Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Personal Antivirus - rogue antispyware won't remove

Started by nannyjoat , Jun 18 2009 08:18 PM

  • Please log in to reply

#1
nannyjoat
Posted 18 June 2009 - 08:18 PM

nannyjoat

    New Member

  • Member
  • Pip
  • 4 posts
Hi All,

I am having a bit of a problem. My son tried to download toontown and in the prcess it also downloaded a program called Personal Antivirus. (I have used the steps listed:

1. Created a restore point
2. Used the temporary file removal program
3. Created the registry backup
4.and run the anti-malware program - twice!

And I still have it come up when the system reboots. What do I do from this point?

I'm running vista with AVG free and spybot S&D and my windows updates and all others are up to date.


This is the first log: (the second log shows nothing infected)

Malwarebytes' Anti-Malware 1.38
Database version: 2306
Windows 6.0.6002 Service Pack 2

6/18/2009 7:58:13 PM
mbam-log-2009-06-18 (19-58-13).txt

Scan type: Quick Scan
Objects scanned: 80789
Time elapsed: 6 minute(s), 44 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 1
Registry Keys Infected: 10
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 7

Memory Processes Infected:
C:\Program Files\Gamevance\gamevance32.exe (Adware.Gamevance) -> Unloaded process successfully.

Memory Modules Infected:
C:\Program Files\Gamevance\gamevancelib32.dll (Adware.Gamevance) -> Delete on reboot.

Registry Keys Infected:
HKEY_CLASSES_ROOT\gamevancetext.linker (Adware.Gamevance) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{b0f8bcab-09bf-4103-9d46-ad55988990e1} (Adware.Gamevance) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{243361a8-3697-4811-a74b-1be379caa00e} (Adware.Gamevance) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e46c1720-2b1b-429b-8600-a96a39f981bb} (Adware.Gamevance) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f02fabcb-92dd-475a-98af-14217bd50746} (Adware.Gamevance) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f02fabcb-92dd-475a-98af-14217bd50746} (Adware.Gamevance) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\gamevancetext.linker.1 (Adware.Gamevance) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{549b5ca7-4a86-11d7-a4df-000874180bb3} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\gamevance (Adware.Gamevance) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\gvtl (Malware.Trace) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Gamevance (Adware.Gamevance) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files\Gamevance (Adware.Gamevance) -> Quarantined and deleted successfully.

Files Infected:
C:\Program Files\Gamevance\gvtl.dll (Adware.Gamevance) -> Quarantined and deleted successfully.
c:\program files\gamevance\ars.cfg (Adware.Gamevance) -> Quarantined and deleted successfully.
c:\program files\gamevance\gamevance32.exe (Adware.Gamevance) -> Quarantined and deleted successfully.
c:\program files\gamevance\gamevancelib32.dll (Adware.Gamevance) -> Quarantined and deleted successfully.
c:\program files\gamevance\gvun.exe (Adware.Gamevance) -> Quarantined and deleted successfully.
c:\program files\gamevance\icon.ico (Adware.Gamevance) -> Quarantined and deleted successfully.
c:\Users\Mom\Desktop\Personal AntiVirus.lnk (Rogue.PersonalAntiVirus) -> Quarantined and deleted successfully.
  • 0

Advertisements

#2
nannyjoat
Posted 20 June 2009 - 06:43 AM

nannyjoat

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
Update: AVG found the Trojan in Personal Antivirus

Tojan horse Sheur2.amgi

It won't heal and won't move to the vault - it says action interrupted by the user.

and here is the rootkit log an dI am running OTL as I type.

Rooter.exe (v1.0.1) by Eric_71
¨
Microsoft Windows Vista Home Edition (6.0.6002) Service Pack 2
32_bits - x86 Family 15 Model 107 Stepping 1, AuthenticAMD
¨
C:\ [Fixed-NTFS] .. ( Total:145 Go - Free:71 Go )
D:\ [Fixed-NTFS] .. ( Total:145 Go - Free:145 Go )
E:\ [CD_Rom]
F:\ [Removable]
G:\ [Removable]
H:\ [Removable]
I:\ [Removable]
¨
Scan : 07:40.48
Path : C:\Users\Mom\Desktop\Rooter.exe
User : Mom ( Administrator -> YES )
¨
----------------------\\ Processes
¨
Locked [System Process] (0)
Locked System (4)
Locked smss.exe (444)
Locked csrss.exe (576)
Locked wininit.exe (628)
Locked csrss.exe (640)
Locked services.exe (680)
Locked lsass.exe (692)
Locked lsm.exe (704)
Locked winlogon.exe (824)
Locked svchost.exe (952)
Locked nvvsvc.exe (1000)
Locked svchost.exe (1028)
Locked svchost.exe (1068)
Locked svchost.exe (1164)
Locked svchost.exe (1200)
Locked LVPrcSrv.exe (1216)
Locked svchost.exe (1288)
Locked audiodg.exe (1340)
Locked SLsvc.exe (1368)
Locked svchost.exe (1404)
Locked svchost.exe (1520)
Locked rundll32.exe (1544)
Locked LEXBCES.EXE (1724)
Locked LEXPPS.EXE (1744)
Locked spoolsv.exe (1792)
Locked svchost.exe (1848)
Locked MemCheck.exe (944)
Locked avgwdsvc.exe (1244)
Locked mDNSResponder.exe (1496)
Locked LSSrvc.exe (1716)
Locked LVComSer.exe (2056)
Locked svchost.exe (2128)
Locked RichVideo.exe (2156)
Locked svchost.exe (2196)
Locked avgrsx.exe (2276)
Locked svchost.exe (2448)
Locked SearchIndexer.exe (2568)
Locked eRecoveryService.exe (2628)
Locked WUDFHost.exe (2856)
______ C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe (3108)
Locked taskeng.exe (3224)
______ C:\Windows\system32\Dwm.exe (3236)
______ C:\Windows\system32\taskeng.exe (3336)
Locked pav.exe (3356)
______ C:\Windows\Explorer.EXE (3376)
______ C:\Program Files\Logitech\QuickCam\Quickcam.exe (3780)
______ C:\Program Files\Java\jre6\bin\jusched.exe (3836)
______ C:\Windows\RtHDVCpl.exe (3868)
______ C:\Program Files\Microsoft IntelliType Pro\itype.exe (3880)
______ C:\Program Files\Microsoft IntelliPoint\ipoint.exe (3892)
______ C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (3940)
______ C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (3980)
______ C:\Windows\System32\SysMonitor.exe (4016)
______ C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (2284)
______ C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe (2656)
______ C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe (1448)
______ C:\Program Files\Common Files\Real\Update_OB\realsched.exe (772)
______ C:\Program Files\AVG\AVG8\avgtray.exe (652)
______ C:\Windows\System32\rundll32.exe (3140)
______ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (3672)
______ C:\Program Files\Windows Sidebar\sidebar.exe (1276)
______ C:\Program Files\Microsoft Money\System\mnyexpr.exe (2028)
______ C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe (3864)
______ C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (3748)
Locked FNPLicensingService.exe (3648)
______ C:\Program Files\Windows Media Player\wmpnscfg.exe (1320)
Locked wmpnetwk.exe (4212)
______ C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE (4372)
______ C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe (4396)
______ C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE (4432)
______ C:\Windows\system32\wbem\unsecapp.exe (4476)
Locked WmiPrvSE.exe (4556)
Locked taskeng.exe (5292)
______ C:\Program Files\Internet Explorer\IEUser.exe (4808)
______ C:\Program Files\AVG\AVG8\avgui.exe (3760)
______ C:\Program Files\AVG\AVG8\avgcsrvx.exe (4996)
______ C:\Program Files\Internet Explorer\iexplore.exe (5404)
______ C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe (6376)
______ C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE (7692)
______ C:\Program Files\AVG\AVG8\avgcsrvx.exe (7400)
Locked SearchProtocolHost.exe (7388)
Locked SearchFilterHost.exe (6204)
______ C:\Users\Mom\Desktop\Rooter.exe (7640)
¨
----------------------\\ Device\Harddisk0\
¨
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
¨
\Device\Harddisk0\Partition1 (Start_Offset:32256 | Length:7336917504)
\Device\Harddisk0\Partition2 --[ MBR ]-- (Start_Offset:7336949760 | Length:156551754240)
\Device\Harddisk0\Partition3 (Start_Offset:163888704000 | Length:156181616640)
¨
----------------------\\ Scheduled Tasks
¨
C:\Windows\Tasks\Google Software Updater.job
C:\Windows\Tasks\PersonalAV.job
C:\Windows\Tasks\SA.DAT
C:\Windows\Tasks\SCHEDLGU.TXT
C:\Windows\Tasks\User_Feed_Synchronization-{A249CA1C-73FF-454C-9856-BDDCA3E13548}.job
¨
----------------------\\ Registry
¨
¨
----------------------\\ Files & Folders
¨
----------------------\\ Scan completed at 07:41.15
¨
C:\Rooter$\Rooter_1.txt - (20/06/2009 | 07:41.15)

Edited by nannyjoat, 20 June 2009 - 06:50 AM.

  • 0

#3
nannyjoat
Posted 20 June 2009 - 06:58 AM

nannyjoat

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
OTL logfile created on: 6/20/2009 7:49:35 AM - Run 1
OTL by OldTimer - Version 2.1.1.0 Folder = C:\Users\Mom\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.75 Gb Total Physical Memory | 0.84 Gb Available Physical Memory | 48.23% Memory free
3.74 Gb Paging File | 2.23 Gb Available in Paging File | 59.53% Paging File free
Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 145.80 Gb Total Space | 71.18 Gb Free Space | 48.82% Space Free | Partition Type: NTFS
Drive D: | 145.46 Gb Total Space | 145.36 Gb Free Space | 99.94% Space Free | Partition Type: NTFS
Drive E: | 284.43 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MOM-PC
Current User Name: Mom
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation)
PRC - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Windows\System32\LEXBCES.EXE (Lexmark International, Inc.)
PRC - C:\Windows\System32\LEXPPS.EXE (Lexmark International, Inc.)
PRC - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe ()
PRC - C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Computer, Inc.)
PRC - C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
PRC - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
PRC - C:\Program Files\CyberLink\Shared Files\RichVideo.exe ()
PRC - C:\Program Files\AVG\AVG8\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
PRC - C:\Windows\system32\WUDFHost.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
PRC - C:\Program Files\PersonalAV\pav.exe ()
PRC - C:\Windows\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
PRC - C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (HiTRUST)
PRC - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
PRC - C:\Windows\System32\SysMonitor.exe ()
PRC - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (CANON INC.)
PRC - C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe (Nuance Communications, Inc.)
PRC - C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe ()
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Money\System\mnyexpr.exe (Microsoft Corp.)
PRC - C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe ()
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
PRC - C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE (Acer Inc.)
PRC - C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe ()
PRC - C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE (Acer Inc.)
PRC - C:\Windows\system32\wbem\unsecapp.exe (Microsoft Corporation)
PRC - C:\Windows\system32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\Program Files\Internet Explorer\IEUser.exe (Microsoft Corporation)
PRC - C:\Program Files\AVG\AVG8\avgui.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe (Google Inc.)
PRC - C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE (Microsoft Corporation)
PRC - C:\Program Files\AVG\AVG8\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Users\Mom\Desktop\OTL.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (AcerMemUsageCheckService [Auto | Running]) -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe ()
SRV - (Adobe LM Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (Adobe Version Cue CS3 [On_Demand | Stopped]) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe (Adobe Systems Incorporated)
SRV - (avg8wd [Auto | Running]) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Computer, Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (CLTNetCnService [Auto | Stopped]) -- File not found
SRV - (ehRecvr [On_Demand | Stopped]) -- C:\Windows\ehome\ehRecvr.exe (Microsoft Corporation)
SRV - (ehSched [On_Demand | Stopped]) -- C:\Windows\ehome\ehsched.exe (Microsoft Corporation)
SRV - (ehstart [Auto | Stopped]) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation)
SRV - (eRecoveryService [Auto | Running]) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
SRV - (FLEXnet Licensing Service [On_Demand | Running]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (gusvc [Auto | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (idsvc [Unknown | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (LexBceS [Auto | Running]) -- C:\Windows\System32\LEXBCES.EXE (Lexmark International, Inc.)
SRV - (LightScribeService [Auto | Running]) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (LVCOMSer [Auto | Running]) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
SRV - (LVPrcSrv [Auto | Running]) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (nvsvc [Auto | Running]) -- C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation)
SRV - (odserv [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (RichVideo [Auto | Running]) -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe ()
SRV - (WinDefend [Auto | Running]) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc [Auto | Running]) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (adp94xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (adpahci [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (adpu160m [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (adpu320 [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (aic78xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (aliide [Disabled | Stopped]) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (arc [Disabled | Stopped]) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (arcsas [Disabled | Stopped]) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (AvgLdx86 [System | Running]) -- C:\Windows\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86 [System | Running]) -- C:\Windows\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (BrFiltLo [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (Brserid [Disabled | Stopped]) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrSerWdm [Disabled | Stopped]) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm [Disabled | Stopped]) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (cmdide [Disabled | Stopped]) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (E1G60 [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\E1G60I32.sys (Intel Corporation)
DRV - (elxstor [Disabled | Stopped]) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (HpCISSs [Disabled | Stopped]) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (iaStorV [Disabled | Stopped]) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (iirsp [Disabled | Stopped]) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (int15 [Auto | Running]) -- C:\Acer\Empowering Technology\eRecovery\int15.sys ()
DRV - (IntcAzAudAddService [On_Demand | Running]) -- C:\Windows\system32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (iteatapi [Disabled | Stopped]) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (iteraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (LSI_FC [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (LSI_SAS [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (LSI_SCSI [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LVcKap [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\LVcKap.sys ()
DRV - (LVMVDrv [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\LVMVDrv.sys (Logitech Inc.)
DRV - (lvpopflt [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\lvpopflt.sys (Logitech Inc.)
DRV - (LVPr2Mon [On_Demand | Running]) -- C:\Windows\system32\Drivers\LVPr2Mon.sys ()
DRV - (LVUSBSta [On_Demand | Running]) -- C:\Windows\system32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (LVUVC [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\lvuvc.sys (Logitech Inc.)
DRV - (megasas [Disabled | Stopped]) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (Mraid35x [Disabled | Stopped]) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (nfrd960 [Disabled | Stopped]) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (NTIDrvr [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV - (ntrigdigi [Disabled | Stopped]) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (nvlddmkm [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\nvlddmkm.sys (NVIDIA Corporation)
DRV - (nvraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor [Boot | Running]) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvstor32 [Boot | Running]) -- C:\Windows\system32\drivers\nvstor32.sys (NVIDIA Corporation)
DRV - (Point32 [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\point32k.sys (Microsoft Corporation)
DRV - (PSDFilter [Boot | Running]) -- C:\Windows\system32\DRIVERS\psdfilter.sys (HiTRUST)
DRV - (PSDNServ [Boot | Running]) -- C:\Windows\system32\drivers\PSDNServ.sys (HiTRUST)
DRV - (psdvdisk [Boot | Running]) -- C:\Windows\system32\drivers\psdvdisk.sys (HiTRUST)
DRV - (ql2300 [Disabled | Stopped]) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (ql40xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (secdrv [Auto | Running]) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (SiSRaid2 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (SiSRaid4 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (smserial [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\smserial.sys (Motorola Inc.)
DRV - (SQTECH905C [On_Demand | Stopped]) -- C:\Windows\System32\Drivers\Capt905c.sys (Service & Quality Technology.)
DRV - (Symc8xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_hi [Disabled | Stopped]) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Sym_u3 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (UBHelper [Boot | Running]) -- C:\Windows\System32\drivers\UBHelper.sys ()
DRV - (uliahci [Disabled | Stopped]) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (UlSata [Disabled | Stopped]) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (ulsata2 [Disabled | Stopped]) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (usbaudio [On_Demand | Stopped]) -- C:\Windows\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (viaide [Disabled | Stopped]) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (vsmraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (yukonwlh [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\yk60x86.sys (Marvell)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.us.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://en.us.acer.yahoo.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SEARCH PAGE = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo....e...-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.co...-8&oe=UTF-8&q="
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.neopets.com/nf.phtml"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0.2
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5
FF - prefs.js..extensions.enabledItems: [email protected]:2.506.014.001
FF - prefs.js..extensions.enabledItems: {c4d362ec-1cff-4ca0-9031-99a8fad7995a}:1.10.2009050501
FF - prefs.js..extensions.enabledItems: [email protected]:3.0.20
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20090123.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {2cb97724-d789-4f43-8888-a763cbb8df6f}:3.0.2564.27062
FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:3.0.0
FF - prefs.js..extensions.enabledItems: {29c4afe1-db19-4298-8785-fcc94d1d6c1d}:0.6.2009050101
FF - prefs.js..extensions.enabledItems: {DAD0F81A-CF67-4eed-98D6-26F6E47274CA}:1.3
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.11

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD [2008/06/18 22:18:15 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\PROGRAM FILES\AVG\AVG8\FIREFOX [2009/06/17 09:40:29 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009/06/02 01:56:36 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\AVG\AVG8\TOOLBAR\FIREFOX\[email protected] [2009/06/16 15:56:19 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/06/14 18:00:54 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/06/14 18:00:54 | 00,000,000 | ---D | M]

[2009/01/07 22:22:30 | 00,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\mozilla\Extensions
[2009/01/07 22:22:30 | 00,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/06/18 05:46:28 | 00,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\mozilla\Firefox\Profiles\4h8a6hi0.default\extensions
[2009/05/08 06:02:24 | 00,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\mozilla\Firefox\Profiles\4h8a6hi0.default\extensions\{29c4afe1-db19-4298-8785-fcc94d1d6c1d}
[2009/03/19 03:12:49 | 00,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\mozilla\Firefox\Profiles\4h8a6hi0.default\extensions\{2cb97724-d789-4f43-8888-a763cbb8df6f}
[2009/01/08 21:16:14 | 00,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\mozilla\Firefox\Profiles\4h8a6hi0.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}
[2009/05/08 06:02:22 | 00,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\mozilla\Firefox\Profiles\4h8a6hi0.default\extensions\{c4d362ec-1cff-4ca0-9031-99a8fad7995a}
[2009/04/17 02:12:51 | 00,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\mozilla\Firefox\Profiles\4h8a6hi0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/01/07 22:29:23 | 00,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\mozilla\Firefox\Profiles\4h8a6hi0.default\extensions\{DAD0F81A-CF67-4eed-98D6-26F6E47274CA}
[2009/03/25 11:06:39 | 00,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\mozilla\Firefox\Profiles\4h8a6hi0.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2009/02/28 17:41:05 | 00,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\mozilla\Firefox\Profiles\4h8a6hi0.default\extensions\[email protected]
[2009/05/09 00:03:22 | 00,000,891 | ---- | M] () -- C:\Users\Mom\AppData\Roaming\Mozilla\FireFox\Profiles\4h8a6hi0.default\searchplugins\dictionarycom.xml
[2009/02/07 16:42:03 | 00,001,831 | ---- | M] () -- C:\Users\Mom\AppData\Roaming\Mozilla\FireFox\Profiles\4h8a6hi0.default\searchplugins\jellyneo-item-database-search.xml
[2009/04/20 01:22:13 | 00,000,945 | ---- | M] () -- C:\Users\Mom\AppData\Roaming\Mozilla\FireFox\Profiles\4h8a6hi0.default\searchplugins\youtube-video-search.xml
[2009/03/19 03:12:53 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2007/07/23 19:53:52 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009/06/14 18:00:54 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2007/10/19 19:34:05 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
[2008/03/18 18:17:04 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
[2008/07/12 09:34:42 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2009/02/01 20:50:43 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2007/07/23 19:53:44 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\[email protected]
[2009/06/14 18:00:51 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/06/14 18:00:51 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/04/23 13:09:15 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/04/23 13:09:15 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/06/13 10:53:20 | 00,001,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg_igeared.xml
[2009/04/23 13:09:15 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/04/23 13:09:15 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/04/23 13:09:15 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/04/23 13:09:15 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/04/23 13:09:15 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (287982 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.123haustiereundmehr.com
O1 - Hosts: 9925 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe [2007/08/12 20:25:38 | 00,000,000 | ---D | M]
O2 - BHO: (no name) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - Reg Error: Key error. File not found
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - Reg Error: Key error. File not found
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe [2007/08/12 20:25:38 | 00,000,000 | ---D | M]
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll (HiTRUST)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll (HiTRUST)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acer Assist Launcher] C:\Program Files\Acer Assist\launcher.exe ()
O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Windows\system32\SysMonitor.exe ()
O4 - HKLM..\Run: [Acer Product Registration] "C:\Program Files\Acer Registration\ACE1.exe" /startup (Leader Technologies)
O4 - HKLM..\Run: [Acer Tour] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon (CANON INC.)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (HiTRUST)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" (Microsoft Corporation)
O4 - HKLM..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe" (Microsoft Corporation)
O4 - HKLM..\Run: [Lexmark 3100 Series] "C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe" File not found
O4 - HKLM..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe" File not found
O4 - HKLM..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide ()
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" (Nuance Communications, Inc.)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [RtHDVCpl] RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide (Microsoft Corporation)
O4 - HKLM..\Run: [WrtMon.exe] C:\Windows\system32\spool\drivers\w32x86\3\WrtMon.exe ()
O4 - HKCU..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup (Macrovision Corporation)
O4 - HKCU..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech)
O4 - HKCU..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe" (Microsoft Corp.)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (Microsoft Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
O4 - HKCU..\Run: [捁牥吠畯r] File not found
O4 - HKCU..\Run: [捁牥吠畯⁲敒業摮牥] 㩃䅜散屲捁牥潔牵剜浥湩敤⹲硥e File not found
O4 - HKCU..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~2.EXE -Update -1103471 -"Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.8" -"http://www.neopets.c...0&quality=high" (Adobe Systems, Inc.)
O4 - Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exe (Acer Inc.)
O4 - Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe (Logitech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html (Adobe Systems Incorporated)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [@%SystemRoot%\system32\nlasvc.dll,-1000] - C:\Windows\system32\NLAapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [@%SystemRoot%\system32\napinsp.dll,-1000] - C:\Windows\system32\napinsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [@%SystemRoot%\system32\pnrpnsp.dll,-1000] - C:\Windows\system32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [@%SystemRoot%\system32\pnrpnsp.dll,-1001] - C:\Windows\system32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.nvidia.co.../sysreqlab3.cab (System Requirements Lab Class)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.co...iaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} http://3dlifeplayer....r_installer.exe (Virtools WebPlayer Class)
O18 - Protocol\Handler\bw+0 {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw+0s {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw-0 {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw00 {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw00s {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw-0s {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw10 {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw10s {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw20 {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw20s {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw30 {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw30s {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw40 {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw40s {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw50 {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw50s {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw60 {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw60s {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw70 {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw70s {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw80 {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw80s {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw90 {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw90s {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwa0 {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwa0s {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwb0 {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwb0s {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwc0 {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwc0s {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwd0 {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwd0s {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwe0 {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwe0s {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwf0 {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwf0s {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwg0 {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwg0s {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwh0 {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwh0s {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwi0 {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwi0s {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwj0 {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwj0s {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwk0 {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwk0s {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwl0 {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwl0s {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwm0 {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwm0s {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwn0 {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwn0s {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwo0 {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwo0s {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwp0 {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwp0s {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwq0 {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwq0s {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwr0 {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwr0s {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bws0 {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bws0s {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwt0 {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwt0s {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwu0 {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwu0s {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwv0 {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwv0s {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bww0 {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bww0s {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwx0 {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwx0s {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwy0 {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwy0s {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwz0 {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwz0s {7880dbe3-0115-449f-a978-21c8e945a2ad} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\offline-8876480 {7880DBE3-0115-449F-A978-21C8E945A2AD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - x-sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\system32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{8e3cd411-54a8-11dd-918e-001921e2df15}\Shell - "" = AutoRun
O33 - MountPoints2\{8e3cd411-54a8-11dd-918e-001921e2df15}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -- File not found
O33 - MountPoints2\{e69abe3e-53bb-11de-9d15-001921e2df15}\Shell - "" = AutoRun
O33 - MountPoints2\{e69abe3e-53bb-11de-9d15-001921e2df15}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - * [2009/06/20 07:43:50 | 00,000,000 | R--D | M]

========== Files/Folders - Created Within 30 Days ==========

[2009/06/20 07:43:46 | 00,501,760 | ---- | C] (OldTimer Tools) -- C:\Users\Mom\Desktop\OTL.exe
[2009/06/20 07:41:15 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/06/20 07:40:30 | 00,170,711 | ---- | C] (Eric_71) -- C:\Users\Mom\Desktop\Rooter.exe
[2009/06/18 21:05:53 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT
[2009/06/18 20:59:56 | 00,000,737 | ---- | C] () -- C:\Users\Mom\Desktop\NTREGOPT.lnk
[2009/06/18 20:59:56 | 00,000,718 | ---- | C] () -- C:\Users\Mom\Desktop\ERUNT.lnk
[2009/06/18 20:59:52 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/06/18 20:37:14 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\Mom\Desktop\erunt_setup.exe
[2009/06/18 20:36:17 | 00,021,504 | ---- | C] (Doug Knox) -- C:\Users\Mom\Desktop\SysRestorePoint.exe
[2009/06/18 20:35:30 | 00,264,704 | ---- | C] (OldTimer Tools) -- C:\Users\Mom\Desktop\TFC.exe
[2009/06/18 19:49:40 | 00,000,000 | ---D | C] -- C:\Users\Mom\AppData\Roaming\Malwarebytes
[2009/06/18 19:49:39 | 00,000,822 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/06/18 19:49:36 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/06/18 19:49:35 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/06/18 19:49:35 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/06/18 19:49:34 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/06/18 15:08:46 | 00,000,000 | ---D | C] -- C:\Program Files\Disney
[2009/06/18 09:14:45 | 00,374,272 | ---- | C] () -- C:\Windows\System32\msxmlm.dll
[2009/06/18 09:14:29 | 00,000,222 | ---- | C] () -- C:\Windows\tasks\PersonalAV.job
[2009/06/18 09:14:29 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Uninstall
[2009/06/18 09:14:21 | 00,000,000 | ---D | C] -- C:\Program Files\PersonalAV
[2009/06/14 05:19:52 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009/06/12 08:29:20 | 00,000,000 | ---D | C] -- C:\ProgramData\AVG Security Toolbar
[2009/06/11 06:18:36 | 02,034,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2009/06/11 06:18:34 | 00,623,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2009/06/11 06:18:32 | 00,784,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
[2009/06/11 06:18:30 | 03,597,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2009/06/11 06:18:27 | 01,167,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
[2009/06/11 06:18:26 | 00,828,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[2009/06/11 06:18:25 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2009/06/08 15:59:44 | 00,036,031 | ---- | C] () -- C:\Users\Mom\Documents\RecipeID=1.pdf
[2009/06/08 08:36:30 | 00,000,000 | ---D | C] -- C:\HiTRUSTDrive
[2009/06/06 18:03:33 | 00,000,000 | ---D | C] -- C:\Users\Mom\Documents\Pumpkin Carvings
[2009/06/06 17:43:57 | 00,000,000 | ---D | C] -- C:\Users\Mom\Documents\Hubs
[2009/06/02 06:27:02 | 00,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2009/06/02 06:27:02 | 00,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2009/06/02 06:26:59 | 00,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2009/06/02 06:16:27 | 00,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2009/06/02 06:15:42 | 12,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2009/06/02 06:15:40 | 01,081,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCExt.dll
[2009/06/02 06:15:39 | 03,408,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe
[2009/06/02 06:15:38 | 02,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FunctionDiscoveryFolder.dll
[2009/06/02 06:15:38 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingWizard.exe
[2009/06/02 06:15:37 | 02,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2009/06/02 06:15:35 | 01,480,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2009/06/02 06:15:34 | 01,576,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2009/06/02 06:15:34 | 00,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys
[2009/06/02 06:15:33 | 01,257,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2009/06/02 06:15:33 | 00,928,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavenge.dll
[2009/06/02 06:15:33 | 00,779,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2009/06/02 06:15:33 | 00,561,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hdaudbus.sys
[2009/06/02 06:15:33 | 00,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2009/06/02 06:15:33 | 00,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2009/06/02 06:15:32 | 02,241,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msi.dll
[2009/06/02 06:15:31 | 02,499,629 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2009/06/02 06:15:31 | 00,968,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz2.dll
[2009/06/02 06:15:31 | 00,677,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2009/06/02 06:15:31 | 00,558,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmain.dll
[2009/06/02 06:15:31 | 00,476,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2009/06/02 06:15:31 | 00,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WscEapPr.dll
[2009/06/02 06:15:30 | 02,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2009/06/02 06:15:30 | 00,619,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2009/06/02 06:15:29 | 06,079,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
[2009/06/02 06:15:29 | 01,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll
[2009/06/02 06:15:29 | 00,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmv2clt.dll
[2009/06/02 06:15:29 | 00,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe
[2009/06/02 06:15:29 | 00,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll
[2009/06/02 06:15:29 | 00,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe
[2009/06/02 06:15:28 | 00,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2009/06/02 06:15:28 | 00,438,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2009/06/02 06:15:28 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll
[2009/06/02 06:15:27 | 11,584,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
[2009/06/02 06:15:26 | 00,644,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2psvc.dll
[2009/06/02 06:15:26 | 00,441,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe
[2009/06/02 06:15:25 | 00,670,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2009/06/02 06:15:25 | 00,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2VDEC.DLL
[2009/06/02 06:15:25 | 00,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2009/06/02 06:15:25 | 00,351,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2009/06/02 06:15:25 | 00,278,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscoree.dll
[2009/06/02 06:15:25 | 00,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2009/06/02 06:15:24 | 03,601,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2009/06/02 06:15:24 | 01,459,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esent.dll
[2009/06/02 06:15:24 | 00,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10K.DLL
[2009/06/02 06:15:24 | 00,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2009/06/02 06:15:23 | 00,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairing.dll
[2009/06/02 06:15:23 | 00,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2009/06/02 06:15:23 | 00,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sperror.dll
[2009/06/02 06:15:22 | 01,017,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtsvc.dll
[2009/06/02 06:15:22 | 00,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IasMigReader.exe
[2009/06/02 06:15:22 | 00,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2009/06/02 06:15:22 | 00,228,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLC.dll
[2009/06/02 06:15:22 | 00,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
[2009/06/02 06:15:22 | 00,041,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2009/06/02 06:15:21 | 10,624,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmp.dll
[2009/06/02 06:15:21 | 00,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2009/06/02 06:15:20 | 03,549,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2009/06/02 06:15:20 | 02,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2009/06/02 06:15:20 | 01,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjet40.dll
[2009/06/02 06:15:20 | 00,407,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MPSSVC.dll
[2009/06/02 06:15:19 | 01,381,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Query.dll
[2009/06/02 06:15:19 | 01,336,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6.dll
[2009/06/02 06:15:19 | 01,078,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2009/06/02 06:15:19 | 00,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2009/06/02 06:15:19 | 00,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qmgr.dll
[2009/06/02 06:15:19 | 00,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexch40.dll
[2009/06/02 06:15:18 | 01,316,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll
[2009/06/02 06:15:18 | 01,202,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll
[2009/06/02 06:15:18 | 01,183,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3.dll
[2009/06/02 06:15:18 | 00,986,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2009/06/02 06:15:18 | 00,950,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2009/06/02 06:15:18 | 00,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2PGraph.dll
[2009/06/02 06:15:18 | 00,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2009/06/02 06:15:17 | 02,092,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfsr.exe
[2009/06/02 06:15:17 | 01,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe
[2009/06/02 06:15:17 | 00,466,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched20.dll
[2009/06/02 06:15:17 | 00,454,144 | ---- | C] (Microsoft) -- C:\Windows\System32\IasMigPlugin.dll
[2009/06/02 06:15:17 | 00,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2009/06/02 06:15:17 | 00,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll
[2009/06/02 06:15:17 | 00,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2009/06/02 06:15:17 | 00,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBth.dll
[2009/06/02 06:15:16 | 02,012,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll
[2009/06/02 06:15:16 | 01,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2009/06/02 06:15:16 | 00,897,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpip.sys
[2009/06/02 06:15:16 | 00,891,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
[2009/06/02 06:15:16 | 00,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2009/06/02 06:15:16 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SearchProtocolHost.exe
[2009/06/02 06:15:16 | 00,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spoolss.dll
[2009/06/02 06:15:16 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
[2009/06/02 06:15:16 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SearchFilterHost.exe
[2009/06/02 06:15:15 | 00,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpedit.dll
[2009/06/02 06:15:15 | 00,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2009/06/02 06:15:15 | 00,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schedsvc.dll
[2009/06/02 06:15:15 | 00,512,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2009/06/02 06:15:15 | 00,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp60.dll
[2009/06/02 06:15:15 | 00,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjtes40.dll
[2009/06/02 06:15:15 | 00,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayDriverLib.dll
[2009/06/02 06:15:15 | 00,099,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2009/06/02 06:15:15 | 00,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man
[2009/06/02 06:15:14 | 03,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2009/06/02 06:15:14 | 00,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\es.dll
[2009/06/02 06:15:13 | 01,083,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ntfs.sys
[2009/06/02 06:15:13 | 00,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll
[2009/06/02 06:15:13 | 00,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Magnify.exe
[2009/06/02 06:15:13 | 00,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstext40.dll
[2009/06/02 06:15:13 | 00,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationSettings.exe
[2009/06/02 06:15:13 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll
[2009/06/02 06:15:12 | 01,524,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll
[2009/06/02 06:15:12 | 01,209,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comsvcs.dll
[2009/06/02 06:15:12 | 01,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll
[2009/06/02 06:15:12 | 00,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxbde40.dll
[2009/06/02 06:15:12 | 00,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexcl40.dll
[2009/06/02 06:15:12 | 00,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2009/06/02 06:15:12 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2009/06/02 06:15:12 | 00,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WebClnt.dll
[2009/06/02 06:15:12 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll
[2009/06/02 06:15:11 | 02,066,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstscax.dll
[2009/06/02 06:15:11 | 01,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2009/06/02 06:15:11 | 01,086,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NetProjW.dll
[2009/06/02 06:15:11 | 00,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrepl40.dll
[2009/06/02 06:15:11 | 00,640,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2009/06/02 06:15:11 | 00,469,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll
[2009/06/02 06:15:11 | 00,461,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2009/06/02 06:15:11 | 00,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2009/06/02 06:15:11 | 00,323,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2009/06/02 06:15:10 | 02,926,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2009/06/02 06:15:10 | 01,591,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll
[2009/06/02 06:15:10 | 00,978,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\crypt32.dll
[2009/06/02 06:15:10 | 00,754,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll
[2009/06/02 06:15:10 | 00,576,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpsvc.dll
[2009/06/02 06:15:10 | 00,550,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpcss.dll
[2009/06/02 06:15:10 | 00,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2009/06/02 06:15:10 | 00,398,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2009/06/02 06:15:10 | 00,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2009/06/02 06:15:10 | 00,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2009/06/02 06:15:10 | 00,102,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2009/06/02 06:15:09 | 01,788,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2009/06/02 06:15:09 | 01,135,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2009/06/02 06:15:09 | 00,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbde40.dll
[2009/06/02 06:15:09 | 00,353,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll
[2009/06/02 06:15:09 | 00,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd3x40.dll
[2009/06/02 06:15:09 | 00,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msltus40.dll
[2009/06/02 06:15:09 | 00,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/06/02 06:15:09 | 00,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/06/02 06:15:09 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll
[2009/06/02 06:15:09 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorPwdMgr.dll
[2009/06/02 06:15:08 | 03,662,128 | ---- | C] () -- C:\Windows\System32\locale.nls
[2009/06/02 06:15:08 | 01,324,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browseui.dll
[2009/06/02 06:15:08 | 01,053,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2009/06/02 06:15:08 | 00,627,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\user32.dll
[2009/06/02 06:15:08 | 00,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgkrnl.sys
[2009/06/02 06:15:08 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\photowiz.dll
[2009/06/02 06:15:08 | 00,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
[2009/06/02 06:15:08 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
[2009/06/02 06:15:07 | 01,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2009/06/02 06:15:07 | 00,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2009/06/02 06:15:07 | 00,614,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2009/06/02 06:15:07 | 00,582,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll
[2009/06/02 06:15:07 | 00,563,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll
[2009/06/02 06:15:07 | 00,497,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kerberos.dll
[2009/06/02 06:15:07 | 00,483,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\samsrv.dll
[2009/06/02 06:15:07 | 00,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll
[2009/06/02 06:15:07 | 00,438,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IKEEXT.DLL
[2009/06/02 06:15:07 | 00,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2009/06/02 06:15:07 | 00,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msv1_0.dll
[2009/06/02 06:15:07 | 00,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WcnNetsh.dll
[2009/06/02 06:15:06 | 03,174,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netshell.dll
[2009/06/02 06:15:06 | 01,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apds.dll
[2009/06/02 06:15:06 | 00,618,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswstr10.dll
[2009/06/02 06:15:06 | 00,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\emdmgmt.dll
[2009/06/02 06:15:06 | 00,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winhttp.dll
[2009/06/02 06:15:06 | 00,315,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiosrv.dll
[2009/06/02 06:15:06 | 00,225,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdbss.sys
[2009/06/02 06:15:06 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compcln.exe
[2009/06/02 06:15:06 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
[2009/06/02 06:15:05 | 01,160,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2009/06/02 06:15:05 | 01,055,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VSSVC.exe
[2009/06/02 06:15:05 | 00,807,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll
[2009/06/02 06:15:05 | 00,679,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll
[2009/06/02 06:15:05 | 00,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe
[2009/06/02 06:15:05 | 00,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2009/06/02 06:15:05 | 00,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QAGENTRT.DLL
[2009/06/02 06:15:05 | 00,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll
[2009/06/02 06:15:05 | 00,223,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2009/06/02 06:15:05 | 00,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iphlpsvc.dll
[2009/06/02 06:15:05 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2009/06/02 06:15:05 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxdav.sys
[2009/06/02 06:15:04 | 01,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll
[2009/06/02 06:15:04 | 00,926,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2009/06/02 06:15:04 | 00,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2009/06/02 06:15:04 | 00,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2009/06/02 06:15:04 | 00,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd2x40.dll
[2009/06/02 06:15:04 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
[2009/06/02 06:15:04 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBSTOR.SYS
[2009/06/02 06:15:03 | 01,856,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2009/06/02 06:15:03 | 00,196,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbhub.sys
[2009/06/02 06:15:03 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtutil.exe
[2009/06/02 06:15:03 | 00,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll
[2009/06/02 06:15:02 | 02,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2009/06/02 06:15:02 | 00,747,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmSvc.dll
[2009/06/02 06:15:02 | 00,502,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll
[2009/06/02 06:15:02 | 00,477,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmled.dll
[2009/06/02 06:15:02 | 00,385,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vds.exe
[2009/06/02 06:15:02 | 00,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2009/06/02 06:15:02 | 00,311,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\swprv.dll
[2009/06/02 06:15:01 | 01,533,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz.dll
[2009/06/02 06:15:01 | 00,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netlogon.dll
[2009/06/02 06:15:01 | 00,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2009/06/02 06:15:01 | 00,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devmgr.dll
[2009/06/02 06:15:01 | 00,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BFE.DLL
[2009/06/02 06:15:01 | 00,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schannel.dll
[2009/06/02 06:15:01 | 00,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldpc.dll
[2009/06/02 06:15:01 | 00,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2009/06/02 06:15:01 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfp.dll
[2009/06/02 06:15:01 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingProxy.dll
[2009/06/02 06:15:01 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
[2009/06/02 06:15:01 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBthProxy.dll
[2009/06/02 06:15:00 | 01,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2009/06/02 06:15:00 | 01,143,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe
[2009/06/02 06:15:00 | 00,712,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
[2009/06/02 06:15:00 | 00,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2009/06/02 06:15:00 | 00,450,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll
[2009/06/02 06:15:00 | 00,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2009/06/02 06:15:00 | 00,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2009/06/02 06:15:00 | 00,287,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll
[2009/06/02 06:15:00 | 00,279,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\services.exe
[2009/06/02 06:15:00 | 00,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
[2009/06/02 06:15:00 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quick.ime
[2009/06/02 06:15:00 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qintlgnt.ime
[2009/06/02 06:15:00 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\phon.ime
[2009/06/02 06:15:00 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cintlgnt.ime
[2009/06/02 06:15:00 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chajei.ime
[2009/06/02 06:15:00 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2009/06/02 06:14:59 | 00,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2009/06/02 06:14:59 | 00,856,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswdat10.dll
[2009/06/02 06:14:59 | 00,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2009/06/02 06:14:59 | 00,560,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2009/06/02 06:14:59 | 00,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcncsvc.dll
[2009/06/02 06:14:59 | 00,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2009/06/02 06:14:59 | 00,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2009/06/02 06:14:59 | 00,323,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certcli.dll
[2009/06/02 06:14:59 | 00,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2009/06/02 06:14:59 | 00,222,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\umpnpmgr.dll
[2009/06/02 06:14:59 | 00,180,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\msiscsi.sys
[2009/06/02 06:14:59 | 00,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
[2009/06/02 06:14:59 | 00,168,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnsapi.dll
[2009/06/02 06:14:59 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reg.exe
[2009/06/02 06:14:59 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjter40.dll
[2009/06/02 06:14:59 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
[2009/06/02 06:14:59 | 00,035,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2009/06/02 06:14:58 | 00,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2009/06/02 06:14:58 | 00,527,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ndis.sys
[2009/06/02 06:14:58 | 00,364,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IPSECSVC.DLL
[2009/06/02 06:14:58 | 00,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2009/06/02 06:14:58 | 00,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv.sys
[2009/06/02 06:14:58 | 00,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w32time.dll
[2009/06/02 06:14:58 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
[2009/06/02 06:14:58 | 00,241,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll
[2009/06/02 06:14:58 | 00,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2009/06/02 06:14:58 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2009/06/02 06:14:58 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthserv.dll
[2009/06/02 06:14:58 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[2009/06/02 06:14:57 | 00,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcomm.dll
[2009/06/02 06:14:57 | 00,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll
[2009/06/02 06:14:57 | 00,343,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2009/06/02 06:14:57 | 00,310,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxclu.dll
[2009/06/02 06:14:57 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll
[2009/06/02 06:14:57 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2009/06/02 06:14:57 | 00,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2009/06/02 06:14:57 | 00,129,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cryptsvc.dll
[2009/06/02 06:14:57 | 00,122,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetpp.dll
[2009/06/02 06:14:57 | 00,093,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfshim.dll
[2009/06/02 06:14:57 | 00,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2009/06/02 06:14:57 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
[2009/06/02 06:14:57 | 00,035,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsWpfWrp.exe
[2009/06/02 06:14:57 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hidserv.dll
[2009/06/02 06:14:56 | 01,696,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2009/06/02 06:14:56 | 00,449,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\termsrv.dll
[2009/06/02 06:14:56 | 00,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2009/06/02 06:14:56 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\profsvc.dll
[2009/06/02 06:14:56 | 00,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi.dll
[2009/06/02 06:14:55 | 01,823,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2009/06/02 06:14:55 | 01,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
[2009/06/02 06:14:55 | 01,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2009/06/02 06:14:55 | 00,262,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmans.dll
[2009/06/02 06:14:55 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassdo.dll
[2009/06/02 06:14:55 | 00,247,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsvcs.dll
[2009/06/02 06:14:55 | 00,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys
[2009/06/02 06:14:55 | 00,149,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pci.sys
[2009/06/02 06:14:55 | 00,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe
[2009/06/02 06:14:55 | 00,125,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys
[2009/06/02 06:14:55 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax
[2009/06/02 06:14:55 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msiexec.exe
[2009/06/02 06:14:55 | 00,053,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\termdd.sys
[2009/06/02 06:14:55 | 00,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2009/06/02 06:14:54 | 01,122,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appwiz.cpl
[2009/06/02 06:14:54 | 01,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pidgenx.dll
[2009/06/02 06:14:54 | 00,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2009/06/02 06:14:54 | 00,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2009/06/02 06:14:54 | 00,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollUI.dll
[2009/06/02 06:14:54 | 00,439,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ksecdd.sys
[2009/06/02 06:14:54 | 00,265,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\acpi.sys
[2009/06/02 06:14:54 | 00,258,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv
[2009/06/02 06:14:54 | 00,245,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clfs.sys
[2009/06/02 06:14:54 | 00,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdh.dll
[2009/06/02 06:14:54 | 00,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc.dll
[2009/06/02 06:14:54 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrrun.dll
[2009/06/02 06:14:54 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv2.sys
[2009/06/02 06:14:54 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wersvc.dll
[2009/06/02 06:14:54 | 00,122,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys
[2009/06/02 06:14:54 | 00,109,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2009/06/02 06:14:54 | 00,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2009/06/02 06:14:54 | 00,054,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\partmgr.sys
[2009/06/02 06:14:54 | 00,050,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PSHED.DLL
[2009/06/02 06:14:54 | 00,035,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys
[2009/06/02 06:14:53 | 02,205,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2009/06/02 06:14:53 | 00,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2009/06/02 06:14:53 | 00,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2009/06/02 06:14:53 | 00,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe
[2009/06/02 06:14:52 | 01,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2009/06/02 06:14:52 | 00,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2009/06/02 06:14:52 | 00,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comuid.dll
[2009/06/02 06:14:52 | 00,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2009/06/02 06:14:52 | 00,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2009/06/02 06:14:52 | 00,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassam.dll
[2009/06/02 06:14:52 | 00,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spp.dll
[2009/06/02 06:14:52 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUINotify.dll
[2009/06/02 06:14:52 | 00,053,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\disk.sys
[2009/06/02 06:14:52 | 00,048,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mup.sys
[2009/06/02 06:14:52 | 00,017,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2009/06/02 06:14:51 | 00,869,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printui.dll
[2009/06/02 06:14:51 | 00,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autochk.exe
[2009/06/02 06:14:51 | 00,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2009/06/02 06:14:51 | 00,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2009/06/02 06:14:51 | 00,292,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgrx.sys
[2009/06/02 06:14:51 | 00,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2009/06/02 06:14:51 | 00,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wisptis.exe
[2009/06/02 06:14:51 | 00,226,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\volsnap.sys
[2009/06/02 06:14:51 | 00,190,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fltMgr.sys
[2009/06/02 06:14:51 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll
[2009/06/02 06:14:51 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasnap.dll
[2009/06/02 06:14:51 | 00,099,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2009/06/02 06:14:51 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
[2009/06/02 06:14:51 | 00,043,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys
[2009/06/02 06:14:51 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2009/06/02 06:14:50 | 01,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onex.dll
[2009/06/02 06:14:50 | 00,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2009/06/02 06:14:50 | 00,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2009/06/02 06:14:50 | 00,161,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\msrpc.sys
[2009/06/02 06:14:50 | 00,141,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ecache.sys
[2009/06/02 06:14:50 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2009/06/02 06:14:50 | 00,130,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2009/06/02 06:14:50 | 00,027,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys
[2009/06/02 06:14:50 | 00,017,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdcom.dll
[2009/06/02 06:14:50 | 00,014,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciide.sys
[2009/06/02 06:14:49 | 00,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelMon.dll
[2009/06/02 06:14:49 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wow32.dll
[2009/06/02 06:14:49 | 00,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswsock.dll
[2009/06/02 06:14:49 | 00,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osk.exe
[2009/06/02 06:14:49 | 00,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll
[2009/06/02 06:14:49 | 00,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2009/06/02 06:14:49 | 00,019,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdusb.dll
[2009/06/02 06:14:49 | 00,019,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\atapi.sys
[2009/06/02 06:14:49 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spcmsg.dll
[2009/06/02 06:14:48 | 01,827,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2009/06/02 06:14:48 | 00,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2009/06/02 06:14:48 | 00,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Utilman.exe
[2009/06/02 06:14:48 | 00,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2009/06/02 06:14:48 | 00,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2009/06/02 06:14:48 | 00,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
[2009/06/02 06:14:48 | 00,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winmm.dll
[2009/06/02 06:14:48 | 00,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netbt.sys
[2009/06/02 06:14:48 | 00,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSCard.dll
[2009/06/02 06:14:48 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnsrslvr.dll
[2009/06/02 06:14:47 | 00,852,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2009/06/02 06:14:47 | 00,586,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\stobject.dll
[2009/06/02 06:14:47 | 00,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2009/06/02 06:14:47 | 00,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2009/06/02 06:14:47 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe
[2009/06/02 06:14:47 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2009/06/02 06:14:47 | 00,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2009/06/02 06:14:47 | 00,171,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll
[2009/06/02 06:14:47 | 00,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2009/06/02 06:14:47 | 00,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2009/06/02 06:14:47 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb.sys
[2009/06/02 06:14:47 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
[2009/06/02 06:14:46 | 00,971,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cryptui.dll
[2009/06/02 06:14:46 | 00,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnntfy.dll
[2009/06/02 06:14:46 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaservc.dll
[2009/06/02 06:14:46 | 00,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
[2009/06/02 06:14:46 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\http.sys
[2009/06/02 06:14:46 | 00,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2009/06/02 06:14:46 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscript.exe
[2009/06/02 06:14:46 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2009/06/02 06:14:46 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll
[2009/06/02 06:14:46 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ulib.dll
[2009/06/02 06:14:46 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\srvnet.sys
[2009/06/02 06:14:46 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL
[2009/06/02 06:14:46 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsmsext.dll
[2009/06/02 06:14:46 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
[2009/06/02 06:14:46 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2009/06/02 06:14:45 | 01,575,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL
[2009/06/02 06:14:45 | 01,342,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcpl.dll
[2009/06/02 06:14:45 | 00,759,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsecsnp.dll
[2009/06/02 06:14:45 | 00,514,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansvc.dll
[2009/06/02 06:14:45 | 00,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsdyn.dll
[2009/06/02 06:14:45 | 00,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2009/06/02 06:14:45 | 00,286,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll
[2009/06/02 06:14:45 | 00,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2009/06/02 06:14:45 | 00,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll
[2009/06/02 06:14:45 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2009/06/02 06:14:45 | 00,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpsetup.dll
[2009/06/02 06:14:45 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2009/06/02 06:14:45 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2009/06/02 06:14:45 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb20.sys
[2009/06/02 06:14:45 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll
[2009/06/02 06:14:45 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashlpr.dll
[2009/06/02 06:14:45 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastapi.dll
[2009/06/02 06:14:45 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscsvc.dll
[2009/06/02 06:14:45 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2009/06/02 06:14:45 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdProxy.dll
[2009/06/02 06:14:44 | 02,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2009/06/02 06:14:44 | 01,580,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2009/06/02 06:14:44 | 00,342,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\zipfldr.dll
[2009/06/02 06:14:44 | 00,233,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webcheck.dll
[2009/06/02 06:14:44 | 00,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2009/06/02 06:14:44 | 00,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2009/06/02 06:14:44 | 00,155,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2009/06/02 06:14:44 | 00,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2009/06/02 06:14:44 | 00,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regsvc.dll
[2009/06/02 06:14:44 | 00,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshext.dll
[2009/06/02 06:14:44 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2009/06/02 06:14:43 | 00,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2009/06/02 06:14:43 | 00,825,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdlg.dll
[2009/06/02 06:14:43 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassvcs.dll
[2009/06/02 06:14:42 | 01,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2009/06/02 06:14:42 | 00,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2009/06/02 06:14:42 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshom.ocx
[2009/06/02 06:14:42 | 00,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srvsvc.dll
[2009/06/02 06:14:42 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2009/06/02 06:14:42 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbehci.sys
[2009/06/02 06:14:42 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[2009/06/02 06:14:42 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uxsms.dll
[2009/06/02 06:14:41 | 03,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2009/06/02 06:14:41 | 01,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2009/06/02 06:14:41 | 00,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcc.dll
[2009/06/02 06:14:41 | 00,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2009/06/02 06:14:41 | 00,678,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstsc.exe
[2009/06/02 06:14:41 | 00,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2009/06/02 06:14:41 | 00,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll
[2009/06/02 06:14:41 | 00,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2009/06/02 06:14:41 | 00,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll
[2009/06/02 06:14:41 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll
[2009/06/02 06:14:41 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstlsapi.dll
[2009/06/02 06:14:41 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2009/06/02 06:14:41 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2009/06/02 06:14:41 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsbyuv.dll
[2009/06/02 06:14:40 | 02,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2009/06/02 06:14:40 | 01,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2009/06/02 06:14:40 | 01,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2009/06/02 06:14:40 | 00,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2009/06/02 06:14:40 | 00,615,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themeui.dll
[2009/06/02 06:14:40 | 00,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcaui.dll
[2009/06/02 06:14:40 | 00,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3svc.dll
[2009/06/02 06:14:40 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authz.dll
[2009/06/02 06:14:40 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.exe
[2009/06/02 06:14:40 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll
[2009/06/02 06:14:40 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\kbdhid.sys
[2009/06/02 06:14:39 | 01,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2009/06/02 06:14:39 | 01,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2009/06/02 06:14:39 | 00,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2009/06/02 06:14:39 | 00,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2009/06/02 06:14:39 | 00,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2009/06/02 06:14:39 | 00,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2009/06/02 06:14:39 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pintlgnt.ime
[2009/06/02 06:14:39 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll
[2009/06/02 06:14:39 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmci.dll
[2009/06/02 06:14:38 | 00,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcao.dll
[2009/06/02 06:14:38 | 00,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2009/06/02 06:14:38 | 00,306,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scesrv.dll
[2009/06/02 06:14:38 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2009/06/02 06:14:38 | 00,242,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tapisrv.dll
[2009/06/02 06:14:38 | 00,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scksp.dll
[2009/06/02 06:14:38 | 00,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\exfat.sys
[2009/06/02 06:14:38 | 00,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2009/06/02 06:14:38 | 00,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2009/06/02 06:14:38 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll
[2009/06/02 06:14:38 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleprn.dll
[2009/06/02 06:14:38 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2009/06/02 06:14:38 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll
[2009/06/02 06:14:38 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regapi.dll
[2009/06/02 06:14:38 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll
[2009/06/02 06:14:37 | 01,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl
[2009/06/02 06:14:37 | 01,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2009/06/02 06:14:37 | 01,102,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmsys.cpl
[2009/06/02 06:14:37 | 00,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasgcw.dll
[2009/06/02 06:14:37 | 00,542,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpui.dll
[2009/06/02 06:14:37 | 00,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2009/06/02 06:14:37 | 00,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2009/06/02 06:14:37 | 00,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapimig.exe
[2009/06/02 06:14:37 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certreq.exe
[2009/06/02 06:14:37 | 00,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scecli.dll
[2009/06/02 06:14:37 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2009/06/02 06:14:37 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hdwwiz.exe
[2009/06/02 06:14:37 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rekeywiz.exe
[2009/06/02 06:14:37 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iaspolcy.dll
[2009/06/02 06:14:37 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfdisk.dll
[2009/06/02 06:14:37 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceEject.exe
[2009/06/02 06:14:37 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscisvif.dll
[2009/06/02 06:14:36 | 00,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2009/06/02 06:14:36 | 00,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdial32.dll
[2009/06/02 06:14:36 | 00,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2009/06/02 06:14:36 | 00,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasplap.dll
[2009/06/02 06:14:36 | 00,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2009/06/02 06:14:36 | 00,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2009/06/02 06:14:36 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpmon.dll
[2009/06/02 06:14:36 | 00,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2009/06/02 06:14:36 | 00,133,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\extmgr.dll
[2009/06/02 06:14:36 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBAUDIO.sys
[2009/06/02 06:14:36 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWSD.dll
[2009/06/02 06:14:36 | 00,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2009/06/02 06:14:36 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmmon32.exe
[2009/06/02 06:14:36 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSTheme.exe
[2009/06/02 06:14:36 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\whealogr.dll
[2009/06/02 06:14:36 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2009/06/02 06:14:36 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2009/06/02 06:14:36 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwinsat.dll
[2009/06/02 06:14:35 | 01,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSVidCtl.dll
[2009/06/02 06:14:35 | 00,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL
[2009/06/02 06:14:35 | 00,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaaut.dll
[2009/06/02 06:14:35 | 00,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2009/06/02 06:14:35 | 00,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdm.tsp
[2009/06/02 06:14:35 | 00,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SnippingTool.exe
[2009/06/02 06:14:35 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\afd.sys
[2009/06/02 06:14:35 | 00,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2009/06/02 06:14:35 | 00,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdmaud.drv
[2009/06/02 06:14:35 | 00,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontext.dll
[2009/06/02 06:14:35 | 00,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SCardSvr.dll
[2009/06/02 06:14:35 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
[2009/06/02 06:14:35 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\npfs.sys
[2009/06/02 06:14:35 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpipreg.sys
[2009/06/02 06:14:34 | 02,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oobefldr.dll
[2009/06/02 06:14:34 | 00,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2009/06/02 06:14:34 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2009/06/02 06:14:34 | 00,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\modemui.dll
[2009/06/02 06:14:34 | 00,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasppp.dll
[2009/06/02 06:14:34 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmontr.dll
[2009/06/02 06:14:34 | 00,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsprop.dll
[2009/06/02 06:14:34 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\occache.dll
[2009/06/02 06:14:34 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2009/06/02 06:14:34 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdx.sys
[2009/06/02 06:14:34 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pacer.sys
[2009/06/02 06:14:34 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsroam.dll
[2009/06/02 06:14:34 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPutil.exe
[2009/06/02 06:14:33 | 06,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
[2009/06/02 06:14:33 | 00,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2009/06/02 06:14:33 | 00,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2009/06/02 06:14:33 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscandui.dll
[2009/06/02 06:14:33 | 00,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fastfat.sys
[2009/06/02 06:14:33 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlgpclnt.dll
[2009/06/02 06:14:33 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[2009/06/02 06:14:32 | 02,226,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkexplorer.dll
[2009/06/02 06:14:32 | 00,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2009/06/02 06:14:32 | 00,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2009/06/02 06:14:32 | 00,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netplwiz.dll
[2009/06/02 06:14:32 | 00,178,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\credui.dll
[2009/06/02 06:14:32 | 00,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDMon.dll
[2009/06/02 06:14:32 | 00,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcsvc.dll
[2009/06/02 06:14:32 | 00,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2009/06/02 06:14:32 | 00,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2009/06/02 06:14:32 | 00,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\smss.exe
[2009/06/02 06:14:32 | 00,062,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ohci1394.sys
[2009/06/02 06:14:32 | 00,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cipher.exe
[2009/06/02 06:14:32 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certprop.dll
[2009/06/02 06:14:32 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifmon.dll
[2009/06/02 06:14:32 | 00,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009/06/02 06:14:31 | 00,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2009/06/02 06:14:31 | 00,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
[2009/06/02 06:14:31 | 00,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll
[2009/06/02 06:14:31 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2009/06/02 06:14:31 | 00,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpresult.exe
[2009/06/02 06:14:31 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2009/06/02 06:14:31 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2009/06/02 06:14:31 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys
[2009/06/02 06:14:31 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll
[2009/06/02 06:14:30 | 00,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2009/06/02 06:14:30 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\softkbd.dll
[2009/06/02 06:14:30 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfui.dll
[2009/06/02 06:14:30 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sendmail.dll
[2009/06/02 06:14:30 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\smb.sys
[2009/06/02 06:14:29 | 00,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2009/06/02 06:14:29 | 00,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\udfs.sys
[2009/06/02 06:14:29 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2009/06/02 06:14:29 | 00,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2009/06/02 06:14:29 | 00,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiapi.dll
[2009/06/02 06:14:29 | 00,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmsynth.dll
[2009/06/02 06:14:29 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprapi.dll
[2009/06/02 06:14:29 | 00,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll
[2009/06/02 06:14:29 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2009/06/02 06:14:29 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshbth.dll
[2009/06/02 06:14:29 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2009/06/02 06:14:29 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2009/06/02 06:14:29 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\version.dll
[2009/06/02 06:14:29 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidusb.sys
[2009/06/02 06:14:28 | 00,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe
[2009/06/02 06:14:28 | 00,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdpwd.sys
[2009/06/02 06:14:28 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tintlgnt.ime
[2009/06/02 06:14:28 | 00,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ndiswan.sys
[2009/06/02 06:14:28 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmusic.dll
[2009/06/02 06:14:28 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2009/06/02 06:14:28 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdSSDP.dll
[2009/06/02 06:14:28 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll
[2009/06/02 06:14:28 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2009/06/02 06:14:28 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fc.exe
[2009/06/02 06:14:28 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
[2009/06/02 06:14:28 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msisip.dll
[2009/06/02 06:14:27 | 00,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2009/06/02 06:14:27 | 00,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2009/06/02 06:14:27 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2009/06/02 06:14:27 | 00,083,456 | ---- | C] (Microsoft) -- C:\Windows\System32\SMBHelperClass.dll
[2009/06/02 06:14:27 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2009/06/02 06:14:27 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2nacp.dll
[2009/06/02 06:14:27 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthci.dll
[2009/06/02 06:14:27 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2009/06/02 06:14:27 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjint40.dll
[2009/06/02 06:14:27 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscdll.dll
[2009/06/02 06:14:27 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll
[2009/06/02 06:14:26 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2009/06/02 06:14:26 | 00,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappcfg.dll
[2009/06/02 06:14:26 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2009/06/02 06:14:26 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2009/06/02 06:14:26 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll
[2009/06/02 06:14:26 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rassstp.sys
[2009/06/02 06:14:26 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscupgrd.exe
[2009/06/02 06:14:26 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Storprop.dll
[2009/06/02 06:14:26 | 00,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll
[2009/06/02 06:14:26 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2009/06/02 06:14:26 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2009/06/02 06:14:26 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll
[2009/06/02 06:14:26 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll
[2009/06/02 06:14:26 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthudtask.exe
[2009/06/02 06:14:26 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipconfig.exe
[2009/06/02 06:14:26 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdial.exe
[2009/06/02 06:14:26 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CHxReadingStringIME.dll
[2009/06/02 06:14:25 | 00,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\nwifi.sys
[2009/06/02 06:14:25 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2009/06/02 06:14:25 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dfsc.sys
[2009/06/02 06:14:25 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssoc.dll
[2009/06/02 06:14:25 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\cdrom.sys
[2009/06/02 06:14:25 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2009/06/02 06:14:25 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2009/06/02 06:14:25 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2009/06/02 06:14:25 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2009/06/02 06:14:25 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2009/06/02 06:14:25 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
[2009/06/02 06:14:25 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2009/06/02 06:14:25 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msacm32.drv
[2009/06/02 06:14:25 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcico.dll
[2009/06/02 06:14:24 | 00,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrstub.exe
[2009/06/02 06:14:24 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cbsra.exe
[2009/06/02 06:14:24 | 00,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2009/06/02 06:14:24 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsigd.dll
[2009/06/02 06:14:24 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpupdate.exe
[2009/06/02 06:14:24 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsilog.dll
[2009/06/02 06:14:23 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys
[2009/06/02 06:14:23 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2009/06/02 06:14:23 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NcdProp.dll
[2009/06/02 06:14:23 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll
[2009/06/02 06:14:22 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrnr.dll
[2009/06/02 06:14:22 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2009/06/02 06:14:22 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\midimap.dll
[2009/06/02 06:14:22 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetppui.dll
[2009/06/02 06:14:22 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2009/06/02 06:14:22 | 00,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2009/06/02 06:14:21 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\bridge.sys
[2009/06/02 06:14:21 | 00,052,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys
[2009/06/02 06:14:21 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
[2009/06/02 06:14:21 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbohci.sys
[2009/06/02 06:14:20 | 08,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2009/06/02 06:14:20 | 00,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2009/06/02 06:14:20 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\raspppoe.sys
[2009/06/02 06:14:20 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2009/06/02 06:14:20 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2009/06/02 06:14:20 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
[2009/06/02 06:14:20 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2009/06/02 06:14:20 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2009/06/02 06:14:19 | 01,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009/06/02 06:14:19 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimsg.dll
[2009/06/02 06:14:19 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2009/06/02 06:14:16 | 00,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2009/06/02 06:14:04 | 00,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2009/06/02 06:14:01 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2009/06/02 06:14:01 | 00,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2009/06/02 06:13:51 | 00,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2009/06/02 01:47:05 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2009/06/02 01:30:56 | 00,000,854 | ---- | C] () -- C:\Users\Mom\Desktop\Licking Dog Screen Clean Screensaver.lnk
[2009/06/02 01:30:55 | 00,000,000 | ---D | C] -- C:\Program Files\Nuganics
[2009/06/02 01:30:54 | 01,807,938 | ---- | C] (Axialis Software) -- C:\Windows\System32\Licking Dog Screen Clean.scr
[2009/05/28 06:50:32 | 00,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2008/12/16 21:58:54 | 00,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2008/12/16 21:50:56 | 00,013,584 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLgFT.dll
[2008/09/19 16:57:34 | 03,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/09/19 16:55:10 | 00,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest
[2008/09/19 16:55:10 | 00,000,416 | ---- | C] () -- C:\Windows\System32\dpl100.dll.manifest
[2008/09/19 16:54:18 | 00,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2007/12/16 22:52:58 | 00,000,915 | ---- | C] () -- C:\Windows\ARTWORKS.INI
[2007/12/14 22:41:35 | 00,011,776 | ---- | C] () -- C:\Windows\System32\pmsbfn32.dll
[2007/12/14 22:39:57 | 00,000,412 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2007/08/13 19:43:21 | 00,000,097 | ---- | C] () -- C:\Windows\WININIT.INI
[2007/08/12 19:50:14 | 02,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2007/08/09 22:40:46 | 00,000,092 | ---- | C] () -- C:\Windows\lexstat.ini
[2007/08/09 22:40:24 | 00,040,960 | ---- | C] () -- C:\Windows\System32\lxbrvs.dll
[2007/07/17 18:16:07 | 00,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini
[2007/07/17 18:16:07 | 00,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini
[2007/05/11 17:27:58 | 02,107,808 | ---- | C] () -- C:\Windows\System32\drivers\Lvckap.sys
[2007/05/11 16:12:54 | 00,057,126 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2007/03/05 13:34:28 | 00,676,224 | ---- | C] () -- C:\Windows\System32\OGACheckControl.DLL
[2006/11/16 13:20:38 | 00,266,240 | ---- | C] () -- C:\Windows\System32\NotesExtmngr.dll
[2006/11/16 13:20:20 | 00,200,704 | ---- | C] () -- C:\Windows\System32\NotesActnMenu.dll
[2006/11/16 13:20:10 | 00,086,016 | ---- | C] () -- C:\Windows\System32\MSNSpook.dll
[2006/11/16 13:19:10 | 00,037,376 | ---- | C] () -- C:\Windows\System32\MSNChatHook.dll
[2006/11/16 13:19:04 | 00,123,904 | ---- | C] () -- C:\Windows\System32\BatchCrypto.dll
[2006/11/16 13:18:58 | 00,073,728 | ---- | C] () -- C:\Windows\System32\APISlice.dll
[2006/11/16 13:18:50 | 00,063,488 | ---- | C] () -- C:\Windows\System32\ShowErrMsg.dll
[2006/11/16 13:18:06 | 00,022,016 | ---- | C] () -- C:\Windows\System32\MailFormat_U.dll
[2006/11/02 07:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:23:31 | 00,000,291 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 05:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 02:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/01/06 23:51:38 | 00,331,776 | ---- | C] () -- C:\Windows\System32\ScrollBarLib.dll
[2006/01/06 23:51:35 | 00,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll
[2006/01/06 23:40:58 | 00,013,952 | ---- | C] () -- C:\Windows\System32\drivers\UBHelper.sys
[2006/01/06 23:15:58 | 00,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2006/01/06 22:07:26 | 00,000,985 | ---- | C] () -- C:\Windows\generic.ini
[2006/01/06 22:07:26 | 00,000,095 | ---- | C] () -- C:\Windows\Alaunch.ini
[2003/02/12 09:12:54 | 00,000,181 | ---- | C] () -- C:\Windows\System32\lxbrcoin.ini
[2001/12/26 18:12:30 | 00,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/09/04 01:46:38 | 00,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 18:33:56 | 00,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/24 00:04:36 | 00,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll

========== Files - Modified Within 30 Days ==========

[2009/06/20 07:43:53 | 00,501,760 | ---- | M] (OldTimer Tools) -- C:\Users\Mom\Desktop\OTL.exe
[2009/06/20 07:40:35 | 00,170,711 | ---- | M] (Eric_71) -- C:\Users\Mom\Desktop\Rooter.exe
[2009/06/20 06:37:16 | 00,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/06/20 06:37:16 | 00,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/06/20 04:43:09 | 00,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/06/20 04:43:09 | 00,595,446 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/06/20 04:43:09 | 00,101,144 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/06/20 04:39:49 | 00,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2009/06/20 04:39:38 | 37,301,995 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2009/06/20 04:39:38 | 00,083,717 | ---- | M] () -- C:\Windows\System32\drivers\Avg\microavi.avg
[2009/06/20 04:37:29 | 00,000,222 | ---- | M] () -- C:\Windows\tasks\PersonalAV.job
[2009/06/20 04:37:17 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/06/20 04:37:14 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/06/20 04:37:05 | 18,784,54272 | -HS- | M] () -- C:\hiberfil.sys
[2009/06/19 18:39:35 | 00,000,414 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{A249CA1C-73FF-454C-9856-BDDCA3E13548}.job
[2009/06/18 20:59:56 | 00,000,737 | ---- | M] () -- C:\Users\Mom\Desktop\NTREGOPT.lnk
[2009/06/18 20:59:56 | 00,000,718 | ---- | M] () -- C:\Users\Mom\Desktop\ERUNT.lnk
[2009/06/18 20:37:21 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\Mom\Desktop\erunt_setup.exe
[2009/06/18 20:36:18 | 00,021,504 | ---- | M] (Doug Knox) -- C:\Users\Mom\Desktop\SysRestorePoint.exe
[2009/06/18 20:35:33 | 00,264,704 | ---- | M] (OldTimer Tools) -- C:\Users\Mom\Desktop\TFC.exe
[2009/06/18 19:49:39 | 00,000,822 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/06/18 09:14:45 | 00,374,272 | ---- | M] () -- C:\Windows\System32\msxmlm.dll
[2009/06/17 11:27:56 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/06/17 11:27:44 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/06/17 09:39:04 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2009/06/12 22:59:34 | 00,001,949 | ---- | M] () -- C:\Users\Public\Desktop\Logitech QuickCam.lnk
[2009/06/12 08:28:48 | 00,327,688 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2009/06/12 03:23:20 | 01,713,824 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/06/08 15:59:44 | 00,036,031 | ---- | M] () -- C:\Users\Mom\Documents\RecipeID=1.pdf
[2009/06/02 01:30:56 | 00,000,854 | ---- | M] () -- C:\Users\Mom\Desktop\Licking Dog Screen Clean Screensaver.lnk
[2009/06/02 01:30:54 | 01,807,938 | ---- | M] (Axialis Software) -- C:\Windows\System32\Licking Dog Screen Clean.scr
[2009/06/01 11:51:12 | 23,635,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mrt.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 229 bytes -> C:\ProgramData\TEMP:E392F409
@Alternate Data Stream - 229 bytes -> C:\ProgramData\TEMP:43C9D140
@Alternate Data Stream - 228 bytes -> C:\ProgramData\TEMP:41D1C7CB
@Alternate Data Stream - 227 bytes -> C:\ProgramData\TEMP:F44D3C53
@Alternate Data Stream - 226 bytes -> C:\ProgramData\TEMP:614F17D3
@Alternate Data Stream - 225 bytes -> C:\ProgramData\TEMP:E07EA07E
@Alternate Data Stream - 225 bytes -> C:\ProgramData\TEMP:18BCE9F1
@Alternate Data Stream - 218 bytes -> C:\ProgramData\TEMP:E1D6C864
@Alternate Data Stream - 218 bytes -> C:\ProgramData\TEMP:1F67CD26
@Alternate Data Stream - 217 bytes -> C:\ProgramData\TEMP:322D2CD3
@Alternate Data Stream - 212 bytes -> C:\ProgramData\TEMP:C7F5E798
@Alternate Data Stream - 211 bytes -> C:\ProgramData\TEMP:FC2E567F
@Alternate Data Stream - 211 bytes -> C:\ProgramData\TEMP:8944C195
@Alternate Data Stream - 208 bytes -> C:\ProgramData\TEMP:A3B8F70C
@Alternate Data Stream - 207 bytes -> C:\ProgramData\TEMP:70E897B5
@Alternate Data Stream - 207 bytes -> C:\ProgramData\TEMP:2D0DFF22
@Alternate Data Stream - 207 bytes -> C:\ProgramData\TEMP:0C988F7D
@Alternate Data Stream - 206 bytes -> C:\ProgramData\TEMP:86148D88
@Alternate Data Stream - 204 bytes -> C:\ProgramData\TEMP:11E79CC9
@Alternate Data Stream - 203 bytes -> C:\ProgramData\TEMP:73CF0D7D
@Alternate Data Stream - 201 bytes -> C:\ProgramData\TEMP:CDBCA11D
@Alternate Data Stream - 201 bytes -> C:\ProgramData\TEMP:1CAF6B12
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:D6CA39B5
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:8E783B8E
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:B80659FA
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:0778CBF2
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:1EE79287
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:C5901F6D
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:58C9BCAC
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:3C66B20F
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:1451DA58
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:AF54CFFD
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:BC38C00C
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:28476D43
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:89A5891E
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:F2958F3A
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:4AA2F6A9
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:A8DAF782
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:BD13A410
< End of report >
  • 0

#4
nannyjoat
Posted 20 June 2009 - 06:59 AM

nannyjoat

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
The extras file from OTL

OTL Extras logfile created on: 6/20/2009 7:49:35 AM - Run 1
OTL by OldTimer - Version 2.1.1.0 Folder = C:\Users\Mom\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.75 Gb Total Physical Memory | 0.84 Gb Available Physical Memory | 48.23% Memory free
3.74 Gb Paging File | 2.23 Gb Available in Paging File | 59.53% Paging File free
Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 145.80 Gb Total Space | 71.18 Gb Free Space | 48.82% Space Free | Partition Type: NTFS
Drive D: | 145.46 Gb Total Space | 145.36 Gb Free Space | 99.94% Space Free | Partition Type: NTFS
Drive E: | 284.43 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MOM-PC
Current User Name: Mom
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] --
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
Reg Error: Unknown registry data type File not found
Reg Error: Unknown registry data type File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile
"DisableNotifications" = 0
"EnableFirewall" = 1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"DisableNotifications" = 0
"EnableFirewall" = 1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile
"DisableNotifications" = 0
"EnableFirewall" = 1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\GloballyOpenPorts\List

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu (Acer Inc.)
C:\Acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption (HiTRUST)
C:\Acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption (HiTRUST)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

{121F632C-53E5-4C51-8C90-3D2F545FBDDE} = RPORT=1900 | PROTOCOL=17 | DIR=OUT | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=SSDPSRV |
{18629FF5-B57C-4C05-B9AA-34059DF3FBA0} = RPORT=10243 | PROTOCOL=6 | DIR=OUT | APP=SYSTEM |
{1F268E9A-632E-4ECE-B310-877E8B96F688} = LPORT=6004 | PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE12\OUTLOOK.EXE |
{457C6A29-A4A3-4A96-A2CB-8159846DF42C} = RPORT=2177 | PROTOCOL=17 | DIR=OUT | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=QWAVE |
{52D2CEF9-A532-492F-8E45-C13E6F6A7487} = LPORT=50900 | PROTOCOL=6 | DIR=IN | NAME=ADOBE VERSION CUE CS3 SERVER |
{5945BEF4-6620-483B-BD15-1C100D12FE6D} = RPORT=3702 | PROTOCOL=17 | DIR=OUT | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=FDPHOST |
{5B2F0B70-0D75-46EC-89BC-D9B017AFF2AD} = RPORT=1900 | PROTOCOL=17 | DIR=OUT | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=SSDPSRV |
{5C62198F-734D-42DA-A72A-A7C4E0EC1CA0} = LPORT=50901 | PROTOCOL=6 | DIR=IN | NAME=ADOBE VERSION CUE CS3 SERVER |
{62D8678F-CC32-4CA5-900D-27E12505C419} = RPORT=5355 | PROTOCOL=17 | DIR=OUT | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=DNSCACHE |
{7BFB6CBD-0570-4221-BFAD-22D5178882A8} = LPORT=2177 | PROTOCOL=17 | DIR=IN | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=QWAVE |
{7FE80894-9AD5-4D23-A3D4-6E2BB7B4C7C3} = LPORT=2869 | PROTOCOL=6 | DIR=IN | APP=SYSTEM |
{8113CD93-E6AE-44E5-92A7-CCD920861871} = LPORT=2177 | PROTOCOL=6 | DIR=IN | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=QWAVE |
{95F266B0-CFE7-44B3-9651-6113B669BE2F} = RPORT=3702 | PROTOCOL=17 | DIR=OUT | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=FDRESPUB |
{9E28681C-FFC1-4652-8FD3-8D0FD020354B} = LPORT=3703 | PROTOCOL=6 | DIR=IN | NAME=ADOBE VERSION CUE CS3 SERVER |
{A45F71C7-03E7-46E4-B6D6-1F704BF206EC} = LPORT=5355 | PROTOCOL=17 | DIR=IN | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=DNSCACHE |
{B7A8BB6B-073D-4762-A1E6-890A46709FAC} = LPORT=3702 | PROTOCOL=17 | DIR=IN | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=FDPHOST |
{C1673B8F-1597-40BD-87E6-CDF1BB8A89DD} = LPORT=10243 | PROTOCOL=6 | DIR=IN | APP=SYSTEM |
{E3DA030C-1CA0-4B0D-B69A-95FB3B32CDC1} = RPORT=2177 | PROTOCOL=6 | DIR=OUT | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=QWAVE |
{F240ED92-5135-46DF-B07C-B823AAD6DD93} = LPORT=3702 | PROTOCOL=17 | DIR=IN | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=FDRESPUB |
{F4640425-BE95-4B4B-B4B4-6467AC502456} = LPORT=3704 | PROTOCOL=6 | DIR=IN | NAME=ADOBE VERSION CUE CS3 SERVER |
{F6C04033-E2B5-4BC7-8AD8-CF5B0A41A365} = LPORT=1900 | PROTOCOL=17 | DIR=IN | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=SSDPSRV |

========== Vista Active Application Exception List ==========

{03DE0338-B9D1-4DEA-986A-80946EA0CDE7} = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\ACER ZONE\ACER ZONE SOFTDMA\SOFTDMA.EXE |
{0C764EEA-4B92-4251-88CF-A63A3B6BAC2F} = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\ACER ZONE\ACER PICTURE SLIDE DVD\COMPONENT\CLSLDVD.EXE |
{16147A6E-699F-4BDF-8602-720A66BB9AA9} = PROTOCOL=6 | DIR=OUT | APP=%PROGRAMFILES%\WINDOWS MEDIA PLAYER\WMPLAYER.EXE |
{1BA69818-EBAA-4BF9-8EDD-EF62ABFB1467} = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\LOGITECHDESKTOPMESSENGER.EXE |
{1D3D403B-9747-4475-9E6C-A46FA19D5050} = PROTOCOL=6 | DIR=OUT | APP=%PROGRAMFILES%\WINDOWS MEDIA PLAYER\WMPLAYER.EXE |
{53A085FF-2626-4C3C-836B-ADDE380587A7} = PROTOCOL=17 | DIR=IN | APP=%PROGRAMFILES%\WINDOWS MEDIA PLAYER\WMPNETWK.EXE |
{53DBA74A-093C-4270-BF2C-A9A443CAA248} = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\ACER ZONE\ACER PLUG AND RECORD\COMPONENT\ARAWP.EXE |
{5AD1825F-9781-442B-BD1E-B6E1D521830C} = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\COMMON FILES\ADOBE\ADOBE VERSION CUE CS3\SERVER\BIN\VERSIONCUECS3.EXE |
{5D96AD0A-457B-49CF-8CA8-35FDE78C63F6} = PROTOCOL=6 | DIR=OUT | APP=SYSTEM |
{606F9767-608B-402B-961F-09F4FD26CF0D} = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\ACER ZONE\ACER ZONE MAIN PAGE\MCE DELUXE SUITE.EXE |
{69E5CD57-D89E-46A5-BB98-A79C39D6EC2A} = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\ACER ZONE\ACER PLUG AND RECORD\COMPONENT\DVAX2PROCESS.EXE |
{71C7D07E-7A87-4E71-9CF0-44E60F3C19D2} = PROTOCOL=17 | DIR=OUT | APP=%PROGRAMFILES%\WINDOWS MEDIA PLAYER\WMPLAYER.EXE |
{75608FFD-D654-408B-83A6-2FFBEC1CBCBA} = PROTOCOL=17 | DIR=OUT | APP=%PROGRAMFILES%\WINDOWS MEDIA PLAYER\WMPLAYER.EXE |
{7A5CBA66-D006-4CD7-BA7B-7086872ADBC1} = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\ACER ZONE\ACER ZONE SOFTDMA\SOFTDMA.EXE |
{7F4A43AD-F74F-4AC1-8274-EA6BF5FDF386} = PROTOCOL=17 | DIR=IN | APP=%PROGRAMFILES%\WINDOWS MEDIA PLAYER\WMPLAYER.EXE |
{7F923772-2824-4977-ADEA-AA2C75730722} = PROTOCOL=6 | DIR=OUT | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=UPNPHOST |
{8691AA7C-20DB-4778-A83B-80E162510350} = PROTOCOL=6 | DIR=OUT | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=UPNPHOST |
{941869CF-A51B-4F6A-B9A8-FF9014C2D4EE} = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\LOGITECHDESKTOPMESSENGER.EXE |
{9736BFD7-DB90-4349-8810-59D7AF1A350D} = PROTOCOL=6 | DIR=IN | APP=%PROGRAMFILES%\WINDOWS MEDIA PLAYER\WMPNETWK.EXE |
{9DE2CC96-75DC-47FF-BA30-9162BE1C38CF} = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\ACER ZONE\ACER PLUG AND RECORD\COMPONENT\DVAX2PROCESS.EXE |
{A6E8071A-98F6-4011-B152-E2FF86B0039E} = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\COMMON FILES\ADOBE\ADOBE VERSION CUE CS3\SERVER\BIN\VERSIONCUECS3.EXE |
{B72072FB-56BB-43FD-9A80-9BCF8D7289E0} = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\ACER ZONE\ACER PICTURE SLIDE DVD\COMPONENT\CLSLDVD.EXE |
{B9CAA0C1-0BED-421B-850F-C71EC6D9CFC1} = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\LOGITECHDESKTOPMESSENGER.EXE |
{C6501965-D376-4E2D-918B-2BE4BDE7209D} = PROTOCOL=17 | DIR=IN | APP=%PROGRAMFILES%\WINDOWS MEDIA PLAYER\WMPLAYER.EXE |
{CCC058AA-2F4C-4604-8F3C-93811B85C4A2} = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\ACER ZONE\ACER PLUG AND RECORD\COMPONENT\ARAWP.EXE |
{D3A58C0B-33FA-4EF7-8E2B-021F6ED69E9C} = PROTOCOL=17 | DIR=OUT | APP=%PROGRAMFILES%\WINDOWS MEDIA PLAYER\WMPNETWK.EXE |
{E5C5A2D8-4585-4517-8F5F-7EE274B17E69} = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\LOGITECHDESKTOPMESSENGER.EXE |
{EF48915A-B141-4531-B43C-2E30A565378B} = DIR=IN | APP=C:\PROGRAM FILES\AVG\AVG8\AVGUPD.EXE |
{F805D548-A289-46D1-BD6F-D4F60A7C6050} = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\ACER ZONE\ACER ZONE MAIN PAGE\MCE DELUXE SUITE.EXE |
{F8193DFD-62C2-4EF5-BF0D-8F685E392F0A} = PROTOCOL=6 | DIR=OUT | APP=%PROGRAMFILES%\WINDOWS MEDIA PLAYER\WMPNETWK.EXE |
TCP Query User{24F0114D-2D01-47B4-AC8C-DA23CEECFBEE}C:\users\mom\appdata\local\microsoft\windows\temporary internet files\content.ie5\oensjuq4\wowclient-downloader[1].exe = PROTOCOL=6 | DIR=IN | APP=C:\USERS\MOM\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\OENSJUQ4\WOWCLIENT-DOWNLOADER[1].EXE |
TCP Query User{59F8CFFA-5927-4B5E-83E2-5AD5780B117C}C:\users\mom\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe = PROTOCOL=6 | DIR=IN | APP=C:\USERS\MOM\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\WWW.MACROMEDIA.COM\BIN\OCTOSHAPE\OCTOSHAPE.EXE |
UDP Query User{31C4433F-C3DB-4D49-A7EF-0B0EC28BE859}C:\users\mom\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe = PROTOCOL=17 | DIR=IN | APP=C:\USERS\MOM\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\WWW.MACROMEDIA.COM\BIN\OCTOSHAPE\OCTOSHAPE.EXE |
UDP Query User{F92B25BB-AC88-4D73-92CF-7459D1B05F8A}C:\users\mom\appdata\local\microsoft\windows\temporary internet files\content.ie5\oensjuq4\wowclient-downloader[1].exe = PROTOCOL=17 | DIR=IN | APP=C:\USERS\MOM\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\OENSJUQ4\WOWCLIENT-DOWNLOADER[1].EXE |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{0327FA9D-975C-448C-A086-577D57BB25B8}" = Adobe Soundbooth CS3 Codecs
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0DD2BDF7-EAC8-41F7-83ED-61A2D05C6235}" = Adobe Setup
"{0E4BC542-9CFD-4E97-B586-9F1E5516E7B9}" = Microsoft IntelliPoint 6.1
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX310_series" = Canon MX310 series
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}" = Adobe After Effects CS3 Presets
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{1D58229F-C505-45CA-8223-F35F3A34B963}" = Adobe Version Cue CS3 Server {ko_KR}
"{1D643CD7-4DD6-11D7-A4E0-000874180BB3}" = Microsoft Money 2004
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 11
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2CCBABCB-6427-4A55-B091-49864623C43F}" = Google Toolbar for Firefox
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}" = Adobe Flash Video Encoder
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{41581EF5-45A7-11DA-9D78-000129760D75}" = Acer Picture Slide DVD
"{485ACF57-F364-440A-8496-E1E81C8FA1AA}" = Adobe Premiere Pro CS3 Third Party Content
"{4E868D3D-6EEB-4273-926C-2287236B5B79}" = 3DVIA player 4.1
"{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}" = Adobe Premiere Pro CS3 Functional Content
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{54B2EAD9-A110-43F7-B010-2859A1BD2AFE}" = Adobe Encore CS3
"{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}" = Adobe Premiere Pro CS3
"{67ADE9AF-5CD9-4089-8825-55DE4B366799}" = NTI Backup NOW! 4.7
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A136B9A-1895-436F-83F8-30D9C68BB6EA}" = Rhapsody Player Engine
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B52140A-F189-4945-BFFC-DB3F00B8C589}" = Adobe Flash CS3
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73E81E9B-7319-43AD-B7CC-1C61405E5089}" = Adobe After Effects CS3 Template Projects & Footage
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7ACFB90E-8FD0-4397-AD3A-5195412623A3}" = Adobe Help Viewer CS3
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}" = Adobe Dreamweaver CS3
"{7DFC1012-D346-46CE-B03E-FF79125AE029}" = Adobe Fireworks CS3
"{7ECEF10B-F1C2-4FD5-861F-A3FCB4653304}" = Adobe After Effects CS3 Third Party Content
"{83d96ed0-98aa-4515-8ddc-816f3efdd104}" = DB CIF Cam
"{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}" = Adobe Video Profiles
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C64E145-54BA-11D6-91B1-00500462BE80}" = Microsoft Money 2004 System Pack
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{92A300C0-E97B-48CC-9702-AB1AAED167E1}" = Adobe Soundbooth CS3 Scores
"{937B232D-9776-471E-92BD-D424E514EF14}" = Logitech QuickCam
"{94389919-B0AA-4882-9BE8-9F0B004ECA35}" = Acer Tour
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{96ABF4E1-1489-4B84-B3CB-82E010247D73}" = Adobe Creative Suite 3 Master Collection
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A6B23EFA-6590-482C-A11F-5ACE1B91F5B9}" = Adobe Soundbooth CS3
"{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = Acer Zone SoftDMA
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-0000-7760-000000000003}" = Adobe Acrobat 8 Professional
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{AEEAE013-92F1-4515-B278-139F1A692A35}" = Acer eDataSecurity Management
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B145EC69-66F5-11D8-9D75-000129760D75}" = Acer Zone MakeDisk
"{B2F3DBD9-A9D2-4838-B45D-C917DAB32BC3}" = ScanSoft OmniPage SE 4
"{B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}" = Adobe Illustrator CS2
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{B74D4E10-6884-0000-0000-000000000103}" = Adobe Bridge 1.0
"{B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931}" = Adobe Encore CS3 Codecs
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}" = Pivot Stickfigure Animator
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C73A3AB4-99A4-45E5-B77F-09A3065E0D6A}" = Microsoft IntelliType Pro 6.1
"{CB3F8375-B600-4B9F-83C9-238ED1E583FD}" = Adobe InDesign CS3
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}" = Presto! PageManager 7.15.16
"{D462BF9E-0C35-4705-BF9B-3DF9F3816643}" = Acer ePerformance Management
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe 1.4.124.1
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EB0202F7-016A-410C-ADE4-40F848CCC661}" = Adobe After Effects CS3
"{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}" = Adobe Stock Photos 1.0
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Zone Main Page
"{F08E8D2E-F132-4742-9C87-D5FF223A016A}" = Adobe Illustrator CS3
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1D93F5B-881F-49E3-BA56-B4B8FA991059}" = Adobe Encore CS3 Library
"{F6EFFB76-4A07-11DA-9D78-000129760D75}" = Acer Plug and Record
"{F79A208D-D929-11D9-9D77-000129760D75}" = Acer Zone MagicDirector
"{FC9E08AA-CD59-4C59-BEF9-87E05B9E37D7}" = Adobe Contribute CS3
"4 Elements" = 4 Elements
"Acer Assist" = Acer Assist
"Acer Registration" = Acer Registration
"Adobe Acrobat 8 Professional" = Adobe Acrobat 8.1.3 Professional
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Illustrator CS2" = Adobe Illustrator CS2
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Adobe_e7e6bb3ae60aaa1c5b11aa97d8f15b0" = Add or Remove Adobe Creative Suite 3 Master Collection
"ancientsecrets" = Ancient Secrets
"Atlantis - Sky Patrol" = Atlantis - Sky Patrol
"AVG8Uninstall" = AVG Free 8.5
"Azkend" = Azkend
"aztecball" = Aztec Ball
"bejeweledtwisttm" = Bejeweled Twist™
"BFG-4 Elements" = 4 Elements
"BFG-7 Wonders - Treasures of Seven" = 7 Wonders: Treasures of Seven
"BFG-Amazonia" = Amazonia
"BFG-Ancient Mosaic" = Ancient Mosaic
"BFG-Atlantis Sky Patrol" = Atlantis Sky Patrol&trade;
"BFG-Azada" = Azada ™
"BFG-Azada - Ancient Magic" = Azada ™: Ancient Magic
"BFG-Ballhalla" = Ballhalla
"BFG-Bubble Town" = Bubble Town
"BFG-Burdaloo" = Burdaloo
"BFGC" = Big Fish Games Client
"BFG-Call of Atlantis" = Call of Atlantis
"BFG-Charma - The Land of Enchantment" = Charma: The Land of Enchantment
"BFG-Chromentum 2" = Chromentum 2
"BFG-Conga Bugs" = Conga Bugs
"BFG-DragonStone" = DragonStone
"BFG-Elements" = Elements
"BFG-Elias the Mighty" = Elias the Mighty
"BFG-Fairy Jewels 2" = Fairy Jewels 2
"BFG-Floating Kingdoms" = Floating Kingdoms ™
"BFG-Glyph 2" = Glyph 2
"BFG-Hexalot" = Hexalot
"BFG-Legend of Ali Baba" = Legend of Ali Baba
"BFG-Liong - The Lost Amulets" = Liong: The Lost Amulets
"BFG-LUXOR - Quest for the Afterlife" = Luxor: Quest for the Afterlife
"BFG-Luxor Amun Rising" = Luxor Amun Rising
"BFG-Magic Encyclopedia" = Magic Encyclopedia
"BFG-Marblez" = Marblez
"BFG-Mosaic Tomb of Mystery" = Mosaic Tomb of Mystery
"BFG-Mystery of Shark Island" = Mystery of Shark Island
"BFG-Mythic Marbles" = Mythic Marbles
"BFG-Peggle Nights" = Peggle Nights
"BFG-Rainbow Ruffle" = Rainbow Ruffle
"BFG-The Pini Society" = The Pini Society
"BFG-Tile Quest" = Tile Quest
"BFG-Totem Quest" = Totem Quest
"BFG-Unwell Mel" = Unwell Mel ™
"BFG-Zenerchi" = Zenerchi
"Canon MX310 series User Registration" = Canon MX310 series User Registration
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"cosmicstacker" = Cosmic Stacker
"Diamond Drop 2" = Diamond Drop 2
"Dream Chronicles 2" = Dream Chronicles 2
"Dream Chronicles™ 2 - The Eternal Maze" = Dream Chronicles™ 2 - The Eternal Maze
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Elements" = Elements
"ERUNT_is1" = ERUNT 1.1j
"Fireworks Extravaganza" = Fireworks Extravaganza
"Fishing Craze" = Fishing Craze
"Globey - On the Roll!" = Globey - On the Roll!
"Gold Rush - Treasure Hunt" = Gold Rush - Treasure Hunt
"Google Updater" = Google Updater
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"Jewels of Cleopatra" = Jewels of Cleopatra
"legacyqcam_11.00" = Logitech Legacy USB Camera Driver Package
"Lexmark 3100 Series" = Lexmark 3100 Series
"Licking Dog Screen Clean Screensaver" = Licking Dog Screen Clean Screensaver
"Liong - The Dragon Dance" = Liong - The Dragon Dance
"Luxor 3" = Luxor 3
"lvdrivers_11.90" = Logitech QuickCam Driver Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Monster Mash" = Monster Mash
"Mozilla Firefox (3.0.11)" = Mozilla Firefox (3.0.11)
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"Mystery of Shark Island" = Mystery of Shark Island
"Neopets" = Neopets
"NVIDIA Drivers" = NVIDIA Drivers
"pharaohssecret" = Pharaoh's Secret
"PROR" = Microsoft Office Professional 2007
"Rainbow Web 2" = Rainbow Web 2
"RealArcade" = RealArcade
"RealPlayer 6.0" = RealPlayer
"Saqqarah" = Saqqarah
"Svetlograd" = Svetlograd
"SystemRequirementsLab" = System Requirements Lab
"The Great Tree" = The Great Tree
"The Legend of El Dorado" = The Legend of El Dorado
"Tropix" = Tropix
"Tumblebugs 2" = Tumblebugs 2
"VLC media player" = VLC media player 0.9.8a

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Circuit Construction Kit" = Circuit Construction Kit
"FileZilla Client" = FileZilla Client 3.2.2
"Move Media Player" = Move Media Player
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
"World of Warcraft Trial" = World of Warcraft Trial

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 6/2/2009 7:37:49 AM | Computer Name = Mom-PC | Source = ESENT | ID = 215
Description = WinMail (4076) WindowsMail0: The backup has been stopped because it
was halted by the client or the connection with the client failed.

Error - 6/2/2009 6:01:33 PM | Computer Name = Mom-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 7.0.6002.18005 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1694 Start Time: 01c9e3cd9bf0607e Termination Time: 17

Error - 6/7/2009 7:38:45 PM | Computer Name = Mom-PC | Source = MsiInstaller | ID = 10005
Description =

Error - 6/7/2009 8:00:25 PM | Computer Name = Mom-PC | Source = MsiInstaller | ID = 10005
Description =

Error - 6/8/2009 11:32:16 AM | Computer Name = Mom-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6002.18005, time stamp
0x49e01e78, faulting module ntdll.dll, version 6.0.6002.18005, time stamp 0x49e03821,
exception code 0xc0000374, fault offset 0x000afaf8, process id 0x16e8, application
start time 0x01c9e83a853d7ce6.

Error - 6/12/2009 9:28:09 AM | Computer Name = Mom-PC | Source = VSS | ID = 8194
Description =

Error - 6/12/2009 9:29:07 AM | Computer Name = Mom-PC | Source = VSS | ID = 8194
Description =

Error - 6/15/2009 9:59:39 PM | Computer Name = Mom-PC | Source = Application Error | ID = 1000
Description = Faulting application Acrobat.exe, version 8.1.0.137, time stamp 0x46444c82,
faulting module Acrobat.dll, version 8.1.3.187, time stamp 0x48f5acdc, exception
code 0xc0000005, fault offset 0x0001e64d, process id 0x2be4, application start time
0x01c9ee24bb0bdd00.

Error - 6/17/2009 10:38:11 AM | Computer Name = Mom-PC | Source = VSS | ID = 8194
Description =

Error - 6/17/2009 10:39:36 AM | Computer Name = Mom-PC | Source = VSS | ID = 8194
Description =

[ System Events ]
Error - 6/18/2009 1:52:35 PM | Computer Name = Mom-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 9:33:28 AM on 6/18/2009 was unexpected.

Error - 6/18/2009 3:36:20 PM | Computer Name = Mom-PC | Source = Print | ID = 19
Description = The print spooler failed to share printer PageManager PDF Writer with
shared resource name PageManager PDF Writer. Error 2114. The printer cannot be
used by others on the network.

Error - 6/18/2009 3:37:03 PM | Computer Name = Mom-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 6/18/2009 6:44:23 PM | Computer Name = Mom-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 6/18/2009 9:01:32 PM | Computer Name = Mom-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 6/18/2009 9:05:53 PM | Computer Name = Mom-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 6/18/2009 9:51:16 PM | Computer Name = Mom-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 6/18/2009 9:57:49 PM | Computer Name = Mom-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 6/19/2009 7:22:11 PM | Computer Name = Mom-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 6/20/2009 5:37:47 AM | Computer Name = Mom-PC | Source = Service Control Manager | ID = 7026
Description =


< End of report >
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Forum
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP