine on the network here, just in case I do have something nasty. I just don't know how likely it'd be for malware to be transmitted via USB.

If the USB is a reasonable option, I can do that right away.

Thanks,

Cooper

[screen317]

Hi,

It's not likely. Feel free to do that.

[Cooper81]

I tried it again at home. It gets to 7% and freezes. It's odd, I can download, but not upload. I can't even upload files to gmail.

I'll send it tomorrow when I get to work.

[Cooper81]

Finally! What should I do now?

[screen317]

Hi,

Please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

• When the tool is finished, it will produce a report for you.
  
• Please post the C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

-screen317

[Cooper81]

Screen317,

Thanks for being patient with me. I'm still having trouble uploading files. This should include the DDS. I'll try the ComboFix in the next post.

Thanks,

Cooper

DDS.txt

[Cooper81]

This should have the ComboFix file...

[Cooper81]

I don't know why, but I can't upload the combofix file... I'll keep trying... if I can't get it I'll send it from work tomorrow. Thanks again for helping.

Cooper

[Cooper81]

Here's the ComboFix file.

Do you have any idea if malware is creating my issue with my wireless internet at home?

Thanks for the help,

Cooper

combofix.txt

[screen317]

Could be your firewall blocking it.

Uninstall Zone Alarm completely and reboot. See if you can connect now.

[Cooper81]

OK, Zone Alarm is uninstalled... and I still can't upload the relatively small ComboFix.txt file. Are you thinking this has nothing to do with malware? The wireless router is a few years old... but I'm not sure how they typically fail. I would have guessed it would stop working all together.

Well, any other advice?

I wish I had access to a friend's router to swap it out... I may have to ask around.

[screen317]

Hi,

What router are you currently using? Since you can upload at work but not at home, it's the router, and not malware.

1. Very important: First disconnect your computers from the Internet.

2. Router Reset: Next you must reset the router to its default configuration. This can be done by inserting something tiny like a paper clip end or pencil tip into the small hole labeled Reset located on the back of the router. Press and hold down the small button inside until the lights on the front of the router blink off and then on again (usually about 30 seconds).

3. Reset the IP/DNS settings of your Internet connection on each computer connected:

• Go to Start -> Control Panel -> Double click on Network Connections.
  
• Right click on your default connection (usually Local Area Connection or Wireless Network Connection) and select Properties.
  
• Select the General tab.
  
• Double click on Internet Protocol (TCP/IP).
  
  • Under General tab:
    
    • Select "Obtain an IP address automatically".
      
    • Select "Obtain DNS server address automatically".
      

  [*]Click OK twice to save the settings.

  [*]Reboot if you had to change any setting.

4. Flush the DNS cache:

• Click the Start logo in the bottom left corner of the screen
  
• Click on Run
  
• In the command window copy/paste the following:
  

  ipconfig /flushdns

  
  

• Then hit enter.
  
• Exit the command window.
  

5. Reconnect: Once you have followed all the above steps you can reconnect your computer to the internet.

Try uploading from home now.

[Cooper81]

Hey Screen,

Thanks for helping me with a non-malware issue. Just for clarity, I haven't uploaded anything from this computer. I used a USB drive to transfer the files from this to my work PC and uploaded from there. However, if I take the router out and plug directly into the cable modem, everything seems fine. I have a friend letting me borrow another wireless router. If it works, I'll just buy a new router.

Our router now is a Linksys wireless-G broadband router with 4 port switch, model WRT54G version 5 using firmware v1.02.8.

When I held the reset button for about 10 seconds the lights changed. WLAN turned off, and the Cisco logo turned off but the internet and power buttons were blinking. I continued to hold the reset button for another 30 seconds just in case this wasn't what i was looking for... nothing changed. When I released the button, again, nothing changed. The power and internet buttons were still flashing.

I then checked and both TCP/IP v4 and v6 settings were set to automatic, so no changes there. Then I flushed the DNS and tried to reconnect. Since the router lights were blinking I couldn't connect so I unplugged it and plugged it back in. I was able to connect but still couldn't upload the "combofix.txt" file.

I was hoping the router wasn't broken, but now I'm thinking it probably is. Thanks again for all the help.

Cooper

[screen317]

Hi Cooper,

Good work investigating and with all of that information, I think it's highly likely that the router is at fault.

Let me know if there's anything else I can do for you.

[screen317]

Are you still with us? This topic will be closed in a few days if we do not hear back from you.

[screen317]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!