Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Possible virus cause new DVD drive dieappear [Solved]

Started by horseshoe , Feb 16 2012 07:23 PM

  • This topic is locked This topic is locked

#1
horseshoe
Posted 16 February 2012 - 07:23 PM

horseshoe

    Member

  • Member
  • PipPipPip
  • 110 posts
Hi, my original DVD drive was missing and come back (back and forth) and was advised that a replacement was needed. So I install a new drive but end up with the same probelm. It was playing both CD & DVD fine for a few days and suddenly stop playing with error messages and disappeared from "My computer" and "Device manager".
Phillpower2 has been helping me with this issue and suggeted that I tried to check the system for malware. The thread of this issue can be found DVD drive missing
Recently, I restore my system to factory setup. Some other media players are also installed (Qvod and ppstream). DVD player was playing fine with these installed. A few days ago I use Spybot search and destroy to scan for malware. There are 2 found and was removed (Tencents and IE helper). I run the spybot again today and no problem found. Per the guide, I also download the OTL and run the scan.Can you please help and let me know if my system is infected?
I am using Windows vista home premium 32 bit running on SP2 and all updates are installed.
Many Thanks in advance!

OTL logfile created on: 2/16/2012 7:49:53 PM - Run 1
OTL by OldTimer - Version 3.2.32.0 Folder = C:\Users\mnar\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.94 Gb Total Physical Memory | 0.91 Gb Available Physical Memory | 47.19% Memory free
4.11 Gb Paging File | 2.89 Gb Available in Paging File | 70.42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220.95 Gb Total Space | 152.48 Gb Free Space | 69.01% Space Free | Partition Type: NTFS
Drive D: | 11.93 Gb Total Space | 0.65 Gb Free Space | 5.47% Space Free | Partition Type: NTFS

Computer Name: MNAR-PC | User Name: mnar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/02/16 19:49:29 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\mnar\Desktop\OTL.exe
PRC - [2012/01/17 18:16:24 | 000,282,648 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\saUI.exe
PRC - [2012/01/13 11:21:10 | 000,095,200 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2012/01/12 07:48:06 | 001,034,128 | ---- | M] (Shenzhen QVOD Technology Co.,Ltd) -- C:\Program Files\QvodPlayer\QvodTerminal.exe
PRC - [2010/01/15 07:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/05/13 23:24:26 | 000,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
PRC - [2009/05/08 16:26:32 | 000,893,112 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe
PRC - [2009/05/08 09:33:16 | 000,606,736 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe
PRC - [2009/05/01 15:34:14 | 000,865,832 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
PRC - [2009/05/01 15:34:14 | 000,645,328 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2009/04/10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2009/04/09 11:46:14 | 000,359,952 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2009/04/09 08:18:50 | 002,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2009/01/26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2007/09/15 03:29:10 | 000,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPStart.exe
PRC - [2007/06/11 15:04:36 | 000,190,696 | R--- | M] (Adobe Systems, Inc.) -- C:\WINDOWS\System32\Macromed\Flash\FlashUtil9d.exe


========== Modules (No Company Name) ==========

MOD - [2007/11/06 01:50:44 | 000,189,760 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\NeoLoggingLib.dll
MOD - [2007/11/06 01:50:44 | 000,140,608 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\SatelliteENU.dll
MOD - [2007/11/06 01:50:44 | 000,107,840 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\UtilityLib.dll
MOD - [2007/11/06 01:50:44 | 000,042,304 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\RsrcLoaderLib.dll
MOD - [2007/09/30 22:34:52 | 000,345,384 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLTinyDB.dll
MOD - [2007/09/30 22:34:42 | 000,255,384 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapEngine.dll
MOD - [2007/09/30 22:34:42 | 000,120,208 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSchMgr.dll
MOD - [2007/09/30 22:34:42 | 000,038,184 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (SOSOUpSvc)
SRV - [2012/01/31 15:09:34 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/01/13 11:21:10 | 000,095,200 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2011/11/16 11:23:44 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/05/13 23:24:26 | 000,144,704 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2009/05/08 16:26:32 | 000,893,112 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2009/05/08 11:54:34 | 000,365,072 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2009/05/08 09:33:16 | 000,606,736 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2009/05/01 15:34:14 | 000,865,832 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2009/04/09 11:46:14 | 000,359,952 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2009/04/09 08:18:50 | 002,482,848 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/01/18 23:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/08/31 13:15:06 | 000,176,128 | ---- | M] (Starz Entertainment Group LLC) [Disabled | Stopped] -- C:\Program Files\Vongo\VongoService.exe -- (Vongo Service)
SRV - [2007/03/05 13:30:06 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)


========== Driver Services (SafeList) ==========

DRV - [2009/06/24 06:08:00 | 007,542,208 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/05/13 23:25:06 | 000,214,024 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009/05/13 23:25:06 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2009/05/13 23:25:06 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/05/13 23:25:06 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009/05/13 23:24:34 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2009/04/09 14:23:02 | 000,130,424 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\Mpfp.sys -- (MPFP)
DRV - [2008/08/01 19:51:14 | 001,052,704 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008/03/04 02:32:00 | 000,188,416 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2007/10/18 06:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/09/09 17:12:28 | 000,176,640 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\CHDART.sys -- (HdAudAddService)
DRV - [2007/07/11 13:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HpqRemHid.sys -- (HpqRemHid)
DRV - [2007/06/18 20:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007/03/22 01:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/02/24 17:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/02/16 16:50:32 | 000,012,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007/01/23 19:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rimsptsk.sys -- (rimsptsk)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...ilion&pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...ilion&pf=laptop

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@qvod.com/QvodInsert: C:\Program Files\QvodPlayer\npQvodInsert.dll (Shenzhen QVOD Technology Co.,Ltd)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012/02/08 10:30:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/02/11 11:32:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012/02/04 07:31:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mnar\AppData\Roaming\Mozilla\Extensions
[2012/02/11 11:32:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mnar\AppData\Roaming\Mozilla\Firefox\Profiles\ym43eihf.default\extensions
[2012/02/12 12:55:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/02/12 12:55:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\MNAR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YM43EIHF.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
[2012/02/11 11:32:08 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/01/29 08:36:35 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/01/29 08:36:35 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (QvodExtend) - {A8502600-B272-4F68-A67B-A0305D46D297} - C:\Program Files\QvodPlayer\QvodExtend.dll (Shenzhen QVOD Technology Co.,Ltd)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (IE Search Helper) - {DE7CA3CA-D5C0-CD95-BBD4-027546178475} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4 - HKLM..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe File not found
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [QvodTerminal] C:\Program Files\QvodPlayer\QvodTerminal.exe (Shenzhen QVOD Technology Co.,Ltd)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [PPS Accelerator] D:\PPS.tv\PPStream\ppsap.exe ()
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O9 - Extra Button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C0B87525-2220-45AE-9631-A94D26E4BEAF}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EA982A2C-C1D4-48E7-A5F4-28656125831B}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\HPRadiance.jpg
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\HPRadiance.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/10/22 15:25:46 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 10:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/02/16 19:48:38 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\mnar\Desktop\OTL.exe
[2012/02/12 13:02:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/02/10 16:36:26 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2012/02/10 09:55:22 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/02/08 22:05:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012/02/08 22:05:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/02/08 22:05:31 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2012/02/08 21:52:13 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Registry Cleaner
[2012/02/08 21:52:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Registry Cleaner
[2012/02/08 21:52:11 | 000,000,000 | ---D | C] -- C:\Program Files\Eusing Free Registry Cleaner
[2012/02/08 20:13:47 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Local\Microsoft Help
[2012/02/08 19:49:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2012/02/08 19:49:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2012/02/08 19:49:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2012/02/08 19:43:17 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2012/02/08 19:15:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2012/02/08 18:23:34 | 000,000,000 | ---D | C] -- C:\PerfLogs
[2012/02/07 16:36:41 | 000,000,000 | ---D | C] -- C:\ppsvodcache
[2012/02/07 16:36:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PPStream
[2012/02/07 11:35:02 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG
[2012/02/07 11:33:46 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Local\HP
[2012/02/07 11:22:22 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2012/02/07 11:19:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard
[2012/02/07 11:16:47 | 000,000,000 | ---D | C] -- C:\Windows\yellowtail+1
[2012/02/06 09:01:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2012/02/04 21:53:15 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2012/02/04 15:04:44 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Roaming\PPStream
[2012/02/04 08:47:48 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Roaming\Skype
[2012/02/04 08:47:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/02/04 08:47:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012/02/04 08:47:17 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012/02/04 08:47:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012/02/04 07:38:18 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2012/02/04 07:38:14 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2012/02/04 07:31:31 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Roaming\Mozilla
[2012/02/04 07:31:31 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Local\Mozilla
[2012/02/04 07:31:11 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/02/03 15:38:10 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Roaming\Tencent
[2012/02/03 14:04:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QVOD
[2012/02/03 14:03:38 | 000,000,000 | ---D | C] -- C:\ProgramData\QvodPlayer
[2012/02/03 14:03:32 | 000,000,000 | ---D | C] -- C:\Program Files\QvodPlayer
[2012/02/03 14:03:32 | 000,000,000 | ---D | C] -- C:\Media
[2012/02/03 12:54:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/02/03 12:54:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012/02/03 09:46:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012/02/03 09:28:39 | 000,079,816 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeavfk.sys
[2012/02/03 09:28:39 | 000,040,552 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfesmfk.sys
[2012/02/03 09:28:39 | 000,035,272 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfebopk.sys
[2012/02/03 09:28:35 | 000,130,424 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\Mpfp.sys
[2012/02/03 09:28:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2012/02/03 09:28:11 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2012/02/03 09:28:08 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2012/02/03 09:27:09 | 000,034,248 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mferkdk.sys
[2012/02/03 09:26:55 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012/02/03 08:03:10 | 000,000,000 | ---D | C] -- C:\Users\mnar\Documents\Youcam
[2012/02/03 08:03:09 | 000,000,000 | ---D | C] -- C:\Users\mnar\Documents\My Scans
[2012/02/03 08:03:09 | 000,000,000 | ---D | C] -- C:\Users\mnar\Documents\CD rom issues
[2012/02/03 08:03:08 | 000,000,000 | ---D | C] -- C:\Users\mnar\Documents\BA Related
[2012/02/03 08:02:12 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Roaming\Adobe
[2012/02/03 08:02:12 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Local\Adobe
[2012/02/03 07:58:46 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Roaming\CyberLink
[2012/02/03 07:56:58 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Roaming\HP
[2012/02/02 23:57:53 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012/02/02 23:37:54 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Local\ElevatedDiagnostics
[2012/02/02 23:35:46 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 1.0
[2012/02/02 23:35:46 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2012/02/02 21:16:44 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Local\Hewlett-Packard
[2012/02/02 21:16:28 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Roaming\Symantec
[2012/02/02 21:16:19 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Local\QuickPlay
[2012/02/02 21:15:44 | 000,000,000 | R--D | C] -- C:\Users\mnar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/02/02 21:15:44 | 000,000,000 | R--D | C] -- C:\Users\mnar\Searches
[2012/02/02 21:15:44 | 000,000,000 | R--D | C] -- C:\Users\mnar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/02/02 21:15:34 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Roaming\Identities
[2012/02/02 21:15:31 | 000,000,000 | R--D | C] -- C:\Users\mnar\Contacts
[2012/02/02 21:15:29 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Local\VirtualStore
[2012/02/02 21:13:53 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Roaming\Macromedia
[2012/02/02 21:13:33 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Roaming\Hewlett-Packard
[2012/02/02 21:11:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2012/02/02 21:10:38 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Local\Downloaded Installations
[2012/02/02 21:10:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
[2012/02/02 21:06:49 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2012/02/02 21:03:45 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom
[2012/02/02 21:03:44 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Roaming\InstallShield
[2012/02/02 21:02:52 | 000,000,000 | -HSD | C] -- C:\Users\mnar\AppData\Local\Temporary Internet Files
[2012/02/02 21:02:52 | 000,000,000 | -HSD | C] -- C:\Users\mnar\Templates
[2012/02/02 21:02:52 | 000,000,000 | -HSD | C] -- C:\Users\mnar\Start Menu
[2012/02/02 21:02:52 | 000,000,000 | -HSD | C] -- C:\Users\mnar\SendTo
[2012/02/02 21:02:52 | 000,000,000 | -HSD | C] -- C:\Users\mnar\Recent
[2012/02/02 21:02:52 | 000,000,000 | -HSD | C] -- C:\Users\mnar\PrintHood
[2012/02/02 21:02:52 | 000,000,000 | -HSD | C] -- C:\Users\mnar\NetHood
[2012/02/02 21:02:52 | 000,000,000 | -HSD | C] -- C:\Users\mnar\Documents\My Videos
[2012/02/02 21:02:52 | 000,000,000 | -HSD | C] -- C:\Users\mnar\Documents\My Pictures
[2012/02/02 21:02:52 | 000,000,000 | -HSD | C] -- C:\Users\mnar\Documents\My Music
[2012/02/02 21:02:52 | 000,000,000 | -HSD | C] -- C:\Users\mnar\My Documents
[2012/02/02 21:02:52 | 000,000,000 | -HSD | C] -- C:\Users\mnar\Local Settings
[2012/02/02 21:02:52 | 000,000,000 | -HSD | C] -- C:\Users\mnar\AppData\Local\History
[2012/02/02 21:02:52 | 000,000,000 | -HSD | C] -- C:\Users\mnar\Cookies
[2012/02/02 21:02:52 | 000,000,000 | -HSD | C] -- C:\Users\mnar\Application Data
[2012/02/02 21:02:52 | 000,000,000 | -HSD | C] -- C:\Users\mnar\AppData\Local\Application Data
[2012/02/02 21:02:51 | 000,000,000 | --SD | C] -- C:\Users\mnar\AppData\Roaming\Microsoft
[2012/02/02 21:02:51 | 000,000,000 | R--D | C] -- C:\Users\mnar\Videos
[2012/02/02 21:02:51 | 000,000,000 | R--D | C] -- C:\Users\mnar\Saved Games
[2012/02/02 21:02:51 | 000,000,000 | R--D | C] -- C:\Users\mnar\Pictures
[2012/02/02 21:02:51 | 000,000,000 | R--D | C] -- C:\Users\mnar\Music
[2012/02/02 21:02:51 | 000,000,000 | R--D | C] -- C:\Users\mnar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/02/02 21:02:51 | 000,000,000 | R--D | C] -- C:\Users\mnar\Links
[2012/02/02 21:02:51 | 000,000,000 | R--D | C] -- C:\Users\mnar\Favorites
[2012/02/02 21:02:51 | 000,000,000 | R--D | C] -- C:\Users\mnar\Downloads
[2012/02/02 21:02:51 | 000,000,000 | R--D | C] -- C:\Users\mnar\Documents
[2012/02/02 21:02:51 | 000,000,000 | R--D | C] -- C:\Users\mnar\Desktop
[2012/02/02 21:02:51 | 000,000,000 | R--D | C] -- C:\Users\mnar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/02/02 21:02:51 | 000,000,000 | -H-D | C] -- C:\Users\mnar\AppData
[2012/02/02 21:02:51 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Local\Temp
[2012/02/02 21:02:51 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Local\Microsoft
[2012/02/02 21:02:51 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Roaming\Media Center Programs
[2012/02/02 21:02:51 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
[2012/02/02 21:02:51 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
[2012/02/02 20:58:50 | 000,000,000 | -HSD | C] -- C:\ProgramData\Templates
[2012/02/02 20:58:50 | 000,000,000 | -HSD | C] -- C:\ProgramData\Start Menu
[2012/02/02 20:58:50 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Videos
[2012/02/02 20:58:50 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Pictures
[2012/02/02 20:58:50 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Music
[2012/02/02 20:58:50 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favorites
[2012/02/02 20:58:50 | 000,000,000 | -HSD | C] -- C:\Documents and Settings
[2012/02/02 20:58:50 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documents
[2012/02/02 20:58:50 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop
[2012/02/02 20:58:50 | 000,000,000 | -HSD | C] -- C:\ProgramData\Application Data

========== Files - Modified Within 30 Days ==========

[2012/02/16 19:49:29 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\mnar\Desktop\OTL.exe
[2012/02/16 19:13:43 | 000,015,875 | ---- | M] () -- C:\Windows\System32\Config.MPF
[2012/02/16 19:09:59 | 000,000,162 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2012/02/16 19:09:42 | 000,060,096 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012/02/16 19:06:51 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/16 19:06:51 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/16 19:06:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/02/16 19:06:22 | 2079,150,080 | -HS- | M] () -- C:\hiberfil.sys
[2012/02/16 15:42:47 | 000,060,096 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012/02/16 08:29:50 | 000,312,168 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/02/15 14:06:45 | 000,178,670 | ---- | M] () -- C:\Windows\hpwins20.dat
[2012/02/15 13:42:25 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/02/15 13:42:25 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/02/10 16:47:02 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2012/02/10 16:46:44 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2012/02/10 15:34:13 | 000,873,310 | ---- | M] () -- C:\Windows\System32\oem26.inf
[2012/02/09 20:03:35 | 000,000,492 | ---- | M] () -- C:\Users\mnar\Documents\tencent.reg
[2012/02/09 20:01:40 | 000,000,500 | ---- | M] () -- C:\Users\mnar\Documents\IE helper.reg
[2012/02/09 16:56:24 | 000,051,528 | ---- | M] () -- C:\Users\mnar\AppData\Roaming\nvModes.001
[2012/02/09 16:52:35 | 000,000,680 | ---- | M] () -- C:\Users\mnar\AppData\Local\d3d9caps.dat
[2012/02/08 21:52:13 | 000,000,862 | ---- | M] () -- C:\Users\mnar\Desktop\Eusing Free Registry Cleaner.lnk
[2012/02/08 20:01:04 | 000,000,943 | ---- | M] () -- C:\Users\mnar\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/02/08 18:06:42 | 000,101,888 | ---- | M] (Infineon Technologies AG) -- C:\Windows\System32\ifxcardm.dll
[2012/02/08 18:06:30 | 000,082,432 | ---- | M] (Gemalto, Inc.) -- C:\Windows\System32\axaltocm.dll
[2012/02/08 17:54:42 | 000,196,608 | ---- | M] () -- C:\Windows\SPInstall.etl
[2012/02/08 15:21:41 | 000,051,528 | ---- | M] () -- C:\Users\mnar\AppData\Roaming\nvModes.dat
[2012/02/07 16:36:08 | 000,000,461 | ---- | M] () -- C:\Users\Public\Desktop\PPS影音.lnk
[2012/02/07 16:36:08 | 000,000,461 | ---- | M] () -- C:\Users\mnar\Application Data\Microsoft\Internet Explorer\Quick Launch\PPS影音.lnk
[2012/02/07 11:21:19 | 000,001,972 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2012/02/06 09:01:57 | 000,001,719 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2012/02/06 09:01:57 | 000,001,717 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2012/02/04 23:36:44 | 002,501,921 | ---- | M] () -- C:\Windows\System32\wlan.tmf
[2012/02/04 23:36:39 | 000,015,181 | ---- | M] () -- C:\Windows\System32\gatherWirelessInfo.vbs
[2012/02/04 22:26:56 | 029,032,448 | ---- | M] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2012/02/04 22:26:56 | 000,196,608 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2012/02/04 22:26:56 | 000,065,536 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2012/02/04 08:47:28 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/02/04 07:31:23 | 000,000,870 | ---- | M] () -- C:\Users\mnar\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/02/04 07:31:23 | 000,000,846 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/02/03 14:04:48 | 000,001,748 | ---- | M] () -- C:\Users\mnar\Application Data\Microsoft\Internet Explorer\Quick Launch\QvodPlayer.lnk
[2012/02/03 14:04:48 | 000,001,724 | ---- | M] () -- C:\Users\Public\Desktop\QvodPlayer.lnk
[2012/02/03 13:11:38 | 000,000,369 | ---- | M] () -- C:\Users\mnar\Desktop\dvd.vbs
[2012/02/03 09:52:30 | 000,000,338 | ---- | M] () -- C:\Windows\tasks\McDefragTask.job
[2012/02/03 09:52:30 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\McQcTask.job
[2012/02/03 07:30:04 | 000,000,938 | ---- | M] () -- C:\Users\mnar\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2012/02/02 23:30:45 | 000,983,040 | ---- | M] () -- C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl
[2012/02/02 23:30:45 | 000,196,608 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf
[2012/02/02 23:30:45 | 000,065,536 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx
[2012/02/02 21:15:21 | 000,000,081 | ---- | M] () -- C:\Windows\System32\LOG
[2012/02/02 21:15:18 | 000,000,044 | ---- | M] () -- C:\Windows\System\hpsysdrv.dat
[2012/02/02 21:03:14 | 000,000,000 | RHS- | M] () -- C:\Windows\System32\drivers\103C_HP_cNB_Pavilion dv6700 Notebook PC_Y5335KV_0U_QCNF74916MD_E459053-001_4A_I30CF_SQuanta_V85.26_F.34_T110322_WV3-0_L409_M1983_J250_7AMD_8F82_92.00_#071022_N14E44328;10DE054C_(KC317UA#ABA)_XMOBILE_CN10_Z.MRK
[2012/02/02 20:11:56 | 000,026,243 | ---- | M] () -- C:\Users\mnar\Documents\bookmarks-firefox.html
[2012/02/02 20:10:28 | 000,012,654 | ---- | M] () -- C:\Users\mnar\Documents\bookmark.htm
[2012/01/30 16:25:51 | 000,048,882 | ---- | M] () -- C:\Users\mnar\Documents\Sofa.JPG
[2012/01/30 16:24:23 | 000,051,757 | ---- | M] () -- C:\Users\mnar\Documents\Loveseat.JPG
[2012/01/27 23:11:47 | 000,229,858 | ---- | M] () -- C:\Users\mnar\Documents\Untitled1.jpg
[2012/01/23 11:19:55 | 000,015,532 | ---- | M] () -- C:\Users\mnar\Documents\dvd drive interface.JPG

========== Files Created - No Company Name ==========

[2012/02/10 16:47:02 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2012/02/10 16:46:44 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2012/02/10 16:45:07 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2012/02/10 15:34:46 | 000,873,310 | ---- | C] () -- C:\Windows\System32\oem26.inf
[2012/02/10 15:31:47 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2012/02/10 15:31:47 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2012/02/10 15:31:47 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2012/02/09 20:03:35 | 000,000,492 | ---- | C] () -- C:\Users\mnar\Documents\tencent.reg
[2012/02/09 20:01:40 | 000,000,500 | ---- | C] () -- C:\Users\mnar\Documents\IE helper.reg
[2012/02/09 17:23:12 | 000,060,096 | ---- | C] () -- C:\ProgramData\nvModes.001
[2012/02/09 17:23:07 | 000,060,096 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2012/02/08 21:52:13 | 000,000,862 | ---- | C] () -- C:\Users\mnar\Desktop\Eusing Free Registry Cleaner.lnk
[2012/02/08 19:21:40 | 000,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2012/02/08 19:21:37 | 000,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2012/02/08 19:21:37 | 000,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2012/02/08 19:21:23 | 000,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2012/02/08 19:21:21 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2012/02/08 19:21:19 | 000,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2012/02/08 19:20:23 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2012/02/08 19:20:12 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2012/02/08 19:19:47 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2012/02/08 19:19:46 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2012/02/08 19:19:38 | 000,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2012/02/08 19:19:34 | 000,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man
[2012/02/08 19:19:27 | 000,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2012/02/08 17:24:28 | 000,145,455 | ---- | C] () -- C:\Windows\System32\perfmon.msc
[2012/02/08 17:23:20 | 000,144,909 | ---- | C] () -- C:\Windows\System32\fsmgmt.msc
[2012/02/08 17:23:18 | 000,012,198 | ---- | C] () -- C:\Windows\System32\gatherWiredInfo.vbs
[2012/02/08 17:16:02 | 000,196,608 | ---- | C] () -- C:\Windows\SPInstall.etl
[2012/02/07 16:36:09 | 000,000,461 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PPS 影音.lnk
[2012/02/07 16:36:08 | 000,000,461 | ---- | C] () -- C:\Users\Public\Desktop\PPS影音.lnk
[2012/02/07 16:36:08 | 000,000,461 | ---- | C] () -- C:\Users\mnar\Application Data\Microsoft\Internet Explorer\Quick Launch\PPS影音.lnk
[2012/02/07 11:24:02 | 000,000,855 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
[2012/02/07 11:21:19 | 000,001,972 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2012/02/07 11:16:49 | 000,012,054 | R--- | C] () -- C:\Windows\hpwscr20.dat
[2012/02/07 11:14:41 | 000,178,670 | ---- | C] () -- C:\Windows\hpwins20.dat
[2012/02/07 11:14:41 | 000,002,428 | R--- | C] () -- C:\Windows\hpwmdl20.dat
[2012/02/04 23:36:44 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2012/02/04 23:36:39 | 000,015,181 | ---- | C] () -- C:\Windows\System32\gatherWirelessInfo.vbs
[2012/02/04 22:18:34 | 029,032,448 | ---- | C] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2012/02/04 22:18:34 | 000,196,608 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2012/02/04 22:18:34 | 000,065,536 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2012/02/04 08:47:28 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/02/04 07:38:16 | 000,001,719 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2012/02/04 07:38:16 | 000,001,717 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2012/02/04 07:31:23 | 000,000,870 | ---- | C] () -- C:\Users\mnar\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/02/04 07:31:23 | 000,000,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/02/04 07:31:23 | 000,000,846 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/02/03 15:48:34 | 000,051,528 | ---- | C] () -- C:\Users\mnar\AppData\Roaming\nvModes.001
[2012/02/03 15:48:13 | 000,051,528 | ---- | C] () -- C:\Users\mnar\AppData\Roaming\nvModes.dat
[2012/02/03 14:04:48 | 000,001,748 | ---- | C] () -- C:\Users\mnar\Application Data\Microsoft\Internet Explorer\Quick Launch\QvodPlayer.lnk
[2012/02/03 14:04:48 | 000,001,724 | ---- | C] () -- C:\Users\Public\Desktop\QvodPlayer.lnk
[2012/02/03 13:11:38 | 000,000,369 | ---- | C] () -- C:\Users\mnar\Desktop\dvd.vbs
[2012/02/03 09:47:17 | 000,015,875 | ---- | C] () -- C:\Windows\System32\Config.MPF
[2012/02/03 09:28:22 | 000,000,338 | ---- | C] () -- C:\Windows\tasks\McDefragTask.job
[2012/02/03 09:28:20 | 000,000,330 | ---- | C] () -- C:\Windows\tasks\McQcTask.job
[2012/02/03 08:03:30 | 000,229,858 | ---- | C] () -- C:\Users\mnar\Documents\Untitled1.jpg
[2012/02/03 08:03:30 | 000,141,481 | ---- | C] () -- C:\Users\mnar\Documents\Diploma.jpg
[2012/02/03 08:03:30 | 000,051,757 | ---- | C] () -- C:\Users\mnar\Documents\Loveseat.JPG
[2012/02/03 08:03:30 | 000,048,882 | ---- | C] () -- C:\Users\mnar\Documents\Sofa.JPG
[2012/02/03 08:03:30 | 000,015,532 | ---- | C] () -- C:\Users\mnar\Documents\dvd drive interface.JPG
[2012/02/03 08:03:30 | 000,002,033 | ---- | C] () -- C:\Users\mnar\Documents\My HP Games.lnk
[2012/02/03 08:03:30 | 000,001,878 | ---- | C] () -- C:\Users\mnar\Documents\Skype.lnk
[2012/02/03 08:03:30 | 000,001,724 | ---- | C] () -- C:\Users\mnar\Documents\QvodPlayer.lnk
[2012/02/03 08:03:30 | 000,000,862 | ---- | C] () -- C:\Users\mnar\Documents\Eusing Free Registry Cleaner.lnk
[2012/02/03 08:03:30 | 000,000,665 | ---- | C] () -- C:\Users\mnar\Documents\Sample Pictures.lnk
[2012/02/03 08:03:10 | 000,026,243 | ---- | C] () -- C:\Users\mnar\Documents\bookmarks-firefox.html
[2012/02/03 08:03:10 | 000,012,654 | ---- | C] () -- C:\Users\mnar\Documents\bookmark.htm
[2012/02/03 07:57:51 | 000,000,680 | ---- | C] () -- C:\Users\mnar\AppData\Local\d3d9caps.dat
[2012/02/02 23:56:07 | 2079,150,080 | -HS- | C] () -- C:\hiberfil.sys
[2012/02/02 23:30:37 | 000,983,040 | ---- | C] () -- C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl
[2012/02/02 23:30:37 | 000,196,608 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf
[2012/02/02 23:30:37 | 000,065,536 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx
[2012/02/02 23:28:25 | 000,000,943 | ---- | C] () -- C:\Users\mnar\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/02/02 23:27:01 | 000,000,938 | ---- | C] () -- C:\Users\mnar\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2012/02/02 21:15:45 | 000,000,949 | ---- | C] () -- C:\Users\mnar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/02/02 21:15:44 | 000,000,944 | ---- | C] () -- C:\Users\mnar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2012/02/02 21:15:31 | 000,000,915 | ---- | C] () -- C:\Users\mnar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2012/02/02 21:15:21 | 000,000,081 | ---- | C] () -- C:\Windows\System32\LOG
[2012/02/02 21:15:18 | 000,000,044 | ---- | C] () -- C:\Windows\System\hpsysdrv.dat
[2012/02/02 21:13:02 | 000,002,061 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
[2012/02/02 21:13:02 | 000,002,045 | ---- | C] () -- C:\Users\Public\Desktop\MSN.lnk
[2012/02/02 21:13:02 | 000,001,865 | ---- | C] () -- C:\Users\Public\Desktop\HP Total Care Advisor.lnk
[2012/02/02 21:13:02 | 000,001,865 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Total Care Advisor.lnk
[2012/02/02 21:03:14 | 000,000,000 | RHS- | C] () -- C:\Windows\System32\drivers\103C_HP_cNB_Pavilion dv6700 Notebook PC_Y5335KV_0U_QCNF74916MD_E459053-001_4A_I30CF_SQuanta_V85.26_F.34_T110322_WV3-0_L409_M1983_J250_7AMD_8F82_92.00_#071022_N14E44328;10DE054C_(KC317UA#ABA)_XMOBILE_CN10_Z.MRK
[2012/02/02 21:02:51 | 000,000,258 | ---- | C] () -- C:\Users\mnar\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/02/02 21:02:51 | 000,000,240 | ---- | C] () -- C:\Users\mnar\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2007/12/05 20:37:13 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2007/12/05 20:33:05 | 000,004,984 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2007/10/22 15:40:38 | 000,101,605 | ---- | C] () -- C:\Windows\hpqins13.dat
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 000,312,168 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:33:01 | 000,587,178 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,101,250 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/03/09 17:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll

========== LOP Check ==========

[2012/02/16 15:15:54 | 000,000,000 | ---D | M] -- C:\Users\mnar\AppData\Roaming\PPStream
[2012/02/03 15:38:10 | 000,000,000 | ---D | M] -- C:\Users\mnar\AppData\Roaming\Tencent
[2012/02/03 09:52:30 | 000,000,338 | ---- | M] () -- C:\Windows\Tasks\McDefragTask.job
[2012/02/03 09:52:30 | 000,000,330 | ---- | M] () -- C:\Windows\Tasks\McQcTask.job
[2012/02/16 15:48:12 | 000,027,700 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

Edited by horseshoe, 16 February 2012 - 07:30 PM.

  • 0

Advertisements

#2
CompCav
Posted 27 March 2012 - 03:20 PM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Hi, horseshoe! Posted ImageMy nick name is CompCav and I will be assisting you with your Malware/Security problems. Please make sure you read all of the instructions and fixes thoroughly before continuing with them. If you have any questions or you are unsure about anything, just ask and I will help you out. :)

If you have resolved the issues you were originally experiencing, or have received help elsewhere, please let me know so that this topic can be closed.

I am currently still in training and my posts have to be approved by an expert so please expect a delay between my posts.

Please make sure you are saving and printing the instructions out prior to each fix, this way you will have them on hand just in case you are unable to access this site. One of the steps I will be asking you to do requires you to boot into Safe Mode and this process will be much easier for you to perform if the instructions are printed out for you to follow.

If you are ready to get started, please review and follow these guidelines so that we resolve your issues in a timely and effective manner:
  • Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post.
  • Please make sure to carefully read any instructions that I give you. Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
  • If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
  • These instructions have been specifically tailored to your computer and the issues you are experiencing with your computer. These instructions are not suitable for any other computer, even if the issues are fairly similar.
  • Do not do things I do not ask for, such as running a spyware scan on your computer. However, the one thing that you should always do, is to make sure your anti-virus definitions are up-to-date!
  • Please do not use the Attachment feature for any log file. Just do a Copy/Paste of the entire contents of the log file inside your post and submit.
  • You must reply within four days failure to reply will result in the topic being closed!
  • Please do not PM me directly for help. If you have any questions, post them in this topic. PM me only if I have not responded to your last post in 2 days.
  • Lastly, I am no magician. I will try very hard to fix your issues, but no promises can be made. Also be aware that some infections are so severe that you might need to ultimately reformat your hard drive and reinstall the operating system.
    Don't worry, this only happens in severe cases, but it sadly does happen. Please have the software and storage media for backing up your data available.

Since it has been awhile I need you to get fresh logs and a new log.

Step 1.

Please delete your current copy of OTL.

Download OTL to your Desktop

Make sure when you open OTL it is Version 3.2.39.2

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select Scan All Users
  • Under File Scans File Age: Select 90 days from the drop down box.
  • Select Lop Check and Purity Check
  • Under Extra Registry select Use SafeList
  • Under the Custom Scan box paste this in
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    consrv.dll
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    C:\Windows\assembly\tmp\U\*.* /s
    C:\Program Files\Common Files\ComObjects\*.* /s
    %Temp%\smtmp\1\*.*
    %Temp%\smtmp\2\*.*
    %Temp%\smtmp\3\*.*
    %Temp%\smtmp\4\*.*
    >C:\commands.txt echo list vol /raw /hide /c
    /wait
    >C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c
    /wait
    type c:\diskreport.txt /c
    /wait
    erase c:\commands.txt /hide /c
    /wait
    erase c:\diskreport.txt /hide /c
    CREATERESTOREPOINT
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open OTL.Txt and Extras.txt will be minimized in the task bar.
  • Post post both of the logs


Step 2.

Download aswMBR.exe ( 1.8mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Posted Image
If it does not run rename aswMBR.exe to Iexplore.exe and try it again.

Step 3.

Please post:

OTL.txt
Extras.txt
aswMBR log


Recently, I restore my system to factory setup. Some other media players are also installed (Qvod and ppstream). DVD player was playing fine with these installed. A few days ago I use Spybot search and destroy to scan for malware. There are 2 found and was removed (Tencents and IE helper). I run the spybot again today and no problem found.


Please answer this question:
When you did the factory restore, the DVD was working OK and when you used SpyBot it quit? Or when did it quit working properly after the restore?


Please go into SpyBot and retrieve the log that show the items it removed and post it here.


Give me any updates on issues with your computer
  • 0

#3
horseshoe
Posted 27 March 2012 - 07:10 PM

horseshoe

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 110 posts
Hi, below are the logs and answers to your questions. Thanks!

====OTL.txt

OTL logfile created on: 3/27/2012 8:05:42 PM - Run 3
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\mnar\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.94 Gb Total Physical Memory | 0.73 Gb Available Physical Memory | 37.96% Memory free
4.11 Gb Paging File | 2.70 Gb Available in Paging File | 65.59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220.95 Gb Total Space | 147.56 Gb Free Space | 66.79% Space Free | Partition Type: NTFS
Drive D: | 11.93 Gb Total Space | 0.65 Gb Free Space | 5.47% Space Free | Partition Type: NTFS

Computer Name: MNAR-PC | User Name: mnar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days

========== Processes (SafeList) ==========

PRC - [2012/03/27 20:02:22 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\mnar\Desktop\OTL.exe
PRC - [2012/02/17 07:27:26 | 000,250,016 | ---- | M] (Adobe Systems, Inc.) -- C:\WINDOWS\System32\Macromed\Flash\FlashUtil11f_ActiveX.exe
PRC - [2012/01/14 04:43:18 | 001,634,192 | ---- | M] (Shenzhen QVOD Technology Co.,Ltd) -- C:\Program Files\QvodPlayer\QvodPlayer.exe
PRC - [2012/01/12 08:48:06 | 001,034,128 | ---- | M] (Shenzhen QVOD Technology Co.,Ltd) -- C:\Program Files\QvodPlayer\QvodTerminal.exe
PRC - [2011/06/15 16:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/04/27 16:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2011/04/27 16:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2009/04/11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2009/01/26 16:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2007/09/15 04:29:10 | 000,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPStart.exe


========== Modules (No Company Name) ==========

MOD - [2011/09/23 11:49:04 | 002,721,680 | ---- | M] () -- C:\Program Files\QvodPlayer\QMediaInfo.dll
MOD - [2007/11/06 02:50:44 | 000,189,760 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\NeoLoggingLib.dll
MOD - [2007/11/06 02:50:44 | 000,140,608 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\SatelliteENU.dll
MOD - [2007/11/06 02:50:44 | 000,107,840 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\UtilityLib.dll
MOD - [2007/11/06 02:50:44 | 000,042,304 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\RsrcLoaderLib.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (SOSOUpSvc)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2012/01/31 16:09:34 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/04/27 16:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011/04/27 16:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2008/01/19 00:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/08/31 14:15:06 | 000,176,128 | ---- | M] (Starz Entertainment Group LLC) [Disabled | Stopped] -- C:\Program Files\Vongo\VongoService.exe -- (Vongo Service)
SRV - [2007/03/05 14:30:06 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\SymIM.sys -- (SymIMMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\SymIM.sys -- (SymIM)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2011/04/27 16:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011/04/18 14:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2009/06/24 07:08:00 | 007,542,208 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/08/01 20:51:14 | 001,052,704 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008/03/04 03:32:00 | 000,188,416 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2007/10/18 07:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/09/09 18:12:28 | 000,176,640 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\CHDART.sys -- (HdAudAddService)
DRV - [2007/07/11 14:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HpqRemHid.sys -- (HpqRemHid)
DRV - [2007/06/18 21:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007/03/22 02:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/02/24 18:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/02/16 17:50:32 | 000,012,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007/01/23 20:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rimsptsk.sys -- (rimsptsk)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...ilion&pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...ilion&pf=laptop
IE - HKLM\..\SearchScopes,DefaultScope = {609366DF-90DA-43A4-A871-3846A98F1E45}
IE - HKLM\..\SearchScopes\{609366DF-90DA-43A4-A871-3846A98F1E45}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt
IE - HKLM\..\SearchScopes\{6F2C0E17-C8E1-40E8-A486-458BCAF5280D}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-714856783-1908625882-2316339518-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-714856783-1908625882-2316339518-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-714856783-1908625882-2316339518-1000\..\URLSearchHook: {DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} - No CLSID value found
IE - HKU\S-1-5-21-714856783-1908625882-2316339518-1000\..\SearchScopes,DefaultScope = {609366DF-90DA-43A4-A871-3846A98F1E45}
IE - HKU\S-1-5-21-714856783-1908625882-2316339518-1000\..\SearchScopes\{1FF7973D-AB0A-496d-82C1-4EADBBA11E7B}: "URL" = http://www.soso.com/...&unc=o400493_95
IE - HKU\S-1-5-21-714856783-1908625882-2316339518-1000\..\SearchScopes\{609366DF-90DA-43A4-A871-3846A98F1E45}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt
IE - HKU\S-1-5-21-714856783-1908625882-2316339518-1000\..\SearchScopes\{6F2C0E17-C8E1-40E8-A486-458BCAF5280D}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKU\S-1-5-21-714856783-1908625882-2316339518-1000\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKU\S-1-5-21-714856783-1908625882-2316339518-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@qvod.com/QvodInsert: C:\Program Files\QvodPlayer\npQvodInsert.dll (Shenzhen QVOD Technology Co.,Ltd)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/03/18 08:09:56 | 000,000,000 | ---D | M]

[2012/02/04 08:31:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mnar\AppData\Roaming\Mozilla\Extensions
[2012/03/18 19:26:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mnar\AppData\Roaming\Mozilla\Firefox\Profiles\ym43eihf.default\extensions
[2012/03/01 08:11:51 | 000,000,000 | ---D | M] (HP Detect) -- C:\Users\mnar\AppData\Roaming\Mozilla\Firefox\Profiles\ym43eihf.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}
[2012/02/18 10:16:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
() (No name found) -- C:\USERS\MNAR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YM43EIHF.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
[2012/03/18 08:09:55 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/01/29 09:36:35 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/01/29 09:36:35 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (QvodExtend) - {A8502600-B272-4F68-A67B-A0305D46D297} - C:\Program Files\QvodPlayer\QvodExtend.dll (Shenzhen QVOD Technology Co.,Ltd)
O2 - BHO: (IE Search Helper) - {DE7CA3CA-D5C0-CD95-BBD4-027546178475} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4 - HKLM..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe (Microsoft® Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [QvodTerminal] C:\Program Files\QvodPlayer\QvodTerminal.exe (Shenzhen QVOD Technology Co.,Ltd)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-714856783-1908625882-2316339518-1000..\Run: [PPS Accelerator] D:\PPS.tv\PPStream\ppsap.exe ()
O4 - HKU\S-1-5-21-714856783-1908625882-2316339518-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O9 - Extra Button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-21-714856783-1908625882-2316339518-1000\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C0B87525-2220-45AE-9631-A94D26E4BEAF}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EA982A2C-C1D4-48E7-A5F4-28656125831B}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\HPRadiance.jpg
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\HPRadiance.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/10/22 16:25:46 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 11:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O33 - MountPoints2\{8cbdb1ed-52bd-11e1-8f6d-001b24df2557}\Shell - "" = AutoRun
O33 - MountPoints2\{8cbdb1ed-52bd-11e1-8f6d-001b24df2557}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{e11b0f65-4f2a-11e1-a1c0-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{e11b0f65-4f2a-11e1-a1c0-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 90 Days ==========

[2012/03/27 20:07:02 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\mnar\Desktop\aswMBR.exe
[2012/03/26 22:42:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/03/26 21:49:52 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/03/26 21:48:17 | 001,079,296 | ---- | C] (ADDPCs) -- C:\tempCleaner.exe
[2012/03/21 07:06:02 | 000,000,000 | ---D | C] -- C:\New Folder
[2012/03/14 18:52:06 | 002,044,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/03/14 18:52:03 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012/03/14 18:52:03 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012/03/14 18:52:03 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012/03/14 18:52:02 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012/03/14 18:52:02 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012/03/13 19:06:20 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2012/03/03 10:23:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Money
[2012/03/03 10:20:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
[2012/03/03 10:19:03 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Roaming\Microsoft Web Folders
[2012/03/03 10:18:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FoneSync
[2012/03/03 10:18:06 | 000,000,000 | ---D | C] -- C:\Program Files\FoneSync
[2012/03/03 10:18:01 | 000,315,904 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUninst.exe
[2012/03/03 10:03:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works Suite 2001
[2012/02/27 22:23:29 | 000,000,000 | ---D | C] -- C:\ProgramData\UAB
[2012/02/27 22:23:26 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Local\PC_Drivers_Headquarters
[2012/02/27 22:23:16 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Drivers HeadQuarters
[2012/02/27 22:16:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Detective
[2012/02/27 22:16:41 | 000,000,000 | ---D | C] -- C:\Program Files\PC Drivers HeadQuarters
[2012/02/18 09:55:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/02/18 09:55:24 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2012/02/18 09:13:46 | 000,237,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2012/02/18 09:01:26 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Roaming\HpUpdate
[2012/02/18 09:01:18 | 000,000,000 | ---D | C] -- C:\Windows\Hewlett-Packard
[2012/02/16 20:48:38 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\mnar\Desktop\OTL.exe
[2012/02/16 09:17:19 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2012/02/16 09:17:19 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012/02/16 09:17:19 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/02/16 09:17:18 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/02/16 09:17:18 | 000,471,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/02/16 09:17:18 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012/02/16 09:17:18 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012/02/16 09:17:18 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/02/16 09:17:18 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/02/14 17:54:58 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2012/02/12 14:02:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/02/12 13:55:29 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2012/02/12 13:55:29 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012/02/12 13:55:29 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012/02/12 13:55:29 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012/02/10 17:44:57 | 000,038,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2012/02/10 17:36:26 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2012/02/10 16:57:39 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2012/02/10 16:57:36 | 003,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2012/02/10 16:57:36 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2012/02/10 16:56:34 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2012/02/10 16:56:28 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2012/02/10 16:56:28 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2012/02/10 16:56:28 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2012/02/10 16:56:28 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2012/02/10 16:56:27 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2012/02/10 16:55:48 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe
[2012/02/10 16:55:47 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BthMtpContextHandler.dll
[2012/02/10 16:55:41 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceConnectApi.dll
[2012/02/10 16:55:35 | 000,546,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2012/02/10 16:55:35 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2012/02/10 16:55:35 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2012/02/10 16:55:35 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll
[2012/02/10 16:55:35 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2012/02/10 16:55:35 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2012/02/10 16:32:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2012/02/10 16:31:58 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2012/02/10 16:31:58 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2012/02/10 16:31:58 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2012/02/10 16:31:56 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
[2012/02/10 16:31:56 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
[2012/02/10 16:31:54 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2012/02/10 16:31:54 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2012/02/10 16:31:54 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2012/02/10 16:31:54 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2012/02/10 16:31:53 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
[2012/02/10 16:31:44 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2012/02/10 16:31:44 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2012/02/10 16:31:44 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2012/02/10 16:31:44 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2012/02/10 16:31:43 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2012/02/10 16:28:12 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2012/02/10 16:28:12 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2012/02/10 16:28:12 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2012/02/10 16:28:12 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2012/02/10 16:28:11 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2012/02/10 16:28:11 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2012/02/10 16:27:50 | 000,979,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll
[2012/02/10 16:27:50 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2012/02/10 16:27:49 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2012/02/10 16:27:48 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2012/02/10 16:27:48 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll
[2012/02/10 16:27:48 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll
[2012/02/10 16:27:48 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2012/02/10 16:27:47 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2012/02/10 16:27:47 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2012/02/10 16:27:47 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2012/02/10 16:27:42 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2012/02/10 16:27:42 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2012/02/10 16:27:23 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2012/02/10 16:27:13 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2012/02/10 16:27:13 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2012/02/10 16:27:11 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2012/02/10 16:27:11 | 000,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2012/02/10 16:27:11 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2012/02/10 16:27:11 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2012/02/10 16:27:10 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2012/02/10 16:27:10 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2012/02/10 16:27:10 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2012/02/10 16:27:04 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2012/02/10 16:27:03 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2012/02/10 16:27:02 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2012/02/10 16:18:02 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2012/02/10 10:55:22 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/02/10 10:17:45 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2012/02/10 10:17:45 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2012/02/10 10:17:45 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2012/02/09 09:12:06 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2012/02/09 09:11:35 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2012/02/09 09:11:01 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012/02/09 09:11:00 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2012/02/09 09:11:00 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012/02/09 09:10:56 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/02/09 09:10:56 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/02/09 09:10:54 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2012/02/09 09:10:54 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2012/02/09 09:10:54 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2012/02/09 09:10:54 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2012/02/09 09:10:40 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciseq.dll
[2012/02/09 09:10:27 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2012/02/09 09:10:27 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2012/02/09 09:10:17 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2012/02/09 09:09:59 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2012/02/09 09:09:57 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2012/02/09 09:09:54 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2012/02/09 09:09:27 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2012/02/09 09:09:05 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2012/02/09 09:08:53 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2012/02/09 09:08:41 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012/02/09 09:08:39 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2012/02/09 09:08:39 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2012/02/09 09:08:34 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012/02/09 09:08:12 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2012/02/09 09:08:10 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2012/02/09 09:08:10 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2012/02/09 09:08:10 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2012/02/09 09:07:46 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2012/02/09 09:07:45 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2012/02/09 09:07:45 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2012/02/09 09:07:21 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2012/02/09 09:07:14 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2012/02/09 09:07:12 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012/02/09 09:07:11 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012/02/09 09:07:05 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012/02/09 09:06:28 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2012/02/09 09:06:28 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2012/02/09 08:59:16 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2012/02/08 23:05:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012/02/08 23:05:31 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2012/02/08 22:52:13 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Registry Cleaner
[2012/02/08 22:52:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Registry Cleaner
[2012/02/08 22:52:11 | 000,000,000 | ---D | C] -- C:\Program Files\Eusing Free Registry Cleaner
[2012/02/08 21:13:47 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Local\Microsoft Help
[2012/02/08 20:49:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2012/02/08 20:49:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2012/02/08 20:49:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2012/02/08 20:43:17 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2012/02/08 20:23:30 | 000,928,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavenge.dll
[2012/02/08 20:23:09 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compcln.exe
[2012/02/08 20:21:51 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2012/02/08 20:21:50 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2012/02/08 20:21:50 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
[2012/02/08 20:21:49 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2012/02/08 20:21:49 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
[2012/02/08 20:21:48 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2012/02/08 20:21:47 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll
[2012/02/08 20:21:47 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scksp.dll
[2012/02/08 20:21:45 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\phon.ime
[2012/02/08 20:21:44 | 001,823,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2012/02/08 20:21:44 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2012/02/08 20:21:44 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpui.dll
[2012/02/08 20:21:44 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcaui.dll
[2012/02/08 20:21:44 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2PGraph.dll
[2012/02/08 20:21:44 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssoc.dll
[2012/02/08 20:21:44 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2012/02/08 20:21:44 | 000,043,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys
[2012/02/08 20:21:44 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPutil.exe
[2012/02/08 20:21:43 | 001,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pidgenx.dll
[2012/02/08 20:21:43 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2012/02/08 20:21:43 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2012/02/08 20:21:43 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpsetup.dll
[2012/02/08 20:21:43 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2012/02/08 20:21:43 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2012/02/08 20:21:43 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pintlgnt.ime
[2012/02/08 20:21:42 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2012/02/08 20:21:41 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2012/02/08 20:21:41 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2012/02/08 20:21:41 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
[2012/02/08 20:21:41 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
[2012/02/08 20:21:40 | 002,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oobefldr.dll
[2012/02/08 20:21:40 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osk.exe
[2012/02/08 20:21:40 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2012/02/08 20:21:40 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleprn.dll
[2012/02/08 20:21:40 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2012/02/08 20:21:39 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2012/02/08 20:21:39 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2012/02/08 20:21:38 | 000,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasgcw.dll
[2012/02/08 20:21:38 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasplap.dll
[2012/02/08 20:21:38 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmontr.dll
[2012/02/08 20:21:38 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll
[2012/02/08 20:21:38 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdial.exe
[2012/02/08 20:21:37 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2012/02/08 20:21:37 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2012/02/08 20:21:37 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelMon.dll
[2012/02/08 20:21:37 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quick.ime
[2012/02/08 20:21:37 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qintlgnt.ime
[2012/02/08 20:21:37 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rekeywiz.exe
[2012/02/08 20:21:36 | 000,779,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2012/02/08 20:21:36 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationSettings.exe
[2012/02/08 20:21:36 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2012/02/08 20:21:36 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reg.exe
[2012/02/08 20:21:35 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnntfy.dll
[2012/02/08 20:21:35 | 000,102,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2012/02/08 20:21:34 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiapi.dll
[2012/02/08 20:21:33 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
[2012/02/08 20:21:33 | 000,050,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PSHED.DLL
[2012/02/08 20:21:29 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2012/02/08 20:21:24 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2012/02/08 20:21:24 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2012/02/08 20:21:23 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
[2012/02/08 20:21:23 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2012/02/08 20:21:23 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsprop.dll
[2012/02/08 20:21:23 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
[2012/02/08 20:21:23 | 000,027,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys
[2012/02/08 20:21:22 | 002,926,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012/02/08 20:21:22 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2012/02/08 20:21:22 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2012/02/08 20:21:22 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys
[2012/02/08 20:21:22 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2012/02/08 20:21:22 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
[2012/02/08 20:21:21 | 001,078,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2012/02/08 20:21:21 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2012/02/08 20:21:21 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2012/02/08 20:21:21 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2012/02/08 20:21:21 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsroam.dll
[2012/02/08 20:21:21 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorPwdMgr.dll
[2012/02/08 20:21:20 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devmgr.dll
[2012/02/08 20:21:20 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2012/02/08 20:21:19 | 000,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmv2clt.dll
[2012/02/08 20:21:19 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapimig.exe
[2012/02/08 20:21:19 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2012/02/08 20:21:19 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2012/02/08 20:21:19 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2012/02/08 20:21:19 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmsynth.dll
[2012/02/08 20:21:19 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmusic.dll
[2012/02/08 20:21:19 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2012/02/08 20:21:19 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2012/02/08 20:21:18 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpresult.exe
[2012/02/08 20:21:18 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2012/02/08 20:21:17 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IasMigReader.exe
[2012/02/08 20:21:17 | 000,454,144 | ---- | C] (Microsoft) -- C:\Windows\System32\IasMigPlugin.dll
[2012/02/08 20:21:17 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasnap.dll
[2012/02/08 20:21:17 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashlpr.dll
[2012/02/08 20:21:17 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2012/02/08 20:21:17 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2012/02/08 20:21:17 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2012/02/08 20:21:17 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpupdate.exe
[2012/02/08 20:21:16 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2012/02/08 20:21:16 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hdwwiz.exe
[2012/02/08 20:21:16 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2012/02/08 20:21:16 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2012/02/08 20:21:15 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBth.dll
[2012/02/08 20:21:15 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll
[2012/02/08 20:21:15 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll
[2012/02/08 20:21:15 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdSSDP.dll
[2012/02/08 20:21:15 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWSD.dll
[2012/02/08 20:21:15 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll
[2012/02/08 20:21:15 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2012/02/08 20:21:15 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdProxy.dll
[2012/02/08 20:21:15 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fc.exe
[2012/02/08 20:21:15 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBthProxy.dll
[2012/02/08 20:21:14 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FunctionDiscoveryFolder.dll
[2012/02/08 20:21:14 | 001,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2012/02/08 20:21:14 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpedit.dll
[2012/02/08 20:21:14 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2012/02/08 20:21:14 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll
[2012/02/08 20:21:14 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2012/02/08 20:21:14 | 000,099,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2012/02/08 20:21:14 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2012/02/08 20:21:14 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
[2012/02/08 20:21:13 | 001,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll
[2012/02/08 20:21:13 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2012/02/08 20:21:13 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2012/02/08 20:21:13 | 000,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2012/02/08 20:21:13 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayDriverLib.dll
[2012/02/08 20:21:13 | 000,109,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2012/02/08 20:21:13 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll
[2012/02/08 20:21:13 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2012/02/08 20:21:11 | 001,342,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcpl.dll
[2012/02/08 20:21:11 | 000,130,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2012/02/08 20:21:11 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthci.dll
[2012/02/08 20:21:10 | 002,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2012/02/08 20:21:10 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2012/02/08 20:21:10 | 000,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2012/02/08 20:21:10 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
[2012/02/08 20:21:10 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsigd.dll
[2012/02/08 20:21:09 | 001,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apds.dll
[2012/02/08 20:21:08 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2012/02/08 20:21:08 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsmsext.dll
[2012/02/08 20:21:07 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2012/02/08 20:21:07 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comuid.dll
[2012/02/08 20:21:07 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
[2012/02/08 20:21:07 | 000,035,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys
[2012/02/08 20:21:06 | 001,856,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2012/02/08 20:21:06 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdial32.dll
[2012/02/08 20:21:06 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmmon32.exe
[2012/02/08 20:21:05 | 001,788,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2012/02/08 20:21:05 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairing.dll
[2012/02/08 20:21:05 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingWizard.exe
[2012/02/08 20:21:05 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingProxy.dll
[2012/02/08 20:21:05 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[2012/02/08 20:21:05 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceEject.exe
[2012/02/08 20:21:04 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2012/02/08 20:21:04 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrstub.exe
[2012/02/08 20:21:03 | 001,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2012/02/08 20:21:03 | 001,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2012/02/08 20:21:03 | 000,640,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2012/02/08 20:21:03 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollUI.dll
[2012/02/08 20:21:03 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cbsra.exe
[2012/02/08 20:21:03 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthudtask.exe
[2012/02/08 20:21:02 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
[2012/02/08 20:21:02 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
[2012/02/08 20:21:02 | 000,614,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2012/02/08 20:21:02 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certreq.exe
[2012/02/08 20:21:02 | 000,125,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys
[2012/02/08 20:21:02 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cintlgnt.ime
[2012/02/08 20:21:02 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cipher.exe
[2012/02/08 20:21:02 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CHxReadingStringIME.dll
[2012/02/08 20:21:01 | 001,053,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2012/02/08 20:21:01 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2012/02/08 20:21:01 | 000,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2012/02/08 20:21:01 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chajei.ime
[2012/02/08 20:21:01 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012/02/08 20:21:00 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexch40.dll
[2012/02/08 20:21:00 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexcl40.dll
[2012/02/08 20:21:00 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2012/02/08 20:20:59 | 000,560,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2012/02/08 20:20:58 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfui.dll
[2012/02/08 20:20:58 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
[2012/02/08 20:20:57 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimsg.dll
[2012/02/08 20:20:55 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\modemui.dll
[2012/02/08 20:20:55 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2012/02/08 20:20:52 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscandui.dll
[2012/02/08 20:20:51 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2012/02/08 20:20:50 | 000,155,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2012/02/08 20:20:50 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2012/02/08 20:20:49 | 002,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2012/02/08 20:20:49 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2012/02/08 20:20:49 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012/02/08 20:20:48 | 001,086,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NetProjW.dll
[2012/02/08 20:20:46 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NcdProp.dll
[2012/02/08 20:20:45 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2012/02/08 20:20:44 | 003,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2012/02/08 20:20:44 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2VDEC.DLL
[2012/02/08 20:20:44 | 000,469,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll
[2012/02/08 20:20:44 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msltus40.dll
[2012/02/08 20:20:44 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2012/02/08 20:20:44 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2012/02/08 20:20:44 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.exe
[2012/02/08 20:20:44 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll
[2012/02/08 20:20:43 | 000,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrepl40.dll
[2012/02/08 20:20:43 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2012/02/08 20:20:43 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbde40.dll
[2012/02/08 20:20:43 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd3x40.dll
[2012/02/08 20:20:43 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd2x40.dll
[2012/02/08 20:20:43 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjtes40.dll
[2012/02/08 20:20:43 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012/02/08 20:20:43 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjter40.dll
[2012/02/08 20:20:43 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2012/02/08 20:20:43 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
[2012/02/08 20:20:43 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll
[2012/02/08 20:20:43 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjint40.dll
[2012/02/08 20:20:42 | 001,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjet40.dll
[2012/02/08 20:20:42 | 000,856,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswdat10.dll
[2012/02/08 20:20:42 | 000,618,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswstr10.dll
[2012/02/08 20:20:42 | 000,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxbde40.dll
[2012/02/08 20:20:42 | 000,351,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2012/02/08 20:20:42 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msisip.dll
[2012/02/08 20:20:41 | 001,480,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2012/02/08 20:20:41 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2012/02/08 20:20:41 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2012/02/08 20:20:41 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstext40.dll
[2012/02/08 20:20:41 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2012/02/08 20:20:41 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll
[2012/02/08 20:20:41 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
[2012/02/08 20:20:41 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[2012/02/08 20:20:41 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[2012/02/08 20:20:40 | 001,827,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/02/08 20:20:40 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2012/02/08 20:20:40 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll
[2012/02/08 20:20:40 | 000,099,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2012/02/08 20:20:40 | 000,035,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2012/02/08 20:20:40 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetppui.dll
[2012/02/08 20:20:38 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2012/02/08 20:20:38 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsilog.dll
[2012/02/08 20:20:37 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsecsnp.dll
[2012/02/08 20:20:37 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2012/02/08 20:20:37 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipconfig.exe
[2012/02/08 20:20:36 | 000,619,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2012/02/08 20:20:36 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassdo.dll
[2012/02/08 20:20:36 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassvcs.dll
[2012/02/08 20:20:36 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifmon.dll
[2012/02/08 20:20:36 | 000,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2012/02/08 20:20:35 | 000,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2012/02/08 20:20:35 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10K.DLL
[2012/02/08 20:20:35 | 000,398,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012/02/08 20:20:35 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012/02/08 20:20:35 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassam.dll
[2012/02/08 20:20:35 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2012/02/08 20:20:35 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2012/02/08 20:20:35 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iaspolcy.dll
[2012/02/08 20:20:34 | 000,677,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2012/02/08 20:20:34 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2012/02/08 20:20:34 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi.dll
[2012/02/08 20:20:29 | 002,012,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll
[2012/02/08 20:20:28 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmci.dll
[2012/02/08 20:20:28 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2012/02/08 20:20:28 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcico.dll
[2012/02/08 20:20:27 | 002,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2012/02/08 20:20:27 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe
[2012/02/08 20:20:25 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2012/02/08 20:20:24 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
[2012/02/08 20:20:24 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax
[2012/02/08 20:20:23 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2nacp.dll
[2012/02/08 20:20:23 | 000,017,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2012/02/08 20:20:21 | 000,438,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2012/02/08 20:20:21 | 000,019,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdusb.dll
[2012/02/08 20:20:21 | 000,017,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdcom.dll
[2012/02/08 20:20:20 | 000,950,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2012/02/08 20:20:20 | 000,852,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2012/02/08 20:20:20 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2012/02/08 20:20:19 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2012/02/08 20:20:19 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2012/02/08 20:20:17 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Magnify.exe
[2012/02/08 20:20:17 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2012/02/08 20:20:16 | 001,143,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe
[2012/02/08 20:20:16 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2012/02/08 20:20:15 | 001,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2012/02/08 20:20:15 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2012/02/08 20:20:13 | 001,524,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll
[2012/02/08 20:20:12 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2012/02/08 20:20:12 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtutil.exe
[2012/02/08 20:20:12 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\whealogr.dll
[2012/02/08 20:20:11 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaaut.dll
[2012/02/08 20:20:11 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
[2012/02/08 20:20:11 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe
[2012/02/08 20:20:10 | 000,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsdyn.dll
[2012/02/08 20:20:10 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2012/02/08 20:20:10 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll
[2012/02/08 20:20:09 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2012/02/08 20:20:08 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2012/02/08 20:20:08 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Utilman.exe
[2012/02/08 20:20:07 | 001,533,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz.dll
[2012/02/08 20:20:07 | 000,968,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz2.dll
[2012/02/08 20:20:07 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WcnNetsh.dll
[2012/02/08 20:20:07 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys
[2012/02/08 20:20:05 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WscEapPr.dll
[2012/02/08 20:20:05 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2012/02/08 20:20:04 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDMon.dll
[2012/02/08 20:20:04 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll
[2012/02/08 20:20:04 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscisvif.dll
[2012/02/08 20:20:03 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl
[2012/02/08 20:20:03 | 001,575,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL
[2012/02/08 20:20:03 | 001,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2012/02/08 20:20:03 | 000,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL
[2012/02/08 20:20:03 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wow32.dll
[2012/02/08 20:20:03 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll
[2012/02/08 20:20:02 | 001,580,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2012/02/08 20:20:02 | 000,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcao.dll
[2012/02/08 20:20:02 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2012/02/08 20:20:01 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
[2012/02/08 20:19:59 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
[2012/02/08 20:19:58 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2012/02/08 20:19:58 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2012/02/08 20:19:58 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2012/02/08 20:19:57 | 000,926,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2012/02/08 20:19:57 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2012/02/08 20:19:57 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlgpclnt.dll
[2012/02/08 20:19:56 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2012/02/08 20:19:56 | 000,986,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2012/02/08 20:19:55 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2012/02/08 20:19:54 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2012/02/08 20:19:50 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2012/02/08 20:19:48 | 000,122,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys
[2012/02/08 20:19:48 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Storprop.dll
[2012/02/08 20:19:48 | 000,052,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys
[2012/02/08 20:19:47 | 001,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2012/02/08 20:19:46 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2012/02/08 20:19:45 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2012/02/08 20:19:42 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll
[2012/02/08 20:19:41 | 002,205,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2012/02/08 20:19:41 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2012/02/08 20:19:40 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2012/02/08 20:19:40 | 000,083,456 | ---- | C] (Microsoft) -- C:\Windows\System32\SMBHelperClass.dll
[2012/02/08 20:19:40 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll
[2012/02/08 20:19:39 | 000,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcc.dll
[2012/02/08 20:19:39 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2012/02/08 20:19:39 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2012/02/08 20:19:38 | 001,081,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCExt.dll
[2012/02/08 20:19:38 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe
[2012/02/08 20:19:38 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll
[2012/02/08 20:19:38 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2012/02/08 20:19:37 | 000,582,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll
[2012/02/08 20:19:37 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe
[2012/02/08 20:19:37 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe
[2012/02/08 20:19:37 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spcmsg.dll
[2012/02/08 20:19:34 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sperror.dll
[2012/02/08 20:19:34 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll
[2012/02/08 20:19:33 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys
[2012/02/08 20:19:33 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2012/02/08 20:19:33 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2012/02/08 20:19:33 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe
[2012/02/08 20:19:33 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwinsat.dll
[2012/02/08 20:19:32 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SnippingTool.exe
[2012/02/08 20:19:32 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\softkbd.dll
[2012/02/08 20:19:32 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSTheme.exe
[2012/02/08 20:19:32 | 000,035,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsWpfWrp.exe
[2012/02/08 20:19:30 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscupgrd.exe
[2012/02/08 20:19:29 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2012/02/08 20:19:29 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2012/02/08 20:19:29 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2012/02/08 20:19:28 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll
[2012/02/08 20:19:28 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ulib.dll
[2012/02/08 20:19:28 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2012/02/08 20:19:27 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2012/02/08 20:19:25 | 001,576,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2012/02/08 20:19:25 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2012/02/08 20:19:25 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tintlgnt.ime
[2012/02/08 20:19:24 | 001,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2012/02/08 20:19:24 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
[2012/02/08 20:15:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2012/02/08 19:23:34 | 000,000,000 | ---D | C] -- C:\PerfLogs
[2012/02/08 18:28:01 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recdisc.exe
[2012/02/08 18:27:54 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdspres.dll
[2012/02/08 18:26:41 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxproxy.dll
[2012/02/08 18:25:37 | 000,464,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msra.exe
[2012/02/08 18:25:37 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssha.dll
[2012/02/08 18:25:37 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrdc.dll
[2012/02/08 18:25:35 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mycomput.dll
[2012/02/08 18:25:35 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mystify.scr
[2012/02/08 18:25:35 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPMONTR.DLL
[2012/02/08 18:25:35 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtstocom.exe
[2012/02/08 18:25:35 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPHLPR.DLL
[2012/02/08 18:25:35 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napdsnap.dll
[2012/02/08 18:25:35 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MuiUnattend.exe
[2012/02/08 18:25:35 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPCRYPT.DLL
[2012/02/08 18:25:35 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napipsec.dll
[2012/02/08 18:25:35 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxlegih.dll
[2012/02/08 18:25:35 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxdm.dll
[2012/02/08 18:25:34 | 001,386,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvbvm60.dll
[2012/02/08 18:25:33 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswmdm.dll
[2012/02/08 18:25:33 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012/02/08 18:25:32 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcuiu.dll
[2012/02/08 18:25:32 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcVSp1res.dll
[2012/02/08 18:25:30 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdelta.dll
[2012/02/08 18:25:30 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdart.dll
[2012/02/08 18:25:29 | 000,506,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ENC.DLL
[2012/02/08 18:25:29 | 000,415,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2012/02/08 18:25:29 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ADEC.DLL
[2012/02/08 18:25:29 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdt.dll
[2012/02/08 18:25:29 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdt.exe
[2012/02/08 18:25:29 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdadiag.dll
[2012/02/08 18:25:29 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtclog.dll
[2012/02/08 18:25:29 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll
[2012/02/08 18:25:29 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmmsp.dll
[2012/02/08 18:25:28 | 000,485,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspaint.exe
[2012/02/08 18:25:28 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoeacct.dll
[2012/02/08 18:25:28 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msorcl32.dll
[2012/02/08 18:25:28 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012/02/08 18:25:28 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoert2.dll
[2012/02/08 18:25:28 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2012/02/08 18:25:28 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msident.dll
[2012/02/08 18:25:27 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msidcrl30.dll
[2012/02/08 18:25:22 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Nlsdl.dll
[2012/02/08 18:25:20 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlmgp.dll
[2012/02/08 18:25:20 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlsbres.dll
[2012/02/08 18:25:18 | 000,531,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\objsel.dll
[2012/02/08 18:25:18 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll
[2012/02/08 18:25:18 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll
[2012/02/08 18:25:18 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll
[2012/02/08 18:25:17 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshipsec.dll
[2012/02/08 18:25:17 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll
[2012/02/08 18:25:16 | 000,520,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntvdm.exe
[2012/02/08 18:25:15 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netid.dll
[2012/02/08 18:25:15 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netdiagfx.dll
[2012/02/08 18:25:15 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcorehc.dll
[2012/02/08 18:25:15 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe
[2012/02/08 18:25:15 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2012/02/08 18:25:15 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netbtugc.exe
[2012/02/08 18:25:14 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPSTAT.EXE
[2012/02/08 18:25:14 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net1.exe
[2012/02/08 18:25:14 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2012/02/08 18:25:14 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nci.dll
[2012/02/08 18:25:14 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net.exe
[2012/02/08 18:25:14 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ndfetw.dll
[2012/02/08 18:25:14 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nbtstat.exe
[2012/02/08 18:25:13 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ndfapi.dll
[2012/02/08 18:25:12 | 000,669,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netprof.dll
[2012/02/08 18:25:12 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Netplwiz.exe
[2012/02/08 18:25:11 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\luainstall.dll
[2012/02/08 18:25:11 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\makecab.exe
[2012/02/08 18:25:11 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsmproxy.dll
[2012/02/08 18:25:10 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localsec.dll
[2012/02/08 18:25:10 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe
[2012/02/08 18:25:10 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\loghours.dll
[2012/02/08 18:25:10 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lodctr.exe
[2012/02/08 18:25:10 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localui.dll
[2012/02/08 18:25:09 | 005,714,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logon.scr
[2012/02/08 18:25:09 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpremove.exe
[2012/02/08 18:25:08 | 000,614,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFWMAAEC.DLL
[2012/02/08 18:25:08 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfvdsp.dll
[2012/02/08 18:25:07 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe
[2012/02/08 18:25:07 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mdminst.dll
[2012/02/08 18:25:07 | 000,129,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\McxDriv.dll
[2012/02/08 18:25:07 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MdSched.exe
[2012/02/08 18:25:07 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mcd.sys
[2012/02/08 18:25:06 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsiwmi.dll
[2012/02/08 18:25:06 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsium.dll
[2012/02/08 18:25:06 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsied.dll
[2012/02/08 18:25:05 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\intl.cpl
[2012/02/08 18:25:05 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtrmgr.dll
[2012/02/08 18:25:05 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012/02/08 18:25:05 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kstvtune.ax
[2012/02/08 18:25:05 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksxbar.ax
[2012/02/08 18:25:05 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ktmutil.exe
[2012/02/08 18:25:05 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ktmw32.dll
[2012/02/08 18:25:05 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtprio.dll
[2012/02/08 18:25:04 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\keymgr.dll
[2012/02/08 18:25:04 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksproxy.ax
[2012/02/08 18:25:04 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\loadperf.dll
[2012/02/08 18:25:04 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2gpstore.dll
[2012/02/08 18:25:04 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012/02/08 18:25:04 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lnkstub.exe
[2012/02/08 18:25:04 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lltdapi.dll
[2012/02/08 18:25:04 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LangCleanupSysprepAction.dll
[2012/02/08 18:25:03 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\joy.cpl
[2012/02/08 18:25:03 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDJPN.DLL
[2012/02/08 18:25:03 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDKOR.DLL
[2012/02/08 18:25:02 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprmsg.dll
[2012/02/08 18:25:02 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprddm.dll
[2012/02/08 18:25:01 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mountvol.exe
[2012/02/08 18:25:00 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MPG4DECD.DLL
[2012/02/08 18:25:00 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP43DECD.DLL
[2012/02/08 18:25:00 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP3DMOD.DLL
[2012/02/08 18:24:59 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msconfig.exe
[2012/02/08 18:24:56 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSAC3ENC.DLL
[2012/02/08 18:24:56 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaatext.dll
[2012/02/08 18:24:51 | 000,301,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcbase.dll
[2012/02/08 18:24:49 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\migisol.dll
[2012/02/08 18:24:49 | 000,094,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MigAutoPlay.exe
[2012/02/08 18:24:47 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SecEdit.exe
[2012/02/08 18:24:46 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdshext.dll
[2012/02/08 18:24:45 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shrink.dll
[2012/02/08 18:24:44 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shrpubw.exe
[2012/02/08 18:24:43 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll
[2012/02/08 18:24:43 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shutdown.exe
[2012/02/08 18:24:42 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiInstaller.dll
[2012/02/08 18:24:41 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\smclib.sys
[2012/02/08 18:24:39 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcln.dll
[2012/02/08 18:24:39 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2012/02/08 18:24:39 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcl.exe
[2012/02/08 18:24:39 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\serialui.dll
[2012/02/08 18:24:39 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupSNK.exe
[2012/02/08 18:24:38 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupugc.exe
[2012/02/08 18:24:38 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sfc.exe
[2012/02/08 18:24:36 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssocPrx.dll
[2012/02/08 18:24:36 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012/02/08 18:24:36 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pots.dll
[2012/02/08 18:24:36 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpts.dll
[2012/02/08 18:24:35 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercfg.cpl
[2012/02/08 18:24:35 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWiaCompat.dll
[2012/02/08 18:24:34 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiobj.dll
[2012/02/08 18:24:34 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\provthrd.dll
[2012/02/08 18:24:34 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL
[2012/02/08 18:24:34 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
[2012/02/08 18:24:33 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2pcollab.dll
[2012/02/08 18:24:33 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2P.dll
[2012/02/08 18:24:33 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2phost.exe
[2012/02/08 18:24:33 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2pnetsh.dll
[2012/02/08 18:24:33 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prntvpt.dll
[2012/02/08 18:24:33 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\profprov.dll
[2012/02/08 18:24:33 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcadm.dll
[2012/02/08 18:24:33 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\procinst.dll
[2012/02/08 18:24:32 | 001,107,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ogldrv.dll
[2012/02/08 18:24:32 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olecli32.dll
[2012/02/08 18:24:32 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olethk32.dll
[2012/02/08 18:24:32 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olesvr32.dll
[2012/02/08 18:24:31 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OptionalFeatures.exe
[2012/02/08 18:24:31 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osblprov.dll
[2012/02/08 18:24:31 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osbaseln.dll
[2012/02/08 18:24:30 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PING.EXE
[2012/02/08 18:24:29 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfmon.exe
[2012/02/08 18:24:29 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdhui.dll
[2012/02/08 18:24:29 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PlaySndSrv.dll
[2012/02/08 18:24:28 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2012/02/08 18:24:28 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RstrtMgr.dll
[2012/02/08 18:24:28 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\runonce.exe
[2012/02/08 18:24:28 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfnet.dll
[2012/02/08 18:24:28 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfts.dll
[2012/02/08 18:24:27 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Ribbons.scr
[2012/02/08 18:24:27 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rgb9rast.dll
[2012/02/08 18:24:27 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtm.dll
[2012/02/08 18:24:26 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RESAMPLEDMO.DLL
[2012/02/08 18:24:26 | 000,087,552 | ---- | C] (Microsoft) -- C:\Windows\System32\Robocopy.exe
[2012/02/08 18:24:26 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RpcPing.exe
[2012/02/08 18:24:26 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll
[2012/02/08 18:24:25 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2012/02/08 18:24:25 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbunattend.exe
[2012/02/08 18:24:24 | 000,730,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdengin2.dll
[2012/02/08 18:24:24 | 000,142,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\scsiport.sys
[2012/02/08 18:24:24 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdchange.exe
[2012/02/08 18:24:22 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rascfg.dll
[2012/02/08 18:24:22 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacAgent.exe
[2012/02/08 18:24:22 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasctrs.dll
[2012/02/08 18:24:21 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdv.dll
[2012/02/08 18:24:21 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qasf.dll
[2012/02/08 18:24:21 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcap.dll
[2012/02/08 18:24:21 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSHVHOST.DLL
[2012/02/08 18:24:21 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSVRMGMT.DLL
[2012/02/08 18:24:21 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QCLIPROV.DLL
[2012/02/08 18:24:20 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPENCDD.dll
[2012/02/08 18:24:20 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regini.exe
[2012/02/08 18:24:20 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegCtrl.dll
[2012/02/08 18:24:20 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrleakdiag.exe
[2012/02/08 18:24:19 | 000,975,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RASMM.dll
[2012/02/08 18:24:19 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raserver.exe
[2012/02/08 18:24:19 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasphone.exe
[2012/02/08 18:24:19 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcfgex.dll
[2012/02/08 18:24:18 | 001,039,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d8.dll
[2012/02/08 18:24:18 | 000,816,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dim700.dll
[2012/02/08 18:24:18 | 000,384,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dim.dll
[2012/02/08 18:24:18 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\desk.cpl
[2012/02/08 18:24:18 | 000,226,816 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\Defrag.exe
[2012/02/08 18:24:18 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devenum.dll
[2012/02/08 18:24:17 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ddraw.dll
[2012/02/08 18:24:17 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbnetlib.dll
[2012/02/08 18:24:17 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dxof.dll
[2012/02/08 18:24:16 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dinput8.dll
[2012/02/08 18:24:16 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispdiag.exe
[2012/02/08 18:24:16 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diantz.exe
[2012/02/08 18:24:16 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispci.dll
[2012/02/08 18:24:16 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsjob.dll
[2012/02/08 18:24:15 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgui.exe
[2012/02/08 18:24:15 | 000,163,840 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\DfrgNtfs.exe
[2012/02/08 18:24:15 | 000,096,768 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\dfrgfat.exe
[2012/02/08 18:24:15 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DFDWiz.exe
[2012/02/08 18:24:15 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgifc.exe
[2012/02/08 18:24:15 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfdts.dll
[2012/02/08 18:24:15 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispex.dll
[2012/02/08 18:24:14 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
[2012/02/08 18:24:14 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DHCPQEC.DLL
[2012/02/08 18:24:14 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpsapi.dll
[2012/02/08 18:24:14 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmlua.dll
[2012/02/08 18:24:14 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmcfg32.dll
[2012/02/08 18:24:13 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmipnpinstall.dll
[2012/02/08 18:24:13 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cic.dll
[2012/02/08 18:24:13 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdl32.exe
[2012/02/08 18:24:13 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmifw.dll
[2012/02/08 18:24:13 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmicryptinstall.dll
[2012/02/08 18:24:12 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CompatUI.dll
[2012/02/08 18:24:12 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comsnap.dll
[2012/02/08 18:24:12 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comrepl.dll
[2012/02/08 18:24:12 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clfsw32.dll
[2012/02/08 18:24:12 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ComputerDefaults.exe
[2012/02/08 18:24:11 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compstui.dll
[2012/02/08 18:24:11 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CompMgmtLauncher.exe
[2012/02/08 18:24:11 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[2012/02/08 18:24:11 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\convert.exe
[2012/02/08 18:24:08 | 000,686,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\colorui.dll
[2012/02/08 18:24:08 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\COLORCNV.DLL
[2012/02/08 18:24:08 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstp.exe
[2012/02/08 18:24:08 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cofiredm.dll
[2012/02/08 18:24:08 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmpbk32.dll
[2012/02/08 18:24:08 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstplua.dll
[2012/02/08 18:24:07 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\els.dll
[2012/02/08 18:24:07 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmutil.dll
[2012/02/08 18:24:05 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDump.dll
[2012/02/08 18:24:05 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esentutl.exe
[2012/02/08 18:24:05 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EAPQEC.DLL
[2012/02/08 18:24:05 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esentprf.dll
[2012/02/08 18:24:04 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\filemgmt.dll
[2012/02/08 18:24:04 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fde.dll
[2012/02/08 18:24:04 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\efsadu.dll
[2012/02/08 18:24:03 | 002,585,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallControlPanel.exe
[2012/02/08 18:24:03 | 002,249,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Firewall.cpl
[2012/02/08 18:24:03 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallAPI.dll
[2012/02/08 18:24:03 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findnetprinters.dll
[2012/02/08 18:24:03 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fmifs.dll
[2012/02/08 18:24:02 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3ui.dll
[2012/02/08 18:24:02 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\extrac32.exe
[2012/02/08 18:24:02 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\expand.exe
[2012/02/08 18:24:02 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\System32\esrb.rs
[2012/02/08 18:24:02 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eventcls.dll
[2012/02/08 18:24:01 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll
[2012/02/08 18:24:01 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3gpui.dll
[2012/02/08 18:24:01 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\drmk.sys
[2012/02/08 18:24:01 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\driverquery.exe
[2012/02/08 18:24:01 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3gpclnt.dll
[2012/02/08 18:24:00 | 000,388,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdlgs.dll
[2012/02/08 18:24:00 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2012/02/08 18:24:00 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdskmgr.dll
[2012/02/08 18:24:00 | 000,178,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmime.dll
[2012/02/08 18:24:00 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DpiScaling.exe
[2012/02/08 18:24:00 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmvdsitf.dll
[2012/02/08 18:24:00 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmscript.dll
[2012/02/08 18:24:00 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnshc.dll
[2012/02/08 18:24:00 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmocx.dll
[2012/02/08 18:24:00 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmloader.dll
[2012/02/08 18:24:00 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmutil.dll
[2012/02/08 18:24:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdskres2.dll
[2012/02/08 18:23:59 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWWIN.EXE
[2012/02/08 18:23:59 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmview.ocx
[2012/02/08 18:23:59 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
[2012/02/08 18:23:59 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxapi.sys
[2012/02/08 18:23:58 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012/02/08 18:23:58 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012/02/08 18:23:58 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsdmo.dll
[2012/02/08 18:23:58 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dskquota.dll
[2012/02/08 18:23:58 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxva2.dll
[2012/02/08 18:23:58 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsauth.dll
[2012/02/08 18:23:57 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll
[2012/02/08 18:23:57 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\at.exe
[2012/02/08 18:23:56 | 004,595,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWSnapin.dll
[2012/02/08 18:23:56 | 001,370,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Aurora.scr
[2012/02/08 18:23:56 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWGP.dll
[2012/02/08 18:23:56 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AUDIOKSE.dll
[2012/02/08 18:23:56 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authfwcfg.dll
[2012/02/08 18:23:56 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2012/02/08 18:23:56 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AtBroker.exe
[2012/02/08 18:23:54 | 000,334,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdedit.exe
[2012/02/08 18:23:54 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsadmin.exe
[2012/02/08 18:23:54 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdsrv.dll
[2012/02/08 18:23:54 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basesrv.dll
[2012/02/08 18:23:54 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe
[2012/02/08 18:23:54 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdprov.dll
[2012/02/08 18:23:54 | 000,028,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\battc.sys
[2012/02/08 18:23:54 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\batt.dll
[2012/02/08 18:23:54 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\bdasup.sys
[2012/02/08 18:23:53 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayApi.dll
[2012/02/08 18:23:53 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AzSqlExt.dll
[2012/02/08 18:23:52 | 001,405,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActiveContentWizard.dll
[2012/02/08 18:23:52 | 000,317,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroleui.dll
[2012/02/08 18:23:52 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionQueue.dll
[2012/02/08 18:23:52 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\activeds.tlb
[2012/02/08 18:23:52 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ACW.exe
[2012/02/08 18:23:52 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll
[2012/02/08 18:23:51 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aclui.dll
[2012/02/08 18:23:51 | 000,053,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\1394bus.sys
[2012/02/08 18:23:50 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apircl.dll
[2012/02/08 18:23:50 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amstream.dll
[2012/02/08 18:23:50 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2012/02/08 18:23:50 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2012/02/08 18:23:49 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsnt.dll
[2012/02/08 18:23:49 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apss.dll
[2012/02/08 18:23:48 | 000,879,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Bubbles.scr
[2012/02/08 18:23:48 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldp.dll
[2012/02/08 18:23:48 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\btpanui.dll
[2012/02/08 18:23:47 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cacls.exe
[2012/02/08 18:23:47 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\capisp.dll
[2012/02/08 18:23:46 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcplsdw.dll
[2012/02/08 18:23:46 | 000,024,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BOOTVID.DLL
[2012/02/08 18:23:46 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootstr.dll
[2012/02/08 18:23:45 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bridgeunattend.exe
[2012/02/08 18:23:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollCtrl.exe
[2012/02/08 18:23:44 | 000,805,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll
[2012/02/08 18:23:44 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cewmdm.dll
[2012/02/08 18:23:44 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cfgbkend.dll
[2012/02/08 18:23:42 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootcfg.exe
[2012/02/08 18:23:35 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012/02/08 18:23:33 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imagesp1.dll
[2012/02/08 18:23:32 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetmib1.dll
[2012/02/08 18:23:31 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InfDefaultInstall.exe
[2012/02/08 18:23:29 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ias.dll
[2012/02/08 18:23:29 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
[2012/02/08 18:23:26 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012/02/08 18:23:26 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifsutil.dll
[2012/02/08 18:23:26 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012/02/08 18:23:26 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012/02/08 18:23:25 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icm32.dll
[2012/02/08 18:23:25 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012/02/08 18:23:25 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icsfiltr.dll
[2012/02/08 18:23:25 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icfupgd.dll
[2012/02/08 18:23:25 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012/02/08 18:23:25 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icacls.exe
[2012/02/08 18:23:25 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\idndl.dll
[2012/02/08 18:23:25 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icsunattend.exe
[2012/02/08 18:23:24 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll
[2012/02/08 18:23:23 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hlink.dll
[2012/02/08 18:23:23 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hnetmon.dll
[2012/02/08 18:23:20 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll
[2012/02/08 18:23:20 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedyn.dll
[2012/02/08 18:23:20 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe
[2012/02/08 18:23:20 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fwcfg.dll
[2012/02/08 18:23:20 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fphc.dll
[2012/02/08 18:23:20 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\fveupdate.exe
[2012/02/08 18:23:20 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framebuf.dll
[2012/02/08 18:23:19 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\GuidedHelp.dll
[2012/02/08 18:23:19 | 000,025,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidparse.sys
[2012/02/08 18:23:19 | 000,016,896 | ---- | C] (Microsoft) -- C:\Windows\System32\grb.rs
[2012/02/08 18:23:19 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hcrstco.dll
[2012/02/08 18:23:18 | 000,498,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\HelpPane.exe
[2012/02/08 18:23:18 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HelpPaneProxy.dll
[2012/02/08 18:23:18 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\getmac.exe
[2012/02/08 18:23:18 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gacinstall.dll
[2012/02/08 18:23:18 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\g711codc.ax
[2012/02/08 18:23:17 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\graftabl.com
[2012/02/08 18:23:09 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgrade.exe
[2012/02/08 18:23:08 | 000,415,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadefui.dll
[2012/02/08 18:23:08 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadss.dll
[2012/02/08 18:23:08 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaacmgr.exe
[2012/02/08 18:23:07 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiascanprofiles.dll
[2012/02/08 18:23:07 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012/02/08 18:23:07 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiarpc.dll
[2012/02/08 18:23:07 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wfapigp.dll
[2012/02/08 18:23:06 | 000,628,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WLanConn.dll
[2012/02/08 18:23:06 | 000,383,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSATAPI.dll
[2012/02/08 18:23:06 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlancfg.dll
[2012/02/08 18:23:06 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WINSRPC.DLL
[2012/02/08 18:23:06 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winusb.dll
[2012/02/08 18:23:05 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[2012/02/08 18:23:05 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winethc.dll
[2012/02/08 18:23:04 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll
[2012/02/08 18:23:03 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll
[2012/02/08 18:23:03 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wavemsp.dll
[2012/02/08 18:23:03 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w32tm.exe
[2012/02/08 18:23:03 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WavDest.dll
[2012/02/08 18:23:03 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\waitfor.exe
[2012/02/08 18:23:02 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vssadmin.exe
[2012/02/08 18:23:02 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vss_ps.dll
[2012/02/08 18:23:00 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wermgr.exe
[2012/02/08 18:23:00 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\werdiagcontroller.dll
[2012/02/08 18:23:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wertargets.wtl
[2012/02/08 18:22:59 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscproxystub.dll
[2012/02/08 18:22:58 | 001,295,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsecedit.dll
[2012/02/08 18:22:58 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscmisetup.dll
[2012/02/08 18:22:58 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshcon.dll
[2012/02/08 18:22:58 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll
[2012/02/08 18:22:57 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll
[2012/02/08 18:22:57 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpdwcn.dll
[2012/02/08 18:22:57 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpclsp.dll
[2012/02/08 18:22:57 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpnpinst.exe
[2012/02/08 18:22:56 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wvc.dll
[2012/02/08 18:22:56 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2012/02/08 18:22:56 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactsrv.dll
[2012/02/08 18:22:56 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wzcdlg.dll
[2012/02/08 18:22:56 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2012/02/08 18:22:56 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xcopy.exe
[2012/02/08 18:22:56 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlprovi.dll
[2012/02/08 18:22:55 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2012/02/08 18:22:55 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe
[2012/02/08 18:22:55 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2012/02/08 18:22:54 | 001,675,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpssvcs.dll
[2012/02/08 18:22:54 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xwizards.dll
[2012/02/08 18:22:54 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSTPager.ax
[2012/02/08 18:22:53 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmidx.dll
[2012/02/08 18:22:53 | 000,041,472 | ---- | C] (Microsoft) -- C:\Windows\System32\WlanMmHC.dll
[2012/02/08 18:22:53 | 000,017,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\wmilib.sys
[2012/02/08 18:22:52 | 000,913,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WlanMM.dll
[2012/02/08 18:22:52 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOD.DLL
[2012/02/08 18:22:52 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlandlg.dll
[2012/02/08 18:22:52 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmdev.dll
[2012/02/08 18:22:52 | 000,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmnet.dll
[2012/02/08 18:22:52 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WLanHC.dll
[2012/02/08 18:22:51 | 001,329,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOE.DLL
[2012/02/08 18:22:51 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOE.DLL
[2012/02/08 18:22:51 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMASF.DLL
[2012/02/08 18:22:51 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpsrcwp.dll
[2012/02/08 18:22:50 | 000,767,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSENCD.DLL
[2012/02/08 18:22:49 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2012/02/08 18:22:49 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmvdspa.dll
[2012/02/08 18:22:49 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmiprop.dll
[2012/02/08 18:22:48 | 001,642,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPEncEn.dll
[2012/02/08 18:22:47 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpcm.dll
[2012/02/08 18:22:46 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Tabbtn.dll
[2012/02/08 18:22:46 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systeminfo.exe
[2012/02/08 18:22:44 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tasklist.exe
[2012/02/08 18:22:44 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskkill.exe
[2012/02/08 18:22:44 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tbs.dll
[2012/02/08 18:22:43 | 000,691,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabletPC.cpl
[2012/02/08 18:22:43 | 000,431,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll
[2012/02/08 18:22:43 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdi.sys
[2012/02/08 18:22:42 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TapiMigPlugin.dll
[2012/02/08 18:22:42 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tabcal.exe
[2012/02/08 18:22:42 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabbtnEx.dll
[2012/02/08 18:22:42 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tape.sys
[2012/02/08 18:22:41 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlceqp30.dll
[2012/02/08 18:22:41 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlcese30.dll
[2012/02/08 18:22:41 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srrstr.dll
[2012/02/08 18:22:41 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqmapi.dll
[2012/02/08 18:22:41 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\takeown.exe
[2012/02/08 18:22:41 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srdelayed.exe
[2012/02/08 18:22:40 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssText3d.scr
[2012/02/08 18:22:40 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SSShim.dll
[2012/02/08 18:22:40 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srwmi.dll
[2012/02/08 18:22:39 | 008,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssBranded.scr
[2012/02/08 18:22:38 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SoundRecorder.exe
[2012/02/08 18:22:37 | 008,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizimg.dll
[2012/02/08 18:22:37 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizeng.dll
[2012/02/08 18:22:37 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2012/02/08 18:22:37 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spbcd.dll
[2012/02/08 18:22:37 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppnp.dll
[2012/02/08 18:22:37 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spopk.dll
[2012/02/08 18:22:37 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizres.dll
[2012/02/08 18:22:36 | 000,338,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SysFxUI.dll
[2012/02/08 18:22:36 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxstrace.exe
[2012/02/08 18:22:36 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxsstore.dll
[2012/02/08 18:22:35 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sti_ci.dll
[2012/02/08 18:22:35 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syssetup.dll
[2012/02/08 18:22:35 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syskey.exe
[2012/02/08 18:22:34 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\userinit.exe
[2012/02/08 18:22:34 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usbperf.dll
[2012/02/08 18:22:33 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usbui.dll
[2012/02/08 18:22:33 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\upnpcont.exe
[2012/02/08 18:22:32 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xwtpw32.dll
[2012/02/08 18:22:32 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2012/02/08 18:22:31 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VIDRESZR.DLL
[2012/02/08 18:22:31 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VBICodec.ax
[2012/02/08 18:22:31 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\videoprt.sys
[2012/02/08 18:22:31 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga256.dll
[2012/02/08 18:22:31 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga64k.dll
[2012/02/08 18:22:31 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga.dll
[2012/02/08 18:22:30 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VAN.dll
[2012/02/08 18:22:30 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\verifier.dll
[2012/02/08 18:22:30 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsbas.dll
[2012/02/08 18:22:30 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uudf.dll
[2012/02/08 18:22:30 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\verifier.exe
[2012/02/08 18:22:30 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vfwwdm32.dll
[2012/02/08 18:22:30 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmredir.dll
[2012/02/08 18:22:30 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vds_ps.dll
[2012/02/08 18:22:30 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbisurf.ax
[2012/02/08 18:22:30 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\utildll.dll
[2012/02/08 18:22:30 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsldr.exe
[2012/02/08 18:22:29 | 001,298,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TMM.dll
[2012/02/08 18:22:29 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tracerpt.exe
[2012/02/08 18:22:29 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TpmInit.exe
[2012/02/08 18:22:28 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\termmgr.dll
[2012/02/08 18:22:28 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsddd.dll
[2012/02/08 18:22:27 | 002,588,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIHub.dll
[2012/02/08 18:22:27 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\umb.dll
[2012/02/08 18:22:27 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TimeDateMUICallback.dll
[2012/02/08 18:22:26 | 000,736,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unbcl.dll
[2012/02/08 18:22:26 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattend.dll
[2012/02/08 18:22:26 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ucsvc.exe
[2012/02/08 18:22:26 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe
[2012/02/08 18:22:26 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattendedjoin.exe
[2012/02/08 18:22:26 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\txfw32.dll
[2012/02/08 18:22:25 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ufat.dll
[2012/02/08 18:22:25 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\txflog.dll
[2012/02/08 18:22:25 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uexfat.dll
[2012/02/07 17:36:41 | 000,000,000 | ---D | C] -- C:\ppsvodcache
[2012/02/07 17:36:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PPStream
[2012/02/07 12:35:02 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG
[2012/02/07 12:33:46 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Local\HP
[2012/02/07 12:22:22 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2012/02/07 12:19:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard
[2012/02/07 12:18:38 | 000,271,704 | ---- | C] (Hewlett-Packard) -- C:\Windows\System32\hpzids01.dll
[2012/02/07 12:18:31 | 000,118,272 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\System32\hpz3l5mu.dll
[2012/02/07 12:17:27 | 000,364,544 | ---- | C] (Hewlett-Packard) -- C:\Windows\System32\hppldcoi.dll
[2012/02/07 12:17:26 | 000,729,088 | ---- | C] (Hewlett-Packard) -- C:\Windows\System32\hpwwiax4.dll
[2012/02/07 12:17:26 | 000,593,920 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\System32\hpwtscl3.dll
[2012/02/07 12:17:26 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\difxapi.dll
[2012/02/07 12:17:26 | 000,294,912 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\System32\hpovst11.dll
[2012/02/07 12:16:50 | 001,373,528 | R--- | C] (Hewlett-Packard) -- C:\Windows\hpzshl01.exe
[2012/02/07 12:16:49 | 001,140,056 | R--- | C] (Hewlett-Packard) -- C:\Windows\hpzmsi01.exe
[2012/02/07 12:16:47 | 000,000,000 | ---D | C] -- C:\Windows\yellowtail+1
[2012/02/05 00:46:51 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2012/02/05 00:44:52 | 002,452,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012/02/05 00:44:26 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012/02/05 00:44:26 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012/02/05 00:44:20 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2012/02/05 00:44:20 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012/02/05 00:42:16 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\polstore.dll
[2012/02/05 00:39:31 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2012/02/05 00:39:31 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2012/02/05 00:39:30 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2012/02/05 00:39:30 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2012/02/05 00:39:30 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2012/02/05 00:39:30 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2012/02/05 00:39:30 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2012/02/05 00:36:44 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2012/02/05 00:36:43 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2012/02/05 00:36:43 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll
[2012/02/05 00:36:43 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
[2012/02/05 00:36:42 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2012/02/05 00:35:21 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2012/02/05 00:35:20 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll
[2012/02/05 00:20:00 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2012/02/05 00:20:00 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2012/02/05 00:03:32 | 001,808,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0046.dll
[2012/02/05 00:03:32 | 001,793,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0045.dll
[2012/02/05 00:03:32 | 001,558,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0049.dll
[2012/02/05 00:03:32 | 001,411,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0047.dll
[2012/02/05 00:03:31 | 002,136,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0021.dll
[2012/02/05 00:03:31 | 001,782,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0039.dll
[2012/02/05 00:03:31 | 001,236,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0020.dll
[2012/02/05 00:03:30 | 007,964,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0024.dll
[2012/02/05 00:03:30 | 005,499,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0022.dll
[2012/02/05 00:03:29 | 006,224,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0027.dll
[2012/02/05 00:03:29 | 005,791,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0026.dll
[2012/02/05 00:03:28 | 004,981,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0013.dll
[2012/02/05 00:03:28 | 004,175,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0010.dll
[2012/02/05 00:03:28 | 002,466,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0011.dll
[2012/02/05 00:03:27 | 006,781,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0019.dll
[2012/02/05 00:03:27 | 003,331,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0018.dll
[2012/02/05 00:03:26 | 011,722,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0001.dll
[2012/02/05 00:03:26 | 004,164,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0002.dll
[2012/02/05 00:03:25 | 001,452,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0003.dll
[2012/02/05 00:03:24 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004a.dll
[2012/02/05 00:03:24 | 001,702,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004b.dll
[2012/02/05 00:03:23 | 004,093,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004c.dll
[2012/02/05 00:03:23 | 001,972,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004e.dll
[2012/02/05 00:03:22 | 006,014,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001a.dll
[2012/02/05 00:03:22 | 004,045,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons003e.dll
[2012/02/05 00:03:22 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons002a.dll
[2012/02/05 00:03:21 | 006,585,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001b.dll
[2012/02/05 00:03:21 | 006,346,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001d.dll
[2012/02/05 00:03:20 | 009,892,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000a.dll
[2012/02/05 00:03:20 | 006,237,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000c.dll
[2012/02/05 00:03:20 | 001,722,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000d.dll
[2012/02/05 00:03:19 | 005,654,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000f.dll
[2012/02/05 00:03:19 | 005,090,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0416.dll
[2012/02/05 00:03:19 | 004,616,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0414.dll
[2012/02/05 00:03:18 | 007,042,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons081a.dll
[2012/02/05 00:03:18 | 005,031,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0816.dll
[2012/02/05 00:03:17 | 005,071,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsModels0011.dll
[2012/02/05 00:03:17 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0046.dll
[2012/02/05 00:03:17 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0045.dll
[2012/02/05 00:03:16 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0049.dll
[2012/02/05 00:03:16 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0047.dll
[2012/02/05 00:03:16 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0039.dll
[2012/02/05 00:03:15 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0020.dll
[2012/02/05 00:03:15 | 001,801,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0022.dll
[2012/02/05 00:03:15 | 001,801,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0021.dll
[2012/02/05 00:03:14 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0010.dll
[2012/02/05 00:03:14 | 001,966,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0027.dll
[2012/02/05 00:03:14 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0026.dll
[2012/02/05 00:03:14 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0024.dll
[2012/02/05 00:03:13 | 003,466,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0013.dll
[2012/02/05 00:03:13 | 002,657,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0011.dll
[2012/02/05 00:03:12 | 004,497,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0019.dll
[2012/02/05 00:03:12 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0018.dll
[2012/02/05 00:03:12 | 001,523,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0000.dll
[2012/02/05 00:03:11 | 002,599,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0001.dll
[2012/02/05 00:03:11 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0003.dll
[2012/02/05 00:03:11 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0002.dll
[2012/02/05 00:03:10 | 004,875,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0009.dll
[2012/02/05 00:03:10 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004a.dll
[2012/02/05 00:03:10 | 002,243,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0007.dll
[2012/02/05 00:03:09 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004e.dll
[2012/02/05 00:03:09 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004c.dll
[2012/02/05 00:03:09 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004b.dll
[2012/02/05 00:03:08 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001b.dll
[2012/02/05 00:03:08 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001a.dll
[2012/02/05 00:03:08 | 001,801,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData003e.dll
[2012/02/05 00:03:08 | 001,801,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData002a.dll
[2012/02/05 00:03:07 | 009,847,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000a.dll
[2012/02/05 00:03:07 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001d.dll
[2012/02/05 00:03:06 | 002,643,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000c.dll
[2012/02/05 00:03:06 | 002,342,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000d.dll
[2012/02/05 00:03:06 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000f.dll
[2012/02/05 00:03:05 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0416.dll
[2012/02/05 00:03:05 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0414.dll
[2012/02/05 00:03:04 | 006,917,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0c1a.dll
[2012/02/05 00:03:04 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0816.dll
[2012/02/05 00:03:04 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData081a.dll
[2012/02/05 00:03:03 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0c1a.dll
[2012/02/04 23:59:09 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll
[2012/02/04 23:55:40 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2012/02/04 23:55:40 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2012/02/04 23:45:17 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printcom.dll
[2012/02/04 23:43:23 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshrm.dll
[2012/02/04 23:42:24 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2012/02/04 23:42:24 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2012/02/04 23:42:21 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2012/02/04 23:42:21 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2012/02/04 23:42:20 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2012/02/04 22:59:10 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll
[2012/02/04 22:57:45 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2012/02/04 22:53:56 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2012/02/04 22:53:15 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2012/02/04 22:52:25 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2012/02/04 22:52:25 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll
[2012/02/04 22:51:44 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2012/02/04 16:04:45 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\GdiPlus.dll
[2012/02/04 16:04:44 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Roaming\PPStream
[2012/02/04 09:47:48 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Roaming\Skype
[2012/02/04 09:47:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/02/04 09:47:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012/02/04 09:47:17 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012/02/04 09:47:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012/02/04 08:38:27 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/02/04 08:31:31 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Roaming\Mozilla
[2012/02/04 08:31:31 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Local\Mozilla
[2012/02/04 08:31:11 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/02/03 16:38:10 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Roaming\Tencent
[2012/02/03 15:04:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QVOD
[2012/02/03 15:03:49 | 000,770,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr100.dll
[2012/02/03 15:03:49 | 000,421,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp100.dll
[2012/02/03 15:03:38 | 000,000,000 | ---D | C] -- C:\ProgramData\QvodPlayer
[2012/02/03 15:03:32 | 000,000,000 | ---D | C] -- C:\Program Files\QvodPlayer
[2012/02/03 15:03:32 | 000,000,000 | ---D | C] -- C:\Media
[2012/02/03 13:54:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/02/03 13:54:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012/02/03 10:26:55 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012/02/03 10:16:19 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2012/02/03 10:16:19 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2012/02/03 10:16:19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2012/02/03 10:16:16 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2012/02/03 09:03:10 | 000,000,000 | ---D | C] -- C:\Users\mnar\Documents\Youcam
[2012/02/03 09:03:09 | 000,000,000 | ---D | C] -- C:\Users\mnar\Documents\My Scans
[2012/02/03 09:03:09 | 000,000,000 | ---D | C] -- C:\Users\mnar\Documents\CD rom issues
[2012/02/03 09:03:08 | 000,000,000 | ---D | C] -- C:\Users\mnar\Documents\BA Related
[2012/02/03 09:02:12 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Roaming\Adobe
[2012/02/03 09:02:12 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Local\Adobe
[2012/02/03 08:58:46 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Roaming\CyberLink
[2012/02/03 08:56:58 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Roaming\HP
[2012/02/03 00:57:53 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012/02/03 00:37:54 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Local\ElevatedDiagnostics
[2012/02/03 00:35:46 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 1.0
[2012/02/03 00:35:46 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2012/02/02 22:23:19 | 002,421,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012/02/02 22:23:19 | 000,044,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012/02/02 22:22:46 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012/02/02 22:22:46 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2012/02/02 22:22:46 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012/02/02 22:22:21 | 000,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012/02/02 22:22:21 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012/02/02 22:16:44 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Local\Hewlett-Packard
[2012/02/02 22:16:28 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Roaming\Symantec
[2012/02/02 22:16:19 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Local\QuickPlay
[2012/02/02 22:15:44 | 000,000,000 | R--D | C] -- C:\Users\mnar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/02/02 22:15:44 | 000,000,000 | R--D | C] -- C:\Users\mnar\Searches
[2012/02/02 22:15:44 | 000,000,000 | R--D | C] -- C:\Users\mnar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/02/02 22:15:34 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Roaming\Identities
[2012/02/02 22:15:31 | 000,000,000 | R--D | C] -- C:\Users\mnar\Contacts
[2012/02/02 22:15:29 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Local\VirtualStore
[2012/02/02 22:13:53 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Roaming\Macromedia
[2012/02/02 22:13:33 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Roaming\Hewlett-Packard
[2012/02/02 22:11:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2012/02/02 22:10:38 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Local\Downloaded Installations
[2012/02/02 22:10:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
[2012/02/02 22:06:49 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2012/02/02 22:06:31 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2012/02/02 22:06:31 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2012/02/02 22:06:30 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2012/02/02 22:06:29 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2012/02/02 22:06:29 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2012/02/02 22:06:19 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2012/02/02 22:06:19 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2012/02/02 22:06:19 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2012/02/02 22:06:18 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2012/02/02 22:06:17 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2012/02/02 22:06:16 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2012/02/02 22:06:15 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2012/02/02 22:06:12 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2012/02/02 22:06:11 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2012/02/02 22:03:45 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom
[2012/02/02 22:03:44 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Roaming\InstallShield
[2012/02/02 22:02:52 | 000,000,000 | -HSD | C] -- C:\Users\mnar\Templates
[2012/02/02 22:02:52 | 000,000,000 | -HSD | C] -- C:\Users\mnar\Start Menu
[2012/02/02 22:02:52 | 000,000,000 | -HSD | C] -- C:\Users\mnar\SendTo
[2012/02/02 22:02:52 | 000,000,000 | -HSD | C] -- C:\Users\mnar\PrintHood
[2012/02/02 22:02:52 | 000,000,000 | -HSD | C] -- C:\Users\mnar\NetHood
[2012/02/02 22:02:52 | 000,000,000 | -HSD | C] -- C:\Users\mnar\Documents\My Videos
[2012/02/02 22:02:52 | 000,000,000 | -HSD | C] -- C:\Users\mnar\Documents\My Pictures
[2012/02/02 22:02:52 | 000,000,000 | -HSD | C] -- C:\Users\mnar\Documents\My Music
[2012/02/02 22:02:52 | 000,000,000 | -HSD | C] -- C:\Users\mnar\My Documents
[2012/02/02 22:02:52 | 000,000,000 | -HSD | C] -- C:\Users\mnar\Local Settings
[2012/02/02 22:02:52 | 000,000,000 | -HSD | C] -- C:\Users\mnar\Application Data
[2012/02/02 22:02:52 | 000,000,000 | -HSD | C] -- C:\Users\mnar\AppData\Local\Application Data
[2012/02/02 22:02:51 | 000,000,000 | --SD | C] -- C:\Users\mnar\AppData\Roaming\Microsoft
[2012/02/02 22:02:51 | 000,000,000 | R--D | C] -- C:\Users\mnar\Videos
[2012/02/02 22:02:51 | 000,000,000 | R--D | C] -- C:\Users\mnar\Saved Games
[2012/02/02 22:02:51 | 000,000,000 | R--D | C] -- C:\Users\mnar\Pictures
[2012/02/02 22:02:51 | 000,000,000 | R--D | C] -- C:\Users\mnar\Music
[2012/02/02 22:02:51 | 000,000,000 | R--D | C] -- C:\Users\mnar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/02/02 22:02:51 | 000,000,000 | R--D | C] -- C:\Users\mnar\Links
[2012/02/02 22:02:51 | 000,000,000 | R--D | C] -- C:\Users\mnar\Favorites
[2012/02/02 22:02:51 | 000,000,000 | R--D | C] -- C:\Users\mnar\Downloads
[2012/02/02 22:02:51 | 000,000,000 | R--D | C] -- C:\Users\mnar\Documents
[2012/02/02 22:02:51 | 000,000,000 | R--D | C] -- C:\Users\mnar\Desktop
[2012/02/02 22:02:51 | 000,000,000 | R--D | C] -- C:\Users\mnar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/02/02 22:02:51 | 000,000,000 | -H-D | C] -- C:\Users\mnar\AppData
[2012/02/02 22:02:51 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Local\Temp
[2012/02/02 22:02:51 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Local\Microsoft
[2012/02/02 22:02:51 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Roaming\Media Center Programs
[2012/02/02 22:02:51 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
[2012/02/02 22:02:51 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
[2012/02/02 21:58:50 | 000,000,000 | -HSD | C] -- C:\ProgramData\Templates
[2012/02/02 21:58:50 | 000,000,000 | -HSD | C] -- C:\ProgramData\Start Menu
[2012/02/02 21:58:50 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Videos
[2012/02/02 21:58:50 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Pictures
[2012/02/02 21:58:50 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Music
[2012/02/02 21:58:50 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favorites
[2012/02/02 21:58:50 | 000,000,000 | -HSD | C] -- C:\Documents and Settings
[2012/02/02 21:58:50 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documents
[2012/02/02 21:58:50 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop
[2012/02/02 21:58:50 | 000,000,000 | -HSD | C] -- C:\ProgramData\Application Data

========== Files - Modified Within 90 Days ==========

[2012/03/27 20:07:12 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\mnar\Desktop\aswMBR.exe
[2012/03/27 20:02:22 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\mnar\Desktop\OTL.exe
[2012/03/27 19:26:23 | 000,589,278 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/03/27 19:26:23 | 000,102,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/03/27 19:23:51 | 000,117,608 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012/03/27 19:23:31 | 000,117,608 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012/03/27 19:19:27 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/03/27 19:19:27 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/03/27 19:19:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/03/27 19:19:18 | 2079,232,000 | -HS- | M] () -- C:\hiberfil.sys
[2012/03/25 23:57:32 | 000,055,424 | ---- | M] () -- C:\Users\mnar\Desktop\CapturePaystubs2.JPG
[2012/03/25 23:56:44 | 000,053,325 | ---- | M] () -- C:\Users\mnar\Desktop\Paystubs1.JPG
[2012/03/25 19:23:03 | 000,003,046 | ---- | M] () -- C:\Users\mnar\AppData\Roaming\wklnhst.dat
[2012/03/25 19:22:14 | 000,079,665 | ---- | M] () -- C:\Users\mnar\Desktop\Capture.JPG
[2012/03/19 07:57:16 | 000,316,168 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/03/16 21:48:31 | 000,005,696 | ---- | M] () -- C:\Users\mnar\Documents\Rentall application.pdf
[2012/03/15 19:49:44 | 000,295,489 | ---- | M] () -- C:\Users\mnar\Documents\[email protected]_20120315_122601.pdf
[2012/03/06 15:04:40 | 000,030,363 | ---- | M] () -- C:\Users\mnar\Documents\Dining room arrangement.JPG
[2012/03/06 13:30:38 | 000,217,987 | ---- | M] () -- C:\Residential%20Lease%20Agreement%20for%20Single%20Family%20Home%20or%20Duplex.pdf
[2012/03/03 10:29:56 | 000,000,162 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2012/03/03 10:24:11 | 000,000,156 | ---- | M] () -- C:\Users\mnar\Desktop\MSN MoneyCentral.url
[2012/03/03 10:24:02 | 000,001,013 | ---- | M] () -- C:\Users\mnar\Desktop\Microsoft Money.lnk
[2012/03/03 10:21:14 | 000,000,376 | ---- | M] () -- C:\Windows\ODBC.INI
[2012/03/03 10:20:52 | 000,001,871 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
[2012/03/03 10:17:33 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012/03/03 10:17:33 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012/03/03 10:16:28 | 000,000,999 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Works Calendar Reminders.lnk
[2012/02/28 07:20:19 | 000,006,944 | ---- | M] () -- C:\Users\mnar\AppData\Local\d3d9caps.dat
[2012/02/27 22:16:47 | 000,002,338 | ---- | M] () -- C:\Users\Public\Desktop\Driver Detective.lnk
[2012/02/24 07:33:46 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/02/18 12:04:19 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2012/02/18 09:57:52 | 000,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/02/18 09:50:40 | 000,001,142 | ---- | M] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2012/02/15 15:06:45 | 000,178,670 | ---- | M] () -- C:\Windows\hpwins20.dat
[2012/02/14 11:45:30 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012/02/14 11:45:30 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012/02/13 10:12:08 | 001,172,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012/02/13 09:47:57 | 000,683,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012/02/13 09:44:40 | 001,068,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012/02/12 13:54:40 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012/02/12 13:54:40 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012/02/12 13:54:39 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012/02/12 13:54:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2012/02/10 17:47:02 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2012/02/10 17:46:44 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2012/02/10 16:34:13 | 000,873,310 | ---- | M] () -- C:\Windows\System32\oem26.inf
[2012/02/09 21:03:35 | 000,000,492 | ---- | M] () -- C:\Users\mnar\Documents\tencent.reg
[2012/02/09 21:01:40 | 000,000,500 | ---- | M] () -- C:\Users\mnar\Documents\IE helper.reg
[2012/02/09 17:56:24 | 000,051,528 | ---- | M] () -- C:\Users\mnar\AppData\Roaming\nvModes.001
[2012/02/08 22:52:13 | 000,000,862 | ---- | M] () -- C:\Users\mnar\Desktop\Eusing Free Registry Cleaner.lnk
[2012/02/08 21:01:04 | 000,000,943 | ---- | M] () -- C:\Users\mnar\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/02/08 19:06:42 | 000,101,888 | ---- | M] (Infineon Technologies AG) -- C:\Windows\System32\ifxcardm.dll
[2012/02/08 19:06:30 | 000,082,432 | ---- | M] (Gemalto, Inc.) -- C:\Windows\System32\axaltocm.dll
[2012/02/08 18:54:42 | 000,196,608 | ---- | M] () -- C:\Windows\SPInstall.etl
[2012/02/08 16:21:41 | 000,051,528 | ---- | M] () -- C:\Users\mnar\AppData\Roaming\nvModes.dat
[2012/02/07 17:36:08 | 000,000,461 | ---- | M] () -- C:\Users\Public\Desktop\PPS影音.lnk
[2012/02/07 17:36:08 | 000,000,461 | ---- | M] () -- C:\Users\mnar\Application Data\Microsoft\Internet Explorer\Quick Launch\PPS影音.lnk
[2012/02/07 12:21:19 | 000,001,972 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2012/02/05 00:46:51 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2012/02/05 00:44:52 | 002,452,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012/02/05 00:44:26 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012/02/05 00:44:26 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012/02/05 00:44:20 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2012/02/05 00:44:20 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012/02/05 00:42:16 | 000,272,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\polstore.dll
[2012/02/05 00:39:31 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2012/02/05 00:39:31 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2012/02/05 00:39:30 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2012/02/05 00:39:30 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2012/02/05 00:39:30 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2012/02/05 00:39:30 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2012/02/05 00:39:30 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2012/02/05 00:36:44 | 002,501,921 | ---- | M] () -- C:\Windows\System32\wlan.tmf
[2012/02/05 00:36:44 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2012/02/05 00:36:43 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2012/02/05 00:36:43 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll
[2012/02/05 00:36:43 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
[2012/02/05 00:36:42 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2012/02/05 00:36:39 | 000,015,181 | ---- | M] () -- C:\Windows\System32\gatherWirelessInfo.vbs
[2012/02/05 00:35:21 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2012/02/05 00:35:20 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll
[2012/02/05 00:20:00 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2012/02/05 00:20:00 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2012/02/05 00:03:32 | 001,808,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0046.dll
[2012/02/05 00:03:32 | 001,793,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0045.dll
[2012/02/05 00:03:32 | 001,558,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0049.dll
[2012/02/05 00:03:32 | 001,411,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0047.dll
[2012/02/05 00:03:31 | 002,136,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0021.dll
[2012/02/05 00:03:31 | 001,782,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0039.dll
[2012/02/05 00:03:31 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0020.dll
[2012/02/05 00:03:30 | 007,964,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0024.dll
[2012/02/05 00:03:30 | 005,499,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0022.dll
[2012/02/05 00:03:29 | 006,224,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0027.dll
[2012/02/05 00:03:29 | 005,791,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0026.dll
[2012/02/05 00:03:29 | 004,175,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0010.dll
[2012/02/05 00:03:28 | 004,981,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0013.dll
[2012/02/05 00:03:28 | 002,466,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0011.dll
[2012/02/05 00:03:27 | 006,781,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0019.dll
[2012/02/05 00:03:27 | 003,331,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0018.dll
[2012/02/05 00:03:26 | 011,722,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0001.dll
[2012/02/05 00:03:26 | 004,164,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0002.dll
[2012/02/05 00:03:25 | 001,452,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0003.dll
[2012/02/05 00:03:24 | 003,419,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004a.dll
[2012/02/05 00:03:24 | 001,702,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004b.dll
[2012/02/05 00:03:23 | 004,093,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004c.dll
[2012/02/05 00:03:23 | 004,045,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons003e.dll
[2012/02/05 00:03:23 | 001,972,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004e.dll
[2012/02/05 00:03:22 | 006,585,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001b.dll
[2012/02/05 00:03:22 | 006,014,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001a.dll
[2012/02/05 00:03:22 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons002a.dll
[2012/02/05 00:03:21 | 009,892,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000a.dll
[2012/02/05 00:03:21 | 006,346,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001d.dll
[2012/02/05 00:03:20 | 006,237,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000c.dll
[2012/02/05 00:03:20 | 005,654,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000f.dll
[2012/02/05 00:03:20 | 001,722,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000d.dll
[2012/02/05 00:03:19 | 005,090,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0416.dll
[2012/02/05 00:03:19 | 004,616,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0414.dll
[2012/02/05 00:03:18 | 007,042,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons081a.dll
[2012/02/05 00:03:18 | 005,031,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0816.dll
[2012/02/05 00:03:17 | 005,071,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsModels0011.dll
[2012/02/05 00:03:17 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0046.dll
[2012/02/05 00:03:17 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0045.dll
[2012/02/05 00:03:16 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0049.dll
[2012/02/05 00:03:16 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0047.dll
[2012/02/05 00:03:16 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0039.dll
[2012/02/05 00:03:15 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0020.dll
[2012/02/05 00:03:15 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0024.dll
[2012/02/05 00:03:15 | 001,801,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0022.dll
[2012/02/05 00:03:15 | 001,801,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0021.dll
[2012/02/05 00:03:14 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0010.dll
[2012/02/05 00:03:14 | 001,966,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0027.dll
[2012/02/05 00:03:14 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0026.dll
[2012/02/05 00:03:13 | 003,466,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0013.dll
[2012/02/05 00:03:13 | 002,657,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0011.dll
[2012/02/05 00:03:13 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0018.dll
[2012/02/05 00:03:12 | 004,497,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0019.dll
[2012/02/05 00:03:12 | 001,523,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0000.dll
[2012/02/05 00:03:11 | 002,599,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0001.dll
[2012/02/05 00:03:11 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0003.dll
[2012/02/05 00:03:11 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0002.dll
[2012/02/05 00:03:10 | 004,875,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0009.dll
[2012/02/05 00:03:10 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004a.dll
[2012/02/05 00:03:10 | 002,243,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0007.dll
[2012/02/05 00:03:09 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004e.dll
[2012/02/05 00:03:09 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004c.dll
[2012/02/05 00:03:09 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004b.dll
[2012/02/05 00:03:08 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData001b.dll
[2012/02/05 00:03:08 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData001a.dll
[2012/02/05 00:03:08 | 001,801,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData003e.dll
[2012/02/05 00:03:08 | 001,801,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData002a.dll
[2012/02/05 00:03:07 | 009,847,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000a.dll
[2012/02/05 00:03:07 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData001d.dll
[2012/02/05 00:03:06 | 002,643,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000c.dll
[2012/02/05 00:03:06 | 002,342,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000d.dll
[2012/02/05 00:03:06 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000f.dll
[2012/02/05 00:03:05 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0416.dll
[2012/02/05 00:03:05 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0414.dll
[2012/02/05 00:03:04 | 006,917,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0c1a.dll
[2012/02/05 00:03:04 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0816.dll
[2012/02/05 00:03:04 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData081a.dll
[2012/02/05 00:03:03 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0c1a.dll
[2012/02/04 23:59:09 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll
[2012/02/04 23:55:40 | 000,220,672 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2012/02/04 23:55:40 | 000,062,464 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2012/02/04 23:45:17 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printcom.dll
[2012/02/04 23:43:23 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wshrm.dll
[2012/02/04 23:42:24 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2012/02/04 23:42:24 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2012/02/04 23:42:21 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2012/02/04 23:42:20 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2012/02/04 23:26:56 | 029,032,448 | ---- | M] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2012/02/04 23:26:56 | 000,196,608 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2012/02/04 23:26:56 | 000,065,536 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2012/02/04 22:59:10 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll
[2012/02/04 22:57:45 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2012/02/04 22:53:56 | 000,355,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2012/02/04 22:52:25 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2012/02/04 22:52:25 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll
[2012/02/04 22:51:44 | 000,604,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2012/02/04 09:47:28 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/02/04 08:31:23 | 000,000,870 | ---- | M] () -- C:\Users\mnar\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/02/04 08:31:23 | 000,000,846 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/02/03 15:04:48 | 000,001,748 | ---- | M] () -- C:\Users\mnar\Application Data\Microsoft\Internet Explorer\Quick Launch\QvodPlayer.lnk
[2012/02/03 15:04:48 | 000,001,724 | ---- | M] () -- C:\Users\Public\Desktop\QvodPlayer.lnk
[2012/02/03 10:16:19 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2012/02/03 10:16:19 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2012/02/03 10:16:19 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2012/02/03 10:16:17 | 002,386,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2012/02/03 08:30:04 | 000,000,938 | ---- | M] () -- C:\Users\mnar\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2012/02/03 00:30:45 | 000,983,040 | ---- | M] () -- C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl
[2012/02/03 00:30:45 | 000,196,608 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf
[2012/02/03 00:30:45 | 000,065,536 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx
[2012/02/02 22:23:19 | 002,421,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012/02/02 22:23:19 | 000,044,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012/02/02 22:22:46 | 000,575,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012/02/02 22:22:46 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2012/02/02 22:22:46 | 000,035,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012/02/02 22:22:21 | 000,171,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012/02/02 22:22:21 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012/02/02 22:15:21 | 000,000,081 | ---- | M] () -- C:\Windows\System32\LOG
[2012/02/02 22:15:18 | 000,000,044 | ---- | M] () -- C:\Windows\System\hpsysdrv.dat
[2012/02/02 22:03:14 | 000,000,000 | RHS- | M] () -- C:\Windows\System32\drivers\103C_HP_cNB_Pavilion dv6700 Notebook PC_Y5335KV_0U_QCNF74916MD_E459053-001_4A_I30CF_SQuanta_V85.26_F.34_T110322_WV3-0_L409_M1983_J250_7AMD_8F82_92.00_#071022_N14E44328;10DE054C_(KC317UA#ABA)_XMOBILE_CN10_Z.MRK
[2012/02/02 21:11:56 | 000,026,243 | ---- | M] () -- C:\Users\mnar\Documents\bookmarks-firefox.html
[2012/02/02 21:10:28 | 000,012,654 | ---- | M] () -- C:\Users\mnar\Documents\bookmark.htm
[2012/02/02 11:16:25 | 002,044,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/01/31 08:44:05 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2012/01/30 17:25:51 | 000,048,882 | ---- | M] () -- C:\Users\mnar\Documents\Sofa.JPG
[2012/01/30 17:24:23 | 000,051,757 | ---- | M] () -- C:\Users\mnar\Documents\Loveseat.JPG
[2012/01/28 00:11:47 | 000,229,858 | ---- | M] () -- C:\Users\mnar\Documents\Untitled1.jpg
[2012/01/23 12:19:55 | 000,015,532 | ---- | M] () -- C:\Users\mnar\Documents\dvd drive interface.JPG
[2012/01/13 15:17:52 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr100.dll
[2012/01/13 15:17:52 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp100.dll
[2012/01/09 11:54:08 | 000,613,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2012/01/09 11:03:54 | 000,001,878 | ---- | M] () -- C:\Users\mnar\Documents\Skype.lnk
[2012/01/08 17:54:08 | 000,001,724 | ---- | M] () -- C:\Users\mnar\Documents\QvodPlayer.lnk
[2012/01/08 16:47:14 | 000,000,862 | ---- | M] () -- C:\Users\mnar\Documents\Eusing Free Registry Cleaner.lnk
[2012/01/08 16:29:37 | 000,000,665 | ---- | M] () -- C:\Users\mnar\Documents\Sample Pictures.lnk

========== Files Created - No Company Name ==========

[2012/03/25 23:57:30 | 000,055,424 | ---- | C] () -- C:\Users\mnar\Desktop\CapturePaystubs2.JPG
[2012/03/25 23:56:42 | 000,053,325 | ---- | C] () -- C:\Users\mnar\Desktop\Paystubs1.JPG
[2012/03/25 19:22:11 | 000,079,665 | ---- | C] () -- C:\Users\mnar\Desktop\Capture.JPG
[2012/03/16 21:48:31 | 000,005,696 | ---- | C] () -- C:\Users\mnar\Documents\Rentall application.pdf
[2012/03/15 19:49:39 | 000,295,489 | ---- | C] () -- C:\Users\mnar\Documents\[email protected]_20120315_122601.pdf
[2012/03/06 15:04:37 | 000,030,363 | ---- | C] () -- C:\Users\mnar\Documents\Dining room arrangement.JPG
[2012/03/06 13:30:38 | 000,217,987 | ---- | C] () -- C:\Residential%20Lease%20Agreement%20for%20Single%20Family%20Home%20or%20Duplex.pdf
[2012/03/03 10:31:34 | 000,003,046 | ---- | C] () -- C:\Users\mnar\AppData\Roaming\wklnhst.dat
[2012/03/03 10:24:02 | 000,001,043 | ---- | C] () -- C:\Users\mnar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Money.lnk
[2012/03/03 10:24:02 | 000,001,013 | ---- | C] () -- C:\Users\mnar\Desktop\Microsoft Money.lnk
[2012/03/03 10:21:14 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/03/03 10:20:52 | 000,002,022 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Word.lnk
[2012/03/03 10:20:52 | 000,001,871 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
[2012/03/03 10:18:14 | 000,000,627 | ---- | C] () -- C:\Windows\fna00172
[2012/03/03 10:17:33 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2012/03/03 10:17:33 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2012/03/03 10:16:28 | 000,000,999 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Works Calendar Reminders.lnk
[2012/02/27 22:16:47 | 000,002,338 | ---- | C] () -- C:\Users\Public\Desktop\Driver Detective.lnk
[2012/02/18 12:04:19 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2012/02/18 09:57:52 | 000,002,154 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012/02/18 09:56:16 | 000,001,808 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/02/18 09:50:40 | 000,001,142 | ---- | C] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2012/02/10 17:47:02 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2012/02/10 17:46:44 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2012/02/10 17:45:07 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2012/02/10 16:34:46 | 000,873,310 | ---- | C] () -- C:\Windows\System32\oem26.inf
[2012/02/10 16:31:47 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2012/02/10 16:31:47 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2012/02/10 16:31:47 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2012/02/09 21:03:35 | 000,000,492 | ---- | C] () -- C:\Users\mnar\Documents\tencent.reg
[2012/02/09 21:01:40 | 000,000,500 | ---- | C] () -- C:\Users\mnar\Documents\IE helper.reg
[2012/02/09 18:23:12 | 000,117,608 | ---- | C] () -- C:\ProgramData\nvModes.001
[2012/02/09 18:23:07 | 000,117,608 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2012/02/08 22:52:13 | 000,000,862 | ---- | C] () -- C:\Users\mnar\Desktop\Eusing Free Registry Cleaner.lnk
[2012/02/08 20:21:40 | 000,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2012/02/08 20:21:37 | 000,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2012/02/08 20:21:37 | 000,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2012/02/08 20:21:23 | 000,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2012/02/08 20:21:21 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2012/02/08 20:21:19 | 000,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2012/02/08 20:20:23 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2012/02/08 20:20:12 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2012/02/08 20:19:47 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2012/02/08 20:19:46 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2012/02/08 20:19:38 | 000,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2012/02/08 20:19:34 | 000,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man
[2012/02/08 20:19:27 | 000,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2012/02/08 18:24:28 | 000,145,455 | ---- | C] () -- C:\Windows\System32\perfmon.msc
[2012/02/08 18:23:20 | 000,144,909 | ---- | C] () -- C:\Windows\System32\fsmgmt.msc
[2012/02/08 18:23:18 | 000,012,198 | ---- | C] () -- C:\Windows\System32\gatherWiredInfo.vbs
[2012/02/08 18:16:02 | 000,196,608 | ---- | C] () -- C:\Windows\SPInstall.etl
[2012/02/07 17:36:09 | 000,000,461 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PPS 影音.lnk
[2012/02/07 17:36:08 | 000,000,461 | ---- | C] () -- C:\Users\Public\Desktop\PPS影音.lnk
[2012/02/07 17:36:08 | 000,000,461 | ---- | C] () -- C:\Users\mnar\Application Data\Microsoft\Internet Explorer\Quick Launch\PPS影音.lnk
[2012/02/07 12:24:02 | 000,000,855 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
[2012/02/07 12:21:19 | 000,001,972 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2012/02/07 12:16:49 | 000,012,054 | R--- | C] () -- C:\Windows\hpwscr20.dat
[2012/02/07 12:14:41 | 000,178,670 | ---- | C] () -- C:\Windows\hpwins20.dat
[2012/02/07 12:14:41 | 000,002,428 | R--- | C] () -- C:\Windows\hpwmdl20.dat
[2012/02/05 00:36:44 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2012/02/05 00:36:39 | 000,015,181 | ---- | C] () -- C:\Windows\System32\gatherWirelessInfo.vbs
[2012/02/04 23:18:34 | 029,032,448 | ---- | C] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2012/02/04 23:18:34 | 000,196,608 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2012/02/04 23:18:34 | 000,065,536 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2012/02/04 09:47:28 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/02/04 08:31:23 | 000,000,870 | ---- | C] () -- C:\Users\mnar\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/02/04 08:31:23 | 000,000,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/02/04 08:31:23 | 000,000,846 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/02/03 16:48:34 | 000,051,528 | ---- | C] () -- C:\Users\mnar\AppData\Roaming\nvModes.001
[2012/02/03 16:48:13 | 000,051,528 | ---- | C] () -- C:\Users\mnar\AppData\Roaming\nvModes.dat
[2012/02/03 15:04:48 | 000,001,748 | ---- | C] () -- C:\Users\mnar\Application Data\Microsoft\Internet Explorer\Quick Launch\QvodPlayer.lnk
[2012/02/03 15:04:48 | 000,001,724 | ---- | C] () -- C:\Users\Public\Desktop\QvodPlayer.lnk
[2012/02/03 09:03:30 | 000,229,858 | ---- | C] () -- C:\Users\mnar\Documents\Untitled1.jpg
[2012/02/03 09:03:30 | 000,141,481 | ---- | C] () -- C:\Users\mnar\Documents\Diploma.jpg
[2012/02/03 09:03:30 | 000,051,757 | ---- | C] () -- C:\Users\mnar\Documents\Loveseat.JPG
[2012/02/03 09:03:30 | 000,048,882 | ---- | C] () -- C:\Users\mnar\Documents\Sofa.JPG
[2012/02/03 09:03:30 | 000,015,532 | ---- | C] () -- C:\Users\mnar\Documents\dvd drive interface.JPG
[2012/02/03 09:03:30 | 000,002,033 | ---- | C] () -- C:\Users\mnar\Documents\My HP Games.lnk
[2012/02/03 09:03:30 | 000,001,878 | ---- | C] () -- C:\Users\mnar\Documents\Skype.lnk
[2012/02/03 09:03:30 | 000,001,724 | ---- | C] () -- C:\Users\mnar\Documents\QvodPlayer.lnk
[2012/02/03 09:03:30 | 000,000,862 | ---- | C] () -- C:\Users\mnar\Documents\Eusing Free Registry Cleaner.lnk
[2012/02/03 09:03:30 | 000,000,665 | ---- | C] () -- C:\Users\mnar\Documents\Sample Pictures.lnk
[2012/02/03 09:03:10 | 000,026,243 | ---- | C] () -- C:\Users\mnar\Documents\bookmarks-firefox.html
[2012/02/03 09:03:10 | 000,012,654 | ---- | C] () -- C:\Users\mnar\Documents\bookmark.htm
[2012/02/03 08:57:51 | 000,006,944 | ---- | C] () -- C:\Users\mnar\AppData\Local\d3d9caps.dat
[2012/02/03 00:56:07 | 2079,232,000 | -HS- | C] () -- C:\hiberfil.sys
[2012/02/03 00:30:37 | 000,983,040 | ---- | C] () -- C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl
[2012/02/03 00:30:37 | 000,196,608 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf
[2012/02/03 00:30:37 | 000,065,536 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx
[2012/02/03 00:28:25 | 000,000,943 | ---- | C] () -- C:\Users\mnar\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/02/03 00:27:01 | 000,000,938 | ---- | C] () -- C:\Users\mnar\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2012/02/02 22:15:45 | 000,000,949 | ---- | C] () -- C:\Users\mnar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/02/02 22:15:44 | 000,000,944 | ---- | C] () -- C:\Users\mnar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2012/02/02 22:15:31 | 000,000,915 | ---- | C] () -- C:\Users\mnar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2012/02/02 22:15:21 | 000,000,081 | ---- | C] () -- C:\Windows\System32\LOG
[2012/02/02 22:15:18 | 000,000,044 | ---- | C] () -- C:\Windows\System\hpsysdrv.dat
[2012/02/02 22:13:02 | 000,002,061 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
[2012/02/02 22:13:02 | 000,001,865 | ---- | C] () -- C:\Users\Public\Desktop\HP Total Care Advisor.lnk
[2012/02/02 22:13:02 | 000,001,865 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Total Care Advisor.lnk
[2012/02/02 22:03:14 | 000,000,000 | RHS- | C] () -- C:\Windows\System32\drivers\103C_HP_cNB_Pavilion dv6700 Notebook PC_Y5335KV_0U_QCNF74916MD_E459053-001_4A_I30CF_SQuanta_V85.26_F.34_T110322_WV3-0_L409_M1983_J250_7AMD_8F82_92.00_#071022_N14E44328;10DE054C_(KC317UA#ABA)_XMOBILE_CN10_Z.MRK
[2012/02/02 22:02:51 | 000,000,258 | ---- | C] () -- C:\Users\mnar\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/02/02 22:02:51 | 000,000,240 | ---- | C] () -- C:\Users\mnar\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk

========== LOP Check ==========

[2012/03/26 23:05:11 | 000,000,000 | ---D | M] -- C:\Users\mnar\AppData\Roaming\PPStream
[2012/02/03 16:38:10 | 000,000,000 | ---D | M] -- C:\Users\mnar\AppData\Roaming\Tencent
[2012/03/27 09:01:48 | 000,032,612 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >
[2009/04/21 23:02:24 | 001,079,296 | ---- | M] (ADDPCs) -- C:\tempCleaner.exe

< MD5 for: EXPLORER.EXE >
[2012/02/05 00:08:26 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2012/02/05 00:08:26 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2012/02/05 00:08:25 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\WINDOWS\explorer.exe
[2009/04/11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2012/02/05 00:08:26 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006/11/02 05:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008/01/19 00:33:12 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: SVCHOST.EXE >
[2006/11/02 05:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\WINDOWS\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008/01/19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\WINDOWS\System32\svchost.exe
[2008/01/19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\WINDOWS\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: USERINIT.EXE >
[2008/01/19 00:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\WINDOWS\System32\userinit.exe
[2008/01/19 00:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\WINDOWS\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006/11/02 05:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\WINDOWS\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/04/11 00:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\WINDOWS\System32\winlogon.exe
[2009/04/11 00:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006/11/02 05:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008/01/19 00:33:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s >
"DisplayName" = NETBT
"Group" = PNP_TDI
"ImagePath" = System32\DRIVERS\netbt.sys -- [2009/04/10 22:45:38 | 000,185,856 | ---- | M] (Microsoft Corporation)
"Description" = This service implements NetBios over TCP/IP.
"ErrorControl" = 1
"Start" = 1
"Type" = 1
"DependOnService" = Tdxtcpip [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Linkage]
"OtherDependencies" = Tcpip [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters]
"BcastNameQueryCount" = 3
"BcastQueryTimeout" = 750
"CacheTimeout" = 600000
"EnableLMHOSTS" = 1
"NameServerPort" = 137
"NameSrvQueryCount" = 3
"NameSrvQueryTimeout" = 1500
"NbProvider" = _tcp
"SessionKeepAlive" = 3600000
"Size/Small/Medium/Large" = 1
"TransportBindName" = \Device\
"UseNewSmb" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{C0B87525-2220-45AE-9631-A94D26E4BEAF}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{EA982A2C-C1D4-48E7-A5F4-28656125831B}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Security]
"Security" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Enum]
"0" = Root\LEGACY_NETBT\0000
"Count" = 1
"NextInstance" = 1

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s >
"Type" = 2
"Start" = 1
"ErrorControl" = 1
"Tag" = 2
"ImagePath" = system32\DRIVERS\netbios.sys -- [2008/01/18 22:55:46 | 000,035,840 | ---- | M] (Microsoft Corporation)
"DisplayName" = NetBIOS Interface
"Group" = NetBIOSGroup
"Description" = NetBIOS Interface
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage]
"LanaMap" = 01 00 01 02 01 06 01 04 01 05 01 01 01 03 [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Parameters]
"MaxLana" = 6
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Parameters\Winsock]
"HelperDllName" = %SystemRoot%\System32\wshnetbs.dll -- [2006/11/02 05:46:14 | 000,011,264 | ---- | M] (Microsoft Corporation)
"MaxSockAddrLength" = 20
"MinSockAddrLength" = 20
"Mapping" = 02 00 00 00 03 00 00 00 11 00 00 00 05 00 00 00 00 00 00 00 11 00 00 00 02 00 00 00 00 00 00 00 [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Enum]
"0" = Root\LEGACY_NETBIOS\0000
"Count" = 1
"NextInstance" = 1

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/03/18 08:09:47 | 000,834,712 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/03/18 08:09:47 | 000,834,712 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/03/18 08:09:47 | 000,834,712 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/03/18 08:09:54 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/03/18 08:09:54 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/03/18 08:09:54 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2008/01/19 00:33:14 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2008/01/19 00:33:14 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2008/01/19 00:33:14 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/04/11 00:27:46 | 000,636,080 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/03/18 08:09:47 | 000,834,712 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/03/18 08:09:47 | 000,834,712 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/03/18 08:09:47 | 000,834,712 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/03/18 08:09:54 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/03/18 08:09:54 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/03/18 08:09:54 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2008/01/19 00:33:14 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2008/01/19 00:33:14 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2008/01/19 00:33:14 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/04/11 00:27:46 | 000,636,080 | ---- | M] (Microsoft Corporation)

< C:\Windows\assembly\tmp\U\*.* /s >

< C:\Program Files\Common Files\ComObjects\*.* /s >

< %Temp%\smtmp\1\*.* >

< %Temp%\smtmp\2\*.* >

< %Temp%\smtmp\3\*.* >

< %Temp%\smtmp\4\*.* >

< type c:\diskreport.txt /c >
Microsoft DiskPart version 6.0.6002
Copyright © 1999-2007 Microsoft Corporation.
On computer: MNAR-PC
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
Volume 0 C NTFS Partition 221 GB Healthy System
Volume 1 D HP_RECOVERY NTFS Partition 12 GB Healthy

< >

< End of report >

EXTRAS.TXT

OTL Extras logfile created on: 3/27/2012 8:05:42 PM - Run 3
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\mnar\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.94 Gb Total Physical Memory | 0.73 Gb Available Physical Memory | 37.96% Memory free
4.11 Gb Paging File | 2.70 Gb Available in Paging File | 65.59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220.95 Gb Total Space | 147.56 Gb Free Space | 66.79% Space Free | Partition Type: NTFS
Drive D: | 11.93 Gb Total Space | 0.65 Gb Free Space | 5.47% Space Free | Partition Type: NTFS

Computer Name: MNAR-PC | User Name: mnar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"" =

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"" =
"C:\Program Files\Vongo\VongoService.exe" = C:\Program Files\Vongo\VongoService.exe:*:enabled:VongoService -- (Starz Entertainment Group LLC)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- (EarthLink, Inc.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{035FB961-80B5-4C83-A557-351F5F142F6F}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{1A8A904E-B1D2-463E-9D3F-567D9943A22D}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{312A5FAD-2851-4FC1-908B-25EF685CB7FA}" = protocol=6 | dir=in | app=d:\pps.tv\ppstream\ppsap.exe |
"{5D9D73C6-E26E-487F-97E3-5E89F53BE5BA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{75389B44-D2B8-47DF-807F-7E760DDA8BE2}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{7F8D6C45-DCB8-4C97-8B07-BDFB3DFF4E12}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{84E039C3-3100-4F4F-830E-BA409ACE3C1B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{AA470424-6DF9-4323-9A64-661143E57D50}" = protocol=17 | dir=in | app=d:\pps.tv\ppstream\ppstream.exe |
"{B012CF73-0AA9-4CA7-8D29-ADB011DF9B38}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{B31644DC-B89A-4937-A0E3-C9F22D9637CE}" = protocol=17 | dir=in | app=d:\pps.tv\ppstream\ppsap.exe |
"{CE4F4E83-AF88-482F-AE25-0C747924040E}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{DB3093D3-9E93-4B0A-BCFF-A2166E1441F4}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{DFD324BE-F770-4D31-9549-C8FBDAC78B9E}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{E597B241-B3F9-48DC-A5C3-6EFE6EC6E425}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{ECC14089-C02C-4F61-9536-35286DEE9422}" = protocol=6 | dir=in | app=d:\pps.tv\ppstream\ppstream.exe |
"{ED7121CA-8DB4-4371-8A2C-2463A3DC4CCA}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{F4AD277B-E08C-4E1E-8B77-2068DD64ED44}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{FAA4FC71-80FA-438F-95BD-1D088C7918C1}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"TCP Query User{7946AEB8-2B99-4045-A620-E4F5CFA6A1FB}C:\program files\qvodplayer\qvodterminal.exe" = protocol=6 | dir=in | app=c:\program files\qvodplayer\qvodterminal.exe |
"TCP Query User{AC8504B6-4368-4DD7-A0FA-9B43F31CE8C4}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{2166A62A-A4C6-4883-98CA-3027C56B286D}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{48E3846D-D1B1-45A4-8CF8-D47BEADB1F6C}C:\program files\qvodplayer\qvodterminal.exe" = protocol=17 | dir=in | app=c:\program files\qvodplayer\qvodterminal.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00170409-78E1-11D2-B60F-006097C998E7}" = Microsoft Word 2000 SR-1
"{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{06E74B9B-631F-4378-BF3A-40D868450C05}" = HPPhotoSmartPhotobookHolidayPack1
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{0E549A13-2B3D-4633-BA41-DC88C2D6F9A3}" = ProductContext
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{1147FF9A-D576-4cb5-B5E7-FCA21D1E7D26}" = J4680
"{11BB336F-0E58-4977-B866-F24FA334616B}" = HP Active Support Library
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{172AEB5E-CBB2-4CDD-A4CF-388600825839}" = HPPhotoSmartPhotobookPlayfulPack1
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{188C0E25-3D65-4DAC-9C00-7483FBA4C7EB}" = Status
"{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{209CDA54-D390-46A2-A97C-7BF61734418D}" = WeatherBug Gadget
"{2284D904-C138-4B58-93EC-5C362AB5130A}" = The Sims™ Life Stories
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{250E9609-E830-43EB-B379-DAB7546A2422}" = muvee autoProducer 6.1
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java™ 6 Update 30
"{28EDCE9C-3304-4331-8AB3-F3EBE94C35B4}" = HP Help and Support
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.30 E1
"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
"{3825B383-7880-48C8-AADD-49B0D764B151}" = 4660_4680_Help
"{3839C2FF-2CD0-4601-91A8-B1E40A9BE8A8}" = Driver Detective
"{38EAC694-0D90-445F-8C17-8B50ADFE3162}" = Slingbox Flash Tour
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.6
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{4D49757C-367A-4333-BDB3-68966162B14E}" = HP User Guides 0087
"{50802F8E-03B4-479D-A643-16DE5A3586CB}" = BPDSoftware_Ini
"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{5BB4D7C1-52F2-4BFD-9E40-0D419E2E3021}" = bpd_scan
"{5F629FE8-5B4C-4863-937A-AFC2961F7DD3}" = Microsoft Works Suite Add-in for Microsoft Word
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67335AB1-6341-4f87-A5B4-7FA92CEB77A4}" = HP Officejet All-In-One Series
"{679EC478-3FF9-4987-B2FF-C2C2B27532A2}" = DocProc
"{68471BF2-F1F7-4C89-BBBA-400B94996596}" = ESU for Microsoft Vista
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7DC4A410-9986-4329-9E5D-687B2C42CA39}" = HP QuickTouch 1.00 C4
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89E052B2-5CA5-4B7A-AF0C-28CA2836B030}" = HPPhotoSmartPhotobookModernPack1
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C3AE2D1-854D-4650-A73D-C7CC7EE36B80}" = Vongo
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9885A11E-60E4-417C-B58B-8B31B21C0B8A}" = HP Easy Setup - Frontend
"{A07840FC-CE63-4CB8-8030-EF4B9805925A}" = HPPhotoSmartDiscLabel_PaperLabel
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{ABA00898-9467-4689-9F40-DE7F58C8429C}" = Fax
"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0
"{AC95121F-1576-45B8-82F7-3911D27882E6}" = HPPhotoSmartPhotobookScrapbookPack1
"{ACDE260A-602B-4cfb-A650-D0DBA6FFAD85}" = NetDeviceManager
"{ADFB9653-F44C-460C-BF58-189CC552DFFE}" = hpphotosmartdisclabelplugin
"{b02df929-29a7-4fd2-9a70-81a644b635f7}" = HP Total Care Advisor
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4E91E95-A5BA-4E50-A465-DB7EFEB176E8}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BD0E2B92-3814-46F0-893B-4612EA010C7E}" = HP Customer Experience Enhancements
"{BD3DCAB0-3FE5-44FB-90DA-EFB0A2CD1387}" = Works Synchronization
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}" = HP Wireless Assistant
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D085A1B6-90A4-11D3-82B7-00C04FA309DE}" = Microsoft Money 2001
"{D142FE39-3386-4d82-9AD3-36D4A92AC3C2}" = DocMgr
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D3737952-FF6E-4E72-BDEE-B0DC1C69F80B}" = BPD_HPSU
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{DD3C88A0-C53C-41D0-A21B-6D021981D23E}" = HPPhotoSmartDiscLabelContent1
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F4EAEBEA-3E46-43b8-A63C-AD180AE86918}" = BPDSoftware
"{F5577101-33CC-4711-8235-3A95BCD49DB0}" = EA Link
"{F636EE9A-F9EC-4606-BCFA-77DD0E210788}" = HPPhotoSmartDiscLabel_Tattoo
"{F7F3B252-E772-48AA-93EB-7964BC326067}" = MSCU for Microsoft Vista
"{F8D0829C-9C6F-11D3-8080-00C04FA329AA}" = Microsoft Works 6.0
"{FAF7F1D7-C0E7-47EA-8AAA-84E4F9EA3C94}" = Works Suite OS Pack
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AIM_6" = AIM 6
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_HERMOSA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner
"FoneSync" = FoneSync
"Hauppauge MCE2005 Software Encoder" = Hauppauge MCE XP/Vista Software Encoder (2.0.25149)
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Document Manager" = HP Document Manager 1.0
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"HPOCR" = OCR Software by I.R.I.S. 10.0
"InstallShield_{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{F5577101-33CC-4711-8235-3A95BCD49DB0}" = EA Link
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 11.0 (x86 en-US)" = Mozilla Firefox 11.0 (x86 en-US)
"NVIDIA Drivers" = NVIDIA Drivers
"PPStream" = PPS影音 V2.7.0.1392 正式版
"QvodPlayer" = QvodPlayer 5.1.86
"Shop for HP Supplies" = Shop for HP Supplies
"SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.4
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"ViewpointMediaPlayer" = Viewpoint Media Player
"WildTangent hp Master Uninstall" = My HP Games
"Works2001Setup" = Microsoft Works 2001 Setup Launcher

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3/23/2012 10:20:49 PM | Computer Name = mnar-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 3/24/2012 7:40:33 AM | Computer Name = mnar-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 3/24/2012 7:46:07 AM | Computer Name = mnar-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 7.0.6002.18005 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: c1c Start Time: 01cd09b382c237c1 Termination Time: 27

Error - 3/25/2012 5:49:09 AM | Computer Name = mnar-PC | Source = Application Error | ID = 1000
Description = Faulting application Explorer.EXE, version 6.0.6002.18005, time stamp
0x49e01da5, faulting module ShellvRTF.dll, version 1.1.0.8, time stamp 0x46d83e7c,
exception code 0xc0000005, fault offset 0x000057ab, process id 0xd34, application
start time 0x01cd0a6c7c8ec4cd.

Error - 3/26/2012 7:58:48 PM | Computer Name = mnar-PC | Source = Application Hang | ID = 1002
Description = The program hpofxm08.exe version 100.0.272.0 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1658 Start Time: 01cd0bab78743a85 Termination Time: 16

Error - 3/26/2012 9:47:41 PM | Computer Name = mnar-PC | Source = Application Hang | ID = 1002
Description = The program QvodPlayer.exe version 5.1.86.0 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 860 Start Time: 01cd0ba3560ac165 Termination Time: 124

Error - 3/26/2012 10:40:56 PM | Computer Name = mnar-PC | Source = Windows Search Service | ID = 3038
Description =

Error - 3/26/2012 10:40:59 PM | Computer Name = mnar-PC | Source = Windows Search Service | ID = 3028
Description =

Error - 3/26/2012 10:40:59 PM | Computer Name = mnar-PC | Source = Windows Search Service | ID = 3058
Description =

Error - 3/26/2012 10:41:04 PM | Computer Name = mnar-PC | Source = Windows Search Service | ID = 7040
Description =

[ System Events ]
Error - 2/8/2012 7:11:16 PM | Computer Name = mnar-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1000
Description =

Error - 2/8/2012 7:11:16 PM | Computer Name = mnar-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 2/8/2012 7:32:15 PM | Computer Name = mnar-PC | Source = HTTP | ID = 15016
Description =

Error - 2/8/2012 7:32:52 PM | Computer Name = mnar-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2/8/2012 7:34:21 PM | Computer Name = mnar-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 2/8/2012 7:34:23 PM | Computer Name = mnar-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 2/8/2012 7:34:30 PM | Computer Name = mnar-PC | Source = DCOM | ID = 10016
Description =

Error - 2/8/2012 7:34:45 PM | Computer Name = mnar-PC | Source = PlugPlayManager | ID = 12
Description = The device 'TSSTcgrp CD/DVDW TS-D632E ATA Device' (IDE\CdRomTSSTcgrp_CD/DVDW_TS-D632E_______________0017____\5&15fb8ba2&2&0.0.0)
disappeared from the system without first being prepared for removal.

Error - 2/8/2012 7:38:35 PM | Computer Name = mnar-PC | Source = Microsoft-Windows-Eventlog | ID = 30
Description =

Error - 2/8/2012 7:41:55 PM | Computer Name = mnar-PC | Source = PlugPlayManager | ID = 12
Description = The device 'TSSTcgrp CD/DVDW TS-D632E ATA Device' (IDE\CdRomTSSTcgrp_CD/DVDW_TS-D632E_______________0017____\5&15fb8ba2&2&0.0.0)
disappeared from the system without first being prepared for removal.


< End of report >

===aswMBR.TXT======
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-03-27 20:17:39
-----------------------------
20:17:39.349 OS Version: Windows 6.0.6002 Service Pack 2
20:17:39.349 Number of processors: 2 586 0x6802
20:17:39.350 ComputerName: MNAR-PC UserName: mnar
20:17:42.366 Initialize success
20:18:17.139 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3
20:18:17.144 Disk 0 Vendor: WDC_WD2500BEVS-60UST0 01.01A01 Size: 238475MB BusType: 3
20:18:17.159 Disk 0 MBR read successfully
20:18:17.164 Disk 0 MBR scan
20:18:17.168 Disk 0 unknown MBR code
20:18:17.172 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 226251 MB offset 63
20:18:17.209 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 12221 MB offset 463362795
20:18:17.216 Disk 0 scanning sectors +488392065
20:18:17.284 Disk 0 scanning C:\Windows\system32\drivers
20:18:25.852 Service scanning
20:18:32.266 Service MpKsl76ae8e33 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{00265EA3-472E-4798-BD31-87A2AF4043FA}\MpKsl76ae8e33.sys **LOCKED** 32
20:18:32.345 Service MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys **LOCKED** 32
20:18:41.545 Modules scanning
20:18:48.659 Disk 0 trace - called modules:
20:18:49.104
20:18:49.123 Scan finished successfully
20:19:02.664 Disk 0 MBR has been saved successfully to "C:\Users\mnar\Desktop\MBR.dat"
20:19:02.676 The log file has been saved successfully to "C:\Users\mnar\Desktop\aswMBR.txt"

Please answer this question:
When you did the factory restore, the DVD was working OK and when you used SpyBot it quit? Or when did it quit working properly after the restore?

The DVD was NOT working OK when I did the ractory restore. After restore and recommended updates are installed, DVD was working OK but on and off. DVD drive already disappeared and NOT working before I use SpyBot.

Please go into SpyBot and retrieve the log that show the items it removed and post it here.

Sorry, I wasn't able to retrieve the log from SpyBot. There is a show log option, but noting open up when I click on it.

Give me any updates on issues with your computer

Befor and after restore, I run the hard disk check via BIOS and the result was (#10008 - replace the hard disk).When I use western digital tool to run the test the result was OK. Sometime, the noise from hard drive is a little loud. I also use Eusing registry cleaner to clean the registry about once a week. everytime I run this, there are at least 20 registry keys need to repair/remove.
  • 0

#4
CompCav
Posted 28 March 2012 - 02:46 PM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Before we begin to use our tools, please remove the following program:

Viewpoint Media Player This is foistware that is installed typically without your knowledge.


Click Start >> Control Panel >> Programs and Features >> Click on the program >> Click Uninstall


Step 1.

We need to disable Spybot S&D's "TeaTimer".

TeaTimer works by preventing ANY changes to the system. It will attempt to undo any fixes we run, because it blocks these fixes from running.

In order to safeguard your system from problems that can be brought on by a half finished fix, we need to disable TeaTimer. We can re-enable it when we're done if you like.

  • Open SpyBot Search and Destroy by going to Start -> All Programs -> Spybot Search and Destroy -> Spybot Search and Destroy.
  • If prompted with a legal dialog, accept the warning.
  • Click Mode and then on "Advanced Mode".
    Posted Image
  • You may be presented with a warning dialog. If so, press Yes.
  • Click on Posted Image
  • Click on Posted Image
  • Uncheck these checkboxes:
    Posted Image
  • Close/Exit Spybot Search and Destroy.


Please make sure SpyBot Teatimer is disabled. In order to reset the hosts file we need it off.


Step 2.

We need to run an OTL Fix

  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.

    :OTL
IE - HKLM\..\SearchScopes\{6F2C0E17-C8E1-40E8-A486-458BCAF5280D}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKU\S-1-5-21-714856783-1908625882-2316339518-1000\..\URLSearchHook: {DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} - No CLSID value found
IE - HKU\S-1-5-21-714856783-1908625882-2316339518-1000\..\SearchScopes\{6F2C0E17-C8E1-40E8-A486-458BCAF5280D}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (IE Search Helper) - {DE7CA3CA-D5C0-CD95-BBD4-027546178475} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.



:files
takeown /f "C:\Windows\SysNative\drivers\etc\hosts" /c
del /f /q "C:\Windows\SysNative\drivers\etc\hosts" /c
echo,Y|cacls "%WinDir%\system32\drivers\etc\hosts" /G everyone:f /c
ipconfig /flushdns /c

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = DWORD:2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = DWORD:0

:Commands
[purity]
[resethosts]
[emptytemp]
  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click the OK button.
  • A report will open. Copy and Paste that report in your next reply.
  • If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date and the time of the tool run.

Step 3.

Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    Posted Image
  • Click the Start Scan button.

    Posted Image
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.


Step 4.

Posted ImagePlease download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.


Step 5.

Please post:

OTL fix log
TDSSKiller log
mbam log


How is the computer running? Besides the DVD issue are you experiencing any other issues?
  • 0

#5
horseshoe
Posted 28 March 2012 - 08:13 PM

horseshoe

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 110 posts

How is the computer running? Besides the DVD issue are you experiencing any other issues?

Not sure if these are the computer issues: I can hear My hard drive spinning quite often and looks like it is working very hard. Svchost.exe is using about 150,000k memory all the time. Other than these I don't recall any other issues.
Thanks!

====OTL Fix Log
All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6F2C0E17-C8E1-40E8-A486-458BCAF5280D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6F2C0E17-C8E1-40E8-A486-458BCAF5280D}\ not found.
Registry value HKEY_USERS\S-1-5-21-714856783-1908625882-2316339518-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9}\ not found.
Registry key HKEY_USERS\S-1-5-21-714856783-1908625882-2316339518-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6F2C0E17-C8E1-40E8-A486-458BCAF5280D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6F2C0E17-C8E1-40E8-A486-458BCAF5280D}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@viewpoint.com/VMP\ not found.
File C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DE7CA3CA-D5C0-CD95-BBD4-027546178475}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DE7CA3CA-D5C0-CD95-BBD4-027546178475}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
========== FILES ==========
< takeown /f "C:\Windows\SysNative\drivers\etc\hosts" /c >
C:\Users\mnar\Desktop\cmd.bat deleted successfully.
C:\Users\mnar\Desktop\cmd.txt deleted successfully.
< del /f /q "C:\Windows\SysNative\drivers\etc\hosts" /c >
C:\Users\mnar\Desktop\cmd.bat deleted successfully.
C:\Users\mnar\Desktop\cmd.txt deleted successfully.
< echo,Y|cacls "%WinDir%\system32\drivers\etc\hosts" /G everyone:f /c >
Are you sure (Y/N)?processed file: C:\Windows\system32\drivers\etc\hosts
C:\Users\mnar\Desktop\cmd.bat deleted successfully.
C:\Users\mnar\Desktop\cmd.txt deleted successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\mnar\Desktop\cmd.bat deleted successfully.
C:\Users\mnar\Desktop\cmd.txt deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore\\"DisableSR" | DWORD:0 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr\\"Start" | DWORD:0 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService\\"Start" | DWORD:2 /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\\"DisableMonitoring" |DWORD:0 /E : value set successfully!
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default

User: Default User

User: mnar
->Temp folder emptied: 1274877 bytes
->Temporary Internet Files folder emptied: 54124649 bytes
->Java cache emptied: 526376 bytes
->FireFox cache emptied: 53097492 bytes
->Flash cache emptied: 10912 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 73625 bytes
RecycleBin emptied: 1178624 bytes

Total Files Cleaned = 105.00 mb


OTL by OldTimer - Version 3.2.39.2 log created on 03282012_204803

Files\Folders moved on Reboot...
C:\Users\mnar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SS5NPLUN\adloader[1].htm moved successfully.
C:\Users\mnar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SS5NPLUN\xmlProxy[1].htm moved successfully.
C:\Users\mnar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SS5NPLUN\xmlProxy[2].htm moved successfully.
C:\Users\mnar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EX97RJ96\EditMessageLight[1].htm moved successfully.
C:\Users\mnar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EX97RJ96\LocalStorage[1].htm moved successfully.
C:\Users\mnar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EX97RJ96\Messenger[1].htm moved successfully.
C:\Users\mnar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EX97RJ96\RteFrame_16.2.4514.0219[1].htm moved successfully.
C:\Users\mnar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EX97RJ96\xmlProxy[1].htm moved successfully.
C:\Users\mnar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BHGIUYZV\AjaxHistoryFrame[1].htm moved successfully.
C:\Users\mnar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BHGIUYZV\default[1].htm moved successfully.
C:\Users\mnar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BHGIUYZV\resourcespreload[3].htm moved successfully.
C:\Users\mnar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\87I8HQ7R\activityi;src=1984865;type=ttcom362;cat=ttcom510;u21=null;u22=3468337910;u23=;u24=;u25=;u26=;ord=1;num=6305767820670[1].htm moved successfully.
C:\Users\mnar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\87I8HQ7R\AdServeMsg[3].htm moved successfully.
C:\Users\mnar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\87I8HQ7R\InboxLight[1].htm moved successfully.
C:\Users\mnar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\87I8HQ7R\page__pid__2138836[1].htm moved successfully.
C:\Users\mnar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\87I8HQ7R\resourcespreload[2].htm moved successfully.
C:\Users\mnar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\A0AB7674-8D67-4F4D-B5E1-96FAEADFB79D.dat moved successfully.
C:\Users\mnar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.

Registry entries deleted on Reboot...

====TDSSKiller Log
21:00:18.0440 5436 TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18
21:00:18.0783 5436 ============================================================
21:00:18.0783 5436 Current date / time: 2012/03/28 21:00:18.0783
21:00:18.0783 5436 SystemInfo:
21:00:18.0783 5436
21:00:18.0783 5436 OS Version: 6.0.6002 ServicePack: 2.0
21:00:18.0783 5436 Product type: Workstation
21:00:18.0783 5436 ComputerName: MNAR-PC
21:00:18.0783 5436 UserName: mnar
21:00:18.0783 5436 Windows directory: C:\Windows
21:00:18.0783 5436 System windows directory: C:\Windows
21:00:18.0783 5436 Processor architecture: Intel x86
21:00:18.0783 5436 Number of processors: 2
21:00:18.0783 5436 Page size: 0x1000
21:00:18.0783 5436 Boot type: Normal boot
21:00:18.0783 5436 ============================================================
21:00:20.0577 5436 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:00:20.0577 5436 \Device\Harddisk0\DR0:
21:00:20.0577 5436 MBR used
21:00:20.0577 5436 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1B9E5AAC
21:00:20.0577 5436 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B9E5AEB, BlocksNum 0x17DEA96
21:00:20.0655 5436 Initialize success
21:00:20.0655 5436 ============================================================
21:01:14.0600 5644 ============================================================
21:01:14.0600 5644 Scan started
21:01:14.0600 5644 Mode: Manual; SigCheck; TDLFS;
21:01:14.0600 5644 ============================================================
21:01:15.0255 5644 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
21:01:15.0474 5644 ACPI - ok
21:01:15.0598 5644 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
21:01:15.0645 5644 adp94xx - ok
21:01:15.0692 5644 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
21:01:15.0786 5644 adpahci - ok
21:01:15.0848 5644 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
21:01:15.0895 5644 adpu160m - ok
21:01:15.0942 5644 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
21:01:15.0988 5644 adpu320 - ok
21:01:16.0066 5644 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
21:01:16.0191 5644 AeLookupSvc - ok
21:01:16.0269 5644 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
21:01:16.0378 5644 AFD - ok
21:01:16.0441 5644 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
21:01:16.0472 5644 agp440 - ok
21:01:16.0503 5644 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
21:01:16.0550 5644 aic78xx - ok
21:01:16.0581 5644 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
21:01:16.0893 5644 ALG - ok
21:01:16.0956 5644 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
21:01:16.0987 5644 aliide - ok
21:01:17.0049 5644 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
21:01:17.0096 5644 amdagp - ok
21:01:17.0112 5644 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
21:01:17.0127 5644 amdide - ok
21:01:17.0174 5644 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
21:01:17.0782 5644 AmdK7 - ok
21:01:17.0923 5644 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
21:01:17.0985 5644 AmdK8 - ok
21:01:18.0126 5644 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
21:01:18.0204 5644 Appinfo - ok
21:01:18.0250 5644 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
21:01:18.0297 5644 arc - ok
21:01:18.0360 5644 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
21:01:18.0422 5644 arcsas - ok
21:01:18.0469 5644 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
21:01:18.0625 5644 AsyncMac - ok
21:01:18.0656 5644 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
21:01:18.0672 5644 atapi - ok
21:01:18.0765 5644 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
21:01:18.0874 5644 AudioEndpointBuilder - ok
21:01:18.0906 5644 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
21:01:18.0968 5644 Audiosrv - ok
21:01:19.0093 5644 BCM43XV (34a0a6386256080f52c74076c6157026) C:\Windows\system32\DRIVERS\bcmwl6.sys
21:01:19.0264 5644 BCM43XV - ok
21:01:19.0327 5644 BCM43XX (34a0a6386256080f52c74076c6157026) C:\Windows\system32\DRIVERS\bcmwl6.sys
21:01:19.0467 5644 BCM43XX - ok
21:01:19.0686 5644 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
21:01:19.0810 5644 Beep - ok
21:01:19.0888 5644 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
21:01:19.0998 5644 BFE - ok
21:01:20.0060 5644 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
21:01:20.0216 5644 BITS - ok
21:01:20.0247 5644 blbdrive - ok
21:01:20.0294 5644 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
21:01:20.0388 5644 bowser - ok
21:01:20.0450 5644 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
21:01:20.0528 5644 BrFiltLo - ok
21:01:20.0544 5644 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
21:01:20.0606 5644 BrFiltUp - ok
21:01:20.0653 5644 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
21:01:20.0746 5644 Browser - ok
21:01:20.0856 5644 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
21:01:20.0965 5644 Brserid - ok
21:01:21.0012 5644 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
21:01:21.0105 5644 BrSerWdm - ok
21:01:21.0136 5644 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
21:01:21.0214 5644 BrUsbMdm - ok
21:01:21.0261 5644 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
21:01:21.0339 5644 BrUsbSer - ok
21:01:21.0386 5644 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
21:01:21.0480 5644 BTHMODEM - ok
21:01:21.0542 5644 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
21:01:21.0636 5644 cdfs - ok
21:01:21.0682 5644 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
21:01:21.0792 5644 cdrom - ok
21:01:21.0854 5644 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
21:01:21.0963 5644 CertPropSvc - ok
21:01:22.0057 5644 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
21:01:22.0150 5644 circlass - ok
21:01:22.0213 5644 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
21:01:22.0275 5644 CLFS - ok
21:01:22.0525 5644 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:01:22.0587 5644 clr_optimization_v2.0.50727_32 - ok
21:01:22.0899 5644 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
21:01:23.0008 5644 CmBatt - ok
21:01:23.0055 5644 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
21:01:23.0086 5644 cmdide - ok
21:01:23.0149 5644 CnxtHdAudService (b6e7991e3d6146c04c85cd31af22a381) C:\Windows\system32\drivers\CHDRT32.sys
21:01:23.0227 5644 CnxtHdAudService - ok
21:01:23.0398 5644 Com4Qlb (d8774ace03b46c9b01a49818055f9ad4) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
21:01:23.0586 5644 Com4Qlb ( UnsignedFile.Multi.Generic ) - warning
21:01:23.0586 5644 Com4Qlb - detected UnsignedFile.Multi.Generic (1)
21:01:24.0022 5644 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
21:01:24.0085 5644 Compbatt - ok
21:01:24.0225 5644 COMSysApp - ok
21:01:24.0381 5644 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
21:01:24.0412 5644 crcdisk - ok
21:01:24.0537 5644 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
21:01:24.0693 5644 Crusoe - ok
21:01:25.0036 5644 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
21:01:25.0192 5644 CryptSvc - ok
21:01:25.0473 5644 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
21:01:25.0614 5644 DcomLaunch - ok
21:01:25.0692 5644 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
21:01:25.0785 5644 DfsC - ok
21:01:26.0097 5644 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
21:01:26.0440 5644 DFSR - ok
21:01:26.0628 5644 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
21:01:26.0721 5644 Dhcp - ok
21:01:26.0799 5644 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
21:01:26.0862 5644 disk - ok
21:01:26.0940 5644 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
21:01:27.0049 5644 Dnscache - ok
21:01:27.0080 5644 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
21:01:27.0158 5644 dot3svc - ok
21:01:27.0252 5644 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
21:01:27.0345 5644 Dot4 - ok
21:01:27.0423 5644 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
21:01:27.0486 5644 Dot4Print - ok
21:01:27.0688 5644 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
21:01:27.0766 5644 dot4usb - ok
21:01:27.0954 5644 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
21:01:28.0016 5644 DPS - ok
21:01:28.0219 5644 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
21:01:28.0312 5644 drmkaud - ok
21:01:28.0422 5644 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
21:01:28.0500 5644 DXGKrnl - ok
21:01:28.0593 5644 E100B (c0b00e55cf82d122d25983c7a6a53dea) C:\Windows\system32\DRIVERS\e100b325.sys
21:01:28.0765 5644 E100B - ok
21:01:28.0812 5644 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
21:01:28.0952 5644 E1G60 - ok
21:01:28.0999 5644 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
21:01:29.0061 5644 EapHost - ok
21:01:29.0170 5644 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
21:01:29.0233 5644 Ecache - ok
21:01:29.0295 5644 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
21:01:29.0389 5644 ehRecvr - ok
21:01:29.0451 5644 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
21:01:29.0514 5644 ehSched - ok
21:01:29.0623 5644 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
21:01:29.0685 5644 ehstart - ok
21:01:29.0794 5644 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
21:01:29.0841 5644 elxstor - ok
21:01:30.0060 5644 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
21:01:30.0294 5644 EMDMgmt - ok
21:01:30.0465 5644 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
21:01:30.0543 5644 EventSystem - ok
21:01:30.0637 5644 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
21:01:30.0715 5644 exfat - ok
21:01:30.0808 5644 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
21:01:30.0871 5644 fastfat - ok
21:01:30.0949 5644 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
21:01:31.0089 5644 fdc - ok
21:01:31.0292 5644 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
21:01:31.0417 5644 fdPHost - ok
21:01:31.0542 5644 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
21:01:31.0635 5644 FDResPub - ok
21:01:31.0729 5644 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
21:01:31.0776 5644 FileInfo - ok
21:01:31.0822 5644 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
21:01:31.0885 5644 Filetrace - ok
21:01:32.0025 5644 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
21:01:32.0150 5644 flpydisk - ok
21:01:32.0400 5644 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
21:01:32.0509 5644 FltMgr - ok
21:01:32.0712 5644 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
21:01:32.0883 5644 FontCache - ok
21:01:33.0039 5644 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:01:33.0070 5644 FontCache3.0.0.0 - ok
21:01:33.0336 5644 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
21:01:33.0429 5644 Fs_Rec - ok
21:01:33.0601 5644 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
21:01:33.0679 5644 gagp30kx - ok
21:01:33.0882 5644 GameConsoleService (44d07e5a444692e9b6a5cdd7401b4402) C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
21:01:34.0209 5644 GameConsoleService - ok
21:01:34.0537 5644 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
21:01:34.0786 5644 gpsvc - ok
21:01:34.0958 5644 HdAudAddService (7be40bb4cd16d8760e18ea981ff452ec) C:\Windows\system32\drivers\CHDART.sys
21:01:35.0020 5644 HdAudAddService - ok
21:01:35.0239 5644 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
21:01:35.0348 5644 HDAudBus - ok
21:01:35.0520 5644 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
21:01:35.0613 5644 HidBth - ok
21:01:35.0816 5644 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
21:01:35.0910 5644 HidIr - ok
21:01:36.0003 5644 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
21:01:36.0050 5644 hidserv - ok
21:01:36.0112 5644 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
21:01:36.0175 5644 HidUsb - ok
21:01:36.0253 5644 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
21:01:36.0346 5644 hkmsvc - ok
21:01:36.0518 5644 HP Health Check Service (0d26c438e2938a3e6bdd91173bc96ff0) c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
21:01:36.0612 5644 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
21:01:36.0612 5644 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
21:01:36.0861 5644 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
21:01:36.0892 5644 HpCISSs - ok
21:01:37.0080 5644 hpqcxs08 (b14328cfeeb6b736be44c2c9db3b162c) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
21:01:37.0329 5644 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
21:01:37.0329 5644 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
21:01:37.0516 5644 hpqddsvc (df446ba625cc441617843e87798ce048) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
21:01:37.0719 5644 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
21:01:37.0719 5644 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
21:01:37.0938 5644 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
21:01:38.0016 5644 HpqKbFiltr - ok
21:01:38.0094 5644 HpqRemHid (115c0933b3ed51dfbec4449348c8065b) C:\Windows\system32\DRIVERS\HpqRemHid.sys
21:01:38.0156 5644 HpqRemHid - ok
21:01:38.0281 5644 hpqwmiex (04c1dcbb226c6ae647b794833ce3ceb6) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
21:01:38.0421 5644 hpqwmiex ( UnsignedFile.Multi.Generic ) - warning
21:01:38.0421 5644 hpqwmiex - detected UnsignedFile.Multi.Generic (1)
21:01:38.0530 5644 HPSLPSVC (75f122cdca3c71bd09089f2ca824b796) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
21:01:38.0733 5644 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
21:01:38.0733 5644 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
21:01:39.0014 5644 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
21:01:39.0108 5644 HSFHWAZL - ok
21:01:39.0607 5644 HSF_DPV (cc267848cb3508e72762be65734e764d) C:\Windows\system32\DRIVERS\HSX_DPV.sys
21:01:39.0763 5644 HSF_DPV - ok
21:01:39.0934 5644 HSXHWAZL (a2882945cc4b6e3e4e9e825590438888) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
21:01:39.0981 5644 HSXHWAZL - ok
21:01:40.0059 5644 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
21:01:40.0215 5644 HTTP - ok
21:01:40.0278 5644 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
21:01:40.0324 5644 i2omp - ok
21:01:40.0402 5644 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
21:01:40.0480 5644 i8042prt - ok
21:01:40.0636 5644 ialm (496db78e6a0c4c44023d9a92b4a7ac31) C:\Windows\system32\DRIVERS\igdkmd32.sys
21:01:40.0948 5644 ialm - ok
21:01:41.0260 5644 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
21:01:41.0307 5644 iaStorV - ok
21:01:41.0526 5644 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:01:41.0572 5644 IDriverT ( UnsignedFile.Multi.Generic ) - warning
21:01:41.0572 5644 IDriverT - detected UnsignedFile.Multi.Generic (1)
21:01:41.0838 5644 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:01:42.0118 5644 idsvc - ok
21:01:42.0352 5644 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
21:01:42.0399 5644 iirsp - ok
21:01:42.0462 5644 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
21:01:42.0602 5644 IKEEXT - ok
21:01:42.0696 5644 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
21:01:42.0727 5644 intelide - ok
21:01:42.0774 5644 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
21:01:42.0867 5644 intelppm - ok
21:01:42.0930 5644 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
21:01:43.0023 5644 IPBusEnum - ok
21:01:43.0086 5644 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:01:43.0164 5644 IpFilterDriver - ok
21:01:43.0382 5644 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
21:01:43.0522 5644 iphlpsvc - ok
21:01:43.0694 5644 IpInIp - ok
21:01:43.0866 5644 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
21:01:44.0006 5644 IPMIDRV - ok
21:01:44.0053 5644 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
21:01:44.0115 5644 IPNAT - ok
21:01:44.0240 5644 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
21:01:44.0302 5644 IRENUM - ok
21:01:44.0365 5644 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
21:01:44.0396 5644 isapnp - ok
21:01:44.0474 5644 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
21:01:44.0505 5644 iScsiPrt - ok
21:01:44.0568 5644 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
21:01:44.0599 5644 iteatapi - ok
21:01:44.0630 5644 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
21:01:44.0661 5644 iteraid - ok
21:01:44.0708 5644 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
21:01:44.0755 5644 kbdclass - ok
21:01:44.0786 5644 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
21:01:44.0864 5644 kbdhid - ok
21:01:44.0958 5644 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
21:01:45.0020 5644 KeyIso - ok
21:01:45.0082 5644 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
21:01:45.0145 5644 KSecDD - ok
21:01:45.0207 5644 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
21:01:45.0363 5644 KtmRm - ok
21:01:45.0394 5644 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
21:01:45.0504 5644 LanmanServer - ok
21:01:45.0566 5644 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
21:01:45.0628 5644 LanmanWorkstation - ok
21:01:45.0753 5644 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
21:01:45.0972 5644 lltdio - ok
21:01:46.0050 5644 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
21:01:46.0174 5644 lltdsvc - ok
21:01:46.0315 5644 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
21:01:46.0393 5644 lmhosts - ok
21:01:46.0596 5644 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
21:01:46.0720 5644 LSI_FC - ok
21:01:46.0845 5644 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
21:01:46.0876 5644 LSI_SAS - ok
21:01:46.0923 5644 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
21:01:46.0954 5644 LSI_SCSI - ok
21:01:47.0079 5644 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
21:01:47.0157 5644 luafv - ok
21:01:47.0251 5644 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
21:01:47.0313 5644 Mcx2Svc - ok
21:01:47.0360 5644 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
21:01:47.0407 5644 mdmxsdk - ok
21:01:47.0469 5644 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
21:01:47.0500 5644 megasas - ok
21:01:47.0578 5644 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
21:01:47.0656 5644 MMCSS - ok
21:01:47.0703 5644 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
21:01:47.0781 5644 Modem - ok
21:01:47.0875 5644 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
21:01:47.0968 5644 monitor - ok
21:01:48.0015 5644 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
21:01:48.0062 5644 mouclass - ok
21:01:48.0109 5644 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
21:01:48.0249 5644 mouhid - ok
21:01:48.0296 5644 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
21:01:48.0358 5644 MountMgr - ok
21:01:48.0483 5644 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
21:01:48.0577 5644 MpFilter - ok
21:01:48.0624 5644 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
21:01:48.0686 5644 mpio - ok
21:01:48.0998 5644 MpKsl9e500799 (a69630d039c38018689190234f866d77) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CD30503B-F0FC-4751-A70A-337CCFB75828}\MpKsl9e500799.sys
21:01:49.0029 5644 MpKsl9e500799 - ok
21:01:49.0372 5644 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
21:01:49.0450 5644 MpNWMon - ok
21:01:49.0716 5644 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
21:01:49.0778 5644 mpsdrv - ok
21:01:50.0137 5644 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
21:01:50.0324 5644 MpsSvc - ok
21:01:50.0652 5644 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
21:01:50.0698 5644 Mraid35x - ok
21:01:50.0808 5644 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
21:01:50.0854 5644 MRxDAV - ok
21:01:50.0948 5644 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:01:51.0026 5644 mrxsmb - ok
21:01:51.0276 5644 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:01:51.0338 5644 mrxsmb10 - ok
21:01:51.0400 5644 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:01:51.0463 5644 mrxsmb20 - ok
21:01:51.0510 5644 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
21:01:51.0541 5644 msahci - ok
21:01:51.0572 5644 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
21:01:51.0650 5644 msdsm - ok
21:01:51.0681 5644 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
21:01:51.0759 5644 MSDTC - ok
21:01:51.0790 5644 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
21:01:51.0868 5644 Msfs - ok
21:01:51.0931 5644 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
21:01:51.0946 5644 msisadrv - ok
21:01:51.0993 5644 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
21:01:52.0087 5644 MSiSCSI - ok
21:01:52.0118 5644 msiserver - ok
21:01:52.0180 5644 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
21:01:52.0243 5644 MSKSSRV - ok
21:01:52.0430 5644 MsMpSvc (cfce43b70ca0cc4dcc8adb62b792b173) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
21:01:52.0492 5644 MsMpSvc - ok
21:01:52.0695 5644 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
21:01:52.0742 5644 MSPCLOCK - ok
21:01:52.0867 5644 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
21:01:52.0929 5644 MSPQM - ok
21:01:53.0023 5644 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
21:01:53.0101 5644 MsRPC - ok
21:01:53.0226 5644 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
21:01:53.0257 5644 mssmbios - ok
21:01:53.0304 5644 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
21:01:53.0366 5644 MSTEE - ok
21:01:53.0538 5644 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
21:01:53.0584 5644 Mup - ok
21:01:53.0647 5644 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
21:01:53.0756 5644 napagent - ok
21:01:53.0834 5644 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
21:01:53.0881 5644 NativeWifiP - ok
21:01:53.0990 5644 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
21:01:54.0130 5644 NDIS - ok
21:01:54.0177 5644 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
21:01:54.0240 5644 NdisTapi - ok
21:01:54.0286 5644 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
21:01:54.0333 5644 Ndisuio - ok
21:01:54.0380 5644 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
21:01:54.0427 5644 NdisWan - ok
21:01:54.0458 5644 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
21:01:54.0536 5644 NDProxy - ok
21:01:54.0614 5644 Net Driver HPZ12 (a081cb6fb9a12668f233eb5414be3a0e) C:\Windows\system32\HPZinw12.dll
21:01:54.0645 5644 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
21:01:54.0661 5644 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
21:01:54.0676 5644 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
21:01:54.0739 5644 NetBIOS - ok
21:01:54.0801 5644 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
21:01:54.0895 5644 netbt - ok
21:01:54.0942 5644 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
21:01:54.0988 5644 Netlogon - ok
21:01:55.0082 5644 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
21:01:55.0238 5644 Netman - ok
21:01:55.0332 5644 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
21:01:55.0425 5644 netprofm - ok
21:01:55.0488 5644 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:01:55.0534 5644 NetTcpPortSharing - ok
21:01:55.0597 5644 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
21:01:55.0628 5644 nfrd960 - ok
21:01:55.0722 5644 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
21:01:55.0768 5644 NisDrv - ok
21:01:55.0893 5644 NisSrv (a5cb074f34bbd89948e34a630d459c0c) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
21:01:56.0034 5644 NisSrv - ok
21:01:56.0080 5644 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
21:01:56.0455 5644 NlaSvc - ok
21:01:56.0502 5644 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
21:01:56.0548 5644 Npfs - ok
21:01:56.0626 5644 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
21:01:56.0689 5644 nsi - ok
21:01:56.0736 5644 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
21:01:56.0814 5644 nsiproxy - ok
21:01:56.0892 5644 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
21:01:57.0188 5644 Ntfs - ok
21:01:57.0250 5644 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
21:01:57.0344 5644 ntrigdigi - ok
21:01:57.0375 5644 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
21:01:57.0438 5644 Null - ok
21:01:57.0531 5644 NVENETFD (d958a2b5f6ad5c3b8ccdc4d7da62466c) C:\Windows\system32\DRIVERS\nvmfdx32.sys
21:01:57.0656 5644 NVENETFD - ok
21:01:57.0968 5644 nvlddmkm (d65bc32c1795191b7f2b028351ab4fe2) C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:01:58.0982 5644 nvlddmkm - ok
21:02:00.0090 5644 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
21:02:00.0168 5644 nvraid - ok
21:02:00.0230 5644 nvsmu (9aebc32f9d6e02ebee0369ab296fe7c8) C:\Windows\system32\DRIVERS\nvsmu.sys
21:02:00.0339 5644 nvsmu - ok
21:02:00.0370 5644 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
21:02:00.0417 5644 nvstor - ok
21:02:00.0495 5644 nvsvc (a8c043670699c956d56b9f1f3daefc98) C:\Windows\system32\nvvsvc.exe
21:02:00.0589 5644 nvsvc - ok
21:02:00.0636 5644 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
21:02:00.0682 5644 nv_agp - ok
21:02:00.0698 5644 NwlnkFlt - ok
21:02:00.0714 5644 NwlnkFwd - ok
21:02:00.0870 5644 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:02:00.0979 5644 odserv - ok
21:02:01.0104 5644 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
21:02:01.0166 5644 ohci1394 - ok
21:02:01.0291 5644 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:02:01.0384 5644 ose - ok
21:02:01.0540 5644 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
21:02:01.0618 5644 p2pimsvc - ok
21:02:01.0634 5644 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
21:02:01.0681 5644 p2psvc - ok
21:02:01.0774 5644 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
21:02:01.0884 5644 Parport - ok
21:02:01.0946 5644 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
21:02:01.0993 5644 partmgr - ok
21:02:02.0040 5644 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
21:02:02.0102 5644 Parvdm - ok
21:02:02.0133 5644 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
21:02:02.0196 5644 PcaSvc - ok
21:02:02.0242 5644 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
21:02:02.0289 5644 pci - ok
21:02:02.0305 5644 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
21:02:02.0336 5644 pciide - ok
21:02:02.0367 5644 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
21:02:02.0398 5644 pcmcia - ok
21:02:02.0461 5644 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
21:02:02.0570 5644 PEAUTH - ok
21:02:02.0664 5644 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
21:02:02.0866 5644 pla - ok
21:02:02.0944 5644 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
21:02:04.0473 5644 PlugPlay - ok
21:02:04.0536 5644 Pml Driver HPZ12 (65bc271f337637731d3c71455ae1f476) C:\Windows\system32\HPZipm12.dll
21:02:04.0598 5644 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
21:02:04.0598 5644 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
21:02:04.0660 5644 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
21:02:04.0738 5644 PNRPAutoReg - ok
21:02:04.0816 5644 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
21:02:04.0879 5644 PNRPsvc - ok
21:02:04.0941 5644 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
21:02:05.0082 5644 PolicyAgent - ok
21:02:05.0191 5644 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
21:02:05.0284 5644 PptpMiniport - ok
21:02:05.0331 5644 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
21:02:05.0440 5644 Processor - ok
21:02:05.0487 5644 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
21:02:05.0565 5644 ProfSvc - ok
21:02:05.0596 5644 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
21:02:05.0643 5644 ProtectedStorage - ok
21:02:05.0706 5644 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
21:02:05.0784 5644 PSched - ok
21:02:05.0940 5644 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
21:02:06.0064 5644 ql2300 - ok
21:02:06.0096 5644 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
21:02:06.0158 5644 ql40xx - ok
21:02:06.0298 5644 QPCapSvc (599ff0b96561ca4f0899fe7f1c4cce9a) C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
21:02:06.0392 5644 QPCapSvc - ok
21:02:06.0423 5644 QPSched (8ff5cad74c3c5e692e1610e861609a3b) C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
21:02:06.0501 5644 QPSched - ok
21:02:06.0610 5644 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
21:02:06.0751 5644 QWAVE - ok
21:02:06.0798 5644 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
21:02:06.0891 5644 QWAVEdrv - ok
21:02:06.0907 5644 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
21:02:06.0985 5644 RasAcd - ok
21:02:07.0016 5644 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
21:02:07.0094 5644 RasAuto - ok
21:02:07.0172 5644 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:02:07.0250 5644 Rasl2tp - ok
21:02:07.0312 5644 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
21:02:07.0406 5644 RasMan - ok
21:02:07.0422 5644 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
21:02:07.0500 5644 RasPppoe - ok
21:02:07.0515 5644 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
21:02:07.0609 5644 RasSstp - ok
21:02:07.0640 5644 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
21:02:07.0718 5644 rdbss - ok
21:02:07.0749 5644 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:02:07.0796 5644 RDPCDD - ok
21:02:07.0843 5644 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
21:02:07.0921 5644 rdpdr - ok
21:02:07.0936 5644 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
21:02:07.0968 5644 RDPENCDD - ok
21:02:08.0030 5644 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
21:02:08.0155 5644 RDPWD - ok
21:02:08.0217 5644 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
21:02:08.0373 5644 RemoteAccess - ok
21:02:08.0420 5644 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
21:02:08.0514 5644 RemoteRegistry - ok
21:02:08.0654 5644 RichVideo (17e0bef5ca5c9ce52cc8082ac6ebc449) C:\Program Files\CyberLink\Shared Files\RichVideo.exe
21:02:08.0794 5644 RichVideo - ok
21:02:09.0075 5644 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
21:02:09.0184 5644 rimmptsk - ok
21:02:09.0231 5644 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
21:02:09.0309 5644 rimsptsk - ok
21:02:09.0325 5644 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
21:02:09.0372 5644 rismxdp - ok
21:02:09.0403 5644 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
21:02:09.0450 5644 RpcLocator - ok
21:02:09.0496 5644 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
21:02:09.0574 5644 RpcSs - ok
21:02:09.0637 5644 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
21:02:09.0715 5644 rspndr - ok
21:02:09.0762 5644 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
21:02:09.0808 5644 SamSs - ok
21:02:09.0855 5644 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
21:02:09.0918 5644 sbp2port - ok
21:02:10.0089 5644 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
21:02:12.0211 5644 SBSDWSCService - ok
21:02:12.0336 5644 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
21:02:12.0398 5644 SCardSvr - ok
21:02:12.0460 5644 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
21:02:12.0554 5644 Schedule - ok
21:02:12.0585 5644 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
21:02:12.0648 5644 SCPolicySvc - ok
21:02:12.0694 5644 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
21:02:12.0741 5644 sdbus - ok
21:02:12.0772 5644 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
21:02:12.0866 5644 SDRSVC - ok
21:02:12.0913 5644 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
21:02:13.0006 5644 secdrv - ok
21:02:13.0084 5644 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
21:02:13.0147 5644 seclogon - ok
21:02:13.0178 5644 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
21:02:13.0256 5644 SENS - ok
21:02:13.0287 5644 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
21:02:13.0365 5644 Serenum - ok
21:02:13.0381 5644 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
21:02:13.0490 5644 Serial - ok
21:02:13.0521 5644 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
21:02:13.0568 5644 sermouse - ok
21:02:13.0615 5644 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
21:02:13.0677 5644 SessionEnv - ok
21:02:13.0708 5644 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
21:02:13.0771 5644 sffdisk - ok
21:02:13.0802 5644 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
21:02:13.0864 5644 sffp_mmc - ok
21:02:13.0911 5644 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
21:02:13.0974 5644 sffp_sd - ok
21:02:14.0005 5644 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
21:02:14.0083 5644 sfloppy - ok
21:02:14.0145 5644 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
21:02:14.0239 5644 SharedAccess - ok
21:02:14.0270 5644 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
21:02:14.0348 5644 ShellHWDetection - ok
21:02:14.0364 5644 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
21:02:14.0395 5644 sisagp - ok
21:02:14.0426 5644 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
21:02:14.0457 5644 SiSRaid2 - ok
21:02:14.0473 5644 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
21:02:14.0520 5644 SiSRaid4 - ok
21:02:14.0582 5644 SkypeUpdate (17eab7852ff9f15fbaab4e95efc0b812) C:\Program Files\Skype\Updater\Updater.exe
21:02:14.0800 5644 SkypeUpdate - ok
21:02:14.0972 5644 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
21:02:15.0284 5644 slsvc - ok
21:02:15.0424 5644 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
21:02:15.0502 5644 SLUINotify - ok
21:02:15.0549 5644 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
21:02:15.0643 5644 Smb - ok
21:02:15.0690 5644 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
21:02:15.0752 5644 SNMPTRAP - ok
21:02:15.0861 5644 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
21:02:15.0892 5644 spldr - ok
21:02:16.0064 5644 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
21:02:16.0142 5644 Spooler - ok
21:02:16.0204 5644 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
21:02:16.0282 5644 srv - ok
21:02:16.0329 5644 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
21:02:16.0392 5644 srv2 - ok
21:02:16.0438 5644 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
21:02:16.0532 5644 srvnet - ok
21:02:16.0579 5644 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
21:02:16.0672 5644 SSDPSRV - ok
21:02:16.0719 5644 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
21:02:16.0766 5644 SstpSvc - ok
21:02:16.0813 5644 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
21:02:16.0891 5644 StillCam - ok
21:02:16.0969 5644 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
21:02:17.0078 5644 stisvc - ok
21:02:17.0140 5644 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
21:02:17.0172 5644 swenum - ok
21:02:17.0218 5644 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
21:02:17.0312 5644 swprv - ok
21:02:17.0359 5644 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
21:02:17.0390 5644 Symc8xx - ok
21:02:17.0421 5644 SymIM - ok
21:02:17.0437 5644 SymIMMP - ok
21:02:17.0468 5644 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
21:02:17.0499 5644 Sym_hi - ok
21:02:17.0546 5644 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
21:02:17.0577 5644 Sym_u3 - ok
21:02:17.0624 5644 SynTP (067cb9d745407a8c1b26e89a6a2ce152) C:\Windows\system32\DRIVERS\SynTP.sys
21:02:17.0655 5644 SynTP - ok
21:02:17.0749 5644 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
21:02:17.0858 5644 SysMain - ok
21:02:17.0920 5644 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
21:02:17.0967 5644 TabletInputService - ok
21:02:18.0030 5644 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
21:02:18.0092 5644 TapiSrv - ok
21:02:18.0170 5644 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
21:02:18.0248 5644 TBS - ok
21:02:18.0326 5644 Tcpip (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\drivers\tcpip.sys
21:02:18.0482 5644 Tcpip - ok
21:02:18.0529 5644 Tcpip6 (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\DRIVERS\tcpip.sys
21:02:18.0607 5644 Tcpip6 - ok
21:02:18.0654 5644 tcpipreg (3fc13f09af9be487c7b4fac4070a036c) C:\Windows\system32\drivers\tcpipreg.sys
21:02:18.0700 5644 tcpipreg - ok
21:02:18.0747 5644 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
21:02:18.0794 5644 TDPIPE - ok
21:02:18.0825 5644 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
21:02:18.0872 5644 TDTCP - ok
21:02:18.0903 5644 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
21:02:18.0997 5644 tdx - ok
21:02:19.0044 5644 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
21:02:19.0090 5644 TermDD - ok
21:02:19.0153 5644 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
21:02:19.0278 5644 TermService - ok
21:02:19.0387 5644 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
21:02:19.0449 5644 Themes - ok
21:02:19.0480 5644 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
21:02:19.0543 5644 THREADORDER - ok
21:02:19.0590 5644 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
21:02:19.0699 5644 TrkWks - ok
21:02:19.0777 5644 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
21:02:19.0870 5644 TrustedInstaller - ok
21:02:19.0948 5644 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:02:19.0995 5644 tssecsrv - ok
21:02:20.0042 5644 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
21:02:20.0089 5644 tunmp - ok
21:02:20.0104 5644 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
21:02:20.0151 5644 tunnel - ok
21:02:20.0182 5644 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
21:02:20.0229 5644 uagp35 - ok
21:02:20.0292 5644 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
21:02:20.0338 5644 udfs - ok
21:02:20.0385 5644 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
21:02:20.0463 5644 UI0Detect - ok
21:02:20.0494 5644 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
21:02:20.0541 5644 uliagpkx - ok
21:02:20.0572 5644 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
21:02:20.0666 5644 uliahci - ok
21:02:20.0682 5644 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
21:02:20.0728 5644 UlSata - ok
21:02:20.0744 5644 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
21:02:20.0791 5644 ulsata2 - ok
21:02:20.0838 5644 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
21:02:20.0916 5644 umbus - ok
21:02:20.0978 5644 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
21:02:21.0040 5644 upnphost - ok
21:02:21.0150 5644 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
21:02:21.0228 5644 usbccgp - ok
21:02:21.0274 5644 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
21:02:21.0399 5644 usbcir - ok
21:02:21.0430 5644 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
21:02:21.0508 5644 usbehci - ok
21:02:21.0555 5644 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
21:02:21.0602 5644 usbhub - ok
21:02:21.0649 5644 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
21:02:21.0711 5644 usbohci - ok
21:02:21.0758 5644 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
21:02:21.0820 5644 usbprint - ok
21:02:21.0836 5644 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
21:02:21.0930 5644 usbscan - ok
21:02:21.0961 5644 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:02:22.0054 5644 USBSTOR - ok
21:02:22.0101 5644 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
21:02:22.0179 5644 usbuhci - ok
21:02:22.0242 5644 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
21:02:22.0320 5644 usbvideo - ok
21:02:22.0366 5644 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
21:02:22.0429 5644 UxSms - ok
21:02:22.0476 5644 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
21:02:22.0616 5644 vds - ok
21:02:22.0663 5644 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
21:02:22.0756 5644 vga - ok
21:02:22.0834 5644 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
21:02:22.0881 5644 VgaSave - ok
21:02:22.0928 5644 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
21:02:22.0990 5644 viaagp - ok
21:02:23.0022 5644 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
21:02:23.0115 5644 ViaC7 - ok
21:02:23.0146 5644 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
21:02:23.0178 5644 viaide - ok
21:02:23.0240 5644 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
21:02:23.0287 5644 volmgr - ok
21:02:23.0334 5644 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
21:02:23.0396 5644 volmgrx - ok
21:02:23.0427 5644 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
21:02:23.0474 5644 volsnap - ok
21:02:23.0568 5644 Vongo Service (4b7f8cabbf7261796f12780e911d5f34) C:\Program Files\Vongo\VongoService.exe
21:02:23.0646 5644 Vongo Service ( UnsignedFile.Multi.Generic ) - warning
21:02:23.0646 5644 Vongo Service - detected UnsignedFile.Multi.Generic (1)
21:02:23.0692 5644 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
21:02:23.0755 5644 vsmraid - ok
21:02:23.0817 5644 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
21:02:23.0973 5644 VSS - ok
21:02:24.0051 5644 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
21:02:24.0129 5644 W32Time - ok
21:02:24.0207 5644 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
21:02:24.0285 5644 WacomPen - ok
21:02:24.0348 5644 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
21:02:24.0441 5644 Wanarp - ok
21:02:24.0457 5644 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
21:02:24.0535 5644 Wanarpv6 - ok
21:02:24.0613 5644 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
21:02:24.0722 5644 wcncsvc - ok
21:02:24.0753 5644 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
21:02:24.0800 5644 WcsPlugInService - ok
21:02:24.0894 5644 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
21:02:24.0909 5644 Wd - ok
21:02:24.0956 5644 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
21:02:25.0003 5644 Wdf01000 - ok
21:02:25.0065 5644 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
21:02:25.0143 5644 WdiServiceHost - ok
21:02:25.0143 5644 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
21:02:25.0206 5644 WdiSystemHost - ok
21:02:25.0252 5644 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
21:02:25.0315 5644 WebClient - ok
21:02:25.0362 5644 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
21:02:25.0408 5644 Wecsvc - ok
21:02:25.0440 5644 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
21:02:25.0518 5644 wercplsupport - ok
21:02:25.0549 5644 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
21:02:25.0642 5644 WerSvc - ok
21:02:25.0736 5644 winachsf (0acd399f5db3df1b58903cf4949ab5a8) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
21:02:25.0798 5644 winachsf - ok
21:02:25.0923 5644 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
21:02:25.0986 5644 WinDefend - ok
21:02:26.0001 5644 WinHttpAutoProxySvc - ok
21:02:26.0079 5644 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
21:02:26.0157 5644 Winmgmt - ok
21:02:26.0469 5644 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
21:02:26.0719 5644 WinRM - ok
21:02:26.0781 5644 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
21:02:26.0875 5644 Wlansvc - ok
21:02:26.0937 5644 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
21:02:27.0000 5644 WmiAcpi - ok
21:02:27.0078 5644 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
21:02:27.0202 5644 wmiApSrv - ok
21:02:27.0327 5644 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
21:02:27.0717 5644 WMPNetworkSvc - ok
21:02:27.0858 5644 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
21:02:27.0904 5644 WPCSvc - ok
21:02:27.0951 5644 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
21:02:28.0014 5644 WPDBusEnum - ok
21:02:28.0076 5644 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
21:02:28.0138 5644 ws2ifsl - ok
21:02:28.0170 5644 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
21:02:28.0279 5644 wscsvc - ok
21:02:28.0341 5644 WSearch - ok
21:02:28.0466 5644 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
21:02:28.0716 5644 wuauserv - ok
21:02:28.0794 5644 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:02:28.0887 5644 WUDFRd - ok
21:02:28.0918 5644 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
21:02:28.0996 5644 wudfsvc - ok
21:02:29.0043 5644 XAudio (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys
21:02:29.0090 5644 XAudio - ok
21:02:29.0121 5644 XAudioService (cd5f291a1161f15896d1a4d63daff5df) C:\Windows\system32\DRIVERS\xaudio.exe
21:02:29.0246 5644 XAudioService - ok
21:02:29.0308 5644 MBR (0x1B8) (1a1a06f62e891045814007163c1c76c3) \Device\Harddisk0\DR0
21:02:29.0433 5644 \Device\Harddisk0\DR0 - ok
21:02:29.0449 5644 Boot (0x1200) (9ebf07a72e83210063dda0d1494d0527) \Device\Harddisk0\DR0\Partition0
21:02:29.0449 5644 \Device\Harddisk0\DR0\Partition0 - ok
21:02:29.0464 5644 Boot (0x1200) (0dee9be8e8290a9cdb1470b7f901855a) \Device\Harddisk0\DR0\Partition1
21:02:29.0464 5644 \Device\Harddisk0\DR0\Partition1 - ok
21:02:29.0480 5644 ============================================================
21:02:29.0480 5644 Scan finished
21:02:29.0480 5644 ============================================================
21:02:29.0511 5636 Detected object count: 10
21:02:29.0511 5636 Actual detected object count: 10
21:02:56.0842 5636 Com4Qlb ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:56.0842 5636 Com4Qlb ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:56.0842 5636 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:56.0842 5636 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:56.0842 5636 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:56.0842 5636 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:56.0858 5636 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:56.0858 5636 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:56.0858 5636 hpqwmiex ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:56.0858 5636 hpqwmiex ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:56.0874 5636 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:56.0874 5636 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:56.0874 5636 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:56.0874 5636 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:56.0874 5636 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:56.0874 5636 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:56.0874 5636 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:56.0874 5636 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:56.0889 5636 Vongo Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:56.0889 5636 Vongo Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:08:20.0228 5064 ============================================================
21:08:20.0228 5064 Scan started
21:08:20.0228 5064 Mode: Manual; SigCheck; TDLFS;
21:08:20.0228 5064 ============================================================
21:08:20.0806 5064 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
21:08:20.0868 5064 ACPI - ok
21:08:20.0930 5064 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
21:08:20.0977 5064 adp94xx - ok
21:08:21.0008 5064 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
21:08:21.0133 5064 adpahci - ok
21:08:21.0258 5064 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
21:08:21.0352 5064 adpu160m - ok
21:08:21.0383 5064 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
21:08:21.0430 5064 adpu320 - ok
21:08:21.0476 5064 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
21:08:21.0508 5064 AeLookupSvc - ok
21:08:21.0554 5064 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
21:08:21.0601 5064 AFD - ok
21:08:21.0617 5064 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
21:08:21.0664 5064 agp440 - ok
21:08:21.0695 5064 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
21:08:21.0726 5064 aic78xx - ok
21:08:21.0757 5064 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
21:08:21.0835 5064 ALG - ok
21:08:21.0851 5064 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
21:08:21.0882 5064 aliide - ok
21:08:21.0913 5064 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
21:08:21.0944 5064 amdagp - ok
21:08:21.0976 5064 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
21:08:22.0007 5064 amdide - ok
21:08:22.0022 5064 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
21:08:22.0100 5064 AmdK7 - ok
21:08:22.0132 5064 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
21:08:22.0194 5064 AmdK8 - ok
21:08:22.0272 5064 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
21:08:22.0303 5064 Appinfo - ok
21:08:22.0334 5064 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
21:08:22.0366 5064 arc - ok
21:08:22.0412 5064 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
21:08:22.0459 5064 arcsas - ok
21:08:22.0490 5064 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
21:08:22.0537 5064 AsyncMac - ok
21:08:22.0568 5064 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
21:08:22.0584 5064 atapi - ok
21:08:22.0678 5064 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
21:08:22.0724 5064 AudioEndpointBuilder - ok
21:08:22.0756 5064 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
21:08:22.0818 5064 Audiosrv - ok
21:08:22.0896 5064 BCM43XV (34a0a6386256080f52c74076c6157026) C:\Windows\system32\DRIVERS\bcmwl6.sys
21:08:22.0974 5064 BCM43XV - ok
21:08:23.0036 5064 BCM43XX (34a0a6386256080f52c74076c6157026) C:\Windows\system32\DRIVERS\bcmwl6.sys
21:08:23.0130 5064 BCM43XX - ok
21:08:23.0177 5064 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
21:08:23.0208 5064 Beep - ok
21:08:23.0286 5064 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
21:08:23.0348 5064 BFE - ok
21:08:23.0426 5064 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
21:08:23.0504 5064 BITS - ok
21:08:23.0536 5064 blbdrive - ok
21:08:23.0567 5064 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
21:08:23.0614 5064 bowser - ok
21:08:23.0660 5064 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
21:08:23.0692 5064 BrFiltLo - ok
21:08:23.0707 5064 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
21:08:23.0723 5064 BrFiltUp - ok
21:08:23.0770 5064 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
21:08:23.0816 5064 Browser - ok
21:08:23.0848 5064 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
21:08:23.0941 5064 Brserid - ok
21:08:23.0957 5064 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
21:08:24.0050 5064 BrSerWdm - ok
21:08:24.0066 5064 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
21:08:24.0128 5064 BrUsbMdm - ok
21:08:24.0160 5064 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
21:08:24.0222 5064 BrUsbSer - ok
21:08:24.0253 5064 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
21:08:24.0331 5064 BTHMODEM - ok
21:08:24.0378 5064 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
21:08:24.0456 5064 cdfs - ok
21:08:24.0487 5064 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
21:08:24.0550 5064 cdrom - ok
21:08:24.0596 5064 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
21:08:24.0643 5064 CertPropSvc - ok
21:08:24.0690 5064 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
21:08:24.0768 5064 circlass - ok
21:08:24.0799 5064 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
21:08:24.0846 5064 CLFS - ok
21:08:24.0908 5064 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:08:24.0955 5064 clr_optimization_v2.0.50727_32 - ok
21:08:24.0986 5064 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
21:08:25.0033 5064 CmBatt - ok
21:08:25.0064 5064 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
21:08:25.0096 5064 cmdide - ok
21:08:25.0142 5064 CnxtHdAudService (b6e7991e3d6146c04c85cd31af22a381) C:\Windows\system32\drivers\CHDRT32.sys
21:08:25.0189 5064 CnxtHdAudService - ok
21:08:25.0298 5064 Com4Qlb (d8774ace03b46c9b01a49818055f9ad4) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
21:08:25.0361 5064 Com4Qlb ( UnsignedFile.Multi.Generic ) - warning
21:08:25.0361 5064 Com4Qlb - detected UnsignedFile.Multi.Generic (1)
21:08:25.0470 5064 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
21:08:25.0501 5064 Compbatt - ok
21:08:25.0501 5064 COMSysApp - ok
21:08:25.0548 5064 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
21:08:25.0579 5064 crcdisk - ok
21:08:25.0595 5064 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
21:08:25.0673 5064 Crusoe - ok
21:08:25.0735 5064 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
21:08:25.0782 5064 CryptSvc - ok
21:08:25.0844 5064 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
21:08:25.0922 5064 DcomLaunch - ok
21:08:25.0938 5064 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
21:08:26.0016 5064 DfsC - ok
21:08:26.0110 5064 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
21:08:26.0359 5064 DFSR - ok
21:08:26.0437 5064 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
21:08:26.0484 5064 Dhcp - ok
21:08:26.0500 5064 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
21:08:26.0546 5064 disk - ok
21:08:26.0609 5064 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
21:08:26.0640 5064 Dnscache - ok
21:08:26.0702 5064 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
21:08:26.0749 5064 dot3svc - ok
21:08:26.0812 5064 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
21:08:26.0858 5064 Dot4 - ok
21:08:26.0890 5064 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
21:08:26.0952 5064 Dot4Print - ok
21:08:26.0968 5064 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
21:08:27.0030 5064 dot4usb - ok
21:08:27.0061 5064 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
21:08:27.0124 5064 DPS - ok
21:08:27.0186 5064 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
21:08:27.0202 5064 drmkaud - ok
21:08:27.0311 5064 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
21:08:27.0358 5064 DXGKrnl - ok
21:08:27.0420 5064 E100B (c0b00e55cf82d122d25983c7a6a53dea) C:\Windows\system32\DRIVERS\e100b325.sys
21:08:27.0529 5064 E100B - ok
21:08:27.0576 5064 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
21:08:27.0685 5064 E1G60 - ok
21:08:27.0763 5064 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
21:08:27.0826 5064 EapHost - ok
21:08:27.0888 5064 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
21:08:27.0950 5064 Ecache - ok
21:08:27.0982 5064 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
21:08:28.0075 5064 ehRecvr - ok
21:08:28.0122 5064 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
21:08:28.0169 5064 ehSched - ok
21:08:28.0169 5064 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
21:08:28.0200 5064 ehstart - ok
21:08:28.0247 5064 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
21:08:28.0278 5064 elxstor - ok
21:08:28.0356 5064 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
21:08:28.0403 5064 EMDMgmt - ok
21:08:28.0481 5064 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
21:08:28.0543 5064 EventSystem - ok
21:08:28.0574 5064 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
21:08:28.0621 5064 exfat - ok
21:08:28.0668 5064 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
21:08:28.0715 5064 fastfat - ok
21:08:28.0746 5064 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
21:08:28.0840 5064 fdc - ok
21:08:28.0871 5064 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
21:08:28.0918 5064 fdPHost - ok
21:08:28.0933 5064 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
21:08:29.0011 5064 FDResPub - ok
21:08:29.0042 5064 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
21:08:29.0074 5064 FileInfo - ok
21:08:29.0089 5064 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
21:08:29.0152 5064 Filetrace - ok
21:08:29.0167 5064 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
21:08:29.0230 5064 flpydisk - ok
21:08:29.0261 5064 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
21:08:29.0308 5064 FltMgr - ok
21:08:29.0401 5064 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
21:08:29.0464 5064 FontCache - ok
21:08:29.0542 5064 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:08:29.0573 5064 FontCache3.0.0.0 - ok
21:08:29.0604 5064 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
21:08:29.0651 5064 Fs_Rec - ok
21:08:29.0682 5064 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
21:08:29.0729 5064 gagp30kx - ok
21:08:29.0869 5064 GameConsoleService (44d07e5a444692e9b6a5cdd7401b4402) C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
21:08:30.0025 5064 GameConsoleService - ok
21:08:30.0150 5064 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
21:08:30.0290 5064 gpsvc - ok
21:08:30.0415 5064 HdAudAddService (7be40bb4cd16d8760e18ea981ff452ec) C:\Windows\system32\drivers\CHDART.sys
21:08:30.0446 5064 HdAudAddService - ok
21:08:30.0571 5064 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
21:08:30.0649 5064 HDAudBus - ok
21:08:30.0680 5064 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
21:08:30.0758 5064 HidBth - ok
21:08:30.0774 5064 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
21:08:30.0852 5064 HidIr - ok
21:08:30.0883 5064 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
21:08:30.0930 5064 hidserv - ok
21:08:30.0961 5064 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
21:08:30.0992 5064 HidUsb - ok
21:08:31.0039 5064 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
21:08:31.0117 5064 hkmsvc - ok
21:08:31.0211 5064 HP Health Check Service (0d26c438e2938a3e6bdd91173bc96ff0) c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
21:08:31.0258 5064 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
21:08:31.0258 5064 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
21:08:31.0304 5064 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
21:08:31.0351 5064 HpCISSs - ok
21:08:31.0523 5064 hpqcxs08 (b14328cfeeb6b736be44c2c9db3b162c) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
21:08:31.0757 5064 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
21:08:31.0757 5064 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
21:08:31.0804 5064 hpqddsvc (df446ba625cc441617843e87798ce048) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
21:08:31.0960 5064 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
21:08:31.0960 5064 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
21:08:32.0069 5064 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
21:08:32.0100 5064 HpqKbFiltr - ok
21:08:32.0131 5064 HpqRemHid (115c0933b3ed51dfbec4449348c8065b) C:\Windows\system32\DRIVERS\HpqRemHid.sys
21:08:32.0147 5064 HpqRemHid - ok
21:08:32.0256 5064 hpqwmiex (04c1dcbb226c6ae647b794833ce3ceb6) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
21:08:32.0334 5064 hpqwmiex ( UnsignedFile.Multi.Generic ) - warning
21:08:32.0334 5064 hpqwmiex - detected UnsignedFile.Multi.Generic (1)
21:08:32.0443 5064 HPSLPSVC (75f122cdca3c71bd09089f2ca824b796) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
21:08:32.0615 5064 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
21:08:32.0615 5064 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
21:08:32.0708 5064 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
21:08:32.0771 5064 HSFHWAZL - ok
21:08:32.0849 5064 HSF_DPV (cc267848cb3508e72762be65734e764d) C:\Windows\system32\DRIVERS\HSX_DPV.sys
21:08:32.0927 5064 HSF_DPV - ok
21:08:32.0989 5064 HSXHWAZL (a2882945cc4b6e3e4e9e825590438888) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
21:08:33.0020 5064 HSXHWAZL - ok
21:08:33.0083 5064 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
21:08:33.0145 5064 HTTP - ok
21:08:33.0192 5064 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
21:08:33.0208 5064 i2omp - ok
21:08:33.0270 5064 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
21:08:33.0332 5064 i8042prt - ok
21:08:33.0410 5064 ialm (496db78e6a0c4c44023d9a92b4a7ac31) C:\Windows\system32\DRIVERS\igdkmd32.sys
21:08:33.0566 5064 ialm - ok
21:08:33.0598 5064 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
21:08:33.0644 5064 iaStorV - ok
21:08:33.0738 5064 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:08:33.0785 5064 IDriverT ( UnsignedFile.Multi.Generic ) - warning
21:08:33.0785 5064 IDriverT - detected UnsignedFile.Multi.Generic (1)
21:08:33.0863 5064 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:08:34.0050 5064 idsvc - ok
21:08:34.0112 5064 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
21:08:34.0144 5064 iirsp - ok
21:08:34.0222 5064 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
21:08:34.0284 5064 IKEEXT - ok
21:08:34.0346 5064 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
21:08:34.0362 5064 intelide - ok
21:08:34.0393 5064 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
21:08:34.0471 5064 intelppm - ok
21:08:34.0518 5064 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
21:08:34.0565 5064 IPBusEnum - ok
21:08:34.0627 5064 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:08:34.0690 5064 IpFilterDriver - ok
21:08:34.0721 5064 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
21:08:34.0768 5064 iphlpsvc - ok
21:08:34.0783 5064 IpInIp - ok
21:08:34.0799 5064 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
21:08:34.0892 5064 IPMIDRV - ok
21:08:34.0924 5064 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
21:08:34.0970 5064 IPNAT - ok
21:08:34.0986 5064 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
21:08:35.0017 5064 IRENUM - ok
21:08:35.0048 5064 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
21:08:35.0080 5064 isapnp - ok
21:08:35.0142 5064 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
21:08:35.0173 5064 iScsiPrt - ok
21:08:35.0204 5064 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
21:08:35.0236 5064 iteatapi - ok
21:08:35.0267 5064 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
21:08:35.0298 5064 iteraid - ok
21:08:35.0345 5064 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
21:08:35.0392 5064 kbdclass - ok
21:08:35.0423 5064 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
21:08:35.0470 5064 kbdhid - ok
21:08:35.0501 5064 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
21:08:35.0548 5064 KeyIso - ok
21:08:35.0563 5064 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
21:08:35.0626 5064 KSecDD - ok
21:08:35.0688 5064 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
21:08:35.0750 5064 KtmRm - ok
21:08:35.0797 5064 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
21:08:35.0828 5064 LanmanServer - ok
21:08:35.0875 5064 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
21:08:35.0922 5064 LanmanWorkstation - ok
21:08:35.0969 5064 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
21:08:36.0031 5064 lltdio - ok
21:08:36.0078 5064 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
21:08:36.0140 5064 lltdsvc - ok
21:08:36.0172 5064 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
21:08:36.0250 5064 lmhosts - ok
21:08:36.0296 5064 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
21:08:36.0343 5064 LSI_FC - ok
21:08:36.0374 5064 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
21:08:36.0421 5064 LSI_SAS - ok
21:08:36.0468 5064 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
21:08:36.0499 5064 LSI_SCSI - ok
21:08:36.0562 5064 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
21:08:36.0640 5064 luafv - ok
21:08:36.0686 5064 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
21:08:36.0733 5064 Mcx2Svc - ok
21:08:36.0780 5064 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
21:08:36.0811 5064 mdmxsdk - ok
21:08:36.0827 5064 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
21:08:36.0858 5064 megasas - ok
21:08:36.0905 5064 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
21:08:36.0967 5064 MMCSS - ok
21:08:36.0998 5064 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
21:08:37.0061 5064 Modem - ok
21:08:37.0123 5064 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
21:08:37.0186 5064 monitor - ok
21:08:37.0217 5064 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
21:08:37.0248 5064 mouclass - ok
21:08:37.0264 5064 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
21:08:37.0310 5064 mouhid - ok
21:08:37.0342 5064 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
21:08:37.0388 5064 MountMgr - ok
21:08:37.0451 5064 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
21:08:37.0498 5064 MpFilter - ok
21:08:37.0529 5064 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
21:08:37.0576 5064 mpio - ok
21:08:37.0747 5064 MpKsl9e500799 (a69630d039c38018689190234f866d77) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CD30503B-F0FC-4751-A70A-337CCFB75828}\MpKsl9e500799.sys
21:08:37.0778 5064 MpKsl9e500799 - ok
21:08:37.0825 5064 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
21:08:37.0872 5064 MpNWMon - ok
21:08:37.0903 5064 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
21:08:37.0950 5064 mpsdrv - ok
21:08:37.0997 5064 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
21:08:38.0090 5064 MpsSvc - ok
21:08:38.0122 5064 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
21:08:38.0153 5064 Mraid35x - ok
21:08:38.0200 5064 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
21:08:38.0231 5064 MRxDAV - ok
21:08:38.0278 5064 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:08:38.0324 5064 mrxsmb - ok
21:08:38.0356 5064 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:08:38.0402 5064 mrxsmb10 - ok
21:08:38.0418 5064 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:08:38.0480 5064 mrxsmb20 - ok
21:08:38.0512 5064 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
21:08:38.0543 5064 msahci - ok
21:08:38.0558 5064 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
21:08:38.0621 5064 msdsm - ok
21:08:38.0652 5064 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
21:08:38.0699 5064 MSDTC - ok
21:08:38.0730 5064 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
21:08:38.0777 5064 Msfs - ok
21:08:38.0808 5064 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
21:08:38.0839 5064 msisadrv - ok
21:08:38.0902 5064 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
21:08:38.0964 5064 MSiSCSI - ok
21:08:38.0980 5064 msiserver - ok
21:08:39.0026 5064 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
21:08:39.0058 5064 MSKSSRV - ok
21:08:39.0151 5064 MsMpSvc (cfce43b70ca0cc4dcc8adb62b792b173) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
21:08:39.0198 5064 MsMpSvc - ok
21:08:39.0214 5064 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
21:08:39.0245 5064 MSPCLOCK - ok
21:08:39.0276 5064 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
21:08:39.0307 5064 MSPQM - ok
21:08:39.0354 5064 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
21:08:39.0448 5064 MsRPC - ok
21:08:39.0494 5064 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
21:08:39.0526 5064 mssmbios - ok
21:08:39.0541 5064 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
21:08:39.0588 5064 MSTEE - ok
21:08:39.0604 5064 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
21:08:39.0666 5064 Mup - ok
21:08:39.0697 5064 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
21:08:39.0760 5064 napagent - ok
21:08:39.0838 5064 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
21:08:39.0869 5064 NativeWifiP - ok
21:08:39.0916 5064 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
21:08:39.0978 5064 NDIS - ok
21:08:40.0025 5064 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
21:08:40.0072 5064 NdisTapi - ok
21:08:40.0103 5064 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
21:08:40.0150 5064 Ndisuio - ok
21:08:40.0165 5064 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
21:08:40.0212 5064 NdisWan - ok
21:08:40.0243 5064 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
21:08:40.0290 5064 NDProxy - ok
21:08:40.0352 5064 Net Driver HPZ12 (a081cb6fb9a12668f233eb5414be3a0e) C:\Windows\system32\HPZinw12.dll
21:08:40.0368 5064 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
21:08:40.0368 5064 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
21:08:40.0399 5064 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
21:08:40.0462 5064 NetBIOS - ok
21:08:40.0508 5064 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
21:08:40.0571 5064 netbt - ok
21:08:40.0602 5064 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
21:08:40.0649 5064 Netlogon - ok
21:08:40.0680 5064 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
21:08:40.0758 5064 Netman - ok
21:08:40.0789 5064 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
21:08:40.0852 5064 netprofm - ok
21:08:40.0945 5064 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:08:40.0976 5064 NetTcpPortSharing - ok
21:08:41.0023 5064 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
21:08:41.0054 5064 nfrd960 - ok
21:08:41.0132 5064 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
21:08:41.0179 5064 NisDrv - ok
21:08:41.0273 5064 NisSrv (a5cb074f34bbd89948e34a630d459c0c) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
21:08:41.0351 5064 NisSrv - ok
21:08:41.0398 5064 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
21:08:41.0476 5064 NlaSvc - ok
21:08:41.0522 5064 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
21:08:41.0569 5064 Npfs - ok
21:08:41.0616 5064 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
21:08:41.0678 5064 nsi - ok
21:08:41.0710 5064 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
21:08:41.0756 5064 nsiproxy - ok
21:08:41.0834 5064 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
21:08:42.0037 5064 Ntfs - ok
21:08:42.0115 5064 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
21:08:42.0193 5064 ntrigdigi - ok
21:08:42.0209 5064 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
21:08:42.0256 5064 Null - ok
21:08:42.0334 5064 NVENETFD (d958a2b5f6ad5c3b8ccdc4d7da62466c) C:\Windows\system32\DRIVERS\nvmfdx32.sys
21:08:42.0412 5064 NVENETFD - ok
21:08:42.0661 5064 nvlddmkm (d65bc32c1795191b7f2b028351ab4fe2) C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:08:43.0285 5064 nvlddmkm - ok
21:08:43.0316 5064 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
21:08:43.0363 5064 nvraid - ok
21:08:43.0426 5064 nvsmu (9aebc32f9d6e02ebee0369ab296fe7c8) C:\Windows\system32\DRIVERS\nvsmu.sys
21:08:43.0441 5064 nvsmu - ok
21:08:43.0472 5064 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
21:08:43.0504 5064 nvstor - ok
21:08:43.0582 5064 nvsvc (a8c043670699c956d56b9f1f3daefc98) C:\Windows\system32\nvvsvc.exe
21:08:43.0660 5064 nvsvc - ok
21:08:43.0691 5064 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
21:08:43.0722 5064 nv_agp - ok
21:08:43.0753 5064 NwlnkFlt - ok
21:08:43.0769 5064 NwlnkFwd - ok
21:08:43.0925 5064 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:08:44.0018 5064 odserv - ok
21:08:44.0065 5064 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
21:08:44.0112 5064 ohci1394 - ok
21:08:44.0206 5064 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:08:44.0284 5064 ose - ok
21:08:44.0408 5064 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
21:08:44.0471 5064 p2pimsvc - ok
21:08:44.0486 5064 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
21:08:44.0564 5064 p2psvc - ok
21:08:44.0611 5064 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
21:08:44.0720 5064 Parport - ok
21:08:44.0752 5064 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
21:08:44.0798 5064 partmgr - ok
21:08:44.0814 5064 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
21:08:44.0876 5064 Parvdm - ok
21:08:44.0923 5064 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
21:08:44.0954 5064 PcaSvc - ok
21:08:45.0001 5064 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
21:08:45.0032 5064 pci - ok
21:08:45.0064 5064 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
21:08:45.0095 5064 pciide - ok
21:08:45.0110 5064 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
21:08:45.0157 5064 pcmcia - ok
21:08:45.0204 5064 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
21:08:45.0313 5064 PEAUTH - ok
21:08:45.0656 5064 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
21:08:45.0812 5064 pla - ok
21:08:45.0890 5064 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
21:08:47.0372 5064 PlugPlay - ok
21:08:47.0482 5064 Pml Driver HPZ12 (65bc271f337637731d3c71455ae1f476) C:\Windows\system32\HPZipm12.dll
21:08:47.0513 5064 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
21:08:47.0513 5064 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
21:08:47.0575 5064 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
21:08:47.0653 5064 PNRPAutoReg - ok
21:08:47.0731 5064 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
21:08:47.0809 5064 PNRPsvc - ok
21:08:47.0887 5064 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
21:08:47.0950 5064 PolicyAgent - ok
21:08:48.0090 5064 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
21:08:48.0168 5064 PptpMiniport - ok
21:08:48.0215 5064 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
21:08:48.0277 5064 Processor - ok
21:08:48.0324 5064 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
21:08:48.0386 5064 ProfSvc - ok
21:08:48.0418 5064 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
21:08:48.0464 5064 ProtectedStorage - ok
21:08:48.0511 5064 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
21:08:48.0574 5064 PSched - ok
21:08:48.0636 5064 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
21:08:48.0714 5064 ql2300 - ok
21:08:48.0730 5064 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
21:08:48.0792 5064 ql40xx - ok
21:08:48.0948 5064 QPCapSvc (599ff0b96561ca4f0899fe7f1c4cce9a) C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
21:08:49.0042 5064 QPCapSvc - ok
21:08:49.0057 5064 QPSched (8ff5cad74c3c5e692e1610e861609a3b) C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
21:08:49.0135 5064 QPSched - ok
21:08:49.0244 5064 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
21:08:49.0307 5064 QWAVE - ok
21:08:49.0354 5064 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
21:08:49.0400 5064 QWAVEdrv - ok
21:08:49.0416 5064 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
21:08:49.0447 5064 RasAcd - ok
21:08:49.0463 5064 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
21:08:49.0525 5064 RasAuto - ok
21:08:49.0556 5064 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:08:49.0634 5064 Rasl2tp - ok
21:08:49.0697 5064 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
21:08:49.0759 5064 RasMan - ok
21:08:49.0790 5064 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
21:08:49.0853 5064 RasPppoe - ok
21:08:49.0900 5064 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
21:08:49.0946 5064 RasSstp - ok
21:08:49.0993 5064 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
21:08:50.0056 5064 rdbss - ok
21:08:50.0087 5064 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:08:50.0118 5064 RDPCDD - ok
21:08:50.0180 5064 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
21:08:50.0243 5064 rdpdr - ok
21:08:50.0243 5064 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
21:08:50.0274 5064 RDPENCDD - ok
21:08:50.0352 5064 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
21:08:50.0414 5064 RDPWD - ok
21:08:50.0461 5064 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
21:08:50.0524 5064 RemoteAccess - ok
21:08:50.0555 5064 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
21:08:50.0617 5064 RemoteRegistry - ok
21:08:50.0758 5064 RichVideo (17e0bef5ca5c9ce52cc8082ac6ebc449) C:\Program Files\CyberLink\Shared Files\RichVideo.exe
21:08:50.0851 5064 RichVideo - ok
21:08:50.0960 5064 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
21:08:51.0007 5064 rimmptsk - ok
21:08:51.0038 5064 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
21:08:51.0085 5064 rimsptsk - ok
21:08:51.0101 5064 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
21:08:51.0148 5064 rismxdp - ok
21:08:51.0163 5064 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
21:08:51.0194 5064 RpcLocator - ok
21:08:51.0241 5064 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
21:08:51.0304 5064 RpcSs - ok
21:08:51.0350 5064 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
21:08:51.0428 5064 rspndr - ok
21:08:51.0460 5064 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
21:08:51.0506 5064 SamSs - ok
21:08:51.0553 5064 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
21:08:51.0600 5064 sbp2port - ok
21:08:51.0756 5064 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
21:08:53.0768 5064 SBSDWSCService - ok
21:08:53.0878 5064 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
21:08:53.0940 5064 SCardSvr - ok
21:08:54.0018 5064 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
21:08:54.0065 5064 Schedule - ok
21:08:54.0112 5064 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
21:08:54.0158 5064 SCPolicySvc - ok
21:08:54.0205 5064 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
21:08:54.0236 5064 sdbus - ok
21:08:54.0283 5064 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
21:08:54.0330 5064 SDRSVC - ok
21:08:54.0361 5064 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
21:08:54.0439 5064 secdrv - ok
21:08:54.0470 5064 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
21:08:54.0517 5064 seclogon - ok
21:08:54.0564 5064 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
21:08:54.0611 5064 SENS - ok
21:08:54.0642 5064 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
21:08:54.0704 5064 Serenum - ok
21:08:54.0751 5064 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
21:08:54.0814 5064 Serial - ok
21:08:54.0845 5064 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
21:08:54.0892 5064 sermouse - ok
21:08:54.0938 5064 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
21:08:55.0001 5064 SessionEnv - ok
21:08:55.0016 5064 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
21:08:55.0094 5064 sffdisk - ok
21:08:55.0094 5064 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
21:08:55.0172 5064 sffp_mmc - ok
21:08:55.0204 5064 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
21:08:55.0282 5064 sffp_sd - ok
21:08:55.0297 5064 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
21:08:55.0360 5064 sfloppy - ok
21:08:55.0422 5064 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
21:08:55.0500 5064 SharedAccess - ok
21:08:55.0547 5064 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
21:08:55.0594 5064 ShellHWDetection - ok
21:08:55.0609 5064 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
21:08:55.0656 5064 sisagp - ok
21:08:55.0687 5064 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
21:08:55.0718 5064 SiSRaid2 - ok
21:08:55.0750 5064 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
21:08:55.0781 5064 SiSRaid4 - ok
21:08:55.0874 5064 SkypeUpdate (17eab7852ff9f15fbaab4e95efc0b812) C:\Program Files\Skype\Updater\Updater.exe
21:08:56.0062 5064 SkypeUpdate - ok
21:08:56.0186 5064 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
21:08:56.0420 5064 slsvc - ok
21:08:56.0467 5064 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
21:08:56.0514 5064 SLUINotify - ok
21:08:56.0576 5064 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
21:08:56.0639 5064 Smb - ok
21:08:56.0686 5064 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
21:08:56.0717 5064 SNMPTRAP - ok
21:08:56.0779 5064 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
21:08:56.0795 5064 spldr - ok
21:08:56.0842 5064 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
21:08:56.0904 5064 Spooler - ok
21:08:56.0966 5064 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
21:08:57.0013 5064 srv - ok
21:08:57.0044 5064 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
21:08:57.0091 5064 srv2 - ok
21:08:57.0138 5064 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
21:08:57.0169 5064 srvnet - ok
21:08:57.0200 5064 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
21:08:57.0263 5064 SSDPSRV - ok
21:08:57.0294 5064 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
21:08:57.0341 5064 SstpSvc - ok
21:08:57.0388 5064 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
21:08:57.0419 5064 StillCam - ok
21:08:57.0481 5064 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
21:08:57.0544 5064 stisvc - ok
21:08:57.0590 5064 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
21:08:57.0622 5064 swenum - ok
21:08:57.0668 5064 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
21:08:57.0746 5064 swprv - ok
21:08:57.0793 5064 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
21:08:57.0824 5064 Symc8xx - ok
21:08:57.0840 5064 SymIM - ok
21:08:57.0856 5064 SymIMMP - ok
21:08:57.0887 5064 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
21:08:57.0934 5064 Sym_hi - ok
21:08:57.0949 5064 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
21:08:57.0980 5064 Sym_u3 - ok
21:08:58.0027 5064 SynTP (067cb9d745407a8c1b26e89a6a2ce152) C:\Windows\system32\DRIVERS\SynTP.sys
21:08:58.0058 5064 SynTP - ok
21:08:58.0090 5064 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
21:08:58.0152 5064 SysMain - ok
21:08:58.0183 5064 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
21:08:58.0230 5064 TabletInputService - ok
21:08:58.0277 5064 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
21:08:58.0324 5064 TapiSrv - ok
21:08:58.0370 5064 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
21:08:58.0417 5064 TBS - ok
21:08:58.0495 5064 Tcpip (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\drivers\tcpip.sys
21:08:58.0589 5064 Tcpip - ok
21:08:58.0636 5064 Tcpip6 (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\DRIVERS\tcpip.sys
21:08:58.0714 5064 Tcpip6 - ok
21:08:58.0760 5064 tcpipreg (3fc13f09af9be487c7b4fac4070a036c) C:\Windows\system32\drivers\tcpipreg.sys
21:08:58.0807 5064 tcpipreg - ok
21:08:58.0823 5064 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
21:08:58.0885 5064 TDPIPE - ok
21:08:58.0916 5064 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
21:08:58.0963 5064 TDTCP - ok
21:08:59.0010 5064 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
21:08:59.0104 5064 tdx - ok
21:08:59.0135 5064 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
21:08:59.0182 5064 TermDD - ok
21:08:59.0228 5064 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
21:08:59.0306 5064 TermService - ok
21:08:59.0338 5064 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
21:08:59.0384 5064 Themes - ok
21:08:59.0416 5064 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
21:08:59.0462 5064 THREADORDER - ok
21:08:59.0509 5064 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
21:08:59.0556 5064 TrkWks - ok
21:08:59.0634 5064 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
21:08:59.0696 5064 TrustedInstaller - ok
21:08:59.0743 5064 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:08:59.0790 5064 tssecsrv - ok
21:08:59.0837 5064 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
21:08:59.0868 5064 tunmp - ok
21:08:59.0899 5064 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
21:08:59.0930 5064 tunnel - ok
21:08:59.0977 5064 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
21:09:00.0024 5064 uagp35 - ok
21:09:00.0055 5064 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
21:09:00.0118 5064 udfs - ok
21:09:00.0149 5064 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
21:09:00.0211 5064 UI0Detect - ok
21:09:00.0227 5064 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
21:09:00.0274 5064 uliagpkx - ok
21:09:00.0320 5064 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
21:09:00.0383 5064 uliahci - ok
21:09:00.0414 5064 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
21:09:00.0430 5064 UlSata - ok
21:09:00.0461 5064 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
21:09:00.0492 5064 ulsata2 - ok
21:09:00.0523 5064 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
21:09:00.0586 5064 umbus - ok
21:09:00.0617 5064 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
21:09:00.0679 5064 upnphost - ok
21:09:00.0757 5064 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
21:09:00.0820 5064 usbccgp - ok
21:09:00.0866 5064 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
21:09:00.0960 5064 usbcir - ok
21:09:00.0991 5064 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
21:09:01.0054 5064 usbehci - ok
21:09:01.0100 5064 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
21:09:01.0147 5064 usbhub - ok
21:09:01.0225 5064 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
21:09:01.0272 5064 usbohci - ok
21:09:01.0303 5064 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
21:09:01.0366 5064 usbprint - ok
21:09:01.0412 5064 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
21:09:01.0459 5064 usbscan - ok
21:09:01.0490 5064 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:09:01.0553 5064 USBSTOR - ok
21:09:01.0584 5064 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
21:09:01.0662 5064 usbuhci - ok
21:09:01.0709 5064 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
21:09:01.0756 5064 usbvideo - ok
21:09:01.0802 5064 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
21:09:01.0849 5064 UxSms - ok
21:09:01.0880 5064 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
21:09:01.0958 5064 vds - ok
21:09:02.0005 5064 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
21:09:02.0083 5064 vga - ok
21:09:02.0177 5064 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
21:09:02.0224 5064 VgaSave - ok
21:09:02.0255 5064 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
21:09:02.0302 5064 viaagp - ok
21:09:02.0333 5064 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
21:09:02.0426 5064 ViaC7 - ok
21:09:02.0442 5064 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
21:09:02.0473 5064 viaide - ok
21:09:02.0520 5064 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
21:09:02.0567 5064 volmgr - ok
21:09:02.0629 5064 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
21:09:02.0676 5064 volmgrx - ok
21:09:02.0754 5064 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
21:09:02.0801 5064 volsnap - ok
21:09:02.0957 5064 Vongo Service (4b7f8cabbf7261796f12780e911d5f34) C:\Program Files\Vongo\VongoService.exe
21:09:03.0019 5064 Vongo Service ( UnsignedFile.Multi.Generic ) - warning
21:09:03.0019 5064 Vongo Service - detected UnsignedFile.Multi.Generic (1)
21:09:03.0066 5064 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
21:09:03.0128 5064 vsmraid - ok
21:09:03.0206 5064 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
21:09:03.0331 5064 VSS - ok
21:09:03.0378 5064 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
21:09:03.0440 5064 W32Time - ok
21:09:03.0487 5064 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
21:09:03.0565 5064 WacomPen - ok
21:09:03.0612 5064 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
21:09:03.0674 5064 Wanarp - ok
21:09:03.0690 5064 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
21:09:03.0752 5064 Wanarpv6 - ok
21:09:03.0815 5064 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
21:09:03.0908 5064 wcncsvc - ok
21:09:03.0940 5064 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
21:09:03.0986 5064 WcsPlugInService - ok
21:09:04.0018 5064 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
21:09:04.0049 5064 Wd - ok
21:09:04.0096 5064 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
21:09:04.0142 5064 Wdf01000 - ok
21:09:04.0189 5064 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
21:09:04.0252 5064 WdiServiceHost - ok
21:09:04.0252 5064 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
21:09:04.0314 5064 WdiSystemHost - ok
21:09:04.0392 5064 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
21:09:04.0439 5064 WebClient - ok
21:09:04.0501 5064 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
21:09:04.0548 5064 Wecsvc - ok
21:09:04.0579 5064 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
21:09:04.0626 5064 wercplsupport - ok
21:09:04.0688 5064 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
21:09:04.0751 5064 WerSvc - ok
21:09:04.0829 5064 winachsf (0acd399f5db3df1b58903cf4949ab5a8) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
21:09:04.0876 5064 winachsf - ok
21:09:05.0000 5064 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
21:09:05.0063 5064 WinDefend - ok
21:09:05.0063 5064 WinHttpAutoProxySvc - ok
21:09:05.0156 5064 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
21:09:05.0219 5064 Winmgmt - ok
21:09:05.0281 5064 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
21:09:05.0406 5064 WinRM - ok
21:09:05.0484 5064 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
21:09:05.0546 5064 Wlansvc - ok
21:09:05.0593 5064 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
21:09:05.0624 5064 WmiAcpi - ok
21:09:05.0671 5064 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
21:09:05.0749 5064 wmiApSrv - ok
21:09:05.0983 5064 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
21:09:06.0404 5064 WMPNetworkSvc - ok
21:09:06.0560 5064 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
21:09:06.0607 5064 WPCSvc - ok
21:09:06.0685 5064 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
21:09:06.0716 5064 WPDBusEnum - ok
21:09:06.0794 5064 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
21:09:06.0841 5064 ws2ifsl - ok
21:09:06.0888 5064 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
21:09:06.0982 5064 wscsvc - ok
21:09:06.0997 5064 WSearch - ok
21:09:07.0122 5064 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
21:09:07.0262 5064 wuauserv - ok
21:09:07.0309 5064 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:09:07.0387 5064 WUDFRd - ok
21:09:07.0434 5064 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
21:09:07.0512 5064 wudfsvc - ok
21:09:07.0559 5064 XAudio (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys
21:09:07.0590 5064 XAudio - ok
21:09:07.0637 5064 XAudioService (cd5f291a1161f15896d1a4d63daff5df) C:\Windows\system32\DRIVERS\xaudio.exe
21:09:07.0730 5064 XAudioService - ok
21:09:07.0793 5064 MBR (0x1B8) (1a1a06f62e891045814007163c1c76c3) \Device\Harddisk0\DR0
21:09:07.0902 5064 \Device\Harddisk0\DR0 - ok
21:09:07.0918 5064 Boot (0x1200) (9ebf07a72e83210063dda0d1494d0527) \Device\Harddisk0\DR0\Partition0
21:09:07.0918 5064 \Device\Harddisk0\DR0\Partition0 - ok
21:09:07.0933 5064 Boot (0x1200) (0dee9be8e8290a9cdb1470b7f901855a) \Device\Harddisk0\DR0\Partition1
21:09:07.0933 5064 \Device\Harddisk0\DR0\Partition1 - ok
21:09:07.0949 5064 ============================================================
21:09:07.0949 5064 Scan finished
21:09:07.0949 5064 ============================================================
21:09:07.0980 4612 Detected object count: 10
21:09:07.0980 4612 Actual detected object count: 10
21:31:27.0634 4612 Com4Qlb ( UnsignedFile.Multi.Generic ) - skipped by user
21:31:27.0634 4612 Com4Qlb ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:31:27.0634 4612 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:31:27.0634 4612 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:31:27.0634 4612 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
21:31:27.0634 4612 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:31:27.0634 4612 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
21:31:27.0634 4612 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:31:27.0649 4612 hpqwmiex ( UnsignedFile.Multi.Generic ) - skipped by user
21:31:27.0649 4612 hpqwmiex ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:31:27.0649 4612 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
21:31:27.0649 4612 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:31:27.0649 4612 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
21:31:27.0649 4612 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:31:27.0649 4612 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
21:31:27.0649 4612 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:31:27.0649 4612 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
21:31:27.0649 4612 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:31:27.0665 4612 Vongo Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:31:27.0665 4612 Vongo Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

========mbam log

Malwarebytes Anti-Malware (Trial) 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.28.07

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 7.0.6002.18005
mnar :: MNAR-PC [administrator]

Protection: Enabled

3/28/2012 9:43:44 PM
mbam-log-2012-03-28 (21-43-44).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 181667
Time elapsed: 5 minute(s), 47 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 1
C:\Program Files\QvodPlayer\QvodBand.dll (Spyware.OnlineGames) -> Delete on reboot.

Registry Keys Detected: 2
HKCR\CLSID\{9F44453E-1E46-4D5C-B57C-112FF2EDAE82} (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{669751ED-D558-49AE-B01A-3B374CC7910E} (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Values Detected: 4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} (Trojan.Agent) -> Data: -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|{DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} (Trojan.Agent) -> Data: -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A57E074F-56D8-4A33-8112-AAC9693AA909} (Trojan.Agent) -> Data: -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|{A57E074F-56D8-4A33-8112-AAC9693AA909} (Trojan.Agent) -> Data: -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Program Files\QvodPlayer\QvodBand.dll (Spyware.OnlineGames) -> Delete on reboot.

(end)


2012/03/28 21:43:21 -0400 MNAR-PC mnar MESSAGE Starting protection
2012/03/28 21:43:22 -0400 MNAR-PC mnar MESSAGE Executing scheduled update: Daily
2012/03/28 21:43:23 -0400 MNAR-PC mnar MESSAGE Database already up-to-date
2012/03/28 21:43:25 -0400 MNAR-PC mnar MESSAGE Protection started successfully
2012/03/28 21:43:28 -0400 MNAR-PC mnar MESSAGE Starting IP protection
2012/03/28 21:43:33 -0400 MNAR-PC mnar MESSAGE IP Protection started successfully
2012/03/28 21:54:53 -0400 MNAR-PC mnar MESSAGE Starting protection
2012/03/28 21:54:57 -0400 MNAR-PC mnar MESSAGE Protection started successfully
2012/03/28 21:55:00 -0400 MNAR-PC mnar MESSAGE Starting IP protection
2012/03/28 21:55:04 -0400 MNAR-PC mnar MESSAGE IP Protection started successfully
2012/03/28 21:56:13 -0400 MNAR-PC mnar IP-BLOCK 121.10.247.219 (Type: outgoing, Port: 49199, Process: qvodtips.exe)
  • 0

#6
CompCav
Posted 29 March 2012 - 01:08 PM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Step 1.

Use Revo Uninstaller to remove QVodPlayer

Click here to download Revo Uninstaller
Once downloaded, double click the file and follow the prompts to install it
Run Revo Uninstaller, then click the program you want to remove, then click Uninstall at the top
Click Yes to confirm, then click Next
After it has ran the official uninstaller, click Next to search for leftover information
If it finds any leftover files and folders, click Select All, then Delete
Click Next after it has removed the leftovers, then click Finish


Step 2.

Please run a free online scan with the ESET Online Scanner
Note: You will need to use Internet Explorer for this scan
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic


Run ESET Online Scan

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
  • ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Check Posted Image
  • Make sure that the option "Remove found threats" is Unchecked
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


Step 3.

Security Check
Download Security Check by screen317 from here or here.

Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Step 4.

We need to run a Check disk on your hard drive as a first step to correct the slowness.

Open Computer by clicking the Start button Posted Image, and then clicking Computer.

Click once the hard disk drive that you want to check, and then click Properties.

Posted Image

Then select the Tools tab, and click the “Check Now” button.
Posted Image
A little dialog will pop up to allow you to choose the options you want for the disk check. You should check both options.
Posted Image
The only problem with that is that Windows can’t check a drive that’s being used, such as the system drive, but Windows will let you schedule a disk check for the next reboot.
Posted Image
Now reboot the computer and let the disk check run.
Once it is finished Windows will automatically restart.


Step 5.

  • Double click on the Posted Image icon to run it.
  • Click the Quick Scan button. Post the log it produces in your next reply. The scan won't take long.


Step 6.

Please post:

eset log
security check log
OTL.txt

Please give me an update on how your computer is doing!
  • 0

#7
horseshoe
Posted 29 March 2012 - 09:20 PM

horseshoe

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 110 posts
=====ESET log
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK


=====security check log
Results of screen317's Security Check version 0.99.32
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 7 Out of date!
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
ESET Online Scanner v3
Microsoft Security Essentials
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
Spybot - Search & Destroy
Eusing Free Registry Cleaner
Java™ 6 Update 30
Java™ 6 Update 2
Java version out of date!
Adobe Flash Player 11.1.102.62
Adobe Reader 8 Adobe Reader out of date!
Mozilla Firefox (11.0.)
````````````````````````````````
Process Check:
objlist.exe by Laurent
Windows Defender MSMpEng.exe
Malwarebytes' Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamgui.exe
Spybot Teatimer.exe is disabled!
Microsoft Security Essentials msseces.exe
Microsoft Security Client Antimalware MsMpEng.exe
Microsoft Security Client Antimalware NisSrv.exe
``````````End of Log````````````


======OTL.txt

After displaying error message - "Access violation at address 100057AB in module 'DhellvRTF.dll.Read of address 002D0062--,the scan hung at "Scanning HDEY_CURRENT_USER Run Keys..."


The computer performance is about the same as yesterday.

Thanks!
  • 0

#8
CompCav
Posted 30 March 2012 - 09:19 AM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Please reboot and delete your current copy of OTL. Download a fresh copy here and then run Step 5. in Post #6.

Regards,

CompCav

Edited by CompCav, 30 March 2012 - 09:35 AM.

  • 0

#9
horseshoe
Posted 30 March 2012 - 05:07 PM

horseshoe

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 110 posts
Here it is!
Thanks!

=======OTL log

OTL logfile created on: 3/30/2012 7:00:19 PM - Run 4
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\mnar\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.94 Gb Total Physical Memory | 1.06 Gb Available Physical Memory | 54.88% Memory free
4.11 Gb Paging File | 3.09 Gb Available in Paging File | 75.29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220.95 Gb Total Space | 146.85 Gb Free Space | 66.47% Space Free | Partition Type: NTFS
Drive D: | 11.93 Gb Total Space | 0.65 Gb Free Space | 5.47% Space Free | Partition Type: NTFS

Computer Name: MNAR-PC | User Name: mnar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/03/30 19:00:01 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\mnar\Desktop\OTL.exe
PRC - [2012/02/17 07:27:26 | 000,250,016 | ---- | M] (Adobe Systems, Inc.) -- C:\WINDOWS\System32\Macromed\Flash\FlashUtil11f_ActiveX.exe
PRC - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/01/13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/08/25 17:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2011/06/15 16:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/04/27 16:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2011/04/27 16:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2009/04/11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2009/01/26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2007/09/15 04:29:10 | 000,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPStart.exe


========== Modules (No Company Name) ==========

MOD - [2007/11/06 02:50:44 | 000,189,760 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\NeoLoggingLib.dll
MOD - [2007/11/06 02:50:44 | 000,140,608 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\SatelliteENU.dll
MOD - [2007/11/06 02:50:44 | 000,107,840 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\UtilityLib.dll
MOD - [2007/11/06 02:50:44 | 000,042,304 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\RsrcLoaderLib.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (SOSOUpSvc)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2012/01/31 16:09:34 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/11/16 12:23:44 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2011/08/25 17:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2011/04/27 16:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011/04/27 16:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2008/01/19 00:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/08/31 14:15:06 | 000,176,128 | ---- | M] (Starz Entertainment Group LLC) [Disabled | Stopped] -- C:\Program Files\Vongo\VongoService.exe -- (Vongo Service)
SRV - [2007/03/05 14:30:06 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\SymIM.sys -- (SymIMMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\SymIM.sys -- (SymIM)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/04/27 16:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011/04/18 14:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2009/12/30 10:21:18 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009/06/24 07:08:00 | 007,542,208 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/08/01 20:51:14 | 001,052,704 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008/03/04 03:32:00 | 000,188,416 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2007/10/18 07:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/09/09 18:12:28 | 000,176,640 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\CHDART.sys -- (HdAudAddService)
DRV - [2007/07/11 14:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HpqRemHid.sys -- (HpqRemHid)
DRV - [2007/06/18 21:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007/03/22 02:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/02/24 18:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/02/16 17:50:32 | 000,012,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007/01/23 20:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rimsptsk.sys -- (rimsptsk)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...ilion&pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...ilion&pf=laptop
IE - HKLM\..\SearchScopes,DefaultScope = {609366DF-90DA-43A4-A871-3846A98F1E45}
IE - HKLM\..\SearchScopes\{609366DF-90DA-43A4-A871-3846A98F1E45}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {609366DF-90DA-43A4-A871-3846A98F1E45}
IE - HKCU\..\SearchScopes\{1FF7973D-AB0A-496d-82C1-4EADBBA11E7B}: "URL" = http://www.soso.com/...&unc=o400493_95
IE - HKCU\..\SearchScopes\{609366DF-90DA-43A4-A871-3846A98F1E45}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/03/18 08:09:56 | 000,000,000 | ---D | M]

[2012/02/04 08:31:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mnar\AppData\Roaming\Mozilla\Extensions
[2012/03/18 19:26:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mnar\AppData\Roaming\Mozilla\Firefox\Profiles\ym43eihf.default\extensions
[2012/03/01 08:11:51 | 000,000,000 | ---D | M] (HP Detect) -- C:\Users\mnar\AppData\Roaming\Mozilla\Firefox\Profiles\ym43eihf.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}
[2012/02/18 10:16:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
() (No name found) -- C:\USERS\MNAR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YM43EIHF.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
[2012/03/18 08:09:55 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/01/29 09:36:35 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/01/29 09:36:35 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2012/03/28 20:48:09 | 000,000,098 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe (Microsoft® Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [PPS Accelerator] D:\PPS.tv\PPStream\ppsap.exe ()
O9 - Extra Button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - Reg Error: Value error. File not found
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C0B87525-2220-45AE-9631-A94D26E4BEAF}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EA982A2C-C1D4-48E7-A5F4-28656125831B}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\HPRadiance.jpg
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\HPRadiance.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/10/22 16:25:46 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 11:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O33 - MountPoints2\{8cbdb1ed-52bd-11e1-8f6d-001b24df2557}\Shell - "" = AutoRun
O33 - MountPoints2\{8cbdb1ed-52bd-11e1-8f6d-001b24df2557}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{e11b0f65-4f2a-11e1-a1c0-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{e11b0f65-4f2a-11e1-a1c0-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/03/30 18:59:48 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\mnar\Desktop\OTL.exe
[2012/03/30 00:21:38 | 000,000,000 | ---D | C] -- C:\Users\mnar\Documents\TurboTax
[2012/03/30 00:03:46 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Roaming\Intuit
[2012/03/30 00:00:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2011
[2012/03/29 23:58:27 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Local\IsolatedStorage
[2012/03/29 23:58:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intuit
[2012/03/29 23:58:04 | 000,000,000 | ---D | C] -- C:\Program Files\TurboTax
[2012/03/29 23:54:31 | 000,000,000 | ---D | C] -- C:\Users\mnar\Desktop\New Folder
[2012/03/29 23:51:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Intuit
[2012/03/29 19:18:45 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/03/29 19:12:48 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Local\VS Revo Group
[2012/03/29 19:12:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2012/03/29 19:12:41 | 000,027,192 | ---- | C] (VS Revo Group) -- C:\Windows\System32\drivers\revoflt.sys
[2012/03/29 19:12:34 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2012/03/28 21:42:24 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Roaming\Malwarebytes
[2012/03/28 21:42:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/03/28 21:42:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/03/28 21:42:06 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/03/28 21:42:06 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/03/28 20:48:03 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/03/26 22:42:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/03/26 21:49:52 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/03/26 21:48:17 | 001,079,296 | ---- | C] (ADDPCs) -- C:\tempCleaner.exe
[2012/03/21 07:06:02 | 000,000,000 | ---D | C] -- C:\New Folder
[2012/03/03 10:23:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Money
[2012/03/03 10:20:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
[2012/03/03 10:19:03 | 000,000,000 | ---D | C] -- C:\Users\mnar\AppData\Roaming\Microsoft Web Folders
[2012/03/03 10:18:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FoneSync
[2012/03/03 10:18:06 | 000,000,000 | ---D | C] -- C:\Program Files\FoneSync
[2012/03/03 10:03:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works Suite 2001

========== Files - Modified Within 30 Days ==========

[2012/03/30 19:00:01 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\mnar\Desktop\OTL.exe
[2012/03/30 18:59:17 | 000,598,096 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/03/30 18:59:17 | 000,105,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/03/30 18:54:26 | 000,117,608 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012/03/30 18:53:24 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/03/30 18:53:24 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/03/30 18:53:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/03/30 18:53:08 | 2079,162,368 | -HS- | M] () -- C:\hiberfil.sys
[2012/03/30 18:26:43 | 000,117,608 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012/03/30 07:36:39 | 000,316,448 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/03/30 00:34:46 | 000,400,904 | ---- | M] () -- C:\Users\mnar\Documents\taxReturn.tax2011
[2012/03/30 00:03:38 | 000,000,307 | ---- | M] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2012/03/30 00:00:46 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\TurboTax 2011.lnk
[2012/03/29 23:56:50 | 000,003,270 | ---- | M] () -- C:\Users\mnar\AppData\Roaming\wklnhst.dat
[2012/03/28 21:42:13 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/03/28 20:48:09 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2012/03/27 20:16:57 | 001,875,488 | ---- | M] () -- C:\Users\mnar\Documents\Please_sign_the_Consumer_Lending_Plan.zip
[2012/03/16 21:48:31 | 000,005,696 | ---- | M] () -- C:\Users\mnar\Documents\Rentall application.pdf
[2012/03/15 19:49:44 | 000,295,489 | ---- | M] () -- C:\Users\mnar\Documents\[email protected]_20120315_122601.pdf
[2012/03/06 15:04:40 | 000,030,363 | ---- | M] () -- C:\Users\mnar\Documents\Dining room arrangement.JPG
[2012/03/06 13:30:38 | 000,217,987 | ---- | M] () -- C:\Residential%20Lease%20Agreement%20for%20Single%20Family%20Home%20or%20Duplex.pdf
[2012/03/03 10:29:56 | 000,000,162 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2012/03/03 10:24:11 | 000,000,156 | ---- | M] () -- C:\Users\mnar\Desktop\MSN MoneyCentral.url
[2012/03/03 10:24:02 | 000,001,013 | ---- | M] () -- C:\Users\mnar\Desktop\Microsoft Money.lnk
[2012/03/03 10:21:14 | 000,000,376 | ---- | M] () -- C:\Windows\ODBC.INI
[2012/03/03 10:20:52 | 000,001,871 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
[2012/03/03 10:17:33 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012/03/03 10:17:33 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012/03/03 10:16:28 | 000,000,999 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Works Calendar Reminders.lnk

========== Files Created - No Company Name ==========

[2012/03/30 00:18:57 | 000,400,904 | ---- | C] () -- C:\Users\mnar\Documents\taxReturn.tax2011
[2012/03/30 00:00:55 | 000,000,307 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2012/03/30 00:00:46 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\TurboTax 2011.lnk
[2012/03/28 21:42:13 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/03/27 20:16:54 | 001,875,488 | ---- | C] () -- C:\Users\mnar\Documents\Please_sign_the_Consumer_Lending_Plan.zip
[2012/03/16 21:48:31 | 000,005,696 | ---- | C] () -- C:\Users\mnar\Documents\Rentall application.pdf
[2012/03/15 19:49:39 | 000,295,489 | ---- | C] () -- C:\Users\mnar\Documents\[email protected]_20120315_122601.pdf
[2012/03/06 15:04:37 | 000,030,363 | ---- | C] () -- C:\Users\mnar\Documents\Dining room arrangement.JPG
[2012/03/06 13:30:38 | 000,217,987 | ---- | C] () -- C:\Residential%20Lease%20Agreement%20for%20Single%20Family%20Home%20or%20Duplex.pdf
[2012/03/03 10:31:34 | 000,003,270 | ---- | C] () -- C:\Users\mnar\AppData\Roaming\wklnhst.dat
[2012/03/03 10:24:02 | 000,001,043 | ---- | C] () -- C:\Users\mnar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Money.lnk
[2012/03/03 10:24:02 | 000,001,013 | ---- | C] () -- C:\Users\mnar\Desktop\Microsoft Money.lnk
[2012/03/03 10:21:14 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/03/03 10:20:52 | 000,002,022 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Word.lnk
[2012/03/03 10:20:52 | 000,001,871 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
[2012/03/03 10:18:14 | 000,000,627 | ---- | C] () -- C:\Windows\fna00172
[2012/03/03 10:17:33 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2012/03/03 10:17:33 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2012/03/03 10:16:28 | 000,000,999 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Works Calendar Reminders.lnk
[2012/02/09 18:23:12 | 000,117,608 | ---- | C] () -- C:\ProgramData\nvModes.001
[2012/02/09 18:23:07 | 000,117,608 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2012/02/08 20:21:21 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2012/02/08 20:19:47 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2012/02/08 20:19:46 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2012/02/07 12:16:49 | 000,012,054 | R--- | C] () -- C:\Windows\hpwscr20.dat
[2012/02/07 12:14:41 | 000,178,670 | ---- | C] () -- C:\Windows\hpwins20.dat
[2012/02/07 12:14:41 | 000,002,428 | R--- | C] () -- C:\Windows\hpwmdl20.dat
[2012/02/03 16:48:34 | 000,051,528 | ---- | C] () -- C:\Users\mnar\AppData\Roaming\nvModes.001
[2012/02/03 16:48:13 | 000,051,528 | ---- | C] () -- C:\Users\mnar\AppData\Roaming\nvModes.dat
[2012/02/03 08:57:51 | 000,006,944 | ---- | C] () -- C:\Users\mnar\AppData\Local\d3d9caps.dat

========== LOP Check ==========

[2012/03/29 23:45:41 | 000,000,000 | ---D | M] -- C:\Users\mnar\AppData\Roaming\PPStream
[2012/02/03 16:38:10 | 000,000,000 | ---D | M] -- C:\Users\mnar\AppData\Roaming\Tencent
[2012/03/30 18:52:07 | 000,032,606 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
  • 0

#10
CompCav
Posted 31 March 2012 - 06:31 AM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Step 1.

Your internet explorer is out of date. IE is an integral part of Windows so please go to Windows update and allow it to update all the way to IE 9.0

Step 2.

Please download JavaRa to your desktop and unzip it to its own folder

Run JavaRa.exe, pick the language of your choice and click Select. Then click Remove Older Versions.
Accept any prompts.
Open JavaRa.exe again and select Search For Updates.
Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest Java Runtime Environment (JRE) version for your computer.


Step 3.

Update Adobe Reader

Recently there have been vulnerabilities detected in older versions of Adobe Reader. It is strongly suggested that you update to the current version.

Uninstall all previous versions.
Download the latest version from: http://www.adobe.com.../readstep2.html

If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.


Please post back when you complete the updates with any issues remaining.
  • 0

Advertisements

#11
CompCav
Posted 31 March 2012 - 07:47 AM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Warning:
A registry cleaner will not increase your system's speed or performance, and has the potential to break your registry to the point that your PC is no longer bootable.
We strongly advise that people stay away from any of the registry cleaners out there.
Go HERE to get more information about why registry cleaners aren't needed.



Step 1.

The steps that I am about to suggest involve modifying the registry. Modifying the registry can be dangerous so we will make a backup of the registry first.
Modification of the registry can be EXTREMELY dangerous if you do not know exactly what you are doing so follow the steps that are listed below EXACTLY. if you cannot perform some of these steps or if you have ANY questions please ask BEFORE proceeding.

Backing Up Your Registry
  • Download ERUNT
    (ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)
  • Install ERUNT by following the prompts
    (use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)
  • Start ERUNT
    (either by double clicking on the desktop icon or choosing to start the program at the end of the setup)
  • Choose a location for the backup
    (the default location is C:\WINDOWS\ERDNT which is acceptable).
  • Make sure that at least the first two check boxes are ticked
  • Press OK
  • Press YES to create the folder.
Posted Image



Step 2.

  • Click Start, and then click All Programs.
  • Click Accessories, and then click Run.
  • Type regedit, and then click OK. If you are prompted for an administrator password or for a confirmation, type the password, or click Allow.
  • In the navigation pane, locate and then click the following registry subkey:
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}
  • In the right pane, click UpperFilters.

    Note You may also see an UpperFilters.bak registry entry. You do not have to remove that entry. Click UpperFilters only. If you do not see the UpperFilters registry entry, you still might have to remove the LowerFilters registry entry. To do this, go to step 9.
  • On the Edit menu, click Delete.
  • When you are prompted to confirm the deletion, click Yes.
  • In the right pane, click LowerFilters.

    Note If you do not see the LowerFilters registry entry, unfortunately this content cannot help you any further. Go to step 12.
  • On the Edit menu, click Delete.
  • When you are prompted to confirm the deletion, click Yes.
  • Close Registry Editor.
  • Restart the computer.

  • 0

#12
horseshoe
Posted 31 March 2012 - 03:09 PM

horseshoe

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 110 posts
IE, JAVA & Adobe Readers are all updated to the latest version.

#6 and #9 in Step 2 cannot perform. No upper and lower filter exist.

One thing I forgot is most of the time when I start the computer, I got error message -- Window explorer has stopped working.. After a few seconds, the computer starts without any problem. Sorry about adding this note so late.

During earlier process in this post, Qvod player was uninstalled. I use this to watch some online video and movie. Is Qvod player not safe?
If not, can I install back later after the DVD drive issue is solved?

Thanks!

Edited by horseshoe, 31 March 2012 - 03:17 PM.

  • 0

#13
CompCav
Posted 31 March 2012 - 05:07 PM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Step 1.

The QVodPlayer had malware in the form of adware installed with it so I recommend you use an alternative player. What file format do you need it for? Maybe we can help you find a suitable alternative that is safe.


Step 2.

Please create this bootable CD.

You will need a blank CD and a computer with a working CD drive.


•Save these files to your Desktop


•Open BurnCDCC and Extract All files to to it's own folder

•Double Click BurnCDCC

•Click Browse and navigate to the Puppy Linux ISO file you just downloaded

•click on it and click Open

•IMPORTANT: Adjust the speed bar to CD: 4x DVD: 1x

•Click Start

•Your CD Burner Tray will open automatically

•Insert a blank CD and close the tray

•Click OK
The CD should eject when finished.



To use the CD


•Insert the CD and restart the computer

•When the computer first starts please press the key indicated on the screen to enter the bios or setup.

•Make the necessary changes to make the CD first in the boot order

•Save the changes and exit the bios/setup

•Your computer will restart and boot from the Puppy Linux Live CD (Please be patient it will take some time to load)

•Set your language, time. etc preferences and continue

•Did it boot into Puppy Linux?

•If so do you see your hard drive and CD Drive? The CD should be sr0 or something similar?

•Please let me know if you were able to boot into Puppy Linux and if not what was on your computer screen.
  • 0

#14
horseshoe
Posted 31 March 2012 - 06:47 PM

horseshoe

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 110 posts

The QVodPlayer had malware in the form of adware installed with it so I recommend you use an alternative player. What file format do you need it for? Maybe we can help you find a suitable alternative that is safe.

The media file type is .rmvb

•Make the necessary changes to make the CD first in the boot order

•Save the changes and exit the bios/setup


CD drive is set as 1st in the boot order and saved and exit. But the computer does not boot from Puppy Linux. When I check the BIOS, CD drive is the 1st in the boot list. I tried the configuration in BIOS numerous times but laptop still starts from hard drive.
I have an external USB cd/dvd drive which can read and write and show up in my computer and device manager but is not listed in BIOS.

IN CONFIGURATION UNDER BIOS, BOOT ORDER is set AS BELOW:
1. ATAPI CD/DVD ROM DRIVE
2. USB FLOPPY
3. USB DISKETT ON KEY
4. USB HARDDRIVE
5. NOTEBOOK HARD DRIVE
6. NETWORK ADAPTOR
However, under the BOOT MENU, only NOTEBOOK HARD DRIVE & NETWORK ADAPTOR are listed.

Edited by horseshoe, 31 March 2012 - 07:13 PM.

  • 0

#15
CompCav
Posted 01 April 2012 - 06:40 AM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
A CD drive is in the BIOS but not the boot menu and it does not boot Puppy Linux means the problem is not OS specific and most likely hardware/firmware related.

You are clean and should return to your original thread here. following the cleanup procedures below.



Step 1.

Here are two replacements for QVodPlayer:


The Real Player free is here

or VLC player the free version is here



Step 2.

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Your log now appears clean :thumbsup:

The following will implement some cleanup procedures as well as reset System Restore points:

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Commands
    [resethosts]
    [emptytemp]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done


Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use will change that
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.


SPRING CLEAN

To manually create a new Restore Point
  • Go to Control Panel and select System
  • Select System
  • On the left select System Protection and accept the warning if you get one
  • Select System Protection Tab
  • Select Create at the bottom
  • Type in a name i.e. Clean
  • Select Create

Now we can purge the infected ones
  • GoStart > All programs > Accessories > system tools
  • Right click Disc cleanup and select run as administrator
  • Select Your main drive and accept the warning if you get one
  • For a few moments the system will make some calculations
  • Select the More Options tab
  • In the System Restore and Shadow Backups select Clean up
  • Select Delete on the pop up
  • Select OK
  • Select Delete

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programs:
Posted Image
Malwarebytes. Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programs on your system need updating and give a download link

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?

Keep safe :wave:
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP