hotmail alert "you can't proxy across different primary domain
Started by
moore44
, Feb 13 2012 01:17 PM
-
This topic is locked
#1
Posted 13 February 2012 - 01:17 PM
moore44
-
- Member
-
- 18 posts
Member
#2
Posted 13 February 2012 - 02:54 PM
moore44
- Topic Starter
-
- Member
-
- 18 posts
Member
Also, only if I click on "account" & then I click on "windows live" or "hotmail" icons on the account page, I get the following message:
This is probably not the site you are looking for!
You attempted to reach by171w.bay171.mail.live.com, but instead you actually reached a server identifying itself as mail.live.com. This may be caused by a misconfiguration on the server or by something more serious. An attacker on your network could be trying to get you to visit a fake (and potentially harmful) version of by171w.bay171.mail.live.com. You should not proceed.
I changed my hotmail password, but the problem still existed. I can't close my email, at least not for the time being. So, really need your help with this. Thanx in advance.
This is probably not the site you are looking for!
You attempted to reach by171w.bay171.mail.live.com, but instead you actually reached a server identifying itself as mail.live.com. This may be caused by a misconfiguration on the server or by something more serious. An attacker on your network could be trying to get you to visit a fake (and potentially harmful) version of by171w.bay171.mail.live.com. You should not proceed.
I changed my hotmail password, but the problem still existed. I can't close my email, at least not for the time being. So, really need your help with this. Thanx in advance.
#3
Posted 18 February 2012 - 04:24 PM
Render
-
- Malware Removal
-
- 4,195 posts
Trusted Helper
Hi and welcome to GeeksToGo! Please make sure you read all of the instructions and fixes thoroughly before continuing with them. If you have any queries or you are unsure about anything, just say and I'll help you out 
It may well be worth you printing/saving the instructions throughout the fix, so you have them to hand just in case you are unable to access this site.
Please note:
If you have since resolved the original problem you were having, I would appreciate you letting me know. If not please perform the following steps below so I can have a look at the current condition of your machine.
How to add an attachment to a new topic or reply
It may well be worth you printing/saving the instructions throughout the fix, so you have them to hand just in case you are unable to access this site.
Please note:
- Remember to post your logs, not attach them. So, any logs from any programs we run, should be just 'copied & pasted' into your reply.
- Please only run the tools that I request. I know malware can be frustrating but running other tools in the meantime and between posts, only makes it harder for us to analyse and fix your PC in the long run.
- Please subscribe to this topic if you have not already done so. Please check back just in case, as the email system can fail at times.
- Just because your machine is running better does not mean it is completely cleaned. Please wait for the 'all clear' from me to say when we are done.
- Please reply within 3 days to be fair to other people asking for help.
- Please tell me if you have your original Windows CD/DVD available
- When in doubt, please stop and ask first. There's no harm in asking questions!
If you have since resolved the original problem you were having, I would appreciate you letting me know. If not please perform the following steps below so I can have a look at the current condition of your machine.
- Please download aswMBR.exe to your desktop.
- Double click the aswMBR.exe to run it.
- When asked if you want to download Avast's virus definitions please select Yes.
- Click the Scan button to start scan.
- On completion of the scan click Save log, save it to your desktop and post in your next reply.
- Also on Desktop there should be a file called MBR.dat after that, zip it and then attach it here
How to add an attachment to a new topic or reply
#4
Posted 20 February 2012 - 03:49 AM
moore44
- Topic Starter
-
- Member
-
- 18 posts
Member
Hi, thank you for your reply. Actually I had to boot my DELL laptop from CD & reinstall windows vista home premium & DELL drivers & utilities as my computer failed to start. This was one day after I posted my topic. I didn't have a backup file. Once, I finished clean install, I downloaded kaspersky pure trial version. But, the problem with my hotmail still exists. Thank you for your help.
aswMBR version 0.9.9.1618 Copyright© 2011 AVAST Software
Run date: 2012-02-20 11:25:11
-----------------------------
11:25:11.717 OS Version: Windows 6.0.6000
11:25:11.717 Number of processors: 2 586 0xF0D
11:25:11.717 ComputerName: -PC UserName:
11:25:13.230 Initialize success
11:25:29.954 AVAST engine defs: 12021900
11:25:34.696 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
11:25:34.696 Disk 0 Vendor: ST916082 3.CD Size: 152627MB BusType: 3
11:25:34.712 Disk 0 MBR read successfully
11:25:34.727 Disk 0 MBR scan
11:25:34.727 Disk 0 Windows VISTA default MBR code
11:25:34.743 Disk 0 Partition 1 00 DE Dell Utility Dell 8.1 47 MB offset 63
11:25:34.774 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 149503 MB offset 96390
11:25:34.774 Disk 0 Partition - 00 0F Extended LBA 3074 MB offset 306279225
11:25:34.930 Disk 0 Partition 3 00 DD MSDOS5.0 3074 MB offset 306279288
11:25:34.977 Disk 0 scanning sectors +312576705
11:25:35.070 Disk 0 scanning C:\Windows\system32\drivers
11:26:14.523 Service scanning
11:28:02.750 Modules scanning
11:28:30.300 Disk 0 trace - called modules:
11:28:30.331 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
11:28:30.347 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8548c3f8]
11:28:30.362 3 ntkrnlpa.exe[828b07e2] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x853d9030]
11:28:37.523 AVAST engine scan C:\Windows
11:28:46.212 AVAST engine scan C:\Windows\system32
11:31:01.199 File: C:\Windows\system32\perfh009.dat **SUSPICIOUS**
11:34:20.645 AVAST engine scan C:\Windows\system32\drivers
11:35:09.005 AVAST engine scan C:\Users\Nibras
11:35:33.622 AVAST engine scan C:\ProgramData
11:46:05.065 Scan finished successfully
11:46:21.367 Disk 0 MBR has been saved successfully to "C:\Users\Nibras\Documents\MBR.dat"
11:46:21.398 The log file has been saved successfully to "C:\Users\Nibras\Documents\aswMBR.txt"
aswMBR version 0.9.9.1618 Copyright© 2011 AVAST Software
Run date: 2012-02-20 11:25:11
-----------------------------
11:25:11.717 OS Version: Windows 6.0.6000
11:25:11.717 Number of processors: 2 586 0xF0D
11:25:11.717 ComputerName: -PC UserName:
11:25:13.230 Initialize success
11:25:29.954 AVAST engine defs: 12021900
11:25:34.696 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
11:25:34.696 Disk 0 Vendor: ST916082 3.CD Size: 152627MB BusType: 3
11:25:34.712 Disk 0 MBR read successfully
11:25:34.727 Disk 0 MBR scan
11:25:34.727 Disk 0 Windows VISTA default MBR code
11:25:34.743 Disk 0 Partition 1 00 DE Dell Utility Dell 8.1 47 MB offset 63
11:25:34.774 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 149503 MB offset 96390
11:25:34.774 Disk 0 Partition - 00 0F Extended LBA 3074 MB offset 306279225
11:25:34.930 Disk 0 Partition 3 00 DD MSDOS5.0 3074 MB offset 306279288
11:25:34.977 Disk 0 scanning sectors +312576705
11:25:35.070 Disk 0 scanning C:\Windows\system32\drivers
11:26:14.523 Service scanning
11:28:02.750 Modules scanning
11:28:30.300 Disk 0 trace - called modules:
11:28:30.331 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
11:28:30.347 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8548c3f8]
11:28:30.362 3 ntkrnlpa.exe[828b07e2] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x853d9030]
11:28:37.523 AVAST engine scan C:\Windows
11:28:46.212 AVAST engine scan C:\Windows\system32
11:31:01.199 File: C:\Windows\system32\perfh009.dat **SUSPICIOUS**
11:34:20.645 AVAST engine scan C:\Windows\system32\drivers
11:35:09.005 AVAST engine scan C:\Users\Nibras
11:35:33.622 AVAST engine scan C:\ProgramData
11:46:05.065 Scan finished successfully
11:46:21.367 Disk 0 MBR has been saved successfully to "C:\Users\Nibras\Documents\MBR.dat"
11:46:21.398 The log file has been saved successfully to "C:\Users\Nibras\Documents\aswMBR.txt"
#6
Posted 20 February 2012 - 04:17 AM
Render
-
- Malware Removal
-
- 4,195 posts
Trusted Helper
Hi,
Please do the following:
OTL Custom Scan
Please do the following:
OTL Custom Scan- Download OTL to your desktop.
- Double click on the
icon to run it. - Make sure all other windows are closed and to let it run uninterrupted.
- When the window appears, underneath Output at the top, make sure Stadard output is selected.
- Select Scan all users
- Under the Extra Registry section, check Use SafeList
- Check the boxes beside LOP Check and Purity Check.
- Under the Custom Scans/Fixes box copy and paste this in:
netsvcs %SYSTEMDRIVE%\*.exe /md5start explorer.exe winlogon.exe userinit.exe svchost.exe consrv.dll /md5stop %systemroot%\*. /mp /s hklm\software\clients\startmenuinternet|command /rs hklm\software\clients\startmenuinternet|command /64 /rs CREATERESTOREPOINT
- Click the
button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic
#7
Posted 20 February 2012 - 02:10 PM
moore44
- Topic Starter
-
- Member
-
- 18 posts
Member
OTL logfile created on: 2/20/2012 9:38:43 PM - Run 2
OTL by OldTimer - Version 3.2.33.0 Folder = C:\Users\Nibrass\Downloads
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 0.83 Gb Available Physical Memory | 41.85% Memory free
4.18 Gb Paging File | 2.98 Gb Available in Paging File | 71.33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 146.00 Gb Total Space | 103.53 Gb Free Space | 70.91% Space Free | Partition Type: NTFS
Computer Name: -PC | User Name: Nibras | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/02/20 12:38:30 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Nibrass\Downloads\OTL.exe
PRC - [2012/02/19 18:28:10 | 001,006,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2012/02/17 19:04:37 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2012/02/16 11:03:34 | 000,077,824 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0\bin\jusched.exe
PRC - [2010/10/01 22:06:36 | 000,348,760 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe
PRC - [2009/12/21 17:34:38 | 000,743,992 | ---- | M] (Infowatch) -- C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
PRC - [2007/05/10 11:23:50 | 000,094,208 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/05/10 11:22:20 | 000,405,504 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
PRC - [2007/05/10 01:01:00 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe
PRC - [2007/04/27 08:34:18 | 001,123,872 | ---- | M] (Dell Inc) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2007/04/16 23:05:52 | 000,021,504 | ---- | M] (UPEK Inc.) -- C:\Program Files\Fingerprint Reader Suite\upeksvr.exe
PRC - [2007/04/16 22:55:00 | 000,053,776 | ---- | M] (UPEK Inc.) -- C:\Program Files\Fingerprint Reader Suite\psqltray.exe
PRC - [2007/04/16 16:10:26 | 000,184,320 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2007/02/12 14:38:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/02/12 14:37:58 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2006/11/05 11:22:16 | 000,221,184 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
PRC - [2006/11/05 10:55:48 | 000,010,752 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
========== Modules (No Company Name) ==========
MOD - [2010/10/01 22:05:46 | 008,972,888 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky PURE\QtGui4.dll
MOD - [2010/10/01 22:05:42 | 002,456,152 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky PURE\QtCore4.dll
MOD - [2010/10/01 21:07:46 | 000,733,184 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky PURE\localization_manager.dll
MOD - [2009/10/30 20:32:30 | 000,410,496 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky PURE\dblite.dll
MOD - [2007/04/27 08:34:24 | 000,103,968 | ---- | M] () -- C:\Program Files\Dell\QuickSet\dadkeyb.dll
MOD - [2007/04/13 15:38:22 | 000,249,856 | ---- | M] () -- C:\Windows\System32\igfxTMM.dll
MOD - [2006/11/05 10:58:44 | 000,516,096 | ---- | M] () -- C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\LayoutDll9.dll
MOD - [2006/11/05 10:28:18 | 004,587,520 | R--- | M] () -- C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll
MOD - [2006/10/26 16:21:22 | 000,056,056 | ---- | M] () -- C:\Windows\System32\DLAAPI_W.DLL
========== Win32 Services (SafeList) ==========
SRV - [2012/02/19 18:28:10 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/10/01 22:06:36 | 000,348,760 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe -- (AVP)
SRV - [2009/12/21 17:34:38 | 000,743,992 | ---- | M] (Infowatch) [Auto | Running] -- C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe -- (CSObjectsSrv)
SRV - [2007/05/10 11:23:50 | 000,094,208 | ---- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/02/12 14:38:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2004/10/22 03:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Roxio\Roxio MyDVD Premier\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
========== Driver Services (SafeList) ==========
DRV - [2012/02/17 00:05:16 | 000,311,312 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2009/12/14 12:44:24 | 000,088,632 | ---- | M] (Infowatch) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\CSCrySec.sys -- (CSCrySec)
DRV - [2009/12/14 12:44:24 | 000,039,352 | ---- | M] (Infowatch) [Kernel | System | Running] -- C:\Windows\System32\drivers\CSVirtualDiskDrv.sys -- (CSVirtualDiskDrv)
DRV - [2009/10/14 21:18:34 | 000,036,880 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\klbg.sys -- (KLBG)
DRV - [2009/10/02 19:39:36 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009/09/14 14:46:36 | 000,021,520 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2009/09/01 15:29:50 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl1.sys -- (kl1)
DRV - [2007/05/10 11:24:38 | 000,326,656 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/05/10 01:01:00 | 000,235,584 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2007/03/26 16:18:24 | 000,111,104 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV - [2007/03/05 18:45:00 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV - [2007/02/25 06:14:00 | 002,216,448 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel®
DRV - [2007/02/08 20:05:30 | 000,028,120 | ---- | M] (Roxio) [File_System | System | Running] -- C:\Windows\System32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2007/02/08 20:05:30 | 000,012,856 | ---- | M] (Roxio) [File_System | System | Running] -- C:\Windows\System32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2006/11/15 00:16:24 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/14 19:42:46 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/14 17:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006/10/26 16:22:02 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2006/10/26 16:21:34 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/10/26 16:21:34 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2006/10/26 16:21:32 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/10/26 16:21:30 | 000,026,296 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/10/26 16:21:28 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/10/26 16:21:26 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/10/26 16:21:24 | 000,104,536 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-633039371-50796907-1299236143-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-633039371-50796907-1299236143-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-633039371-50796907-1299236143-1001\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-633039371-50796907-1299236143-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky PURE\THBExt [2012/02/17 00:06:32 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe File not found
O4 - HKLM..\Run: [DELL Webcam Manager] C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PSQLLauncher] C:\Program Files\Fingerprint Reader Suite\launcher.exe (UPEK Inc.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-633039371-50796907-1299236143-1000..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{74E79831-C6B8-45C2-92E2-4206D3595410}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EB12DA28-BAD4-4767-A98A-72F09F6DDDA2}: DhcpNameServer = 192.168.1.1
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky PURE\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky PURE\kloehk.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (vrlogon.dll) - C:\Windows\System32\vrlogon.dll (UPEK Inc.)
O20 - Winlogon\Notify\klogon: DllName - (C:\Windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab)
O20 - Winlogon\Notify\psfus: DllName - (C:\Windows\system32\psqlpwd.dll) - C:\Windows\System32\psqlpwd.dll (UPEK Inc.)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{03a3798a-5831-11e1-8696-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{03a3798a-5831-11e1-8696-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autoRcd.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012/02/20 13:30:02 | 000,097,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2012/02/20 13:30:01 | 000,105,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2012/02/20 13:29:59 | 000,622,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2012/02/20 13:29:59 | 000,043,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2012/02/20 13:29:59 | 000,037,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2012/02/20 13:29:59 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2012/02/20 13:29:53 | 000,781,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2012/02/20 13:29:45 | 000,326,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2012/02/20 13:02:08 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2012/02/20 13:01:44 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2012/02/20 13:01:33 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2012/02/19 22:59:09 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/02/19 21:15:23 | 000,000,000 | ---D | C] -- C:\Users\Nibras\AppData\Roaming\WinRAR
[2012/02/19 21:15:23 | 000,000,000 | ---D | C] -- C:\Users\Nibras\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/02/19 21:15:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/02/19 21:14:35 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012/02/19 20:13:17 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2012/02/19 20:13:14 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2012/02/19 20:12:52 | 004,874,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0009.dll
[2012/02/19 20:12:51 | 002,641,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000c.dll
[2012/02/19 20:12:51 | 000,797,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2012/02/19 20:12:50 | 009,845,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000a.dll
[2012/02/19 20:12:48 | 002,597,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0001.dll
[2012/02/19 20:12:48 | 002,340,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000d.dll
[2012/02/19 20:12:48 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0027.dll
[2012/02/19 20:12:47 | 002,655,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0011.dll
[2012/02/19 20:12:47 | 002,241,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0007.dll
[2012/02/19 20:12:47 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData003e.dll
[2012/02/19 20:12:46 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0002.dll
[2012/02/19 20:12:46 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData002a.dll
[2012/02/19 20:12:46 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0022.dll
[2012/02/19 20:12:46 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0021.dll
[2012/02/19 20:12:45 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0024.dll
[2012/02/19 20:12:45 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001a.dll
[2012/02/19 20:12:45 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0018.dll
[2012/02/19 20:12:45 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000f.dll
[2012/02/19 20:12:44 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0019.dll
[2012/02/19 20:12:43 | 004,493,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0816.dll
[2012/02/19 20:12:43 | 004,493,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001d.dll
[2012/02/19 20:12:43 | 004,493,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0010.dll
[2012/02/19 20:12:42 | 003,464,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0013.dll
[2012/02/19 20:12:41 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0039.dll
[2012/02/19 20:12:40 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0049.dll
[2012/02/19 20:12:40 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0020.dll
[2012/02/19 20:12:39 | 004,493,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0416.dll
[2012/02/19 20:12:38 | 004,493,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0414.dll
[2012/02/19 20:12:37 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0047.dll
[2012/02/19 20:12:36 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004c.dll
[2012/02/19 20:12:36 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004a.dll
[2012/02/19 20:12:36 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData081a.dll
[2012/02/19 20:12:35 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0c1a.dll
[2012/02/19 20:12:35 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001b.dll
[2012/02/19 20:12:35 | 001,523,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0000.dll
[2012/02/19 20:12:34 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004e.dll
[2012/02/19 20:12:34 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004b.dll
[2012/02/19 20:12:34 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0046.dll
[2012/02/19 20:12:34 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0045.dll
[2012/02/19 20:12:33 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0026.dll
[2012/02/19 20:12:33 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0003.dll
[2012/02/19 20:12:16 | 005,071,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsModels0011.dll
[2012/02/19 20:12:15 | 006,917,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0c1a.dll
[2012/02/19 20:12:14 | 007,042,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons081a.dll
[2012/02/19 20:12:13 | 005,031,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0816.dll
[2012/02/19 20:12:12 | 005,090,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0416.dll
[2012/02/19 20:12:11 | 004,616,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0414.dll
[2012/02/19 20:12:10 | 004,093,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004c.dll
[2012/02/19 20:12:10 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004a.dll
[2012/02/19 20:12:09 | 004,045,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons003e.dll
[2012/02/19 20:12:08 | 006,224,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0027.dll
[2012/02/19 20:12:07 | 005,791,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0026.dll
[2012/02/19 20:12:06 | 007,964,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0024.dll
[2012/02/19 20:12:05 | 005,499,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0022.dll
[2012/02/19 20:12:04 | 006,346,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001d.dll
[2012/02/19 20:12:04 | 002,136,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0021.dll
[2012/02/19 20:12:03 | 006,585,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001b.dll
[2012/02/19 20:12:02 | 006,014,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001a.dll
[2012/02/19 20:11:59 | 006,781,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0019.dll
[2012/02/19 20:11:59 | 003,331,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0018.dll
[2012/02/19 20:11:58 | 004,981,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0013.dll
[2012/02/19 20:11:57 | 004,175,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0010.dll
[2012/02/19 20:11:57 | 002,466,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0011.dll
[2012/02/19 20:11:56 | 005,654,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000f.dll
[2012/02/19 20:11:55 | 006,237,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000c.dll
[2012/02/19 20:11:54 | 009,892,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000a.dll
[2012/02/19 20:11:53 | 004,164,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0002.dll
[2012/02/19 20:11:52 | 011,722,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0001.dll
[2012/02/19 20:11:50 | 001,972,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004e.dll
[2012/02/19 20:11:50 | 001,702,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004b.dll
[2012/02/19 20:11:49 | 001,808,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0046.dll
[2012/02/19 20:11:49 | 001,793,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0045.dll
[2012/02/19 20:11:49 | 001,782,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0039.dll
[2012/02/19 20:11:49 | 001,558,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0049.dll
[2012/02/19 20:11:49 | 001,411,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0047.dll
[2012/02/19 20:11:48 | 001,722,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000d.dll
[2012/02/19 20:11:48 | 001,452,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0003.dll
[2012/02/19 20:11:48 | 001,236,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0020.dll
[2012/02/19 20:11:48 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons002a.dll
[2012/02/19 19:52:48 | 001,984,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2012/02/19 19:52:46 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2012/02/19 19:52:45 | 008,138,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssBranded.scr
[2012/02/19 19:52:44 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2012/02/19 19:52:44 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.exe
[2012/02/19 19:52:44 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcmonitor.dll
[2012/02/19 19:44:30 | 000,564,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2012/02/19 19:44:30 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rascfg.dll
[2012/02/19 19:44:29 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll
[2012/02/19 19:44:29 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2012/02/19 19:44:29 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\traffic.dll
[2012/02/19 19:44:29 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmxs.dll
[2012/02/19 19:44:29 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasser.dll
[2012/02/19 19:44:29 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pacerprf.dll
[2012/02/19 19:44:29 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshqos.dll
[2012/02/19 19:44:29 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icsunattend.exe
[2012/02/19 19:44:29 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll
[2012/02/19 18:34:21 | 002,855,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2012/02/19 18:34:20 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2012/02/19 18:34:20 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2012/02/19 18:34:20 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2012/02/19 18:34:19 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2012/02/19 18:34:16 | 002,433,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2012/02/19 18:33:03 | 003,502,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/02/19 18:33:02 | 003,468,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/02/19 18:25:22 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2012/02/19 18:23:32 | 001,244,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2012/02/19 18:23:31 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2012/02/19 18:23:31 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2012/02/19 18:23:30 | 000,292,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2012/02/19 18:23:30 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2012/02/19 18:23:30 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2012/02/19 18:23:30 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2012/02/19 18:23:30 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2012/02/19 18:20:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012/02/19 18:19:01 | 000,109,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2012/02/19 18:19:01 | 000,045,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys
[2012/02/19 18:16:36 | 000,371,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2012/02/19 18:16:36 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2012/02/19 18:16:36 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srdelayed.exe
[2012/02/19 18:16:35 | 000,944,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2012/02/19 18:16:35 | 000,905,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2012/02/19 18:16:35 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2012/02/19 18:16:35 | 000,019,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2012/02/19 18:16:34 | 000,620,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2012/02/19 18:16:33 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2012/02/19 18:16:32 | 000,260,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll
[2012/02/19 18:16:32 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll
[2012/02/19 18:16:30 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\loadperf.dll
[2012/02/19 18:16:30 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lodctr.exe
[2012/02/19 18:16:30 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe
[2012/02/19 18:16:30 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prflbmsg.dll
[2012/02/19 18:16:28 | 000,035,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2012/02/19 18:16:27 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispci.dll
[2012/02/19 18:16:27 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\batt.dll
[2012/02/19 18:16:27 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
[2012/02/19 14:48:41 | 000,654,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2012/02/19 14:48:41 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2012/02/19 14:48:39 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2012/02/19 14:48:39 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2012/02/19 14:48:39 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2012/02/19 14:48:39 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2012/02/19 14:47:48 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2012/02/19 14:47:48 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2012/02/19 14:29:45 | 000,213,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2012/02/19 14:28:33 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe
[2012/02/19 14:28:33 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll
[2012/02/19 14:28:31 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll
[2012/02/19 14:28:30 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe
[2012/02/19 14:28:30 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe
[2012/02/19 14:28:28 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll
[2012/02/19 14:26:22 | 000,435,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2012/02/19 14:26:22 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2012/02/19 14:26:21 | 000,472,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2012/02/19 14:26:21 | 000,431,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2012/02/19 14:26:21 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2012/02/19 14:26:21 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2012/02/19 14:26:20 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2012/02/19 14:26:20 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2012/02/19 14:26:20 | 000,473,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2012/02/19 14:23:22 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2012/02/19 14:23:10 | 004,247,552 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2012/02/19 14:23:09 | 001,686,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2012/02/18 13:30:35 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2012/02/18 13:30:35 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2012/02/18 13:30:01 | 000,000,000 | ---D | C] -- C:\Users\Nibras\AppData\Local\WindowsUpdate
[2012/02/18 13:28:15 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbunattend.exe
[2012/02/18 13:25:35 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2012/02/18 13:21:31 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2012/02/18 13:20:08 | 008,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2012/02/18 13:20:05 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2012/02/18 13:20:04 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2012/02/18 13:20:03 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2012/02/18 13:19:43 | 000,311,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2012/02/17 22:04:50 | 000,237,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2012/02/17 21:43:14 | 000,297,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2012/02/17 21:43:14 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2012/02/17 21:43:14 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll
[2012/02/17 21:43:14 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
[2012/02/17 21:43:13 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2012/02/17 20:49:39 | 002,452,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012/02/17 20:49:24 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2012/02/17 20:49:24 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012/02/17 20:49:23 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012/02/17 20:49:23 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012/02/17 20:49:22 | 001,830,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/02/17 20:49:22 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012/02/17 20:49:21 | 000,459,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/02/17 20:49:21 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012/02/17 20:49:21 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012/02/17 20:49:21 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/02/17 20:49:20 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012/02/17 20:49:20 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/02/17 20:49:20 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2012/02/17 20:49:20 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012/02/17 20:49:20 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012/02/17 20:49:20 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012/02/17 20:49:20 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012/02/17 20:49:20 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/02/17 20:49:19 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/02/17 20:49:18 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012/02/17 20:49:18 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012/02/17 20:46:41 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2012/02/17 20:46:41 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2012/02/17 20:46:40 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2012/02/17 20:46:40 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2012/02/17 20:46:40 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2012/02/17 20:46:40 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2012/02/17 20:46:39 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2012/02/17 20:46:39 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2012/02/17 20:46:39 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2012/02/17 20:46:37 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2012/02/17 20:44:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll
[2012/02/17 20:44:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2012/02/17 19:23:16 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\polstore.dll
[2012/02/17 19:23:16 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
[2012/02/17 19:21:36 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2012/02/17 19:21:36 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2012/02/17 19:21:36 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2012/02/17 19:20:37 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoeacct.dll
[2012/02/17 19:20:37 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ACCTRES.dll
[2012/02/17 19:20:36 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoert2.dll
[2012/02/17 19:19:29 | 000,704,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2012/02/17 19:19:24 | 000,028,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\battc.sys
[2012/02/17 19:16:09 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012/02/17 19:16:09 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2012/02/17 19:11:28 | 000,374,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2012/02/17 19:11:00 | 000,500,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2012/02/17 19:11:00 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2012/02/17 19:09:48 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2012/02/17 19:09:47 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2012/02/17 19:09:01 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2012/02/17 19:07:43 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2012/02/17 19:07:16 | 000,713,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2012/02/17 19:06:39 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallAPI.dll
[2012/02/17 19:06:38 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icfupgd.dll
[2012/02/17 19:06:37 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmifw.dll
[2012/02/17 19:06:37 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wfapigp.dll
[2012/02/17 19:04:59 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWWIN.EXE
[2012/02/17 19:04:37 | 002,923,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012/02/17 19:03:37 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe
[2012/02/17 19:02:53 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2012/02/17 19:02:52 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2012/02/17 19:01:42 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMASF.DLL
[2012/02/17 19:01:42 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LAPRXY.DLL
[2012/02/17 19:01:42 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asferror.dll
[2012/02/17 19:01:20 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2012/02/17 19:01:18 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2012/02/17 19:00:16 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printcom.dll
[2012/02/17 18:59:56 | 002,031,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/02/17 18:59:33 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2012/02/17 18:59:33 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshrm.dll
[2012/02/17 18:58:59 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2012/02/17 18:58:10 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2012/02/17 18:58:10 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2012/02/17 18:57:15 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll
[2012/02/17 18:56:36 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2012/02/17 18:55:16 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2012/02/17 18:54:21 | 001,327,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012/02/17 18:54:20 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2012/02/17 18:54:20 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll
[2012/02/17 18:53:55 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012/02/17 18:53:55 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2012/02/17 18:53:55 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2012/02/17 18:53:54 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012/02/17 18:53:54 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2012/02/17 18:50:28 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2012/02/17 00:07:47 | 000,088,632 | ---- | C] (Infowatch) -- C:\Windows\System32\drivers\CSCrySec.sys
[2012/02/17 00:07:47 | 000,039,352 | ---- | C] (Infowatch) -- C:\Windows\System32\drivers\CSVirtualDiskDrv.sys
[2012/02/17 00:07:46 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2012/02/17 00:05:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InfoWatch
[2012/02/17 00:05:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky PURE
[2012/02/17 00:05:32 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2012/02/17 00:05:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2012/02/17 00:05:16 | 000,311,312 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2012/02/17 00:00:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2012/02/16 20:36:45 | 002,421,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012/02/16 20:36:45 | 000,044,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012/02/16 20:36:23 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012/02/16 20:36:23 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2012/02/16 20:36:23 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012/02/16 20:36:07 | 000,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012/02/16 20:36:07 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012/02/16 19:27:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fingerprint Reader Suite
[2012/02/16 19:27:47 | 000,000,000 | ---D | C] -- C:\Program Files\Fingerprint Reader Suite
[2012/02/16 19:27:18 | 000,000,000 | ---D | C] -- C:\ProgramData\UIB
[2012/02/16 19:24:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell QuickSet
[2012/02/16 19:07:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Matrix Storage Manager
[2012/02/16 19:07:36 | 000,000,000 | ---D | C] -- C:\Windows\System32\ENU
[2012/02/16 19:07:34 | 000,936,728 | ---- | C] (Intel® Corporation) -- C:\Windows\System32\imsmudlg.exe
[2012/02/16 14:10:10 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2012/02/16 14:07:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
[2012/02/16 14:06:41 | 000,811,008 | ---- | C] (Pizzolato Davide - www.xdp.it) -- C:\Windows\System32\cximage.dll
[2012/02/16 14:06:41 | 000,385,024 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\OEM02Cvw.dll
[2012/02/16 14:06:41 | 000,331,776 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\OEM02Cvw.crl
[2012/02/16 14:06:41 | 000,235,584 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\drivers\OEM02Dev.sys
[2012/02/16 14:06:41 | 000,141,376 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\drivers\OEM02Afx.sys
[2012/02/16 14:06:41 | 000,090,112 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\CtDrvIns.exe
[2012/02/16 14:06:41 | 000,040,960 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\OEM02Pin.dll
[2012/02/16 14:06:41 | 000,036,864 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe
[2012/02/16 14:06:41 | 000,036,864 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\CtCamMgr.dll
[2012/02/16 14:06:41 | 000,032,768 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\OEM02Hwx.dll
[2012/02/16 14:06:41 | 000,028,672 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\OEM02Cfg.exe
[2012/02/16 14:06:41 | 000,024,576 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\OEM02Srv.exe
[2012/02/16 14:06:41 | 000,020,480 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\OEM02Pin.crl
[2012/02/16 14:06:41 | 000,007,424 | ---- | C] (EyePower Games Pte. Ltd.) -- C:\Windows\System32\drivers\OEM02Vfx.sys
[2012/02/16 13:30:19 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom
[2012/02/16 13:24:56 | 001,601,536 | ---- | C] (SigmaTel, Inc.) -- C:\Windows\System32\stlang.dll
[2012/02/16 13:24:56 | 000,094,208 | ---- | C] (SigmaTel, Inc.) -- C:\Windows\System32\stacsv.exe
[2012/02/16 13:24:55 | 004,952,064 | ---- | C] (SigmaTel, Inc.) -- C:\Windows\System32\stacgui.cpl
[2012/02/16 13:24:03 | 000,144,896 | ---- | C] (SigmaTel, Inc.) -- C:\Windows\System32\staco.dll
[2012/02/16 13:24:01 | 000,587,776 | ---- | C] (SigmaTel, Inc.) -- C:\Windows\System32\stapo.dll
[2012/02/16 13:24:01 | 000,326,656 | ---- | C] (SigmaTel, Inc.) -- C:\Windows\System32\drivers\stwrt.sys
[2012/02/16 13:24:01 | 000,326,144 | ---- | C] (SigmaTel, Inc.) -- C:\Windows\System32\stcplx.dll
[2012/02/16 13:24:01 | 000,244,736 | ---- | C] (SigmaTel, Inc.) -- C:\Windows\System32\stapi32.dll
[2012/02/16 13:24:00 | 000,492,544 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\ctapo32.dll
[2012/02/16 13:24:00 | 000,045,568 | ---- | C] (Creative Technology Ltd) -- C:\Windows\System32\ctppld.dll
[2012/02/16 13:24:00 | 000,000,000 | ---D | C] -- C:\Program Files\SigmaTel
[2012/02/16 13:21:45 | 000,000,000 | ---D | C] -- C:\Users\Nibras\Roaming
[2012/02/16 13:21:45 | 000,000,000 | ---D | C] -- C:\Users\Nibras\AppData\Roaming\Intel
[2012/02/16 13:21:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Roaming
[2012/02/16 13:21:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2012/02/16 13:19:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
[2012/02/16 13:11:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Wireless
[2012/02/16 12:58:08 | 000,356,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NVUNINST.EXE
[2012/02/16 11:14:31 | 000,400,152 | ---- | C] (Intel® Corporation) -- C:\Windows\System32\igxpun.exe
[2012/02/16 11:14:31 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\difxapi.dll
[2012/02/16 11:14:31 | 000,000,000 | ---D | C] -- C:\Windows\System32\Lang
[2012/02/16 11:14:22 | 000,111,104 | ---- | C] (Intel® Corporation) -- C:\Windows\System32\drivers\IntcHdmi.sys
[2012/02/16 11:14:21 | 003,293,184 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxress.dll
[2012/02/16 11:14:21 | 000,531,224 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxcfg.exe
[2012/02/16 11:14:21 | 000,200,704 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxpph.dll
[2012/02/16 11:14:21 | 000,192,512 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrdeu.lrc
[2012/02/16 11:14:21 | 000,188,416 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrita.lrc
[2012/02/16 11:14:21 | 000,188,416 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxresp.lrc
[2012/02/16 11:14:21 | 000,184,320 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrfra.lrc
[2012/02/16 11:14:21 | 000,180,224 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrptb.lrc
[2012/02/16 11:14:21 | 000,172,032 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrenu.lrc
[2012/02/16 11:14:21 | 000,170,776 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxzoom.exe
[2012/02/16 11:14:21 | 000,135,168 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxdo.dll
[2012/02/16 11:14:21 | 000,131,072 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrjpn.lrc
[2012/02/16 11:14:21 | 000,126,976 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrkor.lrc
[2012/02/16 11:14:21 | 000,122,880 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxcpl.cpl
[2012/02/16 11:14:21 | 000,110,592 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrcht.lrc
[2012/02/16 11:14:21 | 000,110,592 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrchs.lrc
[2012/02/16 11:14:21 | 000,069,632 | ---- | C] (Intel Corporation) -- C:\Windows\System32\oemdspif.dll
[2012/02/16 11:14:21 | 000,047,616 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.dll
[2012/02/16 11:14:21 | 000,024,576 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxexps.dll
[2012/02/16 11:14:20 | 002,392,064 | ---- | C] (Intel Corporation) -- C:\Windows\System32\ig4icd32.dll
[2012/02/16 11:14:20 | 002,363,392 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igdumd32.dll
[2012/02/16 11:14:20 | 001,499,136 | ---- | C] (Intel Corporation) -- C:\Windows\System32\ig4dev32.dll
[2012/02/16 11:14:20 | 000,102,400 | ---- | C] (Intel Corporation) -- C:\Windows\System32\hccutils.dll
[2012/02/16 11:11:41 | 000,090,112 | ---- | C] (Sony Corporation) -- C:\Windows\System32\snymsico.dll
[2012/02/16 11:11:41 | 000,043,520 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rimsptsk.sys
[2012/02/16 11:11:41 | 000,037,376 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rixdptsk.sys
[2012/02/16 11:11:41 | 000,032,256 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rimmptsk.sys
[2012/02/16 11:08:48 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012/02/16 11:08:32 | 000,000,000 | ---D | C] -- C:\Intel
[2012/02/16 11:06:17 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hccoin.dll
[2012/02/16 11:06:17 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2012/02/16 11:06:16 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2012/02/16 11:05:44 | 000,022,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\streamci.dll
[2012/02/16 11:03:55 | 000,139,264 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012/02/16 11:03:55 | 000,069,632 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javacpl.cpl
[2012/02/16 11:03:54 | 000,135,168 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012/02/16 11:03:54 | 000,135,168 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012/02/16 11:03:27 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/02/16 11:03:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/02/16 02:02:55 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/02/16 02:01:12 | 000,000,000 | ---D | C] -- C:\Windows\Debug
[2012/02/16 01:59:25 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012/02/16 01:59:00 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012/02/16 01:58:05 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012/02/16 01:57:47 | 000,000,000 | -HSD | C] -- C:\Boot
[2012/02/16 01:56:43 | 000,000,000 | ---D | C] -- C:\Windows\System32\OEM
[2012/02/15 18:08:06 | 000,000,000 | ---D | C] -- C:\Users\Nibras\AppData\Roaming\Roxio
[2012/02/15 17:51:10 | 000,000,000 | ---D | C] -- C:\Users\Nibras\AppData\Roaming\Adobe
[2012/02/15 17:50:57 | 000,000,000 | ---D | C] -- C:\Users\Nibras\AppData\Local\Adobe
[2012/02/15 17:50:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012/02/15 17:50:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012/02/15 17:50:16 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012/02/15 16:59:49 | 000,092,920 | ---- | C] (Roxio) -- C:\Windows\DLA.EXE
[2012/02/15 16:59:49 | 000,028,120 | ---- | C] (Roxio) -- C:\Windows\System32\drivers\DLARTL_M.SYS
[2012/02/15 16:59:49 | 000,012,856 | ---- | C] (Roxio) -- C:\Windows\System32\drivers\DLACDBHM.SYS
[2012/02/15 16:59:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\DLA
[2012/02/15 16:57:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Roxio
[2012/02/15 16:54:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SureThing Shared
[2012/02/15 16:52:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic
[2012/02/15 16:52:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator DE
[2012/02/15 16:52:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sonic Shared
[2012/02/15 16:51:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
[2012/02/15 16:51:01 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2012/02/15 16:50:40 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio
[2012/02/15 16:24:22 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012/02/15 16:24:19 | 000,000,000 | ---D | C] -- C:\Users\Nibras\AppData\Local\MediaDirect
[2012/02/15 16:24:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Dell
[2012/02/15 16:24:18 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2012/02/15 16:23:58 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml4r.dll
[2012/02/15 16:23:58 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml4a.dll
[2012/02/15 16:23:42 | 000,000,000 | ---D | C] -- C:\Program Files\CyberLink
[2012/02/15 16:23:41 | 001,047,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71u.dll
[2012/02/15 16:23:41 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2012/02/15 16:23:40 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71.dll
[2012/02/15 16:23:40 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\atl71.dll
[2012/02/15 16:23:40 | 000,000,000 | ---D | C] -- C:\Program Files\Dell
[2012/02/15 16:20:26 | 000,000,000 | ---D | C] -- C:\Dell
[2012/02/15 16:20:10 | 000,000,000 | ---D | C] -- C:\Users\Nibras\AppData\Roaming\InstallShield
[2012/02/15 16:13:18 | 000,000,000 | R--D | C] -- C:\Users\Nibras\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/02/15 16:13:18 | 000,000,000 | R--D | C] -- C:\Users\Nibras\Searches
[2012/02/15 16:13:18 | 000,000,000 | R--D | C] -- C:\Users\Nibras\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/02/15 16:13:08 | 000,000,000 | ---D | C] -- C:\Users\Nibras\AppData\Roaming\Identities
[2012/02/15 16:13:05 | 000,000,000 | R--D | C] -- C:\Users\Nibras\Contacts
[2012/02/15 16:13:03 | 000,000,000 | ---D | C] -- C:\Users\Nibras\AppData\Local\VirtualStore
[2012/02/15 16:12:57 | 000,000,000 | -HSD | C] -- C:\Users\Nibras\AppData\Local\Temporary Internet Files
[2012/02/15 16:12:57 | 000,000,000 | -HSD | C] -- C:\Users\Nibras\Templates
[2012/02/15 16:12:57 | 000,000,000 | -HSD | C] -- C:\Users\Nibras\Start Menu
[2012/02/15 16:12:57 | 000,000,000 | -HSD | C] -- C:\Users\Nibras\SendTo
[2012/02/15 16:12:57 | 000,000,000 | -HSD | C] -- C:\Users\Nibras\Recent
[2012/02/15 16:12:57 | 000,000,000 | -HSD | C] -- C:\Users\Nibras\PrintHood
[2012/02/15 16:12:57 | 000,000,000 | -HSD | C] -- C:\Users\Nibras\NetHood
[2012/02/15 16:12:57 | 000,000,000 | -HSD | C] -- C:\Users\Nibras\Documents\My Videos
[2012/02/15 16:12:57 | 000,000,000 | -HSD | C] -- C:\Users\Nibras\Documents\My Pictures
[2012/02/15 16:12:57 | 000,000,000 | -HSD | C] -- C:\Users\Nibras\Documents\My Music
[2012/02/15 16:12:57 | 000,000,000 | -HSD | C] -- C:\Users\Nibras\My Documents
[2012/02/15 16:12:57 | 000,000,000 | -HSD | C] -- C:\Users\Nibras\Local Settings
[2012/02/15 16:12:57 | 000,000,000 | -HSD | C] -- C:\Users\Nibras\AppData\Local\History
[2012/02/15 16:12:57 | 000,000,000 | -HSD | C] -- C:\Users\Nibras\Cookies
[2012/02/15 16:12:57 | 000,000,000 | -HSD | C] -- C:\Users\Nibras\Application Data
[2012/02/15 16:12:57 | 000,000,000 | -HSD | C] -- C:\Users\Nibras\AppData\Local\Application Data
[2012/02/15 16:12:56 | 000,000,000 | --SD | C] -- C:\Users\Nibras\AppData\Roaming\Microsoft
[2012/02/15 16:12:56 | 000,000,000 | R--D | C] -- C:\Users\Nibras\Videos
[2012/02/15 16:12:56 | 000,000,000 | R--D | C] -- C:\Users\Nibras\Saved Games
[2012/02/15 16:12:56 | 000,000,000 | R--D | C] -- C:\Users\Nibras\Pictures
[2012/02/15 16:12:56 | 000,000,000 | R--D | C] -- C:\Users\Nibras\Music
[2012/02/15 16:12:56 | 000,000,000 | R--D | C] -- C:\Users\Nibras\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/02/15 16:12:56 | 000,000,000 | R--D | C] -- C:\Users\Nibras\Links
[2012/02/15 16:12:56 | 000,000,000 | R--D | C] -- C:\Users\Nibras\Favorites
[2012/02/15 16:12:56 | 000,000,000 | R--D | C] -- C:\Users\Nibras\Downloads
[2012/02/15 16:12:56 | 000,000,000 | R--D | C] -- C:\Users\Nibras\Documents
[2012/02/15 16:12:56 | 000,000,000 | R--D | C] -- C:\Users\Nibras\Desktop
[2012/02/15 16:12:56 | 000,000,000 | R--D | C] -- C:\Users\Nibras\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/02/15 16:12:56 | 000,000,000 | -H-D | C] -- C:\Users\Nibras\AppData
[2012/02/15 16:12:56 | 000,000,000 | ---D | C] -- C:\Users\Nibras\AppData\Local\Temp
[2012/02/15 16:12:56 | 000,000,000 | ---D | C] -- C:\Users\Nibras\AppData\Local\Microsoft
[2012/02/15 16:12:56 | 000,000,000 | ---D | C] -- C:\Users\Nibras\AppData\Roaming\Media Center Programs
[2012/02/15 15:46:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
[2012/02/15 15:46:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012/02/15 15:44:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2012/02/15 15:44:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2012/02/15 15:41:20 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Reallusion
[2012/02/15 15:41:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Reallusion
[2012/02/15 15:40:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
[2012/02/15 15:40:33 | 005,627,904 | ---- | C] (Reallusion Inc.) -- C:\Windows\System32\LiveCamVirtual.ocx
[2012/02/15 15:39:53 | 000,000,000 | ---D | C] -- C:\Program Files\Creative Live! Cam
[2012/02/15 15:39:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Webcam
[2012/02/15 15:39:22 | 000,000,000 | ---D | C] -- C:\Program Files\Creative
[2012/02/15 15:38:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2012/02/15 15:35:30 | 000,000,000 | ---D | C] -- C:\Windows\System32\vmm32
========== Files - Modified Within 30 Days ==========
[2012/02/20 21:42:58 | 000,618,648 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/02/20 21:42:58 | 000,104,024 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/02/20 21:40:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-633039371-50796907-1299236143-1001UA.job
[2012/02/20 21:35:42 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/20 21:35:42 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/20 21:35:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/02/20 21:35:11 | 2137,194,496 | -HS- | M] () -- C:\hiberfil.sys
[2012/02/20 13:29:38 | 049,086,464 | ---- | M] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2012/02/20 13:29:37 | 000,196,608 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2012/02/20 13:29:37 | 000,131,072 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2012/02/20 11:46:21 | 000,000,512 | ---- | M] () -- C:\Users\Nibras\Documents\MBR.dat
[2012/02/20 10:38:20 | 000,000,943 | ---- | M] () -- C:\Users\Nibras\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/02/19 22:59:09 | 323,329,162 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/02/19 22:34:07 | 000,319,976 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/02/19 20:40:01 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-633039371-50796907-1299236143-1001Core.job
[2012/02/19 18:34:21 | 002,855,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2012/02/19 18:34:20 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2012/02/19 18:34:20 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2012/02/19 18:34:20 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2012/02/19 18:34:19 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2012/02/19 18:34:16 | 002,433,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2012/02/19 18:33:03 | 003,502,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/02/19 18:33:02 | 003,468,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/02/19 18:25:22 | 000,356,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2012/02/19 18:23:32 | 001,244,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2012/02/19 18:23:31 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2012/02/19 18:23:30 | 000,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2012/02/19 18:23:30 | 000,217,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2012/02/19 18:23:30 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2012/02/19 18:23:30 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2012/02/19 18:23:30 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2012/02/19 18:20:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012/02/19 18:19:01 | 000,109,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2012/02/19 18:19:01 | 000,045,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys
[2012/02/19 18:16:41 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\i8042prt.sys.mui
[2012/02/19 18:16:41 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\sermouse.sys.mui
[2012/02/19 18:16:41 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\mouclass.sys.mui
[2012/02/19 18:16:41 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\mouhid.sys.mui
[2012/02/19 18:16:41 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\kbdhid.sys.mui
[2012/02/19 18:16:40 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\kbdclass.sys.mui
[2012/02/19 18:16:36 | 000,371,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2012/02/19 18:16:36 | 000,313,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2012/02/19 18:16:36 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srdelayed.exe
[2012/02/19 18:16:35 | 000,944,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2012/02/19 18:16:35 | 000,905,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2012/02/19 18:16:35 | 000,613,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2012/02/19 18:16:35 | 000,019,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2012/02/19 18:16:34 | 000,620,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2012/02/19 18:16:33 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2012/02/19 18:16:32 | 000,260,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll
[2012/02/19 18:16:32 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll
[2012/02/19 18:16:30 | 000,115,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\loadperf.dll
[2012/02/19 18:16:30 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lodctr.exe
[2012/02/19 18:16:30 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe
[2012/02/19 18:16:30 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\prflbmsg.dll
[2012/02/19 18:16:28 | 000,035,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2012/02/19 18:16:27 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dispci.dll
[2012/02/19 18:16:27 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\batt.dll
[2012/02/19 18:16:27 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
[2012/02/19 14:48:41 | 000,654,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2012/02/19 14:48:41 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2012/02/19 14:48:39 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2012/02/19 14:48:39 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2012/02/19 14:48:39 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2012/02/19 14:48:39 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2012/02/19 14:47:48 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2012/02/19 14:47:48 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2012/02/19 14:29:45 | 000,213,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2012/02/19 14:28:33 | 000,268,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe
[2012/02/19 14:28:33 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll
[2012/02/19 14:28:31 | 000,566,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll
[2012/02/19 14:28:30 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe
[2012/02/19 14:28:30 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe
[2012/02/19 14:28:28 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll
[2012/02/19 14:26:22 | 000,435,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2012/02/19 14:26:22 | 000,312,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2012/02/19 14:26:21 | 000,472,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2012/02/19 14:26:21 | 000,431,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2012/02/19 14:26:21 | 000,154,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2012/02/19 14:26:21 | 000,154,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2012/02/19 14:26:20 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2012/02/19 14:26:20 | 000,515,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2012/02/19 14:26:20 | 000,473,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2012/02/19 14:23:22 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2012/02/19 14:23:11 | 004,247,552 | ---- | M] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2012/02/19 14:23:09 | 001,686,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2012/02/18 13:30:35 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2012/02/18 13:30:35 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2012/02/18 13:28:15 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sbunattend.exe
[2012/02/18 13:25:35 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2012/02/18 13:20:08 | 008,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2012/02/18 13:20:05 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2012/02/18 13:20:03 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2012/02/18 13:19:43 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2012/02/17 19:23:16 | 000,272,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\polstore.dll
[2012/02/17 19:23:16 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
[2012/02/17 19:21:36 | 000,241,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2012/02/17 19:21:36 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2012/02/17 19:21:36 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2012/02/17 19:20:37 | 000,205,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msoeacct.dll
[2012/02/17 19:20:37 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ACCTRES.dll
[2012/02/17 19:20:36 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msoert2.dll
[2012/02/17 19:19:29 | 000,704,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2012/02/17 19:19:24 | 000,028,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\battc.sys
[2012/02/17 19:16:09 | 000,376,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012/02/17 19:16:09 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2012/02/17 19:11:28 | 000,374,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2012/02/17 19:11:00 | 000,500,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2012/02/17 19:11:00 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2012/02/17 19:09:48 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2012/02/17 19:09:47 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2012/02/17 19:09:01 | 000,303,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2012/02/17 19:07:43 | 000,414,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2012/02/17 19:07:16 | 000,713,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2012/02/17 19:06:39 | 000,392,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FirewallAPI.dll
[2012/02/17 19:06:38 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icfupgd.dll
[2012/02/17 19:06:37 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmifw.dll
[2012/02/17 19:06:37 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wfapigp.dll
[2012/02/17 19:04:59 | 000,104,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWWIN.EXE
[2012/02/17 19:04:37 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012/02/17 19:03:37 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe
[2012/02/17 19:02:53 | 000,220,672 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2012/02/17 19:02:52 | 000,062,464 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2012/02/17 19:01:42 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMASF.DLL
[2012/02/17 19:01:42 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\LAPRXY.DLL
[2012/02/17 19:01:42 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\asferror.dll
[2012/02/17 19:01:20 | 000,425,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2012/02/17 19:01:18 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2012/02/17 19:00:16 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printcom.dll
[2012/02/17 18:59:56 | 002,031,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/02/17 18:59:33 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2012/02/17 18:59:33 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wshrm.dll
[2012/02/17 18:58:59 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2012/02/17 18:58:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2012/02/17 18:58:10 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2012/02/17 18:57:15 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll
[2012/02/17 18:56:36 | 001,645,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2012/02/17 18:55:17 | 000,321,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2012/02/17 18:54:20 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2012/02/17 18:54:20 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll
[2012/02/17 18:50:28 | 000,604,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2012/02/17 02:02:39 | 000,115,369 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat
[2012/02/17 02:02:39 | 000,097,961 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat
[2012/02/17 00:05:16 | 000,311,312 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2012/02/16 22:01:18 | 000,006,324 | ---- | M] () -- C:\Users\Nibras\AppData\Local\d3d9caps.dat
[2012/02/16 20:36:45 | 002,421,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012/02/16 20:36:45 | 000,044,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012/02/16 20:36:23 | 000,575,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012/02/16 20:36:23 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2012/02/16 20:36:23 | 000,035,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012/02/16 20:36:07 | 000,171,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012/02/16 20:36:07 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012/02/16 19:27:51 | 000,001,907 | ---- | M] () -- C:\Users\Public\Desktop\Fingerprint Reader Suite.lnk
[2012/02/16 19:24:56 | 000,001,940 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnk
[2012/02/16 18:53:13 | 000,016,056 | ---- | M] () -- C:\Windows\System32\results.xml
[2012/02/16 14:10:25 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2012/02/16 13:34:16 | 000,000,257 | ---- | M] () -- C:\Windows\System32\install.xml
[2012/02/16 13:34:16 | 000,000,056 | ---- | M] () -- C:\Windows\System32\IHV_Install.bat
[2012/02/16 11:06:17 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hccoin.dll
[2012/02/16 11:06:17 | 000,005,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2012/02/16 11:06:16 | 000,223,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2012/02/16 11:05:44 | 000,022,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\streamci.dll
[2012/02/16 11:03:34 | 000,139,264 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012/02/16 11:03:34 | 000,135,168 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012/02/16 11:03:34 | 000,135,168 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012/02/16 11:03:34 | 000,069,632 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javacpl.cpl
[2012/02/16 02:04:33 | 000,041,176 | ---- | M] () -- C:\Windows\System32\license.rtf
[2012/02/16 01:57:50 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2012/02/15 17:50:31 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
[2012/02/15 16:59:50 | 000,000,120 | ---- | M] () -- C:\Windows\wininit.ini
[2012/02/15 16:52:45 | 000,002,323 | ---- | M] () -- C:\Users\Public\Desktop\Roxio Creator Home.lnk
[2012/02/15 15:41:42 | 000,000,076 | RHS- | M] () -- C:\Windows\CT4CET.bin
[2012/01/29 05:10:42 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
========== Files Created - No Company Name ==========
[2012/02/20 13:18:51 | 000,196,608 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2012/02/20 13:18:51 | 000,131,072 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2012/02/20 13:18:50 | 049,086,464 | ---- | C] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2012/02/20 11:46:21 | 000,000,512 | ---- | C] () -- C:\Users\Nibras\Documents\MBR.dat
[2012/02/19 22:58:36 | 323,329,162 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012/02/19 19:44:29 | 000,001,820 | ---- | C] () -- C:\Windows\System32\rasctrnm.h
[2012/02/17 21:43:18 | 001,657,350 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2012/02/17 00:08:25 | 000,115,369 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2012/02/17 00:08:24 | 000,097,961 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2012/02/16 20:35:38 | 000,000,916 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-633039371-50796907-1299236143-1001UA.job
[2012/02/16 20:35:37 | 000,000,864 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-633039371-50796907-1299236143-1001Core.job
[2012/02/16 19:27:50 | 000,001,907 | ---- | C] () -- C:\Users\Public\Desktop\Fingerprint Reader Suite.lnk
[2012/02/16 19:24:56 | 000,001,940 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnk
[2012/02/16 18:53:13 | 000,016,056 | ---- | C] () -- C:\Windows\System32\results.xml
[2012/02/16 18:47:07 | 2137,194,496 | -HS- | C] () -- C:\hiberfil.sys
[2012/02/16 14:10:25 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2012/02/16 14:09:07 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2012/02/16 14:06:41 | 000,260,330 | ---- | C] () -- C:\Windows\System32\OEM02Cvw.bff
[2012/02/16 14:06:41 | 000,057,656 | ---- | C] () -- C:\Windows\System32\drivers\OEM02Pvc.bmp
[2012/02/16 14:06:41 | 000,057,656 | ---- | C] () -- C:\Windows\System32\drivers\OEM02PC.bmp
[2012/02/16 14:06:41 | 000,004,510 | ---- | C] () -- C:\Windows\OEM002.uns
[2012/02/16 13:21:36 | 000,000,257 | ---- | C] () -- C:\Windows\System32\install.xml
[2012/02/16 13:21:36 | 000,000,056 | ---- | C] () -- C:\Windows\System32\IHV_Install.bat
[2012/02/16 11:15:28 | 000,000,943 | ---- | C] () -- C:\Users\Nibras\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/02/16 11:14:31 | 000,121,232 | ---- | C] () -- C:\Windows\System32\IScrNBR.bmp
[2012/02/16 11:14:31 | 000,121,232 | ---- | C] () -- C:\Windows\System32\IScrNB.bmp
[2012/02/16 11:14:22 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2012/02/16 11:14:21 | 000,910,304 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2012/02/16 11:14:21 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2012/02/16 11:14:21 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1253.dll
[2012/02/16 11:14:21 | 000,024,256 | ---- | C] () -- C:\Windows\System32\iglhxs32.vp
[2012/02/16 11:14:21 | 000,002,096 | ---- | C] () -- C:\Windows\System32\iglhxo32.vp
[2012/02/16 11:14:21 | 000,002,096 | ---- | C] () -- C:\Windows\System32\iglhxc32.vp
[2012/02/16 11:11:41 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2012/02/16 01:57:50 | 000,008,192 | R-S- | C] () -- C:\BOOTSECT.BAK
[2012/02/16 01:57:48 | 000,438,840 | RHS- | C] () -- C:\bootmgr
[2012/02/16 01:56:43 | 000,000,036 | RH-- | C] () -- C:\Windows\DELL_VERSION
[2012/02/15 17:50:31 | 000,001,887 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
[2012/02/15 17:50:31 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 8.lnk
[2012/02/15 16:59:49 | 000,056,056 | ---- | C] () -- C:\Windows\System32\DLAAPI_W.DLL
[2012/02/15 16:59:48 | 000,000,120 | ---- | C] () -- C:\Windows\wininit.ini
[2012/02/15 16:52:45 | 000,002,323 | ---- | C] () -- C:\Users\Public\Desktop\Roxio Creator Home.lnk
[2012/02/15 16:24:18 | 000,001,805 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaDirect.lnk
[2012/02/15 16:13:20 | 000,000,949 | ---- | C] () -- C:\Users\Nibras\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/02/15 16:13:17 | 000,000,944 | ---- | C] () -- C:\Users\Nibras\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2012/02/15 16:13:05 | 000,000,915 | ---- | C] () -- C:\Users\Nibras\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2012/02/15 16:12:59 | 000,006,324 | ---- | C] () -- C:\Users\Nibras\AppData\Local\d3d9caps.dat
[2012/02/15 16:12:56 | 000,000,258 | ---- | C] () -- C:\Users\Nibras\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/02/15 16:12:56 | 000,000,240 | ---- | C] () -- C:\Users\Nibras\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/02/15 15:46:39 | 000,001,881 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2003.lnk
[2012/02/15 15:46:39 | 000,001,789 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works Task Launcher.lnk
[2012/02/15 15:41:42 | 000,000,076 | RHS- | C] () -- C:\Windows\CT4CET.bin
========== LOP Check ==========
[2012/02/20 14:04:00 | 000,007,526 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< MD5 for: EXPLORER.EXE >
[2012/02/17 19:04:37 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\explorer.exe
[2008/10/29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\SoftwareDistribution\Download\7061d8bdfc6a60f6588941d7a2c304c7\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2012/02/17 19:04:37 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\SoftwareDistribution\Download\7061d8bdfc6a60f6588941d7a2c304c7\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2012/02/17 19:04:36 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\SoftwareDistribution\Download\7061d8bdfc6a60f6588941d7a2c304c7\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2012/02/17 19:04:35 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2007/08/27 05:10:03 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\SoftwareDistribution\Download\f411dcb0df2de951a1b7d68be5b8fec7\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2012/02/17 19:19:23 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2007/08/27 04:01:58 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\SoftwareDistribution\Download\f411dcb0df2de951a1b7d68be5b8fec7\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2012/02/17 19:19:22 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2008/10/28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\SoftwareDistribution\Download\7061d8bdfc6a60f6588941d7a2c304c7\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2012/02/17 19:04:36 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006/11/02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008/01/19 09:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: SVCHOST.EXE >
[2006/11/02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\System32\svchost.exe
[2006/11/02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008/01/19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
< MD5 for: USERINIT.EXE >
[2008/01/19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006/11/02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\System32\userinit.exe
[2006/11/02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
< MD5 for: WINLOGON.EXE >
[2006/11/02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\System32\winlogon.exe
[2006/11/02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008/01/19 09:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< %systemroot%\*. /mp /s >
< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\Nibrass\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2012/02/15 07:03:37 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\Nibrass\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2012/02/15 07:03:37 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\Nibrass\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/02/15 07:03:37 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\Nibrass\AppData\Local\Google\Chrome\Application\chrome.exe" [2012/02/15 07:03:37 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2009/12/18 12:18:06 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2009/12/18 12:18:06 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2009/12/18 12:18:06 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/12/18 14:56:05 | 000,634,632 | ---- | M] (Microsoft Corporation)
< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\Nibrass\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2012/02/15 07:03:37 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\Nibrass\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2012/02/15 07:03:37 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\Nibrass\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/02/15 07:03:37 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\Nibrass\AppData\Local\Google\Chrome\Application\chrome.exe" [2012/02/15 07:03:37 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2009/12/18 12:18:06 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2009/12/18 12:18:06 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2009/12/18 12:18:06 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/12/18 14:56:05 | 000,634,632 | ---- | M] (Microsoft Corporation)
< End of report >
OTL by OldTimer - Version 3.2.33.0 Folder = C:\Users\Nibrass\Downloads
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 0.83 Gb Available Physical Memory | 41.85% Memory free
4.18 Gb Paging File | 2.98 Gb Available in Paging File | 71.33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 146.00 Gb Total Space | 103.53 Gb Free Space | 70.91% Space Free | Partition Type: NTFS
Computer Name: -PC | User Name: Nibras | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/02/20 12:38:30 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Nibrass\Downloads\OTL.exe
PRC - [2012/02/19 18:28:10 | 001,006,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2012/02/17 19:04:37 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2012/02/16 11:03:34 | 000,077,824 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0\bin\jusched.exe
PRC - [2010/10/01 22:06:36 | 000,348,760 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe
PRC - [2009/12/21 17:34:38 | 000,743,992 | ---- | M] (Infowatch) -- C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
PRC - [2007/05/10 11:23:50 | 000,094,208 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/05/10 11:22:20 | 000,405,504 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
PRC - [2007/05/10 01:01:00 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe
PRC - [2007/04/27 08:34:18 | 001,123,872 | ---- | M] (Dell Inc) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2007/04/16 23:05:52 | 000,021,504 | ---- | M] (UPEK Inc.) -- C:\Program Files\Fingerprint Reader Suite\upeksvr.exe
PRC - [2007/04/16 22:55:00 | 000,053,776 | ---- | M] (UPEK Inc.) -- C:\Program Files\Fingerprint Reader Suite\psqltray.exe
PRC - [2007/04/16 16:10:26 | 000,184,320 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2007/02/12 14:38:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/02/12 14:37:58 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2006/11/05 11:22:16 | 000,221,184 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
PRC - [2006/11/05 10:55:48 | 000,010,752 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
========== Modules (No Company Name) ==========
MOD - [2010/10/01 22:05:46 | 008,972,888 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky PURE\QtGui4.dll
MOD - [2010/10/01 22:05:42 | 002,456,152 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky PURE\QtCore4.dll
MOD - [2010/10/01 21:07:46 | 000,733,184 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky PURE\localization_manager.dll
MOD - [2009/10/30 20:32:30 | 000,410,496 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky PURE\dblite.dll
MOD - [2007/04/27 08:34:24 | 000,103,968 | ---- | M] () -- C:\Program Files\Dell\QuickSet\dadkeyb.dll
MOD - [2007/04/13 15:38:22 | 000,249,856 | ---- | M] () -- C:\Windows\System32\igfxTMM.dll
MOD - [2006/11/05 10:58:44 | 000,516,096 | ---- | M] () -- C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\LayoutDll9.dll
MOD - [2006/11/05 10:28:18 | 004,587,520 | R--- | M] () -- C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll
MOD - [2006/10/26 16:21:22 | 000,056,056 | ---- | M] () -- C:\Windows\System32\DLAAPI_W.DLL
========== Win32 Services (SafeList) ==========
SRV - [2012/02/19 18:28:10 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/10/01 22:06:36 | 000,348,760 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe -- (AVP)
SRV - [2009/12/21 17:34:38 | 000,743,992 | ---- | M] (Infowatch) [Auto | Running] -- C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe -- (CSObjectsSrv)
SRV - [2007/05/10 11:23:50 | 000,094,208 | ---- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/02/12 14:38:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2004/10/22 03:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Roxio\Roxio MyDVD Premier\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
========== Driver Services (SafeList) ==========
DRV - [2012/02/17 00:05:16 | 000,311,312 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2009/12/14 12:44:24 | 000,088,632 | ---- | M] (Infowatch) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\CSCrySec.sys -- (CSCrySec)
DRV - [2009/12/14 12:44:24 | 000,039,352 | ---- | M] (Infowatch) [Kernel | System | Running] -- C:\Windows\System32\drivers\CSVirtualDiskDrv.sys -- (CSVirtualDiskDrv)
DRV - [2009/10/14 21:18:34 | 000,036,880 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\klbg.sys -- (KLBG)
DRV - [2009/10/02 19:39:36 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009/09/14 14:46:36 | 000,021,520 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2009/09/01 15:29:50 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl1.sys -- (kl1)
DRV - [2007/05/10 11:24:38 | 000,326,656 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/05/10 01:01:00 | 000,235,584 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2007/03/26 16:18:24 | 000,111,104 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV - [2007/03/05 18:45:00 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV - [2007/02/25 06:14:00 | 002,216,448 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel®
DRV - [2007/02/08 20:05:30 | 000,028,120 | ---- | M] (Roxio) [File_System | System | Running] -- C:\Windows\System32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2007/02/08 20:05:30 | 000,012,856 | ---- | M] (Roxio) [File_System | System | Running] -- C:\Windows\System32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2006/11/15 00:16:24 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/14 19:42:46 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/14 17:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006/10/26 16:22:02 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2006/10/26 16:21:34 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/10/26 16:21:34 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2006/10/26 16:21:32 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/10/26 16:21:30 | 000,026,296 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/10/26 16:21:28 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/10/26 16:21:26 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/10/26 16:21:24 | 000,104,536 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-633039371-50796907-1299236143-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-633039371-50796907-1299236143-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-633039371-50796907-1299236143-1001\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-633039371-50796907-1299236143-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky PURE\THBExt [2012/02/17 00:06:32 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe File not found
O4 - HKLM..\Run: [DELL Webcam Manager] C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PSQLLauncher] C:\Program Files\Fingerprint Reader Suite\launcher.exe (UPEK Inc.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-633039371-50796907-1299236143-1000..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{74E79831-C6B8-45C2-92E2-4206D3595410}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EB12DA28-BAD4-4767-A98A-72F09F6DDDA2}: DhcpNameServer = 192.168.1.1
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky PURE\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky PURE\kloehk.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (vrlogon.dll) - C:\Windows\System32\vrlogon.dll (UPEK Inc.)
O20 - Winlogon\Notify\klogon: DllName - (C:\Windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab)
O20 - Winlogon\Notify\psfus: DllName - (C:\Windows\system32\psqlpwd.dll) - C:\Windows\System32\psqlpwd.dll (UPEK Inc.)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{03a3798a-5831-11e1-8696-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{03a3798a-5831-11e1-8696-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autoRcd.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012/02/20 13:30:02 | 000,097,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2012/02/20 13:30:01 | 000,105,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2012/02/20 13:29:59 | 000,622,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2012/02/20 13:29:59 | 000,043,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2012/02/20 13:29:59 | 000,037,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2012/02/20 13:29:59 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2012/02/20 13:29:53 | 000,781,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2012/02/20 13:29:45 | 000,326,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2012/02/20 13:02:08 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2012/02/20 13:01:44 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2012/02/20 13:01:33 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2012/02/19 22:59:09 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/02/19 21:15:23 | 000,000,000 | ---D | C] -- C:\Users\Nibras\AppData\Roaming\WinRAR
[2012/02/19 21:15:23 | 000,000,000 | ---D | C] -- C:\Users\Nibras\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/02/19 21:15:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/02/19 21:14:35 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012/02/19 20:13:17 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2012/02/19 20:13:14 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2012/02/19 20:12:52 | 004,874,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0009.dll
[2012/02/19 20:12:51 | 002,641,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000c.dll
[2012/02/19 20:12:51 | 000,797,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2012/02/19 20:12:50 | 009,845,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000a.dll
[2012/02/19 20:12:48 | 002,597,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0001.dll
[2012/02/19 20:12:48 | 002,340,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000d.dll
[2012/02/19 20:12:48 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0027.dll
[2012/02/19 20:12:47 | 002,655,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0011.dll
[2012/02/19 20:12:47 | 002,241,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0007.dll
[2012/02/19 20:12:47 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData003e.dll
[2012/02/19 20:12:46 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0002.dll
[2012/02/19 20:12:46 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData002a.dll
[2012/02/19 20:12:46 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0022.dll
[2012/02/19 20:12:46 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0021.dll
[2012/02/19 20:12:45 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0024.dll
[2012/02/19 20:12:45 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001a.dll
[2012/02/19 20:12:45 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0018.dll
[2012/02/19 20:12:45 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000f.dll
[2012/02/19 20:12:44 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0019.dll
[2012/02/19 20:12:43 | 004,493,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0816.dll
[2012/02/19 20:12:43 | 004,493,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001d.dll
[2012/02/19 20:12:43 | 004,493,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0010.dll
[2012/02/19 20:12:42 | 003,464,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0013.dll
[2012/02/19 20:12:41 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0039.dll
[2012/02/19 20:12:40 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0049.dll
[2012/02/19 20:12:40 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0020.dll
[2012/02/19 20:12:39 | 004,493,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0416.dll
[2012/02/19 20:12:38 | 004,493,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0414.dll
[2012/02/19 20:12:37 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0047.dll
[2012/02/19 20:12:36 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004c.dll
[2012/02/19 20:12:36 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004a.dll
[2012/02/19 20:12:36 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData081a.dll
[2012/02/19 20:12:35 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0c1a.dll
[2012/02/19 20:12:35 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001b.dll
[2012/02/19 20:12:35 | 001,523,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0000.dll
[2012/02/19 20:12:34 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004e.dll
[2012/02/19 20:12:34 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004b.dll
[2012/02/19 20:12:34 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0046.dll
[2012/02/19 20:12:34 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0045.dll
[2012/02/19 20:12:33 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0026.dll
[2012/02/19 20:12:33 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0003.dll
[2012/02/19 20:12:16 | 005,071,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsModels0011.dll
[2012/02/19 20:12:15 | 006,917,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0c1a.dll
[2012/02/19 20:12:14 | 007,042,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons081a.dll
[2012/02/19 20:12:13 | 005,031,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0816.dll
[2012/02/19 20:12:12 | 005,090,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0416.dll
[2012/02/19 20:12:11 | 004,616,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0414.dll
[2012/02/19 20:12:10 | 004,093,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004c.dll
[2012/02/19 20:12:10 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004a.dll
[2012/02/19 20:12:09 | 004,045,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons003e.dll
[2012/02/19 20:12:08 | 006,224,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0027.dll
[2012/02/19 20:12:07 | 005,791,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0026.dll
[2012/02/19 20:12:06 | 007,964,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0024.dll
[2012/02/19 20:12:05 | 005,499,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0022.dll
[2012/02/19 20:12:04 | 006,346,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001d.dll
[2012/02/19 20:12:04 | 002,136,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0021.dll
[2012/02/19 20:12:03 | 006,585,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001b.dll
[2012/02/19 20:12:02 | 006,014,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001a.dll
[2012/02/19 20:11:59 | 006,781,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0019.dll
[2012/02/19 20:11:59 | 003,331,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0018.dll
[2012/02/19 20:11:58 | 004,981,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0013.dll
[2012/02/19 20:11:57 | 004,175,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0010.dll
[2012/02/19 20:11:57 | 002,466,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0011.dll
[2012/02/19 20:11:56 | 005,654,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000f.dll
[2012/02/19 20:11:55 | 006,237,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000c.dll
[2012/02/19 20:11:54 | 009,892,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000a.dll
[2012/02/19 20:11:53 | 004,164,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0002.dll
[2012/02/19 20:11:52 | 011,722,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0001.dll
[2012/02/19 20:11:50 | 001,972,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004e.dll
[2012/02/19 20:11:50 | 001,702,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004b.dll
[2012/02/19 20:11:49 | 001,808,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0046.dll
[2012/02/19 20:11:49 | 001,793,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0045.dll
[2012/02/19 20:11:49 | 001,782,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0039.dll
[2012/02/19 20:11:49 | 001,558,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0049.dll
[2012/02/19 20:11:49 | 001,411,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0047.dll
[2012/02/19 20:11:48 | 001,722,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000d.dll
[2012/02/19 20:11:48 | 001,452,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0003.dll
[2012/02/19 20:11:48 | 001,236,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0020.dll
[2012/02/19 20:11:48 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons002a.dll
[2012/02/19 19:52:48 | 001,984,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2012/02/19 19:52:46 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2012/02/19 19:52:45 | 008,138,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssBranded.scr
[2012/02/19 19:52:44 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2012/02/19 19:52:44 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.exe
[2012/02/19 19:52:44 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcmonitor.dll
[2012/02/19 19:44:30 | 000,564,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2012/02/19 19:44:30 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rascfg.dll
[2012/02/19 19:44:29 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll
[2012/02/19 19:44:29 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2012/02/19 19:44:29 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\traffic.dll
[2012/02/19 19:44:29 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmxs.dll
[2012/02/19 19:44:29 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasser.dll
[2012/02/19 19:44:29 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pacerprf.dll
[2012/02/19 19:44:29 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshqos.dll
[2012/02/19 19:44:29 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icsunattend.exe
[2012/02/19 19:44:29 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll
[2012/02/19 18:34:21 | 002,855,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2012/02/19 18:34:20 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2012/02/19 18:34:20 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2012/02/19 18:34:20 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2012/02/19 18:34:19 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2012/02/19 18:34:16 | 002,433,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2012/02/19 18:33:03 | 003,502,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/02/19 18:33:02 | 003,468,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/02/19 18:25:22 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2012/02/19 18:23:32 | 001,244,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2012/02/19 18:23:31 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2012/02/19 18:23:31 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2012/02/19 18:23:30 | 000,292,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2012/02/19 18:23:30 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2012/02/19 18:23:30 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2012/02/19 18:23:30 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2012/02/19 18:23:30 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2012/02/19 18:20:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012/02/19 18:19:01 | 000,109,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2012/02/19 18:19:01 | 000,045,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys
[2012/02/19 18:16:36 | 000,371,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2012/02/19 18:16:36 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2012/02/19 18:16:36 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srdelayed.exe
[2012/02/19 18:16:35 | 000,944,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2012/02/19 18:16:35 | 000,905,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2012/02/19 18:16:35 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2012/02/19 18:16:35 | 000,019,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2012/02/19 18:16:34 | 000,620,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2012/02/19 18:16:33 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2012/02/19 18:16:32 | 000,260,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll
[2012/02/19 18:16:32 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll
[2012/02/19 18:16:30 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\loadperf.dll
[2012/02/19 18:16:30 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lodctr.exe
[2012/02/19 18:16:30 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe
[2012/02/19 18:16:30 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prflbmsg.dll
[2012/02/19 18:16:28 | 000,035,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2012/02/19 18:16:27 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispci.dll
[2012/02/19 18:16:27 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\batt.dll
[2012/02/19 18:16:27 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
[2012/02/19 14:48:41 | 000,654,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2012/02/19 14:48:41 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2012/02/19 14:48:39 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2012/02/19 14:48:39 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2012/02/19 14:48:39 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2012/02/19 14:48:39 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2012/02/19 14:47:48 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2012/02/19 14:47:48 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2012/02/19 14:29:45 | 000,213,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2012/02/19 14:28:33 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe
[2012/02/19 14:28:33 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll
[2012/02/19 14:28:31 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll
[2012/02/19 14:28:30 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe
[2012/02/19 14:28:30 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe
[2012/02/19 14:28:28 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll
[2012/02/19 14:26:22 | 000,435,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2012/02/19 14:26:22 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2012/02/19 14:26:21 | 000,472,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2012/02/19 14:26:21 | 000,431,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2012/02/19 14:26:21 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2012/02/19 14:26:21 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2012/02/19 14:26:20 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2012/02/19 14:26:20 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2012/02/19 14:26:20 | 000,473,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2012/02/19 14:23:22 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2012/02/19 14:23:10 | 004,247,552 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2012/02/19 14:23:09 | 001,686,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2012/02/18 13:30:35 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2012/02/18 13:30:35 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2012/02/18 13:30:01 | 000,000,000 | ---D | C] -- C:\Users\Nibras\AppData\Local\WindowsUpdate
[2012/02/18 13:28:15 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbunattend.exe
[2012/02/18 13:25:35 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2012/02/18 13:21:31 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2012/02/18 13:20:08 | 008,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2012/02/18 13:20:05 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2012/02/18 13:20:04 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2012/02/18 13:20:03 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2012/02/18 13:19:43 | 000,311,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2012/02/17 22:04:50 | 000,237,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2012/02/17 21:43:14 | 000,297,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2012/02/17 21:43:14 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2012/02/17 21:43:14 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll
[2012/02/17 21:43:14 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
[2012/02/17 21:43:13 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2012/02/17 20:49:39 | 002,452,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012/02/17 20:49:24 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2012/02/17 20:49:24 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012/02/17 20:49:23 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012/02/17 20:49:23 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012/02/17 20:49:22 | 001,830,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/02/17 20:49:22 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012/02/17 20:49:21 | 000,459,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/02/17 20:49:21 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012/02/17 20:49:21 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012/02/17 20:49:21 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/02/17 20:49:20 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012/02/17 20:49:20 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/02/17 20:49:20 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2012/02/17 20:49:20 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012/02/17 20:49:20 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012/02/17 20:49:20 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012/02/17 20:49:20 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012/02/17 20:49:20 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/02/17 20:49:19 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/02/17 20:49:18 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012/02/17 20:49:18 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012/02/17 20:46:41 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2012/02/17 20:46:41 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2012/02/17 20:46:40 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2012/02/17 20:46:40 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2012/02/17 20:46:40 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2012/02/17 20:46:40 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2012/02/17 20:46:39 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2012/02/17 20:46:39 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2012/02/17 20:46:39 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2012/02/17 20:46:37 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2012/02/17 20:44:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll
[2012/02/17 20:44:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2012/02/17 19:23:16 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\polstore.dll
[2012/02/17 19:23:16 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
[2012/02/17 19:21:36 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2012/02/17 19:21:36 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2012/02/17 19:21:36 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2012/02/17 19:20:37 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoeacct.dll
[2012/02/17 19:20:37 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ACCTRES.dll
[2012/02/17 19:20:36 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoert2.dll
[2012/02/17 19:19:29 | 000,704,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2012/02/17 19:19:24 | 000,028,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\battc.sys
[2012/02/17 19:16:09 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012/02/17 19:16:09 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2012/02/17 19:11:28 | 000,374,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2012/02/17 19:11:00 | 000,500,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2012/02/17 19:11:00 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2012/02/17 19:09:48 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2012/02/17 19:09:47 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2012/02/17 19:09:01 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2012/02/17 19:07:43 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2012/02/17 19:07:16 | 000,713,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2012/02/17 19:06:39 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallAPI.dll
[2012/02/17 19:06:38 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icfupgd.dll
[2012/02/17 19:06:37 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmifw.dll
[2012/02/17 19:06:37 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wfapigp.dll
[2012/02/17 19:04:59 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWWIN.EXE
[2012/02/17 19:04:37 | 002,923,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012/02/17 19:03:37 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe
[2012/02/17 19:02:53 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2012/02/17 19:02:52 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2012/02/17 19:01:42 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMASF.DLL
[2012/02/17 19:01:42 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LAPRXY.DLL
[2012/02/17 19:01:42 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asferror.dll
[2012/02/17 19:01:20 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2012/02/17 19:01:18 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2012/02/17 19:00:16 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printcom.dll
[2012/02/17 18:59:56 | 002,031,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/02/17 18:59:33 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2012/02/17 18:59:33 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshrm.dll
[2012/02/17 18:58:59 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2012/02/17 18:58:10 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2012/02/17 18:58:10 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2012/02/17 18:57:15 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll
[2012/02/17 18:56:36 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2012/02/17 18:55:16 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2012/02/17 18:54:21 | 001,327,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012/02/17 18:54:20 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2012/02/17 18:54:20 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll
[2012/02/17 18:53:55 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012/02/17 18:53:55 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2012/02/17 18:53:55 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2012/02/17 18:53:54 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012/02/17 18:53:54 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2012/02/17 18:50:28 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2012/02/17 00:07:47 | 000,088,632 | ---- | C] (Infowatch) -- C:\Windows\System32\drivers\CSCrySec.sys
[2012/02/17 00:07:47 | 000,039,352 | ---- | C] (Infowatch) -- C:\Windows\System32\drivers\CSVirtualDiskDrv.sys
[2012/02/17 00:07:46 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2012/02/17 00:05:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InfoWatch
[2012/02/17 00:05:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky PURE
[2012/02/17 00:05:32 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2012/02/17 00:05:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2012/02/17 00:05:16 | 000,311,312 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2012/02/17 00:00:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2012/02/16 20:36:45 | 002,421,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012/02/16 20:36:45 | 000,044,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012/02/16 20:36:23 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012/02/16 20:36:23 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2012/02/16 20:36:23 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012/02/16 20:36:07 | 000,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012/02/16 20:36:07 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012/02/16 19:27:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fingerprint Reader Suite
[2012/02/16 19:27:47 | 000,000,000 | ---D | C] -- C:\Program Files\Fingerprint Reader Suite
[2012/02/16 19:27:18 | 000,000,000 | ---D | C] -- C:\ProgramData\UIB
[2012/02/16 19:24:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell QuickSet
[2012/02/16 19:07:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Matrix Storage Manager
[2012/02/16 19:07:36 | 000,000,000 | ---D | C] -- C:\Windows\System32\ENU
[2012/02/16 19:07:34 | 000,936,728 | ---- | C] (Intel® Corporation) -- C:\Windows\System32\imsmudlg.exe
[2012/02/16 14:10:10 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2012/02/16 14:07:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
[2012/02/16 14:06:41 | 000,811,008 | ---- | C] (Pizzolato Davide - www.xdp.it) -- C:\Windows\System32\cximage.dll
[2012/02/16 14:06:41 | 000,385,024 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\OEM02Cvw.dll
[2012/02/16 14:06:41 | 000,331,776 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\OEM02Cvw.crl
[2012/02/16 14:06:41 | 000,235,584 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\drivers\OEM02Dev.sys
[2012/02/16 14:06:41 | 000,141,376 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\drivers\OEM02Afx.sys
[2012/02/16 14:06:41 | 000,090,112 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\CtDrvIns.exe
[2012/02/16 14:06:41 | 000,040,960 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\OEM02Pin.dll
[2012/02/16 14:06:41 | 000,036,864 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe
[2012/02/16 14:06:41 | 000,036,864 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\CtCamMgr.dll
[2012/02/16 14:06:41 | 000,032,768 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\OEM02Hwx.dll
[2012/02/16 14:06:41 | 000,028,672 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\OEM02Cfg.exe
[2012/02/16 14:06:41 | 000,024,576 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\OEM02Srv.exe
[2012/02/16 14:06:41 | 000,020,480 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\OEM02Pin.crl
[2012/02/16 14:06:41 | 000,007,424 | ---- | C] (EyePower Games Pte. Ltd.) -- C:\Windows\System32\drivers\OEM02Vfx.sys
[2012/02/16 13:30:19 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom
[2012/02/16 13:24:56 | 001,601,536 | ---- | C] (SigmaTel, Inc.) -- C:\Windows\System32\stlang.dll
[2012/02/16 13:24:56 | 000,094,208 | ---- | C] (SigmaTel, Inc.) -- C:\Windows\System32\stacsv.exe
[2012/02/16 13:24:55 | 004,952,064 | ---- | C] (SigmaTel, Inc.) -- C:\Windows\System32\stacgui.cpl
[2012/02/16 13:24:03 | 000,144,896 | ---- | C] (SigmaTel, Inc.) -- C:\Windows\System32\staco.dll
[2012/02/16 13:24:01 | 000,587,776 | ---- | C] (SigmaTel, Inc.) -- C:\Windows\System32\stapo.dll
[2012/02/16 13:24:01 | 000,326,656 | ---- | C] (SigmaTel, Inc.) -- C:\Windows\System32\drivers\stwrt.sys
[2012/02/16 13:24:01 | 000,326,144 | ---- | C] (SigmaTel, Inc.) -- C:\Windows\System32\stcplx.dll
[2012/02/16 13:24:01 | 000,244,736 | ---- | C] (SigmaTel, Inc.) -- C:\Windows\System32\stapi32.dll
[2012/02/16 13:24:00 | 000,492,544 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\ctapo32.dll
[2012/02/16 13:24:00 | 000,045,568 | ---- | C] (Creative Technology Ltd) -- C:\Windows\System32\ctppld.dll
[2012/02/16 13:24:00 | 000,000,000 | ---D | C] -- C:\Program Files\SigmaTel
[2012/02/16 13:21:45 | 000,000,000 | ---D | C] -- C:\Users\Nibras\Roaming
[2012/02/16 13:21:45 | 000,000,000 | ---D | C] -- C:\Users\Nibras\AppData\Roaming\Intel
[2012/02/16 13:21:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Roaming
[2012/02/16 13:21:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2012/02/16 13:19:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
[2012/02/16 13:11:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Wireless
[2012/02/16 12:58:08 | 000,356,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NVUNINST.EXE
[2012/02/16 11:14:31 | 000,400,152 | ---- | C] (Intel® Corporation) -- C:\Windows\System32\igxpun.exe
[2012/02/16 11:14:31 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\difxapi.dll
[2012/02/16 11:14:31 | 000,000,000 | ---D | C] -- C:\Windows\System32\Lang
[2012/02/16 11:14:22 | 000,111,104 | ---- | C] (Intel® Corporation) -- C:\Windows\System32\drivers\IntcHdmi.sys
[2012/02/16 11:14:21 | 003,293,184 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxress.dll
[2012/02/16 11:14:21 | 000,531,224 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxcfg.exe
[2012/02/16 11:14:21 | 000,200,704 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxpph.dll
[2012/02/16 11:14:21 | 000,192,512 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrdeu.lrc
[2012/02/16 11:14:21 | 000,188,416 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrita.lrc
[2012/02/16 11:14:21 | 000,188,416 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxresp.lrc
[2012/02/16 11:14:21 | 000,184,320 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrfra.lrc
[2012/02/16 11:14:21 | 000,180,224 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrptb.lrc
[2012/02/16 11:14:21 | 000,172,032 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrenu.lrc
[2012/02/16 11:14:21 | 000,170,776 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxzoom.exe
[2012/02/16 11:14:21 | 000,135,168 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxdo.dll
[2012/02/16 11:14:21 | 000,131,072 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrjpn.lrc
[2012/02/16 11:14:21 | 000,126,976 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrkor.lrc
[2012/02/16 11:14:21 | 000,122,880 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxcpl.cpl
[2012/02/16 11:14:21 | 000,110,592 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrcht.lrc
[2012/02/16 11:14:21 | 000,110,592 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrchs.lrc
[2012/02/16 11:14:21 | 000,069,632 | ---- | C] (Intel Corporation) -- C:\Windows\System32\oemdspif.dll
[2012/02/16 11:14:21 | 000,047,616 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.dll
[2012/02/16 11:14:21 | 000,024,576 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxexps.dll
[2012/02/16 11:14:20 | 002,392,064 | ---- | C] (Intel Corporation) -- C:\Windows\System32\ig4icd32.dll
[2012/02/16 11:14:20 | 002,363,392 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igdumd32.dll
[2012/02/16 11:14:20 | 001,499,136 | ---- | C] (Intel Corporation) -- C:\Windows\System32\ig4dev32.dll
[2012/02/16 11:14:20 | 000,102,400 | ---- | C] (Intel Corporation) -- C:\Windows\System32\hccutils.dll
[2012/02/16 11:11:41 | 000,090,112 | ---- | C] (Sony Corporation) -- C:\Windows\System32\snymsico.dll
[2012/02/16 11:11:41 | 000,043,520 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rimsptsk.sys
[2012/02/16 11:11:41 | 000,037,376 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rixdptsk.sys
[2012/02/16 11:11:41 | 000,032,256 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rimmptsk.sys
[2012/02/16 11:08:48 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012/02/16 11:08:32 | 000,000,000 | ---D | C] -- C:\Intel
[2012/02/16 11:06:17 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hccoin.dll
[2012/02/16 11:06:17 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2012/02/16 11:06:16 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2012/02/16 11:05:44 | 000,022,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\streamci.dll
[2012/02/16 11:03:55 | 000,139,264 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012/02/16 11:03:55 | 000,069,632 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javacpl.cpl
[2012/02/16 11:03:54 | 000,135,168 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012/02/16 11:03:54 | 000,135,168 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012/02/16 11:03:27 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/02/16 11:03:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/02/16 02:02:55 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/02/16 02:01:12 | 000,000,000 | ---D | C] -- C:\Windows\Debug
[2012/02/16 01:59:25 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012/02/16 01:59:00 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012/02/16 01:58:05 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012/02/16 01:57:47 | 000,000,000 | -HSD | C] -- C:\Boot
[2012/02/16 01:56:43 | 000,000,000 | ---D | C] -- C:\Windows\System32\OEM
[2012/02/15 18:08:06 | 000,000,000 | ---D | C] -- C:\Users\Nibras\AppData\Roaming\Roxio
[2012/02/15 17:51:10 | 000,000,000 | ---D | C] -- C:\Users\Nibras\AppData\Roaming\Adobe
[2012/02/15 17:50:57 | 000,000,000 | ---D | C] -- C:\Users\Nibras\AppData\Local\Adobe
[2012/02/15 17:50:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012/02/15 17:50:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012/02/15 17:50:16 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012/02/15 16:59:49 | 000,092,920 | ---- | C] (Roxio) -- C:\Windows\DLA.EXE
[2012/02/15 16:59:49 | 000,028,120 | ---- | C] (Roxio) -- C:\Windows\System32\drivers\DLARTL_M.SYS
[2012/02/15 16:59:49 | 000,012,856 | ---- | C] (Roxio) -- C:\Windows\System32\drivers\DLACDBHM.SYS
[2012/02/15 16:59:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\DLA
[2012/02/15 16:57:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Roxio
[2012/02/15 16:54:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SureThing Shared
[2012/02/15 16:52:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic
[2012/02/15 16:52:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator DE
[2012/02/15 16:52:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sonic Shared
[2012/02/15 16:51:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
[2012/02/15 16:51:01 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2012/02/15 16:50:40 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio
[2012/02/15 16:24:22 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012/02/15 16:24:19 | 000,000,000 | ---D | C] -- C:\Users\Nibras\AppData\Local\MediaDirect
[2012/02/15 16:24:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Dell
[2012/02/15 16:24:18 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2012/02/15 16:23:58 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml4r.dll
[2012/02/15 16:23:58 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml4a.dll
[2012/02/15 16:23:42 | 000,000,000 | ---D | C] -- C:\Program Files\CyberLink
[2012/02/15 16:23:41 | 001,047,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71u.dll
[2012/02/15 16:23:41 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2012/02/15 16:23:40 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71.dll
[2012/02/15 16:23:40 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\atl71.dll
[2012/02/15 16:23:40 | 000,000,000 | ---D | C] -- C:\Program Files\Dell
[2012/02/15 16:20:26 | 000,000,000 | ---D | C] -- C:\Dell
[2012/02/15 16:20:10 | 000,000,000 | ---D | C] -- C:\Users\Nibras\AppData\Roaming\InstallShield
[2012/02/15 16:13:18 | 000,000,000 | R--D | C] -- C:\Users\Nibras\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/02/15 16:13:18 | 000,000,000 | R--D | C] -- C:\Users\Nibras\Searches
[2012/02/15 16:13:18 | 000,000,000 | R--D | C] -- C:\Users\Nibras\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/02/15 16:13:08 | 000,000,000 | ---D | C] -- C:\Users\Nibras\AppData\Roaming\Identities
[2012/02/15 16:13:05 | 000,000,000 | R--D | C] -- C:\Users\Nibras\Contacts
[2012/02/15 16:13:03 | 000,000,000 | ---D | C] -- C:\Users\Nibras\AppData\Local\VirtualStore
[2012/02/15 16:12:57 | 000,000,000 | -HSD | C] -- C:\Users\Nibras\AppData\Local\Temporary Internet Files
[2012/02/15 16:12:57 | 000,000,000 | -HSD | C] -- C:\Users\Nibras\Templates
[2012/02/15 16:12:57 | 000,000,000 | -HSD | C] -- C:\Users\Nibras\Start Menu
[2012/02/15 16:12:57 | 000,000,000 | -HSD | C] -- C:\Users\Nibras\SendTo
[2012/02/15 16:12:57 | 000,000,000 | -HSD | C] -- C:\Users\Nibras\Recent
[2012/02/15 16:12:57 | 000,000,000 | -HSD | C] -- C:\Users\Nibras\PrintHood
[2012/02/15 16:12:57 | 000,000,000 | -HSD | C] -- C:\Users\Nibras\NetHood
[2012/02/15 16:12:57 | 000,000,000 | -HSD | C] -- C:\Users\Nibras\Documents\My Videos
[2012/02/15 16:12:57 | 000,000,000 | -HSD | C] -- C:\Users\Nibras\Documents\My Pictures
[2012/02/15 16:12:57 | 000,000,000 | -HSD | C] -- C:\Users\Nibras\Documents\My Music
[2012/02/15 16:12:57 | 000,000,000 | -HSD | C] -- C:\Users\Nibras\My Documents
[2012/02/15 16:12:57 | 000,000,000 | -HSD | C] -- C:\Users\Nibras\Local Settings
[2012/02/15 16:12:57 | 000,000,000 | -HSD | C] -- C:\Users\Nibras\AppData\Local\History
[2012/02/15 16:12:57 | 000,000,000 | -HSD | C] -- C:\Users\Nibras\Cookies
[2012/02/15 16:12:57 | 000,000,000 | -HSD | C] -- C:\Users\Nibras\Application Data
[2012/02/15 16:12:57 | 000,000,000 | -HSD | C] -- C:\Users\Nibras\AppData\Local\Application Data
[2012/02/15 16:12:56 | 000,000,000 | --SD | C] -- C:\Users\Nibras\AppData\Roaming\Microsoft
[2012/02/15 16:12:56 | 000,000,000 | R--D | C] -- C:\Users\Nibras\Videos
[2012/02/15 16:12:56 | 000,000,000 | R--D | C] -- C:\Users\Nibras\Saved Games
[2012/02/15 16:12:56 | 000,000,000 | R--D | C] -- C:\Users\Nibras\Pictures
[2012/02/15 16:12:56 | 000,000,000 | R--D | C] -- C:\Users\Nibras\Music
[2012/02/15 16:12:56 | 000,000,000 | R--D | C] -- C:\Users\Nibras\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/02/15 16:12:56 | 000,000,000 | R--D | C] -- C:\Users\Nibras\Links
[2012/02/15 16:12:56 | 000,000,000 | R--D | C] -- C:\Users\Nibras\Favorites
[2012/02/15 16:12:56 | 000,000,000 | R--D | C] -- C:\Users\Nibras\Downloads
[2012/02/15 16:12:56 | 000,000,000 | R--D | C] -- C:\Users\Nibras\Documents
[2012/02/15 16:12:56 | 000,000,000 | R--D | C] -- C:\Users\Nibras\Desktop
[2012/02/15 16:12:56 | 000,000,000 | R--D | C] -- C:\Users\Nibras\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/02/15 16:12:56 | 000,000,000 | -H-D | C] -- C:\Users\Nibras\AppData
[2012/02/15 16:12:56 | 000,000,000 | ---D | C] -- C:\Users\Nibras\AppData\Local\Temp
[2012/02/15 16:12:56 | 000,000,000 | ---D | C] -- C:\Users\Nibras\AppData\Local\Microsoft
[2012/02/15 16:12:56 | 000,000,000 | ---D | C] -- C:\Users\Nibras\AppData\Roaming\Media Center Programs
[2012/02/15 15:46:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
[2012/02/15 15:46:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012/02/15 15:44:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2012/02/15 15:44:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2012/02/15 15:41:20 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Reallusion
[2012/02/15 15:41:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Reallusion
[2012/02/15 15:40:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
[2012/02/15 15:40:33 | 005,627,904 | ---- | C] (Reallusion Inc.) -- C:\Windows\System32\LiveCamVirtual.ocx
[2012/02/15 15:39:53 | 000,000,000 | ---D | C] -- C:\Program Files\Creative Live! Cam
[2012/02/15 15:39:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Webcam
[2012/02/15 15:39:22 | 000,000,000 | ---D | C] -- C:\Program Files\Creative
[2012/02/15 15:38:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2012/02/15 15:35:30 | 000,000,000 | ---D | C] -- C:\Windows\System32\vmm32
========== Files - Modified Within 30 Days ==========
[2012/02/20 21:42:58 | 000,618,648 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/02/20 21:42:58 | 000,104,024 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/02/20 21:40:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-633039371-50796907-1299236143-1001UA.job
[2012/02/20 21:35:42 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/20 21:35:42 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/20 21:35:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/02/20 21:35:11 | 2137,194,496 | -HS- | M] () -- C:\hiberfil.sys
[2012/02/20 13:29:38 | 049,086,464 | ---- | M] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2012/02/20 13:29:37 | 000,196,608 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2012/02/20 13:29:37 | 000,131,072 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2012/02/20 11:46:21 | 000,000,512 | ---- | M] () -- C:\Users\Nibras\Documents\MBR.dat
[2012/02/20 10:38:20 | 000,000,943 | ---- | M] () -- C:\Users\Nibras\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/02/19 22:59:09 | 323,329,162 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/02/19 22:34:07 | 000,319,976 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/02/19 20:40:01 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-633039371-50796907-1299236143-1001Core.job
[2012/02/19 18:34:21 | 002,855,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2012/02/19 18:34:20 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2012/02/19 18:34:20 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2012/02/19 18:34:20 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2012/02/19 18:34:19 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2012/02/19 18:34:16 | 002,433,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2012/02/19 18:33:03 | 003,502,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/02/19 18:33:02 | 003,468,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/02/19 18:25:22 | 000,356,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2012/02/19 18:23:32 | 001,244,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2012/02/19 18:23:31 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2012/02/19 18:23:30 | 000,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2012/02/19 18:23:30 | 000,217,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2012/02/19 18:23:30 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2012/02/19 18:23:30 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2012/02/19 18:23:30 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2012/02/19 18:20:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012/02/19 18:19:01 | 000,109,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2012/02/19 18:19:01 | 000,045,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys
[2012/02/19 18:16:41 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\i8042prt.sys.mui
[2012/02/19 18:16:41 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\sermouse.sys.mui
[2012/02/19 18:16:41 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\mouclass.sys.mui
[2012/02/19 18:16:41 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\mouhid.sys.mui
[2012/02/19 18:16:41 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\kbdhid.sys.mui
[2012/02/19 18:16:40 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\kbdclass.sys.mui
[2012/02/19 18:16:36 | 000,371,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2012/02/19 18:16:36 | 000,313,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2012/02/19 18:16:36 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srdelayed.exe
[2012/02/19 18:16:35 | 000,944,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2012/02/19 18:16:35 | 000,905,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2012/02/19 18:16:35 | 000,613,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2012/02/19 18:16:35 | 000,019,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2012/02/19 18:16:34 | 000,620,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2012/02/19 18:16:33 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2012/02/19 18:16:32 | 000,260,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll
[2012/02/19 18:16:32 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll
[2012/02/19 18:16:30 | 000,115,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\loadperf.dll
[2012/02/19 18:16:30 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lodctr.exe
[2012/02/19 18:16:30 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe
[2012/02/19 18:16:30 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\prflbmsg.dll
[2012/02/19 18:16:28 | 000,035,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2012/02/19 18:16:27 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dispci.dll
[2012/02/19 18:16:27 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\batt.dll
[2012/02/19 18:16:27 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
[2012/02/19 14:48:41 | 000,654,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2012/02/19 14:48:41 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2012/02/19 14:48:39 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2012/02/19 14:48:39 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2012/02/19 14:48:39 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2012/02/19 14:48:39 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2012/02/19 14:47:48 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2012/02/19 14:47:48 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2012/02/19 14:29:45 | 000,213,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2012/02/19 14:28:33 | 000,268,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe
[2012/02/19 14:28:33 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll
[2012/02/19 14:28:31 | 000,566,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll
[2012/02/19 14:28:30 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe
[2012/02/19 14:28:30 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe
[2012/02/19 14:28:28 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll
[2012/02/19 14:26:22 | 000,435,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2012/02/19 14:26:22 | 000,312,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2012/02/19 14:26:21 | 000,472,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2012/02/19 14:26:21 | 000,431,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2012/02/19 14:26:21 | 000,154,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2012/02/19 14:26:21 | 000,154,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2012/02/19 14:26:20 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2012/02/19 14:26:20 | 000,515,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2012/02/19 14:26:20 | 000,473,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2012/02/19 14:23:22 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2012/02/19 14:23:11 | 004,247,552 | ---- | M] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2012/02/19 14:23:09 | 001,686,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2012/02/18 13:30:35 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2012/02/18 13:30:35 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2012/02/18 13:28:15 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sbunattend.exe
[2012/02/18 13:25:35 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2012/02/18 13:20:08 | 008,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2012/02/18 13:20:05 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2012/02/18 13:20:03 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2012/02/18 13:19:43 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2012/02/17 19:23:16 | 000,272,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\polstore.dll
[2012/02/17 19:23:16 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
[2012/02/17 19:21:36 | 000,241,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2012/02/17 19:21:36 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2012/02/17 19:21:36 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2012/02/17 19:20:37 | 000,205,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msoeacct.dll
[2012/02/17 19:20:37 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ACCTRES.dll
[2012/02/17 19:20:36 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msoert2.dll
[2012/02/17 19:19:29 | 000,704,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2012/02/17 19:19:24 | 000,028,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\battc.sys
[2012/02/17 19:16:09 | 000,376,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012/02/17 19:16:09 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2012/02/17 19:11:28 | 000,374,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2012/02/17 19:11:00 | 000,500,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2012/02/17 19:11:00 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2012/02/17 19:09:48 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2012/02/17 19:09:47 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2012/02/17 19:09:01 | 000,303,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2012/02/17 19:07:43 | 000,414,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2012/02/17 19:07:16 | 000,713,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2012/02/17 19:06:39 | 000,392,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FirewallAPI.dll
[2012/02/17 19:06:38 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icfupgd.dll
[2012/02/17 19:06:37 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmifw.dll
[2012/02/17 19:06:37 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wfapigp.dll
[2012/02/17 19:04:59 | 000,104,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWWIN.EXE
[2012/02/17 19:04:37 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012/02/17 19:03:37 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe
[2012/02/17 19:02:53 | 000,220,672 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2012/02/17 19:02:52 | 000,062,464 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2012/02/17 19:01:42 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMASF.DLL
[2012/02/17 19:01:42 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\LAPRXY.DLL
[2012/02/17 19:01:42 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\asferror.dll
[2012/02/17 19:01:20 | 000,425,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2012/02/17 19:01:18 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2012/02/17 19:00:16 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printcom.dll
[2012/02/17 18:59:56 | 002,031,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/02/17 18:59:33 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2012/02/17 18:59:33 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wshrm.dll
[2012/02/17 18:58:59 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2012/02/17 18:58:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2012/02/17 18:58:10 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2012/02/17 18:57:15 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll
[2012/02/17 18:56:36 | 001,645,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2012/02/17 18:55:17 | 000,321,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2012/02/17 18:54:20 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2012/02/17 18:54:20 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll
[2012/02/17 18:50:28 | 000,604,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2012/02/17 02:02:39 | 000,115,369 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat
[2012/02/17 02:02:39 | 000,097,961 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat
[2012/02/17 00:05:16 | 000,311,312 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2012/02/16 22:01:18 | 000,006,324 | ---- | M] () -- C:\Users\Nibras\AppData\Local\d3d9caps.dat
[2012/02/16 20:36:45 | 002,421,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012/02/16 20:36:45 | 000,044,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012/02/16 20:36:23 | 000,575,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012/02/16 20:36:23 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2012/02/16 20:36:23 | 000,035,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012/02/16 20:36:07 | 000,171,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012/02/16 20:36:07 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012/02/16 19:27:51 | 000,001,907 | ---- | M] () -- C:\Users\Public\Desktop\Fingerprint Reader Suite.lnk
[2012/02/16 19:24:56 | 000,001,940 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnk
[2012/02/16 18:53:13 | 000,016,056 | ---- | M] () -- C:\Windows\System32\results.xml
[2012/02/16 14:10:25 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2012/02/16 13:34:16 | 000,000,257 | ---- | M] () -- C:\Windows\System32\install.xml
[2012/02/16 13:34:16 | 000,000,056 | ---- | M] () -- C:\Windows\System32\IHV_Install.bat
[2012/02/16 11:06:17 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hccoin.dll
[2012/02/16 11:06:17 | 000,005,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2012/02/16 11:06:16 | 000,223,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2012/02/16 11:05:44 | 000,022,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\streamci.dll
[2012/02/16 11:03:34 | 000,139,264 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012/02/16 11:03:34 | 000,135,168 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012/02/16 11:03:34 | 000,135,168 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012/02/16 11:03:34 | 000,069,632 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javacpl.cpl
[2012/02/16 02:04:33 | 000,041,176 | ---- | M] () -- C:\Windows\System32\license.rtf
[2012/02/16 01:57:50 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2012/02/15 17:50:31 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
[2012/02/15 16:59:50 | 000,000,120 | ---- | M] () -- C:\Windows\wininit.ini
[2012/02/15 16:52:45 | 000,002,323 | ---- | M] () -- C:\Users\Public\Desktop\Roxio Creator Home.lnk
[2012/02/15 15:41:42 | 000,000,076 | RHS- | M] () -- C:\Windows\CT4CET.bin
[2012/01/29 05:10:42 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
========== Files Created - No Company Name ==========
[2012/02/20 13:18:51 | 000,196,608 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2012/02/20 13:18:51 | 000,131,072 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2012/02/20 13:18:50 | 049,086,464 | ---- | C] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2012/02/20 11:46:21 | 000,000,512 | ---- | C] () -- C:\Users\Nibras\Documents\MBR.dat
[2012/02/19 22:58:36 | 323,329,162 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012/02/19 19:44:29 | 000,001,820 | ---- | C] () -- C:\Windows\System32\rasctrnm.h
[2012/02/17 21:43:18 | 001,657,350 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2012/02/17 00:08:25 | 000,115,369 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2012/02/17 00:08:24 | 000,097,961 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2012/02/16 20:35:38 | 000,000,916 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-633039371-50796907-1299236143-1001UA.job
[2012/02/16 20:35:37 | 000,000,864 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-633039371-50796907-1299236143-1001Core.job
[2012/02/16 19:27:50 | 000,001,907 | ---- | C] () -- C:\Users\Public\Desktop\Fingerprint Reader Suite.lnk
[2012/02/16 19:24:56 | 000,001,940 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnk
[2012/02/16 18:53:13 | 000,016,056 | ---- | C] () -- C:\Windows\System32\results.xml
[2012/02/16 18:47:07 | 2137,194,496 | -HS- | C] () -- C:\hiberfil.sys
[2012/02/16 14:10:25 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2012/02/16 14:09:07 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2012/02/16 14:06:41 | 000,260,330 | ---- | C] () -- C:\Windows\System32\OEM02Cvw.bff
[2012/02/16 14:06:41 | 000,057,656 | ---- | C] () -- C:\Windows\System32\drivers\OEM02Pvc.bmp
[2012/02/16 14:06:41 | 000,057,656 | ---- | C] () -- C:\Windows\System32\drivers\OEM02PC.bmp
[2012/02/16 14:06:41 | 000,004,510 | ---- | C] () -- C:\Windows\OEM002.uns
[2012/02/16 13:21:36 | 000,000,257 | ---- | C] () -- C:\Windows\System32\install.xml
[2012/02/16 13:21:36 | 000,000,056 | ---- | C] () -- C:\Windows\System32\IHV_Install.bat
[2012/02/16 11:15:28 | 000,000,943 | ---- | C] () -- C:\Users\Nibras\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/02/16 11:14:31 | 000,121,232 | ---- | C] () -- C:\Windows\System32\IScrNBR.bmp
[2012/02/16 11:14:31 | 000,121,232 | ---- | C] () -- C:\Windows\System32\IScrNB.bmp
[2012/02/16 11:14:22 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2012/02/16 11:14:21 | 000,910,304 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2012/02/16 11:14:21 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2012/02/16 11:14:21 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1253.dll
[2012/02/16 11:14:21 | 000,024,256 | ---- | C] () -- C:\Windows\System32\iglhxs32.vp
[2012/02/16 11:14:21 | 000,002,096 | ---- | C] () -- C:\Windows\System32\iglhxo32.vp
[2012/02/16 11:14:21 | 000,002,096 | ---- | C] () -- C:\Windows\System32\iglhxc32.vp
[2012/02/16 11:11:41 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2012/02/16 01:57:50 | 000,008,192 | R-S- | C] () -- C:\BOOTSECT.BAK
[2012/02/16 01:57:48 | 000,438,840 | RHS- | C] () -- C:\bootmgr
[2012/02/16 01:56:43 | 000,000,036 | RH-- | C] () -- C:\Windows\DELL_VERSION
[2012/02/15 17:50:31 | 000,001,887 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
[2012/02/15 17:50:31 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 8.lnk
[2012/02/15 16:59:49 | 000,056,056 | ---- | C] () -- C:\Windows\System32\DLAAPI_W.DLL
[2012/02/15 16:59:48 | 000,000,120 | ---- | C] () -- C:\Windows\wininit.ini
[2012/02/15 16:52:45 | 000,002,323 | ---- | C] () -- C:\Users\Public\Desktop\Roxio Creator Home.lnk
[2012/02/15 16:24:18 | 000,001,805 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaDirect.lnk
[2012/02/15 16:13:20 | 000,000,949 | ---- | C] () -- C:\Users\Nibras\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/02/15 16:13:17 | 000,000,944 | ---- | C] () -- C:\Users\Nibras\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2012/02/15 16:13:05 | 000,000,915 | ---- | C] () -- C:\Users\Nibras\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2012/02/15 16:12:59 | 000,006,324 | ---- | C] () -- C:\Users\Nibras\AppData\Local\d3d9caps.dat
[2012/02/15 16:12:56 | 000,000,258 | ---- | C] () -- C:\Users\Nibras\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/02/15 16:12:56 | 000,000,240 | ---- | C] () -- C:\Users\Nibras\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/02/15 15:46:39 | 000,001,881 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2003.lnk
[2012/02/15 15:46:39 | 000,001,789 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works Task Launcher.lnk
[2012/02/15 15:41:42 | 000,000,076 | RHS- | C] () -- C:\Windows\CT4CET.bin
========== LOP Check ==========
[2012/02/20 14:04:00 | 000,007,526 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< MD5 for: EXPLORER.EXE >
[2012/02/17 19:04:37 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\explorer.exe
[2008/10/29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\SoftwareDistribution\Download\7061d8bdfc6a60f6588941d7a2c304c7\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2012/02/17 19:04:37 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\SoftwareDistribution\Download\7061d8bdfc6a60f6588941d7a2c304c7\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2012/02/17 19:04:36 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\SoftwareDistribution\Download\7061d8bdfc6a60f6588941d7a2c304c7\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2012/02/17 19:04:35 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2007/08/27 05:10:03 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\SoftwareDistribution\Download\f411dcb0df2de951a1b7d68be5b8fec7\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2012/02/17 19:19:23 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2007/08/27 04:01:58 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\SoftwareDistribution\Download\f411dcb0df2de951a1b7d68be5b8fec7\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2012/02/17 19:19:22 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2008/10/28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\SoftwareDistribution\Download\7061d8bdfc6a60f6588941d7a2c304c7\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2012/02/17 19:04:36 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006/11/02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008/01/19 09:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: SVCHOST.EXE >
[2006/11/02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\System32\svchost.exe
[2006/11/02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008/01/19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
< MD5 for: USERINIT.EXE >
[2008/01/19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006/11/02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\System32\userinit.exe
[2006/11/02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
< MD5 for: WINLOGON.EXE >
[2006/11/02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\System32\winlogon.exe
[2006/11/02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008/01/19 09:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< %systemroot%\*. /mp /s >
< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\Nibrass\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2012/02/15 07:03:37 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\Nibrass\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2012/02/15 07:03:37 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\Nibrass\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/02/15 07:03:37 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\Nibrass\AppData\Local\Google\Chrome\Application\chrome.exe" [2012/02/15 07:03:37 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2009/12/18 12:18:06 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2009/12/18 12:18:06 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2009/12/18 12:18:06 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/12/18 14:56:05 | 000,634,632 | ---- | M] (Microsoft Corporation)
< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\Nibrass\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2012/02/15 07:03:37 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\Nibrass\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2012/02/15 07:03:37 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\Nibrass\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/02/15 07:03:37 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\Nibrass\AppData\Local\Google\Chrome\Application\chrome.exe" [2012/02/15 07:03:37 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2009/12/18 12:18:06 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2009/12/18 12:18:06 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2009/12/18 12:18:06 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/12/18 14:56:05 | 000,634,632 | ---- | M] (Microsoft Corporation)
< End of report >
#8
Posted 20 February 2012 - 02:12 PM
moore44
- Topic Starter
-
- Member
-
- 18 posts
Member
OTL Extras logfile created on: 2/20/2012 9:38:43 PM - Run 2
OTL by OldTimer - Version 3.2.33.0 Folder = C:\Users\Nibrass\Downloads
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 0.83 Gb Available Physical Memory | 41.85% Memory free
4.18 Gb Paging File | 2.98 Gb Available in Paging File | 71.33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 146.00 Gb Total Space | 103.53 Gb Free Space | 70.91% Space Free | Partition Type: NTFS
Computer Name: -PC | User Name: Nibras | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{63B531FA-FFE3-4452-929E-46F5AEE870CB}" = dir=in | app=c:\program files\dell\mediadirect\powercinema.exe |
"{808E41F6-30BB-411D-98C5-3ECC3C5C183A}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |
"{D1D6D909-0000-47C3-A735-0417854C0846}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dmp\clbrowserengine.exe |
"{F0701BD6-1C91-4A14-9676-7E8496B4A689}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dms\clmsservice.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{1A59064A-12A9-469F-99F6-04BF118DBCFF}" = Kaspersky PURE
"{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}" = Live! Cam Avatar v1.0
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java™ SE Runtime Environment 6
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{63DB9CCD-2B56-4217-9A3D-507AC78320CA}" = mWMI
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7F0C4457-8E64-491B-8D7B-991504365D1E}" = QuickSet
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel Matrix Storage Manager
"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{A2289997-10A3-48F2-AA03-99180D761661}" = Fingerprint Reader Suite 5.6
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F5D7FAB5-A1FD-4DD3-983E-4155B09D7102}" = mCore
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Advanced Video FX Engine" = Advanced Video FX Engine
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"Creative OEM002" = Laptop Integrated Webcam Driver (1.02.01.0612)
"Dell Webcam Center" = Dell Webcam Center
"Dell Webcam Manager" = Dell Webcam Manager
"HDMI" = Intel® Graphics Media Accelerator Driver
"InstallWIX_{1A59064A-12A9-469F-99F6-04BF118DBCFF}" = Kaspersky PURE
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NVIDIA Drivers" = NVIDIA Drivers
"ProInst" = Intel® PROSet/Wireless Software
"SynTPDeinstKey" = Dell Touchpad
"WinRAR archiver" = WinRAR 4.10 (32-bit)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-633039371-50796907-1299236143-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 2/16/2012 2:11:17 PM | Computer Name = Nibras-PC | Source = Windows Search Service | ID = 3058
Description =
Error - 2/16/2012 2:13:24 PM | Computer Name = Nibras-PC | Source = EventSystem | ID = 4609
Description =
Error - 2/16/2012 4:07:47 PM | Computer Name = Nibras-PC | Source = EventSystem | ID = 4609
Description =
Error - 2/17/2012 1:50:12 PM | Computer Name = Nibras-PC | Source = ESENT | ID = 215
Description = WinMail (492) WindowsMail0: The backup has been stopped because it
was halted by the client or the connection with the client failed.
Error - 2/20/2012 4:38:08 AM | Computer Name = -PC | Source = EventSystem | ID = 4609
Description =
Error - 2/20/2012 4:38:18 AM | Computer Name = -PC | Source = ESENT | ID = 215
Description = WinMail (2484) WindowsMail0: The backup has been stopped because it
was halted by the client or the connection with the client failed.
Error - 2/20/2012 4:44:49 AM | Computer Name = -PC | Source = EventSystem | ID = 4621
Description =
Error - 2/20/2012 4:44:52 AM | Computer Name = -PC | Source = EventSystem | ID = 4609
Description =
Error - 2/20/2012 6:43:36 AM | Computer Name = -PC | Source = Application Hang | ID = 1002
Description = The program OTL.exe version 3.2.33.0 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Problem Reports and Solutions control panel. Process
ID: 17b0 Start Time: 01ccefbbdbc8d1de Termination Time: 32
Error - 2/20/2012 7:49:07 AM | Computer Name = -PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
[ System Events ]
Error - 2/19/2012 4:49:41 PM | Computer Name = -PC | Source = DCOM | ID = 10010
Description =
Error - 2/19/2012 4:53:03 PM | Computer Name = -PC | Source = Service Control Manager | ID = 7000
Description =
Error - 2/19/2012 4:59:12 PM | Computer Name = -PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:57:25 PM on 2/19/2012 was unexpected.
Error - 2/19/2012 5:00:09 PM | Computer Name = -PC | Source = Service Control Manager | ID = 7000
Description =
Error - 2/20/2012 4:31:19 AM | Computer Name = -PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 11:00:23 PM on 2/19/2012 was unexpected.
Error - 2/20/2012 4:31:44 AM | Computer Name = -PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.8 for the Network Card with network
address 001DE021E133 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).
Error - 2/20/2012 4:32:41 AM | Computer Name = -PC | Source = Service Control Manager | ID = 7000
Description =
Error - 2/20/2012 4:45:15 AM | Computer Name = -PC | Source = DCOM | ID = 10010
Description =
Error - 2/20/2012 5:21:50 AM | Computer Name = -PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 11:19:06 AM on 2/20/2012 was unexpected.
Error - 2/20/2012 5:22:34 AM | Computer Name = -PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >
OTL by OldTimer - Version 3.2.33.0 Folder = C:\Users\Nibrass\Downloads
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 0.83 Gb Available Physical Memory | 41.85% Memory free
4.18 Gb Paging File | 2.98 Gb Available in Paging File | 71.33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 146.00 Gb Total Space | 103.53 Gb Free Space | 70.91% Space Free | Partition Type: NTFS
Computer Name: -PC | User Name: Nibras | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{63B531FA-FFE3-4452-929E-46F5AEE870CB}" = dir=in | app=c:\program files\dell\mediadirect\powercinema.exe |
"{808E41F6-30BB-411D-98C5-3ECC3C5C183A}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |
"{D1D6D909-0000-47C3-A735-0417854C0846}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dmp\clbrowserengine.exe |
"{F0701BD6-1C91-4A14-9676-7E8496B4A689}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dms\clmsservice.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{1A59064A-12A9-469F-99F6-04BF118DBCFF}" = Kaspersky PURE
"{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}" = Live! Cam Avatar v1.0
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java™ SE Runtime Environment 6
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{63DB9CCD-2B56-4217-9A3D-507AC78320CA}" = mWMI
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7F0C4457-8E64-491B-8D7B-991504365D1E}" = QuickSet
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel Matrix Storage Manager
"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{A2289997-10A3-48F2-AA03-99180D761661}" = Fingerprint Reader Suite 5.6
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F5D7FAB5-A1FD-4DD3-983E-4155B09D7102}" = mCore
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Advanced Video FX Engine" = Advanced Video FX Engine
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"Creative OEM002" = Laptop Integrated Webcam Driver (1.02.01.0612)
"Dell Webcam Center" = Dell Webcam Center
"Dell Webcam Manager" = Dell Webcam Manager
"HDMI" = Intel® Graphics Media Accelerator Driver
"InstallWIX_{1A59064A-12A9-469F-99F6-04BF118DBCFF}" = Kaspersky PURE
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NVIDIA Drivers" = NVIDIA Drivers
"ProInst" = Intel® PROSet/Wireless Software
"SynTPDeinstKey" = Dell Touchpad
"WinRAR archiver" = WinRAR 4.10 (32-bit)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-633039371-50796907-1299236143-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 2/16/2012 2:11:17 PM | Computer Name = Nibras-PC | Source = Windows Search Service | ID = 3058
Description =
Error - 2/16/2012 2:13:24 PM | Computer Name = Nibras-PC | Source = EventSystem | ID = 4609
Description =
Error - 2/16/2012 4:07:47 PM | Computer Name = Nibras-PC | Source = EventSystem | ID = 4609
Description =
Error - 2/17/2012 1:50:12 PM | Computer Name = Nibras-PC | Source = ESENT | ID = 215
Description = WinMail (492) WindowsMail0: The backup has been stopped because it
was halted by the client or the connection with the client failed.
Error - 2/20/2012 4:38:08 AM | Computer Name = -PC | Source = EventSystem | ID = 4609
Description =
Error - 2/20/2012 4:38:18 AM | Computer Name = -PC | Source = ESENT | ID = 215
Description = WinMail (2484) WindowsMail0: The backup has been stopped because it
was halted by the client or the connection with the client failed.
Error - 2/20/2012 4:44:49 AM | Computer Name = -PC | Source = EventSystem | ID = 4621
Description =
Error - 2/20/2012 4:44:52 AM | Computer Name = -PC | Source = EventSystem | ID = 4609
Description =
Error - 2/20/2012 6:43:36 AM | Computer Name = -PC | Source = Application Hang | ID = 1002
Description = The program OTL.exe version 3.2.33.0 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Problem Reports and Solutions control panel. Process
ID: 17b0 Start Time: 01ccefbbdbc8d1de Termination Time: 32
Error - 2/20/2012 7:49:07 AM | Computer Name = -PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
[ System Events ]
Error - 2/19/2012 4:49:41 PM | Computer Name = -PC | Source = DCOM | ID = 10010
Description =
Error - 2/19/2012 4:53:03 PM | Computer Name = -PC | Source = Service Control Manager | ID = 7000
Description =
Error - 2/19/2012 4:59:12 PM | Computer Name = -PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:57:25 PM on 2/19/2012 was unexpected.
Error - 2/19/2012 5:00:09 PM | Computer Name = -PC | Source = Service Control Manager | ID = 7000
Description =
Error - 2/20/2012 4:31:19 AM | Computer Name = -PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 11:00:23 PM on 2/19/2012 was unexpected.
Error - 2/20/2012 4:31:44 AM | Computer Name = -PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.8 for the Network Card with network
address 001DE021E133 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).
Error - 2/20/2012 4:32:41 AM | Computer Name = -PC | Source = Service Control Manager | ID = 7000
Description =
Error - 2/20/2012 4:45:15 AM | Computer Name = -PC | Source = DCOM | ID = 10010
Description =
Error - 2/20/2012 5:21:50 AM | Computer Name = -PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 11:19:06 AM on 2/20/2012 was unexpected.
Error - 2/20/2012 5:22:34 AM | Computer Name = -PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >
#10
Posted 20 February 2012 - 03:27 PM
moore44
- Topic Starter
-
- Member
-
- 18 posts
Member
I'm using google chrome. I just signed in to my hotmail. The dialogue box appears no more. But I still get the google chrome alert that I'm being directed to the fake site mail.live.com. when I click on windows live or hotmails tabs from the account page. Also, the web messenger is still unavailable. Why would this happen & not resolve with change of password?
#11
Posted 20 February 2012 - 03:32 PM
Render
-
- Malware Removal
-
- 4,195 posts
Trusted Helper
Please try with Internet Explorer and see if there are same issues.
#12
Posted 20 February 2012 - 03:42 PM
moore44
- Topic Starter
-
- Member
-
- 18 posts
Member
Same thing:
The security certificate presented by this website was issued for a different website's address.
Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server.
We recommend that you close this webpage and do not continue to this website.
But why does it happen only when I try to access hotmail or windows live from the account page? The weird thing is that it used to happen on/off first. Is there a possibility that my email is being accessed by someone else, or I'm worrying too much?
The security certificate presented by this website was issued for a different website's address.
Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server.
We recommend that you close this webpage and do not continue to this website.
But why does it happen only when I try to access hotmail or windows live from the account page? The weird thing is that it used to happen on/off first. Is there a possibility that my email is being accessed by someone else, or I'm worrying too much?
#13
Posted 20 February 2012 - 04:50 PM
Render
-
- Malware Removal
-
- 4,195 posts
Trusted Helper
It's a problem with certificate. First I would try to update your Vista to service pack 2. Please go to Windows Update and install all available updates.
#14
Posted 21 February 2012 - 10:38 AM
moore44
- Topic Starter
-
- Member
-
- 18 posts
Member
OK, I'll install the required updates, thanx for your help.
#15
Posted 22 February 2012 - 05:25 AM
Render
-
- Malware Removal
-
- 4,195 posts
Trusted Helper
OK. Please let me know the result.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
