Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Repeated blue screen crashes [Solved]

Started by missytrix24 , Apr 26 2012 04:57 AM

  • This topic is locked This topic is locked

#61
Essexboy
Posted 07 May 2012 - 08:13 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Lets have a quick look at the hard drive layout and see what sort of files are taking the space

Download and install windirstat
Run the programme
Select your main drive
When the pacmen have finished there will be a graphic display of your drive
Please attach that as a screenshot

  • 0

Advertisements

#62
missytrix24
Posted 07 May 2012 - 02:41 PM

missytrix24

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts
windir.jpg windir.jpg Ok, its showing that the majority is still tangled up in my backup folder, though I deleted it (or thought I did). Those tons of video files, I thought I had deleted after conversion.

What do I do now, and how close am I to having a clean and efficient pc? and do you know how to remove avg as a search engine on opening new tabs? :thumbsup:

Edited by missytrix24, 07 May 2012 - 02:46 PM.

  • 0

#63
Essexboy
Posted 07 May 2012 - 03:17 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets remove the backup folder first

Is AVG showing in IE or FF or both ?

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

If you have Malwarebytes 1.6 or better installed please disable it for the duration of this run
To disable MBAM
Open the scanner and select the protection tab
Remove the tick from "Start with Windows"
Reboot and then run OTL
Posted Image

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Files
    ipconfig /flushdns /c
    C:\backups

    :Commands
    [emptytemp]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

#64
missytrix24
Posted 07 May 2012 - 03:40 PM

missytrix24

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts
Sorry for being so impatient, I followed the advice from this link: http://www.mytechgui...ekpro-toolbar/# to get my new tab back to how it was since the reboot (though I would prefer how it was, which showed my most used sites and allowed me to reopen my last browsing session).

Before I commence with your OTL fix, I wanna clear this with you so I don't mess things up more
  • 0

#65
Essexboy
Posted 07 May 2012 - 03:44 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Not a problem that is what I would have done - although a slightly different way :)

Once the backup folder has gone could you let me know how the computer is behaving
  • 0

#66
missytrix24
Posted 07 May 2012 - 04:22 PM

missytrix24

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts
I tried deleting the back up folder again and after a few permission requesting boxes, a box appears stating that some files are too large for the recycle bin and am I sure; I clicked yes, and the folder continues to be deleted but then the box in the screenshot appears and I don't wanna delete anything important for the registry.bkup2.jpg

I selected skip all.
  • 0

#67
missytrix24
Posted 07 May 2012 - 04:44 PM

missytrix24

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts
it is saying my C: drive is mostly empty now. Thats good news I hope. So now can I install the programs I had before so I can open my old files?
  • 0

#68
Essexboy
Posted 08 May 2012 - 11:12 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
They are backup system files and of no import now :)

Ok lets continue now with the rebuild

Let me know how it goes and once you are complete we will look at tidying up and finalising the securing of the system
  • 0

#69
missytrix24
Posted 09 May 2012 - 02:05 PM

missytrix24

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts
I've installed most of the programs I use and my computer seems to be working fine 90% of the time. Sometimes when I log on and click internet explorer the 'WRC search cannot be saved' malarky appears, but is ok once I x off and open IE again. Another thing I notice is that when I click on the internet network icon (with the globes on the taskbar), it says I don't have any networks set up, even though I am online. Do I have to use my broadband installation disc again? And what can I do now to tidy up and make sure I'm free of malware?
  • 0

#70
Essexboy
Posted 09 May 2012 - 02:46 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK next task is to update to IE9 and then disable webrep

Download and install IE9 from here

Once it is up and running then go to control panel > Internet options
Select the programmes tab
Select manage addons
Select under toolbars Webrep
Select disable and OK out


  • 0

Advertisements

#71
missytrix24
Posted 14 May 2012 - 01:21 PM

missytrix24

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts
Sorry about the long delay.

ok. I've done everything in your last instruction, what next?

Things seem to be working ok. I would just like to run a log or 2 by you to make sure everything is functioning as it should and make sure I'm as clean as I can be.

Thank you for all your help Essex Boy. :thumbsup:
  • 0

#72
Essexboy
Posted 14 May 2012 - 01:41 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
For sure M'dear :)

Are the blue screens history now ?

I reckon a quick OTL and an aswMBR should fill the bill. Lets get fresh copies though

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select All Users
  • Under the Custom Scan box paste this in
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    consrv.dll
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    C:\Windows\assembly\tmp\U\*.* /s
    CREATERESTOREPOINT
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs

THEN

Download aswMBR.exe ( 4.8mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Posted Image
  • 0

#73
missytrix24
Posted 15 May 2012 - 01:37 PM

missytrix24

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts
There seems to be a problem with me downloading OTL.

It seems avast runs away with it and sends it to the sandbox and then the following, notepad log pops up:

All processes killed
========== OTL ==========
Error: Unable to stop service avgwd!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\avgwd deleted successfully.
C:\Program Files\AVG\AVG2012\avgwdsvc.exe moved successfully.
Service AVGIDSHX stopped successfully!
Service AVGIDSHX deleted successfully!
C:\Windows\System32\drivers\avgidshx.sys moved successfully.
Error: Unable to stop service Avgtdix!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Avgtdix deleted successfully.
C:\Windows\System32\drivers\avgtdix.sys moved successfully.
Error: Unable to stop service Avgldx86!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Avgldx86 deleted successfully.
C:\Windows\System32\drivers\avgldx86.sys moved successfully.
Error: Unable to stop service Avgrkx86!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Avgrkx86 deleted successfully.
C:\Windows\System32\drivers\avgrkx86.sys moved successfully.
Error: Unable to stop service Avgmfx86!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Avgmfx86 deleted successfully.
C:\Windows\System32\drivers\avgmfx86.sys moved successfully.
Error: Unable to stop service AVGIDSShim!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AVGIDSShim deleted successfully.
C:\Windows\System32\drivers\avgidsshimx.sys moved successfully.
Error: Unable to stop service AVGIDSFilter!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AVGIDSFilter deleted successfully.
C:\Windows\System32\drivers\avgidsfilterx.sys moved successfully.
Error: Unable to stop service AVGIDSDriver!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AVGIDSDriver deleted successfully.
C:\Windows\System32\drivers\avgidsdriverx.sys moved successfully.
HKU\S-1-5-21-1384766853-3730318048-2777797473-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_USERS\S-1-5-21-1384766853-3730318048-2777797473-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1384766853-3730318048-2777797473-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin\ deleted successfully.
File move failed. C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.0.2\\npsitesafety.dll scheduled to be moved on reboot.
File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.0.0.9\ not found.
File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG2012\Firefox\ not found.
File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ not found.
File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ not found.
C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}\defaults\preferences folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}\defaults folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64} folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} folder moved successfully.
File C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}\ deleted successfully.
C:\Program Files\AVG\AVG2012\avgdtiex.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
C:\Program Files\AVG\AVG2012\avgssie.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
C:\Program Files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CA6319C0-31B7-401E-A518-A07C3DB8F777}\ deleted successfully.
C:\Program Files\Google\Google_BAE\BAE.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
File C:\Program Files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-1384766853-3730318048-2777797473-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AVG_TRAY deleted successfully.
C:\Program Files\AVG\AVG2012\avgtray.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\vProt deleted successfully.
C:\Program Files\AVG Secure Search\vprot.exe moved successfully.
C:\Program Files\AVG\AVG2012\avgpp.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner\ deleted successfully.
Invalid CLSID key: C:\Program Files\AVG\AVG2012\avgpp.dll
File C:\Program Files\AVG\AVG2012\avgpp.dll not found.
C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol\ deleted successfully.
Invalid CLSID key: C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll
File C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll not found.
C:\Users\rangikudoug\AppData\Roaming\AVG2012\cfgall folder moved successfully.
C:\Users\rangikudoug\AppData\Roaming\AVG2012 folder moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG folder moved successfully.
C:\$AVG\$VAULT folder moved successfully.
C:\$AVG\$CHJW folder moved successfully.
C:\$AVG folder moved successfully.
C:\ProgramData\AVG2012\update\prepare folder moved successfully.
C:\ProgramData\AVG2012\update\download folder moved successfully.
C:\ProgramData\AVG2012\update\backup folder moved successfully.
C:\ProgramData\AVG2012\update folder moved successfully.
C:\ProgramData\AVG2012\Temp folder moved successfully.
C:\ProgramData\AVG2012\SetupBackup folder moved successfully.
C:\ProgramData\AVG2012\scanlogs folder moved successfully.
C:\ProgramData\AVG2012\lsdb\prev folder moved successfully.
C:\ProgramData\AVG2012\lsdb folder moved successfully.
Folder move failed. C:\ProgramData\AVG2012\log scheduled to be moved on reboot.
C:\ProgramData\AVG2012\IDS\profile folder moved successfully.
C:\ProgramData\AVG2012\IDS\outbox\9 folder moved successfully.
C:\ProgramData\AVG2012\IDS\outbox\8 folder moved successfully.
C:\ProgramData\AVG2012\IDS\outbox\7 folder moved successfully.
C:\ProgramData\AVG2012\IDS\outbox\6 folder moved successfully.
C:\ProgramData\AVG2012\IDS\outbox\5 folder moved successfully.
C:\ProgramData\AVG2012\IDS\outbox\4 folder moved successfully.
C:\ProgramData\AVG2012\IDS\outbox\3 folder moved successfully.
C:\ProgramData\AVG2012\IDS\outbox\2 folder moved successfully.
C:\ProgramData\AVG2012\IDS\outbox\1 folder moved successfully.
C:\ProgramData\AVG2012\IDS\outbox\0 folder moved successfully.
C:\ProgramData\AVG2012\IDS\outbox folder moved successfully.
C:\ProgramData\AVG2012\IDS\malwareprofile folder moved successfully.
Folder move failed. C:\ProgramData\AVG2012\IDS\config scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\AVG2012\IDS scheduled to be moved on reboot.
C:\ProgramData\AVG2012\fet folder moved successfully.
C:\ProgramData\AVG2012\EMC folder moved successfully.
C:\ProgramData\AVG2012\Dumps folder moved successfully.
Folder move failed. C:\ProgramData\AVG2012\Chjw\526e19da6e19b7a5 scheduled to be moved on reboot.
C:\ProgramData\AVG2012\Chjw\43c43503c433bc4 folder moved successfully.
Folder move failed. C:\ProgramData\AVG2012\Chjw scheduled to be moved on reboot.
C:\ProgramData\AVG2012\cfgall folder moved successfully.
C:\ProgramData\AVG2012\Cfg folder moved successfully.
C:\ProgramData\AVG2012\avgam folder moved successfully.
C:\ProgramData\AVG2012\Antispam folder moved successfully.
C:\ProgramData\AVG2012\admincli folder moved successfully.
Folder move failed. C:\ProgramData\AVG2012 scheduled to be moved on reboot.
C:\Windows\System32\drivers\AVG folder moved successfully.
C:\Program Files\AVG\AVG2012\sounds folder moved successfully.
C:\Program Files\AVG\AVG2012\PCTuneup folder moved successfully.
C:\Program Files\AVG\AVG2012\Notification folder moved successfully.
C:\Program Files\AVG\AVG2012\myapps folder moved successfully.
Folder move failed. C:\Program Files\AVG\AVG2012\Icons scheduled to be moved on reboot.
C:\Program Files\AVG\AVG2012\html\reportcard folder moved successfully.
C:\Program Files\AVG\AVG2012\html folder moved successfully.
C:\Program Files\AVG\AVG2012\Firefox4\Components folder moved successfully.
C:\Program Files\AVG\AVG2012\Firefox4\Chrome folder moved successfully.
C:\Program Files\AVG\AVG2012\Firefox4 folder moved successfully.
C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\defaults\preferences folder moved successfully.
C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\defaults folder moved successfully.
C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\components folder moved successfully.
C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\Chrome folder moved successfully.
C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack folder moved successfully.
C:\Program Files\AVG\AVG2012\Firefox\Components folder moved successfully.
C:\Program Files\AVG\AVG2012\Firefox\Chrome folder moved successfully.
C:\Program Files\AVG\AVG2012\Firefox folder moved successfully.
Folder move failed. C:\Program Files\AVG\AVG2012\Drivers scheduled to be moved on reboot.
C:\Program Files\AVG\AVG2012\Content folder moved successfully.
C:\Program Files\AVG\AVG2012\Chrome folder moved successfully.
C:\Program Files\AVG\AVG2012\awacs\pct\component folder moved successfully.
C:\Program Files\AVG\AVG2012\awacs\pct folder moved successfully.
C:\Program Files\AVG\AVG2012\awacs\obx\component folder moved successfully.
C:\Program Files\AVG\AVG2012\awacs\obx folder moved successfully.
C:\Program Files\AVG\AVG2012\awacs\fas\component folder moved successfully.
C:\Program Files\AVG\AVG2012\awacs\fas folder moved successfully.
C:\Program Files\AVG\AVG2012\awacs\dav\component folder moved successfully.
C:\Program Files\AVG\AVG2012\awacs\dav folder moved successfully.
C:\Program Files\AVG\AVG2012\awacs folder moved successfully.
C:\Program Files\AVG\AVG2012\3rd_party\licenses folder moved successfully.
C:\Program Files\AVG\AVG2012\3rd_party folder moved successfully.
Folder move failed. C:\Program Files\AVG\AVG2012 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AVG scheduled to be moved on reboot.
C:\ProgramData\MFAData\pack folder moved successfully.
C:\ProgramData\MFAData\logs folder moved successfully.
C:\ProgramData\MFAData folder moved successfully.
C:\Users\rangikudoug\AppData\Local\AVG Secure Search\SiteSafety folder moved successfully.
C:\Users\rangikudoug\AppData\Local\AVG Secure Search folder moved successfully.
C:\ProgramData\AVG Secure Search\11.0.0.9\modules\skin folder moved successfully.
C:\ProgramData\AVG Secure Search\11.0.0.9\modules\locale\zh-tw folder moved successfully.
C:\ProgramData\AVG Secure Search\11.0.0.9\modules\locale\zh-cn folder moved successfully.
C:\ProgramData\AVG Secure Search\11.0.0.9\modules\locale\tr folder moved successfully.
C:\ProgramData\AVG Secure Search\11.0.0.9\modules\locale\sr folder moved successfully.
C:\ProgramData\AVG Secure Search\11.0.0.9\modules\locale\sk folder moved successfully.
C:\ProgramData\AVG Secure Search\11.0.0.9\modules\locale\ru folder moved successfully.
C:\ProgramData\AVG Secure Search\11.0.0.9\modules\locale\pt-br folder moved successfully.
C:\ProgramData\AVG Secure Search\11.0.0.9\modules\locale\pt folder moved successfully.
C:\ProgramData\AVG Secure Search\11.0.0.9\modules\locale\pl folder moved successfully.
C:\ProgramData\AVG Secure Search\11.0.0.9\modules\locale\nl folder moved successfully.
C:\ProgramData\AVG Secure Search\11.0.0.9\modules\locale\ms folder moved successfully.
C:\ProgramData\AVG Secure Search\11.0.0.9\modules\locale\ko folder moved successfully.
C:\ProgramData\AVG Secure Search\11.0.0.9\modules\locale\ja folder moved successfully.
C:\ProgramData\AVG Secure Search\11.0.0.9\modules\locale\it folder moved successfully.
C:\ProgramData\AVG Secure Search\11.0.0.9\modules\locale\id folder moved successfully.
C:\ProgramData\AVG Secure Search\11.0.0.9\modules\locale\hu folder moved successfully.
C:\ProgramData\AVG Secure Search\11.0.0.9\modules\locale\fr folder moved successfully.
C:\ProgramData\AVG Secure Search\11.0.0.9\modules\locale\es-es folder moved successfully.
C:\ProgramData\AVG Secure Search\11.0.0.9\modules\locale\es folder moved successfully.
C:\ProgramData\AVG Secure Search\11.0.0.9\modules\locale\en folder moved successfully.
C:\ProgramData\AVG Secure Search\11.0.0.9\modules\locale\de folder moved successfully.
C:\ProgramData\AVG Secure Search\11.0.0.9\modules\locale\da folder moved successfully.
C:\ProgramData\AVG Secure Search\11.0.0.9\modules\locale\cs folder moved successfully.
C:\ProgramData\AVG Secure Search\11.0.0.9\modules\locale folder moved successfully.
C:\ProgramData\AVG Secure Search\11.0.0.9\modules folder moved successfully.
C:\ProgramData\AVG Secure Search\11.0.0.9\locale\en-US folder moved successfully.
C:\ProgramData\AVG Secure Search\11.0.0.9\locale folder moved successfully.
C:\ProgramData\AVG Secure Search\11.0.0.9\components folder moved successfully.
C:\ProgramData\AVG Secure Search\11.0.0.9\chrome folder moved successfully.
C:\ProgramData\AVG Secure Search\11.0.0.9 folder moved successfully.
C:\ProgramData\AVG Secure Search folder moved successfully.
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2 folder moved successfully.
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater folder moved successfully.
C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2 folder moved successfully.
C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller folder moved successfully.
C:\Program Files\Common Files\AVG Secure Search\ToolBandTlb\11.0.2 folder moved successfully.
C:\Program Files\Common Files\AVG Secure Search\ToolBandTlb folder moved successfully.
Folder move failed. C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.0.2 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller scheduled to be moved on reboot.
C:\Program Files\Common Files\AVG Secure Search\ScriptHelperInstaller\11.0.2 folder moved successfully.
C:\Program Files\Common Files\AVG Secure Search\ScriptHelperInstaller folder moved successfully.
C:\Program Files\Common Files\AVG Secure Search\CommonInstaller\11.0.2 folder moved successfully.
C:\Program Files\Common Files\AVG Secure Search\CommonInstaller folder moved successfully.
Folder move failed. C:\Program Files\Common Files\AVG Secure Search scheduled to be moved on reboot.
C:\Program Files\AVG Secure Search\skin folder moved successfully.
C:\Program Files\AVG Secure Search\radio folder moved successfully.
C:\Program Files\AVG Secure Search\Licenses folder moved successfully.
C:\Program Files\AVG Secure Search\11.0.0.9\radio folder moved successfully.
C:\Program Files\AVG Secure Search\11.0.0.9 folder moved successfully.
C:\Program Files\AVG Secure Search folder moved successfully.
File C:\Windows\System32\drivers\avgidshx.sys not found.
C:\Users\Public\Desktop\AVG 2012.lnk moved successfully.
C:\Users\rangikudoug\Desktop\avg_free_stb_all_2012_2171_cnet.exe moved successfully.
C:\Users\rangikudoug\Desktop\MBR.dat moved successfully.
File C:\Windows\System32\drivers\avgidshx.sys not found.
File C:\Windows\System32\drivers\AVG\incavi.avm not found.
File C:\Users\Public\Desktop\AVG 2012.lnk not found.
Folder C:\Users\rangikudoug\AppData\Roaming\AVG2012\ not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\rangikudoug\Desktop\cmd.bat deleted successfully.
C:\Users\rangikudoug\Desktop\cmd.txt deleted successfully.
Folder move failed. C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.0.2 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Common Files\AVG Secure Search scheduled to be moved on reboot.
File\Folder C:\Program Files\AVG Secure Search not found.
Folder move failed. C:\Program Files\AVG\AVG2012\Icons scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AVG\AVG2012\Drivers scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AVG\AVG2012 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AVG scheduled to be moved on reboot.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Rangiku
->Temp folder emptied: 181368 bytes
->Temporary Internet Files folder emptied: 4766327 bytes
->Flash cache emptied: 405 bytes

User: Rangiku.rangikudoug-PC
->Temp folder emptied: 82575 bytes
->Temporary Internet Files folder emptied: 33233 bytes

User: rangikudoug
->Temp folder emptied: 57079811 bytes
->Temporary Internet Files folder emptied: 111502840 bytes
->Google Chrome cache emptied: 5970238 bytes
->Flash cache emptied: 839 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 24934032 bytes
RecycleBin emptied: 1154297455 bytes

Total Files Cleaned = 1,296.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.42.2 log created on 05062012_162426

Files\Folders moved on Reboot...
File\Folder C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.0.2\\npsitesafety.dll not found!
File\Folder C:\ProgramData\AVG2012\log not found!
File\Folder C:\ProgramData\AVG2012\IDS\config not found!
File\Folder C:\ProgramData\AVG2012\IDS not found!
File\Folder C:\ProgramData\AVG2012\Chjw\526e19da6e19b7a5 not found!
File\Folder C:\ProgramData\AVG2012\Chjw not found!
File\Folder C:\ProgramData\AVG2012 not found!
File\Folder C:\Program Files\AVG\AVG2012\Icons not found!
File\Folder C:\Program Files\AVG\AVG2012\Drivers not found!
File\Folder C:\Program Files\AVG\AVG2012 not found!
File\Folder C:\Program Files\AVG not found!
C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.0.2 folder moved successfully.
C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller folder moved successfully.
C:\Program Files\Common Files\AVG Secure Search folder moved successfully.
C:\Users\rangikudoug\AppData\Local\Temp\Low\~DFFBA1.tmp moved successfully.
C:\Users\rangikudoug\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N7MBZB44\page__st__45__p__2153765__fromsearch__1[1].htm moved successfully.
C:\Users\rangikudoug\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\A0AB7674-8D67-4F4D-B5E1-96FAEADFB79D.dat moved successfully.
C:\Users\rangikudoug\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

What does this mean?
  • 0

#74
Essexboy
Posted 15 May 2012 - 02:00 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
That was just an old OTL removal log..

When you run OTLand the Avast box pops up in the drop down box select run normally
  • 0

#75
missytrix24
Posted 19 May 2012 - 08:21 AM

missytrix24

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts
It still wouldnt let me download a new OTL, but using the old version. the following log was prouduced.

OTL logfile created on: 19/05/2012 14:16:03 - Run 4
OTL by OldTimer - Version 3.2.42.1 Folder = c:\Users\rangikudoug\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1.75 Gb Total Physical Memory | 0.88 Gb Available Physical Memory | 50.12% Memory free
3.74 Gb Paging File | 2.82 Gb Available in Paging File | 75.49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286.09 Gb Total Space | 225.84 Gb Free Space | 78.94% Space Free | Partition Type: NTFS
Drive H: | 7.74 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: RANGIKUDOUG-PC | User Name: rangikudoug | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/09 10:06:08 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2012/04/27 19:11:37 | 000,595,968 | ---- | M] (OldTimer Tools) -- c:\Users\rangikudoug\Downloads\OTL.exe
PRC - [2012/03/26 09:40:04 | 009,532,824 | ---- | M] (Innovative Solutions) -- C:\Program Files\Innovative Solutions\DriverMax\drivermax.exe
PRC - [2012/03/07 00:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/03/07 00:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/06/02 00:06:40 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2011/05/13 00:44:44 | 000,025,824 | ---- | M] (Memeo) -- C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
PRC - [2009/05/08 11:53:34 | 000,174,424 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Common\YMailAdvisor.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/02/13 12:52:10 | 004,915,200 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/01/21 03:23:32 | 000,319,544 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Windows Defender\MpCmdRun.exe
PRC - [2007/01/12 14:12:50 | 000,083,512 | ---- | M] (Packard Bell BV) -- C:\Program Files\Packard Bell\SAXO27\HidService.exe


========== Modules (No Company Name) ==========

MOD - [2012/03/19 11:26:44 | 000,008,608 | ---- | M] () -- C:\Program Files\Innovative Solutions\DriverMax\sync.dll
MOD - [2011/09/27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe -- (vToolbarUpdater11.0.2)
SRV - [2012/05/10 23:04:00 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/03/07 00:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/11/16 17:23:44 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2011/06/02 00:06:40 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2011/05/13 00:44:44 | 000,025,824 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe -- (MemeoBackgroundService)
SRV - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/01/12 14:12:50 | 000,083,512 | ---- | M] (Packard Bell BV) [Auto | Running] -- C:\Program Files\Packard Bell\SAXO27\HidService.exe -- (GenericHidService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012/03/07 00:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/03/07 00:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/03/07 00:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012/03/07 00:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/03/07 00:01:48 | 000,057,688 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/03/07 00:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/02/09 22:43:00 | 010,816,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/04/28 02:56:04 | 000,215,656 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2007/10/31 10:23:22 | 000,124,960 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2007/09/10 18:17:40 | 001,035,168 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007/07/07 13:13:10 | 000,012,032 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...age={startPage}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1384766853-3730318048-2777797473-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.packardbell.com/?id=9067
IE - HKU\S-1-5-21-1384766853-3730318048-2777797473-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-1384766853-3730318048-2777797473-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1384766853-3730318048-2777797473-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKU\S-1-5-21-1384766853-3730318048-2777797473-1001\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1384766853-3730318048-2777797473-1001\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1384766853-3730318048-2777797473-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-1384766853-3730318048-2777797473-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...PBEA_en-GBGB481
IE - HKU\S-1-5-21-1384766853-3730318048-2777797473-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1384766853-3730318048-2777797473-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/05/03 20:19:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.0.0.9\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/05/09 10:06:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0.0.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/05/09 10:06:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0.0.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/05/12 09:07:44 | 000,000,000 | ---D | M]

[2012/05/09 14:19:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\rangikudoug\AppData\Roaming\Mozilla\Extensions
[2012/05/06 16:32:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/03/28 07:07:38 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/03/02 20:56:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2008/06/25 13:53:15 | 000,000,000 | ---D | M] (Packard Bell Settings) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2008/06/25 13:53:16 | 000,000,000 | ---D | M] (Talkback) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2007/11/28 20:31:59 | 000,067,696 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jar50.dll
[2007/11/28 20:31:59 | 000,054,376 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jsd3250.dll
[2007/11/28 20:31:59 | 000,034,952 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\myspell.dll
[2007/11/28 20:31:59 | 000,046,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\spellchk.dll
[2007/11/28 20:31:59 | 000,172,144 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\xpinstal.dll
[2012/03/02 20:55:41 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/05/09 10:06:19 | 000,129,144 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2008/03/24 20:21:20 | 002,889,088 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NPSWF32.dll
[2009/10/23 15:01:34 | 000,102,400 | ---- | M] (Zylom) -- C:\Program Files\mozilla firefox\plugins\npzylomgamesplayer.dll
[2006/06/15 11:24:15 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2006/06/15 11:24:15 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2006/06/15 11:24:15 | 000,001,077 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2006/09/11 15:39:34 | 000,000,831 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.46\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.46\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.46\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Zylom Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\rangikudoug\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\rangikudoug\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: General Crawler = C:\Users\rangikudoug\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel\2.5_0\
CHR - Extension: avast! WebRep = C:\Users\rangikudoug\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\rangikudoug\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Gmail = C:\Users\rangikudoug\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/05/06 16:33:33 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Plugin for Media Finder) - {AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2} - C:\Users\rangikudoug\AppData\Roaming\Media Finder\Extensions\IEPlugin32.dll (Media Finder)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Help the General-Search Project) - {CA4520F3-AE13-4FB1-A513-58E23991C86D} - C:\Users\rangikudoug\AppData\Roaming\Media Finder\Extensions\gencrawler_gc.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [YMailAdvisor] C:\Program Files\Yahoo!\Common\YMailAdvisor.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1384766853-3730318048-2777797473-1001..\Run: [DriverMax] C:\Program Files\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions)
O4 - HKU\S-1-5-21-1384766853-3730318048-2777797473-1001..\Run: [DriverMax_RESTART] C:\Program Files\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions)
O4 - HKU\S-1-5-21-1384766853-3730318048-2777797473-1001..\Run: [Media Finder] "C:\Program Files\Media Finder\Media Finder.exe" /opentotray File not found
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files\Media Finder\hook.html File not found
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1384766853-3730318048-2777797473-1001\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.appl...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://aolsvc.aol.co...ploader_v10.cab (PopCapLoader Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{87E5E782-4A29-4C00-B50B-B57BC76F960D}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\Packard Bell\Wallpaper\Lounge_1900x1440.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\Packard Bell\Wallpaper\Lounge_1900x1440.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/05/14 00:10:22 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2012/05/14 00:10:18 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2012/05/14 00:10:17 | 003,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2012/05/14 00:09:38 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BthMtpContextHandler.dll
[2012/05/14 00:09:38 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe
[2012/05/14 00:09:29 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceConnectApi.dll
[2012/05/14 00:09:20 | 000,546,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2012/05/14 00:09:19 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2012/05/14 00:09:19 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2012/05/14 00:09:19 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll
[2012/05/14 00:09:19 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2012/05/14 00:09:19 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2012/05/14 00:07:02 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/05/14 00:07:00 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/05/14 00:06:59 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/05/14 00:06:58 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/05/14 00:06:58 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/05/14 00:06:57 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/05/13 23:41:54 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/05/12 10:51:59 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2012/05/12 10:51:59 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2012/05/12 10:51:59 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2012/05/12 10:51:58 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2012/05/12 10:51:57 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciseq.dll
[2012/05/12 10:51:37 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2012/05/12 10:51:12 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2012/05/12 10:51:00 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012/05/12 10:50:55 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012/05/12 10:50:49 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2012/05/12 10:50:41 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012/05/12 10:50:41 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012/05/12 10:50:40 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012/05/12 10:50:39 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012/05/12 10:50:39 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012/05/12 10:50:38 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2012/05/12 10:50:36 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012/05/12 10:50:36 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012/05/12 10:50:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012/05/12 10:50:18 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2012/05/12 10:50:18 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2012/05/12 10:49:35 | 002,044,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/05/12 10:49:33 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/05/12 10:49:33 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/05/12 10:49:22 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2012/05/11 07:49:05 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2012/05/10 08:54:01 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012/05/10 08:54:01 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012/05/10 08:54:01 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012/05/10 08:54:01 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012/05/10 08:54:00 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012/05/10 08:54:00 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/05/10 08:54:00 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012/05/10 08:54:00 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012/05/10 08:54:00 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012/05/10 08:54:00 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012/05/10 08:54:00 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012/05/10 08:54:00 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012/05/10 08:54:00 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012/05/10 08:54:00 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012/05/10 08:54:00 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012/05/10 08:54:00 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012/05/10 08:54:00 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012/05/10 08:54:00 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012/05/10 08:54:00 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012/05/10 08:54:00 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012/05/10 08:53:59 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012/05/10 08:53:59 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012/05/10 08:53:59 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/05/10 08:53:59 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012/05/10 08:53:59 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012/05/10 08:53:59 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012/05/10 08:53:59 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012/05/10 08:53:59 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012/05/10 08:53:59 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012/05/10 08:53:59 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012/05/10 08:53:59 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012/05/10 08:52:58 | 000,979,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll
[2012/05/10 08:52:57 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2012/05/10 08:52:57 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll
[2012/05/10 08:52:57 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll
[2012/05/10 08:52:57 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2012/05/10 08:52:57 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2012/05/10 08:52:57 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2012/05/10 08:52:54 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2012/05/10 08:52:54 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2012/05/10 08:52:54 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2012/05/10 08:52:54 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2012/05/10 08:52:54 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2012/05/10 08:52:54 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2012/05/10 08:52:54 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2012/05/10 08:52:54 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2012/05/10 08:52:53 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2012/05/10 08:52:53 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2012/05/10 08:50:12 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2012/05/10 08:50:12 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2012/05/10 08:50:12 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2012/05/10 08:50:12 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2012/05/10 08:50:11 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2012/05/10 08:50:11 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2012/05/10 08:34:25 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2012/05/10 08:34:25 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2012/05/10 08:34:24 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2012/05/10 08:30:28 | 000,098,304 | ---- | C] (Realtek Semiconductor) -- C:\Windows\RTKAUDIOSERVICE.EXE
[2012/05/10 08:07:51 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2012/05/09 21:22:17 | 000,000,000 | ---D | C] -- C:\Users\rangikudoug\AppData\Roaming\Yahoo!
[2012/05/09 15:10:28 | 000,000,000 | ---D | C] -- C:\Users\rangikudoug\AppData\Roaming\WinRAR
[2012/05/09 15:10:28 | 000,000,000 | ---D | C] -- C:\Users\rangikudoug\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/05/09 15:10:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/05/09 14:19:18 | 000,000,000 | ---D | C] -- C:\Users\rangikudoug\Desktop\Download
[2012/05/09 14:19:00 | 000,000,000 | ---D | C] -- C:\Users\rangikudoug\AppData\Roaming\Mozilla
[2012/05/09 14:19:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
[2012/05/09 14:18:59 | 000,000,000 | ---D | C] -- C:\Users\rangikudoug\AppData\Roaming\Media Finder
[2012/05/09 14:08:17 | 000,000,000 | ---D | C] -- C:\Users\rangikudoug\AppData\Roaming\BitTorrent
[2012/05/09 10:50:38 | 000,000,000 | ---D | C] -- C:\Users\rangikudoug\AppData\Roaming\Digiarty
[2012/05/09 10:29:04 | 000,000,000 | ---D | C] -- C:\Users\rangikudoug\AppData\Roaming\YourFileDownloader
[2012/05/09 10:29:04 | 000,000,000 | ---D | C] -- C:\Program Files\YourFileDownloader
[2012/05/09 10:06:26 | 000,198,832 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2012/05/09 10:06:14 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2012/05/09 10:06:14 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2012/05/09 10:06:13 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\System32\pncrt.dll
[2012/05/09 10:06:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
[2012/05/09 10:05:51 | 000,000,000 | ---D | C] -- C:\Users\rangikudoug\AppData\Roaming\Real
[2012/05/09 09:24:14 | 000,000,000 | ---D | C] -- C:\Users\rangikudoug\AppData\Local\Apple Computer
[2012/05/09 09:24:13 | 000,000,000 | ---D | C] -- C:\Users\rangikudoug\AppData\Roaming\Apple Computer
[2012/05/09 09:23:47 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll
[2012/05/09 09:23:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2012/05/09 09:21:33 | 000,000,000 | ---D | C] -- C:\Users\rangikudoug\AppData\Local\Apple
[2012/05/08 19:50:52 | 000,000,000 | ---D | C] -- C:\Users\rangikudoug\AppData\Local\Adobe
[2012/05/08 12:45:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AbiWord
[2012/05/08 12:45:15 | 000,000,000 | ---D | C] -- C:\Program Files\AbiWord
[2012/05/08 12:03:03 | 000,419,488 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/05/08 12:03:03 | 000,070,304 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/05/07 21:24:56 | 000,000,000 | ---D | C] -- C:\Users\rangikudoug\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat
[2012/05/07 21:24:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat
[2012/05/07 21:24:56 | 000,000,000 | ---D | C] -- C:\Program Files\WinDirStat
[2012/05/06 23:53:56 | 000,215,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NVCOSMB.DLL
[2012/05/06 23:30:18 | 000,215,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvstor32.sys
[2012/05/06 23:30:18 | 000,017,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvRCoSv.dll
[2012/05/06 23:30:18 | 000,017,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvRCoRu.dll
[2012/05/06 23:30:18 | 000,014,952 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvRCoZht.dll
[2012/05/06 23:30:18 | 000,014,952 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvRCoZhc.dll
[2012/05/06 23:30:17 | 000,018,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvRCoPtb.dll
[2012/05/06 23:30:17 | 000,018,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvRCoIt.dll
[2012/05/06 23:30:17 | 000,018,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvRCoFr.dll
[2012/05/06 23:30:17 | 000,018,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvRCoEsm.dll
[2012/05/06 23:30:17 | 000,018,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvRCoEs.dll
[2012/05/06 23:30:17 | 000,017,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvRCoNo.dll
[2012/05/06 23:30:17 | 000,017,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvRCoNl.dll
[2012/05/06 23:30:17 | 000,017,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvRCoFi.dll
[2012/05/06 23:30:17 | 000,017,000 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvRCoENU.dll
[2012/05/06 23:30:17 | 000,015,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvRCoKo.dll
[2012/05/06 23:30:17 | 000,015,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvRCoJa.dll
[2012/05/06 23:30:16 | 000,372,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvraiins.dll
[2012/05/06 23:30:16 | 000,372,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvraidco.dll
[2012/05/06 23:30:16 | 000,018,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvRCoDe.dll
[2012/05/06 23:30:16 | 000,017,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvRCoDa.dll
[2012/05/06 23:30:16 | 000,017,000 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvRCoEng.dll
[2012/05/06 21:06:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverMax
[2012/05/06 21:06:34 | 000,000,000 | ---D | C] -- C:\Program Files\Innovative Solutions
[2012/05/06 17:46:52 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012/05/06 16:24:26 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/05/05 20:43:39 | 000,000,000 | ---D | C] -- C:\Users\rangikudoug\AppData\Local\Innovative Solutions
[2012/05/05 20:38:46 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/05/03 20:33:14 | 000,000,000 | ---D | C] -- C:\Users\rangikudoug\AbiSuite
[2012/05/03 20:20:41 | 000,337,880 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012/05/03 20:20:41 | 000,020,696 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012/05/03 20:20:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012/05/03 20:20:40 | 000,035,672 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2012/05/03 20:20:39 | 000,612,184 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012/05/03 20:20:39 | 000,057,688 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012/05/03 20:20:39 | 000,053,848 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012/05/03 20:19:40 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012/05/03 20:19:40 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/05/03 20:19:24 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/05/03 07:54:49 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/05/03 07:30:21 | 000,000,000 | ---D | C] -- C:\Users\rangikudoug\AppData\Roaming\Memeo
[2012/05/03 07:30:06 | 000,000,000 | ---D | C] -- C:\Users\rangikudoug\AppData\Roaming\Seagate
[2012/05/02 19:45:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate Dashboard
[2012/05/02 19:45:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Memeo
[2012/05/02 19:45:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Memeo
[2012/05/02 19:45:19 | 000,000,000 | ---D | C] -- C:\Program Files\Memeo
[2012/05/02 18:55:35 | 000,000,000 | ---D | C] -- C:\Users\rangikudoug\AppData\Roaming\Leadertech
[2012/05/02 18:20:10 | 000,000,000 | ---D | C] -- C:\Users\rangikudoug\AppData\Local\Packard Bell
[2012/05/01 23:06:44 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2012/05/01 23:06:42 | 001,081,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCExt.dll
[2012/05/01 23:06:41 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FunctionDiscoveryFolder.dll
[2012/05/01 23:06:41 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingWizard.exe
[2012/05/01 23:06:39 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2012/05/01 23:06:37 | 001,480,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2012/05/01 23:06:36 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys
[2012/05/01 23:06:35 | 001,576,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2012/05/01 23:06:34 | 000,779,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2012/05/01 23:06:33 | 000,928,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavenge.dll
[2012/05/01 23:06:32 | 000,677,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2012/05/01 23:06:31 | 000,968,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz2.dll
[2012/05/01 23:06:31 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WscEapPr.dll
[2012/05/01 23:06:29 | 001,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll
[2012/05/01 23:06:29 | 000,619,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2012/05/01 23:06:26 | 000,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmv2clt.dll
[2012/05/01 23:06:26 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe
[2012/05/01 23:06:26 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe
[2012/05/01 23:06:25 | 000,438,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2012/05/01 23:06:25 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll
[2012/05/01 23:06:23 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2012/05/01 23:06:23 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2VDEC.DLL
[2012/05/01 23:06:23 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2012/05/01 23:06:22 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2012/05/01 23:06:22 | 000,351,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2012/05/01 23:06:22 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2012/05/01 23:06:21 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10K.DLL
[2012/05/01 23:06:21 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairing.dll
[2012/05/01 23:06:20 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sperror.dll
[2012/05/01 23:06:20 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
[2012/05/01 23:06:19 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IasMigReader.exe
[2012/05/01 23:06:18 | 001,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjet40.dll
[2012/05/01 23:06:16 | 000,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2012/05/01 23:06:15 | 001,078,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2012/05/01 23:06:15 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexch40.dll
[2012/05/01 23:06:15 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2PGraph.dll
[2012/05/01 23:06:14 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe
[2012/05/01 23:06:14 | 000,986,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2012/05/01 23:06:14 | 000,950,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2012/05/01 23:06:14 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2012/05/01 23:06:14 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll
[2012/05/01 23:06:13 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2012/05/01 23:06:13 | 000,454,144 | ---- | C] (Microsoft) -- C:\Windows\System32\IasMigPlugin.dll
[2012/05/01 23:06:13 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBth.dll
[2012/05/01 23:06:11 | 002,012,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll
[2012/05/01 23:06:11 | 001,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2012/05/01 23:06:11 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2012/05/01 23:06:11 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
[2012/05/01 23:06:10 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpedit.dll
[2012/05/01 23:06:10 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjtes40.dll
[2012/05/01 23:06:10 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayDriverLib.dll
[2012/05/01 23:06:10 | 000,099,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2012/05/01 23:06:09 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2012/05/01 23:06:09 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationSettings.exe
[2012/05/01 23:06:08 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Magnify.exe
[2012/05/01 23:06:08 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstext40.dll
[2012/05/01 23:06:08 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll
[2012/05/01 23:06:06 | 000,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxbde40.dll
[2012/05/01 23:06:06 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexcl40.dll
[2012/05/01 23:06:06 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll
[2012/05/01 23:06:05 | 001,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2012/05/01 23:06:05 | 001,524,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll
[2012/05/01 23:06:04 | 001,086,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NetProjW.dll
[2012/05/01 23:06:04 | 000,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrepl40.dll
[2012/05/01 23:06:04 | 000,640,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2012/05/01 23:06:04 | 000,469,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll
[2012/05/01 23:06:03 | 002,926,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012/05/01 23:06:03 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2012/05/01 23:06:03 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2012/05/01 23:06:03 | 000,102,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2012/05/01 23:06:02 | 001,788,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2012/05/01 23:06:02 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbde40.dll
[2012/05/01 23:06:01 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd3x40.dll
[2012/05/01 23:06:01 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msltus40.dll
[2012/05/01 23:06:01 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorPwdMgr.dll
[2012/05/01 23:06:00 | 001,053,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2012/05/01 23:06:00 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
[2012/05/01 23:06:00 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
[2012/05/01 23:05:59 | 000,614,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2012/05/01 23:05:58 | 000,582,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll
[2012/05/01 23:05:58 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WcnNetsh.dll
[2012/05/01 23:05:57 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compcln.exe
[2012/05/01 23:05:56 | 001,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apds.dll
[2012/05/01 23:05:56 | 000,618,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswstr10.dll
[2012/05/01 23:05:56 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
[2012/05/01 23:05:55 | 000,223,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2012/05/01 23:05:54 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2012/05/01 23:05:54 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe
[2012/05/01 23:05:54 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd2x40.dll
[2012/05/01 23:05:54 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2012/05/01 23:05:53 | 000,926,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2012/05/01 23:05:53 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
[2012/05/01 23:05:52 | 001,856,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2012/05/01 23:05:52 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtutil.exe
[2012/05/01 23:05:51 | 002,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2012/05/01 23:05:51 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll
[2012/05/01 23:05:50 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2012/05/01 23:05:49 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2012/05/01 23:05:49 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devmgr.dll
[2012/05/01 23:05:49 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingProxy.dll
[2012/05/01 23:05:49 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
[2012/05/01 23:05:49 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBthProxy.dll
[2012/05/01 23:05:48 | 001,533,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz.dll
[2012/05/01 23:05:48 | 001,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2012/05/01 23:05:48 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\phon.ime
[2012/05/01 23:05:48 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cintlgnt.ime
[2012/05/01 23:05:48 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chajei.ime
[2012/05/01 23:05:47 | 001,143,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe
[2012/05/01 23:05:47 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quick.ime
[2012/05/01 23:05:47 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qintlgnt.ime
[2012/05/01 23:05:46 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2012/05/01 23:05:46 | 000,560,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2012/05/01 23:05:46 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2012/05/01 23:05:45 | 000,856,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswdat10.dll
[2012/05/01 23:05:45 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2012/05/01 23:05:45 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2012/05/01 23:05:45 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reg.exe
[2012/05/01 23:05:45 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjter40.dll
[2012/05/01 23:05:45 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
[2012/05/01 23:05:45 | 000,035,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2012/05/01 23:05:44 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2012/05/01 23:05:44 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2012/05/01 23:05:44 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
[2012/05/01 23:05:44 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2012/05/01 23:05:44 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2012/05/01 23:05:44 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[2012/05/01 23:05:43 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2012/05/01 23:05:43 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2012/05/01 23:05:42 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
[2012/05/01 23:05:42 | 000,035,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsWpfWrp.exe
[2012/05/01 23:05:41 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll
[2012/05/01 23:05:41 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2012/05/01 23:05:40 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2012/05/01 23:05:39 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
[2012/05/01 23:05:39 | 001,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2012/05/01 23:05:39 | 000,125,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys
[2012/05/01 23:05:39 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi.dll
[2012/05/01 23:05:38 | 001,823,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2012/05/01 23:05:38 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2012/05/01 23:05:38 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassdo.dll
[2012/05/01 23:05:38 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax
[2012/05/01 23:05:38 | 000,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2012/05/01 23:05:37 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2012/05/01 23:05:37 | 000,122,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys
[2012/05/01 23:05:37 | 000,109,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2012/05/01 23:05:37 | 000,050,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PSHED.DLL
[2012/05/01 23:05:37 | 000,035,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys
[2012/05/01 23:05:36 | 001,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pidgenx.dll
[2012/05/01 23:05:36 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollUI.dll
[2012/05/01 23:05:35 | 002,205,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2012/05/01 23:05:35 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2012/05/01 23:05:34 | 001,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2012/05/01 23:05:34 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2012/05/01 23:05:34 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comuid.dll
[2012/05/01 23:05:34 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012/05/01 23:05:34 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassam.dll
[2012/05/01 23:05:34 | 000,017,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2012/05/01 23:05:33 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2012/05/01 23:05:33 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2012/05/01 23:05:33 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll
[2012/05/01 23:05:33 | 000,043,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys
[2012/05/01 23:05:32 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasnap.dll
[2012/05/01 23:05:32 | 000,099,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2012/05/01 23:05:31 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2012/05/01 23:05:31 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2012/05/01 23:05:31 | 000,130,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2012/05/01 23:05:31 | 000,027,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys
[2012/05/01 23:05:31 | 000,017,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdcom.dll
[2012/05/01 23:05:30 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wow32.dll
[2012/05/01 23:05:30 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osk.exe
[2012/05/01 23:05:30 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2012/05/01 23:05:29 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelMon.dll
[2012/05/01 23:05:29 | 000,019,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdusb.dll
[2012/05/01 23:05:29 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spcmsg.dll
[2012/05/01 23:05:28 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2012/05/01 23:05:28 | 000,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2012/05/01 23:05:28 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
[2012/05/01 23:05:27 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Utilman.exe
[2012/05/01 23:05:27 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe
[2012/05/01 23:05:26 | 000,852,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2012/05/01 23:05:26 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2012/05/01 23:05:26 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2012/05/01 23:05:26 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2012/05/01 23:05:26 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2012/05/01 23:05:26 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
[2012/05/01 23:05:25 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnntfy.dll
[2012/05/01 23:05:25 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
[2012/05/01 23:05:25 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2012/05/01 23:05:25 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll
[2012/05/01 23:05:25 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ulib.dll
[2012/05/01 23:05:25 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsmsext.dll
[2012/05/01 23:05:25 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2012/05/01 23:05:24 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll
[2012/05/01 23:05:23 | 001,342,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcpl.dll
[2012/05/01 23:05:23 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsecsnp.dll
[2012/05/01 23:05:23 | 000,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsdyn.dll
[2012/05/01 23:05:23 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2012/05/01 23:05:23 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpsetup.dll
[2012/05/01 23:05:23 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2012/05/01 23:05:23 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll
[2012/05/01 23:05:23 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashlpr.dll
[2012/05/01 23:05:23 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2012/05/01 23:05:23 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdProxy.dll
[2012/05/01 23:05:22 | 001,575,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL
[2012/05/01 23:05:22 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2012/05/01 23:05:22 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2012/05/01 23:05:22 | 000,155,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2012/05/01 23:05:22 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2012/05/01 23:05:22 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2012/05/01 23:05:21 | 002,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2012/05/01 23:05:21 | 001,580,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2012/05/01 23:05:21 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2012/05/01 23:05:21 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassvcs.dll
[2012/05/01 23:05:20 | 001,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2012/05/01 23:05:20 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2012/05/01 23:05:19 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2012/05/01 23:05:19 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2012/05/01 23:05:19 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[2012/05/01 23:05:18 | 003,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2012/05/01 23:05:18 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2012/05/01 23:05:18 | 000,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcc.dll
[2012/05/01 23:05:18 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2012/05/01 23:05:18 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2012/05/01 23:05:18 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2012/05/01 23:05:17 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2012/05/01 23:05:17 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.exe
[2012/05/01 23:05:16 | 002,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2012/05/01 23:05:16 | 001,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2012/05/01 23:05:16 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2012/05/01 23:05:16 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcaui.dll
[2012/05/01 23:05:16 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmci.dll
[2012/05/01 23:05:15 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2012/05/01 23:05:15 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2012/05/01 23:05:15 | 000,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2012/05/01 23:05:15 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2012/05/01 23:05:15 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pintlgnt.ime
[2012/05/01 23:05:14 | 000,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcao.dll
[2012/05/01 23:05:14 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2012/05/01 23:05:14 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scksp.dll
[2012/05/01 23:05:14 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2012/05/01 23:05:14 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2012/05/01 23:05:14 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleprn.dll
[2012/05/01 23:05:14 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll
[2012/05/01 23:05:12 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2012/05/01 23:05:11 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2012/05/01 23:05:11 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rekeywiz.exe
[2012/05/01 23:05:11 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iaspolcy.dll
[2012/05/01 23:05:11 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceEject.exe
[2012/05/01 23:05:11 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscisvif.dll
[2012/05/01 23:05:10 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl
[2012/05/01 23:05:10 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpui.dll
[2012/05/01 23:05:10 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2012/05/01 23:05:10 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2012/05/01 23:05:10 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapimig.exe
[2012/05/01 23:05:09 | 000,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasgcw.dll
[2012/05/01 23:05:09 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2012/05/01 23:05:09 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasplap.dll
[2012/05/01 23:05:09 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certreq.exe
[2012/05/01 23:05:09 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2012/05/01 23:05:09 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2012/05/01 23:05:09 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2012/05/01 23:05:09 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hdwwiz.exe
[2012/05/01 23:05:09 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWSD.dll
[2012/05/01 23:05:09 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2012/05/01 23:05:09 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmmon32.exe
[2012/05/01 23:05:09 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSTheme.exe
[2012/05/01 23:05:09 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\whealogr.dll
[2012/05/01 23:05:09 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2012/05/01 23:05:09 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2012/05/01 23:05:09 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwinsat.dll
[2012/05/01 23:05:08 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdial32.dll
[2012/05/01 23:05:08 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2012/05/01 23:05:08 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SnippingTool.exe
[2012/05/01 23:05:08 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
[2012/05/01 23:05:07 | 002,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oobefldr.dll
[2012/05/01 23:05:07 | 000,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL
[2012/05/01 23:05:07 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaaut.dll
[2012/05/01 23:05:07 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2012/05/01 23:05:07 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2012/05/01 23:05:07 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsprop.dll
[2012/05/01 23:05:07 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsroam.dll
[2012/05/01 23:05:07 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPutil.exe
[2012/05/01 23:05:06 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\modemui.dll
[2012/05/01 23:05:06 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmontr.dll
[2012/05/01 23:05:06 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2012/05/01 23:05:05 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
[2012/05/01 23:05:05 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2012/05/01 23:05:05 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscandui.dll
[2012/05/01 23:05:04 | 000,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2012/05/01 23:05:04 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2012/05/01 23:05:04 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDMon.dll
[2012/05/01 23:05:04 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2012/05/01 23:05:04 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlgpclnt.dll
[2012/05/01 23:05:04 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[2012/05/01 23:05:03 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2012/05/01 23:05:03 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2012/05/01 23:05:03 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cipher.exe
[2012/05/01 23:05:03 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifmon.dll
[2012/05/01 23:05:02 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2012/05/01 23:05:02 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll
[2012/05/01 23:05:00 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpresult.exe
[2012/05/01 23:04:59 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
[2012/05/01 23:04:59 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2012/05/01 23:04:59 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys
[2012/05/01 23:04:59 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll
[2012/05/01 23:04:58 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2012/05/01 23:04:58 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\softkbd.dll
[2012/05/01 23:04:58 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfui.dll
[2012/05/01 23:04:57 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2012/05/01 23:04:57 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2012/05/01 23:04:57 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe
[2012/05/01 23:04:57 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiapi.dll
[2012/05/01 23:04:57 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmsynth.dll
[2012/05/01 23:04:57 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2012/05/01 23:04:56 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2012/05/01 23:04:56 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdSSDP.dll
[2012/05/01 23:04:56 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fc.exe
[2012/05/01 23:04:56 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msisip.dll
[2012/05/01 23:04:55 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmusic.dll
[2012/05/01 23:04:55 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
[2012/05/01 23:04:54 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2012/05/01 23:04:54 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tintlgnt.ime
[2012/05/01 23:04:54 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2nacp.dll
[2012/05/01 23:04:54 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2012/05/01 23:04:54 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjint40.dll
[2012/05/01 23:04:53 | 000,083,456 | ---- | C] (Microsoft) -- C:\Windows\System32\SMBHelperClass.dll
[2012/05/01 23:04:53 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthci.dll
[2012/05/01 23:04:53 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll
[2012/05/01 23:04:52 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2012/05/01 23:04:52 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2012/05/01 23:04:52 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll
[2012/05/01 23:04:52 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Storprop.dll
[2012/05/01 23:04:52 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll
[2012/05/01 23:04:52 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2012/05/01 23:04:52 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll
[2012/05/01 23:04:52 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll
[2012/05/01 23:04:52 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2012/05/01 23:04:52 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2012/05/01 23:04:52 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthudtask.exe
[2012/05/01 23:04:52 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipconfig.exe
[2012/05/01 23:04:52 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdial.exe
[2012/05/01 23:04:52 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CHxReadingStringIME.dll
[2012/05/01 23:04:51 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssoc.dll
[2012/05/01 23:04:51 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2012/05/01 23:04:51 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2012/05/01 23:04:51 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
[2012/05/01 23:04:51 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpupdate.exe
[2012/05/01 23:04:51 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcico.dll
[2012/05/01 23:04:50 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrstub.exe
[2012/05/01 23:04:50 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cbsra.exe
[2012/05/01 23:04:50 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2012/05/01 23:04:50 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsigd.dll
[2012/05/01 23:04:50 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NcdProp.dll
[2012/05/01 23:04:50 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll
[2012/05/01 23:04:50 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsilog.dll
[2012/05/01 23:04:49 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys
[2012/05/01 23:04:49 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2012/05/01 23:04:49 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetppui.dll
[2012/05/01 23:04:49 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2012/05/01 23:04:48 | 000,052,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys
[2012/05/01 23:04:48 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
[2012/05/01 23:04:47 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2012/05/01 23:04:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
[2012/05/01 23:04:46 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimsg.dll
[2012/05/01 23:04:15 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2012/05/01 23:04:04 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2012/05/01 23:04:04 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2012/05/01 23:03:37 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2012/04/29 17:03:31 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2012/04/29 17:03:31 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2012/04/29 17:03:31 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2012/04/28 14:35:32 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2012/04/28 10:46:38 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2012/04/28 09:42:26 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2012/04/28 09:22:08 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2012/04/28 09:21:05 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2012/04/28 09:18:34 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2012/04/28 09:18:23 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2012/04/28 09:18:23 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2012/04/28 09:18:23 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2012/04/28 09:18:22 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
[2012/04/28 09:18:22 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
[2012/04/28 09:18:20 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2012/04/28 09:18:20 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2012/04/28 09:18:20 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2012/04/28 09:18:20 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2012/04/28 09:18:20 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
[2012/04/28 09:18:15 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2012/04/28 09:18:15 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2012/04/28 09:18:15 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2012/04/28 09:18:15 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2012/04/28 09:18:15 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2012/04/27 10:32:26 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/04/27 10:09:48 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2012/04/27 10:09:47 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2012/04/27 10:09:47 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2012/04/27 10:09:47 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2012/04/27 10:09:07 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012/04/27 10:09:06 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2012/04/27 10:09:06 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012/04/27 10:09:06 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2012/04/27 10:08:42 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2012/04/27 10:08:41 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2012/04/27 10:08:41 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2012/04/27 10:08:41 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2012/04/27 10:08:41 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2012/04/27 10:08:41 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2012/04/27 10:08:41 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2012/04/27 10:07:20 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2012/04/27 10:07:20 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2012/04/27 10:07:20 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll
[2012/04/27 10:07:19 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2012/04/27 10:07:19 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
[2012/04/27 10:06:50 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2012/04/27 10:06:50 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2012/04/27 10:06:42 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2012/04/27 10:06:33 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2012/04/27 10:06:32 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2012/04/27 10:06:32 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2012/04/27 10:06:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2012/04/27 10:06:20 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2012/04/27 10:06:12 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2012/04/27 10:05:44 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2012/04/27 10:04:48 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2012/04/27 10:04:16 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2012/04/27 10:04:11 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2012/04/27 10:03:17 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2012/04/27 10:03:17 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2012/04/27 10:02:57 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2012/04/27 10:02:56 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2012/04/27 10:02:55 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2012/04/27 10:02:25 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2012/04/27 10:02:06 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2012/04/27 10:02:05 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2012/04/27 10:02:05 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2012/04/27 10:01:59 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2012/04/27 10:01:59 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2012/04/27 10:01:03 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2012/04/27 10:01:03 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2012/04/27 10:01:02 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2012/04/27 10:00:39 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2012/04/27 09:59:19 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2012/04/27 09:59:19 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2012/04/27 09:59:14 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2012/04/27 09:59:14 | 000,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2012/04/27 09:59:13 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2012/04/27 09:59:13 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2012/04/27 09:59:13 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2012/04/27 09:59:13 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2012/04/27 09:59:13 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2012/04/27 09:59:12 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2012/04/27 09:59:12 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2012/04/27 09:58:44 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2012/04/27 09:58:44 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscupgrd.exe
[2012/04/27 09:58:44 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2012/04/27 09:58:30 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2012/04/27 09:58:18 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2012/04/27 09:58:15 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2012/04/27 09:57:56 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2012/04/27 09:45:33 | 000,237,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2012/04/27 00:13:32 | 000,000,000 | ---D | C] -- C:\Users\rangikudoug\AppData\Local\MigWiz
[2012/04/26 23:45:30 | 000,000,000 | ---D | C] -- C:\Users\rangikudoug\AppData\Roaming\Macromedia
[2012/04/26 23:43:25 | 000,000,000 | ---D | C] -- C:\Users\rangikudoug\AppData\Roaming\Adobe
[2012/04/26 23:42:34 | 000,000,000 | ---D | C] -- C:\Users\rangikudoug\AppData\Roaming\Google
[2012/04/26 23:31:03 | 000,000,000 | ---D | C] -- C:\Users\rangikudoug\AppData\Roaming\Symantec
[2012/04/26 23:31:02 | 000,000,000 | ---D | C] -- C:\Users\rangikudoug\Documents\My Google Gadgets
[2012/04/26 23:30:55 | 000,000,000 | ---D | C] -- C:\Users\rangikudoug\AppData\Local\Google
[2012/04/26 23:30:46 | 000,000,000 | R--D | C] -- C:\Users\rangikudoug\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/04/26 23:30:46 | 000,000,000 | R--D | C] -- C:\Users\rangikudoug\Searches
[2012/04/26 23:30:46 | 000,000,000 | R--D | C] -- C:\Users\rangikudoug\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/04/26 23:30:37 | 000,000,000 | ---D | C] -- C:\Users\rangikudoug\AppData\Roaming\Identities
[2012/04/26 23:30:33 | 000,000,000 | R--D | C] -- C:\Users\rangikudoug\Contacts
[2012/04/26 23:30:27 | 000,000,000 | ---D | C] -- C:\Users\rangikudoug\AppData\Local\VirtualStore
[2012/04/26 23:30:01 | 000,000,000 | -HSD | C] -- C:\Users\rangikudoug\AppData\Local\Temporary Internet Files
[2012/04/26 23:30:01 | 000,000,000 | -HSD | C] -- C:\Users\rangikudoug\Templates
[2012/04/26 23:30:01 | 000,000,000 | -HSD | C] -- C:\Users\rangikudoug\Start Menu
[2012/04/26 23:30:01 | 000,000,000 | -HSD | C] -- C:\Users\rangikudoug\SendTo
[2012/04/26 23:30:01 | 000,000,000 | -HSD | C] -- C:\Users\rangikudoug\Recent
[2012/04/26 23:30:01 | 000,000,000 | -HSD | C] -- C:\Users\rangikudoug\PrintHood
[2012/04/26 23:30:01 | 000,000,000 | -HSD | C] -- C:\Users\rangikudoug\NetHood
[2012/04/26 23:30:01 | 000,000,000 | -HSD | C] -- C:\Users\rangikudoug\Documents\My Videos
[2012/04/26 23:30:01 | 000,000,000 | -HSD | C] -- C:\Users\rangikudoug\Documents\My Pictures
[2012/04/26 23:30:01 | 000,000,000 | -HSD | C] -- C:\Users\rangikudoug\Documents\My Music
[2012/04/26 23:30:01 | 000,000,000 | -HSD | C] -- C:\Users\rangikudoug\My Documents
[2012/04/26 23:30:01 | 000,000,000 | -HSD | C] -- C:\Users\rangikudoug\Local Settings
[2012/04/26 23:30:01 | 000,000,000 | -HSD | C] -- C:\Users\rangikudoug\AppData\Local\History
[2012/04/26 23:30:01 | 000,000,000 | -HSD | C] -- C:\Users\rangikudoug\Cookies
[2012/04/26 23:30:01 | 000,000,000 | -HSD | C] -- C:\Users\rangikudoug\Application Data
[2012/04/26 23:30:01 | 000,000,000 | -HSD | C] -- C:\Users\rangikudoug\AppData\Local\Application Data
[2012/04/26 23:30:00 | 000,000,000 | --SD | C] -- C:\Users\rangikudoug\AppData\Roaming\Microsoft
[2012/04/26 23:30:00 | 000,000,000 | R--D | C] -- C:\Users\rangikudoug\Videos
[2012/04/26 23:30:00 | 000,000,000 | R--D | C] -- C:\Users\rangikudoug\Saved Games
[2012/04/26 23:30:00 | 000,000,000 | R--D | C] -- C:\Users\rangikudoug\Pictures
[2012/04/26 23:30:00 | 000,000,000 | R--D | C] -- C:\Users\rangikudoug\Music
[2012/04/26 23:30:00 | 000,000,000 | R--D | C] -- C:\Users\rangikudoug\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/04/26 23:30:00 | 000,000,000 | R--D | C] -- C:\Users\rangikudoug\Links
[2012/04/26 23:30:00 | 000,000,000 | R--D | C] -- C:\Users\rangikudoug\Favorites
[2012/04/26 23:30:00 | 000,000,000 | R--D | C] -- C:\Users\rangikudoug\Downloads
[2012/04/26 23:30:00 | 000,000,000 | R--D | C] -- C:\Users\rangikudoug\Documents
[2012/04/26 23:30:00 | 000,000,000 | R--D | C] -- C:\Users\rangikudoug\Desktop
[2012/04/26 23:30:00 | 000,000,000 | R--D | C] -- C:\Users\rangikudoug\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/04/26 23:30:00 | 000,000,000 | ---D | C] -- C:\Users\rangikudoug\AppData\Local\Temp
[2012/04/26 23:30:00 | 000,000,000 | ---D | C] -- C:\Users\rangikudoug\AppData\Local\Microsoft
[2012/04/26 23:30:00 | 000,000,000 | ---D | C] -- C:\Users\rangikudoug\AppData\Roaming\Media Center Programs
[2012/04/26 23:30:00 | 000,000,000 | ---D | C] -- C:\Users\rangikudoug\AppData
[2012/04/26 23:20:49 | 000,044,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012/04/26 23:20:48 | 002,421,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012/04/26 23:20:14 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012/04/26 23:20:14 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2012/04/26 23:20:14 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012/04/26 23:19:51 | 000,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012/04/26 23:19:51 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012/04/26 21:40:42 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/04/24 22:49:00 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012/04/24 22:48:50 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation

========== Files - Modified Within 30 Days ==========

[2012/05/19 14:05:01 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/19 14:00:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\Recovery DVD Creator-Rangiku.job
[2012/05/19 13:58:34 | 000,608,760 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/05/19 13:58:34 | 000,108,268 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/05/19 13:52:48 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/19 13:52:16 | 000,003,216 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/19 13:52:16 | 000,003,216 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/19 13:52:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/19 13:52:00 | 1876,381,696 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/16 23:23:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/16 16:12:04 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/05/15 08:49:56 | 000,129,078 | ---- | M] () -- C:\Users\rangikudoug\Desktop\wkoutdsk.abw
[2012/05/15 08:48:50 | 000,128,971 | ---- | M] () -- C:\Users\rangikudoug\Desktop\wkoutdsk.abw2.abw
[2012/05/14 00:40:11 | 000,297,104 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/05/14 00:37:00 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2012/05/12 09:07:33 | 000,001,726 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/05/10 23:04:00 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/05/10 23:03:59 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/05/10 08:59:08 | 000,000,943 | ---- | M] () -- C:\Users\rangikudoug\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/05/10 08:54:08 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2012/05/10 08:54:08 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2012/05/10 08:54:01 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012/05/10 08:54:01 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012/05/10 08:54:01 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012/05/10 08:54:01 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012/05/10 08:54:00 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012/05/10 08:54:00 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/05/10 08:54:00 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012/05/10 08:54:00 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012/05/10 08:54:00 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012/05/10 08:54:00 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012/05/10 08:54:00 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012/05/10 08:54:00 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012/05/10 08:54:00 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012/05/10 08:54:00 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012/05/10 08:54:00 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012/05/10 08:54:00 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012/05/10 08:54:00 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012/05/10 08:54:00 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012/05/10 08:54:00 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012/05/10 08:54:00 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012/05/10 08:54:00 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012/05/10 08:53:59 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012/05/10 08:53:59 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012/05/10 08:53:59 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/05/10 08:53:59 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012/05/10 08:53:59 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012/05/10 08:53:59 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012/05/10 08:53:59 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012/05/10 08:53:59 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012/05/10 08:53:59 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012/05/10 08:53:59 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012/05/10 08:53:59 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012/05/10 08:52:58 | 000,979,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll
[2012/05/10 08:52:57 | 002,873,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2012/05/10 08:52:57 | 000,357,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll
[2012/05/10 08:52:57 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll
[2012/05/10 08:52:57 | 000,261,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2012/05/10 08:52:57 | 000,209,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2012/05/10 08:52:57 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2012/05/10 08:52:54 | 001,029,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2012/05/10 08:52:54 | 000,667,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2012/05/10 08:52:54 | 000,486,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2012/05/10 08:52:54 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2012/05/10 08:52:54 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2012/05/10 08:52:54 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2012/05/10 08:52:54 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2012/05/10 08:52:54 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2012/05/10 08:52:53 | 001,554,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2012/05/10 08:52:53 | 000,847,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2012/05/10 08:50:13 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\dxgkrnl.sys.mui
[2012/05/10 08:50:12 | 000,519,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2012/05/10 08:50:12 | 000,369,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2012/05/10 08:50:12 | 000,252,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2012/05/10 08:50:12 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2012/05/10 08:50:11 | 000,321,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2012/05/10 08:50:11 | 000,189,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2012/05/09 21:04:15 | 000,003,076 | ---- | M] () -- C:\Users\rangikudoug\Desktop\g2g.abw
[2012/05/09 14:10:47 | 000,000,796 | ---- | M] () -- C:\Users\rangikudoug\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2012/05/09 14:10:47 | 000,000,772 | ---- | M] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2012/05/09 10:31:11 | 000,001,760 | ---- | M] () -- C:\Users\Public\Desktop\YourFile Downloader.lnk
[2012/05/09 10:06:57 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2012/05/09 10:06:26 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2012/05/09 10:06:15 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2012/05/09 10:06:14 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2012/05/09 10:06:13 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\System32\pncrt.dll
[2012/05/09 09:24:10 | 000,001,664 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/05/08 14:02:13 | 000,128,886 | ---- | M] () -- C:\Users\rangikudoug\Desktop\workout mar2011.abw2.abw
[2012/05/08 14:02:02 | 000,128,886 | ---- | M] () -- C:\Users\rangikudoug\Desktop\workout mar2011.abw
[2012/05/08 12:45:24 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\AbiWord.lnk
[2012/05/07 21:24:57 | 000,000,828 | ---- | M] () -- C:\Users\rangikudoug\Desktop\WinDirStat.lnk
[2012/05/07 10:33:22 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012/05/07 10:33:22 | 000,001,829 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/05/06 21:06:37 | 000,001,027 | ---- | M] () -- C:\Users\rangikudoug\Desktop\DriverMax.lnk
[2012/05/06 16:33:33 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2012/05/03 20:35:05 | 000,128,886 | ---- | M] () -- C:\Users\rangikudoug\Desktop\workout mar2011s.abw
[2012/05/03 20:31:34 | 000,022,528 | ---- | M] () -- C:\Users\rangikudoug\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/05/03 20:29:47 | 000,001,955 | ---- | M] () -- C:\Users\rangikudoug\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/05/02 19:45:41 | 000,001,074 | ---- | M] () -- C:\Users\Public\Desktop\Seagate Dashboard.lnk
[2012/04/28 14:24:51 | 000,001,589 | ---- | M] () -- C:\Users\Public\Desktop\Browser Choice.lnk
[2012/04/27 10:32:26 | 288,732,519 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/04/26 23:18:02 | 000,047,092 | ---- | M] () -- C:\Windows\System32\license.rtf

========== Files Created - No Company Name ==========

[2012/05/15 08:49:56 | 000,129,078 | ---- | C] () -- C:\Users\rangikudoug\Desktop\wkoutdsk.abw
[2012/05/15 08:48:50 | 000,128,971 | ---- | C] () -- C:\Users\rangikudoug\Desktop\wkoutdsk.abw2.abw
[2012/05/14 00:37:00 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2012/05/12 09:07:33 | 000,001,726 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/05/10 08:54:00 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012/05/10 08:33:39 | 000,001,732 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2012/05/09 21:04:15 | 000,003,076 | ---- | C] () -- C:\Users\rangikudoug\Desktop\g2g.abw
[2012/05/09 14:10:47 | 000,000,796 | ---- | C] () -- C:\Users\rangikudoug\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2012/05/09 14:10:47 | 000,000,772 | ---- | C] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2012/05/09 10:52:49 | 000,001,147 | ---- | C] () -- C:\Users\rangikudoug\Desktop\WinX DVD Ripper Platinum.lnk
[2012/05/09 10:29:07 | 000,001,760 | ---- | C] () -- C:\Users\Public\Desktop\YourFile Downloader.lnk
[2012/05/09 10:06:57 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2012/05/09 09:24:10 | 000,001,664 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/05/08 14:02:13 | 000,128,886 | ---- | C] () -- C:\Users\rangikudoug\Desktop\workout mar2011.abw2.abw
[2012/05/08 14:02:01 | 000,128,886 | ---- | C] () -- C:\Users\rangikudoug\Desktop\workout mar2011.abw
[2012/05/08 12:45:24 | 000,000,866 | ---- | C] () -- C:\Users\Public\Desktop\AbiWord.lnk
[2012/05/08 12:03:05 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/07 21:24:57 | 000,000,828 | ---- | C] () -- C:\Users\rangikudoug\Desktop\WinDirStat.lnk
[2012/05/06 21:06:37 | 000,001,027 | ---- | C] () -- C:\Users\rangikudoug\Desktop\DriverMax.lnk
[2012/05/05 09:01:48 | 1876,381,696 | -HS- | C] () -- C:\hiberfil.sys
[2012/05/03 20:35:05 | 000,128,886 | ---- | C] () -- C:\Users\rangikudoug\Desktop\workout mar2011s.abw
[2012/05/03 20:21:43 | 000,001,971 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/05/03 20:21:43 | 000,001,955 | ---- | C] () -- C:\Users\rangikudoug\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/05/03 20:20:42 | 000,001,829 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/05/02 19:45:41 | 000,001,074 | ---- | C] () -- C:\Users\Public\Desktop\Seagate Dashboard.lnk
[2012/05/01 23:06:13 | 000,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2012/05/01 23:06:11 | 000,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man
[2012/05/01 23:06:03 | 000,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2012/05/01 23:06:01 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2012/05/01 23:06:01 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2012/05/01 23:05:58 | 000,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2012/05/01 23:05:54 | 000,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2012/05/01 23:05:39 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2012/05/01 23:05:37 | 000,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2012/05/01 23:04:49 | 000,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2012/05/01 23:04:43 | 000,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2012/04/28 14:24:51 | 000,001,589 | ---- | C] () -- C:\Users\Public\Desktop\Browser Choice.lnk
[2012/04/28 10:46:57 | 000,000,886 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/28 10:46:55 | 000,000,882 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/28 09:57:12 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2012/04/28 09:57:09 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2012/04/28 09:18:16 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2012/04/28 09:18:16 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2012/04/28 09:18:16 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2012/04/27 16:12:51 | 000,022,528 | ---- | C] () -- C:\Users\rangikudoug\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/04/27 10:31:29 | 288,732,519 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012/04/27 10:07:22 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2012/04/26 23:42:33 | 000,000,943 | ---- | C] () -- C:\Users\rangikudoug\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/04/26 23:30:51 | 000,000,949 | ---- | C] () -- C:\Users\rangikudoug\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/04/26 23:30:41 | 000,000,944 | ---- | C] () -- C:\Users\rangikudoug\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2012/04/26 23:30:33 | 000,000,915 | ---- | C] () -- C:\Users\rangikudoug\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2012/04/26 23:30:00 | 000,000,258 | ---- | C] () -- C:\Users\rangikudoug\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/04/26 23:30:00 | 000,000,240 | ---- | C] () -- C:\Users\rangikudoug\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/04/26 23:28:18 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\Recovery DVD Creator-Rangiku.job
[2011/03/21 14:38:32 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat

========== LOP Check ==========

[2012/05/09 15:15:06 | 000,000,000 | ---D | M] -- C:\Users\rangikudoug\AppData\Roaming\BitTorrent
[2012/05/09 10:50:38 | 000,000,000 | ---D | M] -- C:\Users\rangikudoug\AppData\Roaming\Digiarty
[2012/05/02 18:55:35 | 000,000,000 | ---D | M] -- C:\Users\rangikudoug\AppData\Roaming\Leadertech
[2012/05/09 14:34:46 | 000,000,000 | ---D | M] -- C:\Users\rangikudoug\AppData\Roaming\Media Finder
[2012/05/03 07:30:21 | 000,000,000 | ---D | M] -- C:\Users\rangikudoug\AppData\Roaming\Memeo
[2012/05/03 07:30:06 | 000,000,000 | ---D | M] -- C:\Users\rangikudoug\AppData\Roaming\Seagate
[2012/05/09 10:29:04 | 000,000,000 | ---D | M] -- C:\Users\rangikudoug\AppData\Roaming\YourFileDownloader
[2012/05/19 14:00:00 | 000,000,344 | ---- | M] () -- C:\Windows\Tasks\Recovery DVD Creator-Rangiku.job
[2012/05/17 00:00:01 | 000,026,824 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >
[2007/11/07 09:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< MD5 for: EXPLORER.EXE >
[2008/10/29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: SVCHOST.EXE >
[2008/01/21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: USERINIT.EXE >
[2008/01/21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< C:\Windows\assembly\tmp\U\*.* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 233 bytes -> C:\ProgramData\TEMP:CEE4A457
@Alternate Data Stream - 209 bytes -> C:\ProgramData\TEMP:A4AF8D0D
@Alternate Data Stream - 161 bytes -> C:\ProgramData\TEMP:5E9B629B
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:8D09A3F7

< End of report >


and the log from aswABR program was:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-19 14:52:38
-----------------------------
14:52:38.310 OS Version: Windows 6.0.6002 Service Pack 2
14:52:38.310 Number of processors: 4 586 0xF0B
14:52:38.310 ComputerName: RANGIKUDOUG-PC UserName: rangikudoug
14:52:41.914 Initialize success
14:52:42.553 AVAST engine defs: 12051900
14:52:55.720 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000004d
14:52:55.720 Disk 0 Vendor: ST332081 SD23 Size: 305245MB BusType: 11
14:52:55.782 Disk 0 MBR read successfully
14:52:55.782 Disk 0 MBR scan
14:52:55.798 Disk 0 Windows VISTA default MBR code
14:52:55.813 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 12291 MB offset 63
14:52:55.860 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 292952 MB offset 25174016
14:52:55.860 Disk 0 scanning sectors +625139712
14:52:55.969 Disk 0 scanning C:\Windows\system32\drivers
14:53:10.290 Service scanning
14:53:28.199 Modules scanning
14:53:35.079 Disk 0 trace - called modules:
14:53:35.141 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll storport.sys nvstor32.sys
14:53:35.157 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85948608]
14:53:35.157 3 CLASSPNP.SYS[807bb8b3] -> nt!IofCallDriver -> [0x84869398]
14:53:35.172 5 acpi.sys[806976bc] -> nt!IofCallDriver -> \Device\0000004d[0x852d0c90]
14:53:36.342 AVAST engine scan C:\Windows
14:53:40.429 AVAST engine scan C:\Windows\system32
14:56:08.676 AVAST engine scan C:\Windows\system32\drivers
14:56:21.250 AVAST engine scan C:\Users\rangikudoug
14:58:27.126 AVAST engine scan C:\ProgramData
15:02:15.916 Scan finished successfully
15:06:03.629 Disk 0 MBR has been saved successfully to "C:\Users\rangikudoug\Desktop\MBR.dat"
15:06:03.676 The log file has been saved successfully to "C:\Users\rangikudoug\Desktop\aswMBR2.txt"


can you let me know if something is amiss?

So far there has been no blue screen crashes, but from what you can tell from my logs, is my computer functioning normally?
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP