My boyfriend installed some type of spyware on my laptop..
Edited by SweetHeart161, 06 May 2012 - 12:54 PM.
Commercial Spyware or malicious program ransom ware? [Closed]
Started by
SweetHeart161
, May 06 2012 12:45 PM
-
This topic is locked
#1
Posted 06 May 2012 - 12:45 PM
SweetHeart161
-
- Member
-
- 89 posts
Member
My boyfriend installed some type of spyware on my laptop..
#2
Posted 06 May 2012 - 02:42 PM
Render
-
- Malware Removal
-
- 4,195 posts
Trusted Helper
Hi and welcome to GeeksToGo! Please make sure you read all of the instructions and fixes thoroughly before continuing with them. If you have any queries or you are unsure about anything, just say and I'll help you out 
It may well be worth you printing/saving the instructions throughout the fix, so you have them to hand just in case you are unable to access this site.
Please note:
Pleasae follow the steps below:
Step 1
How to add an attachment to a new topic or reply
Step 2
OTL Custom Scan
It may well be worth you printing/saving the instructions throughout the fix, so you have them to hand just in case you are unable to access this site.
Please note:
- Remember to post your logs, not attach them. So, any logs from any programs we run, should be just 'copied & pasted' into your reply.
- Please only run the tools that I request. I know malware can be frustrating but running other tools in the meantime and between posts, only makes it harder for us to analyse and fix your PC in the long run.
- Please subscribe to this topic if you have not already done so. Please check back just in case, as the email system can fail at times.
- Just because your machine is running better does not mean it is completely cleaned. Please wait for the 'all clear' from me to say when we are done.
- Please reply within 3 days to be fair to other people asking for help.
- Please tell me if you have your original Windows CD/DVD available
- When in doubt, please stop and ask first. There's no harm in asking questions!
Pleasae follow the steps below:
Step 1
- Please download aswMBR.exe to your desktop.
- Double click the aswMBR.exe to run it.
- When asked if you want to download Avast's virus definitions please select Yes.
Note: If avast! antivirus is already installed, just do the next step. - Click the Scan button to start scan.
- On completion of the scan click Save log, save it to your desktop and post in your next reply.
- Also on Desktop there should be a file called MBR.dat after that, zip it and then attach it here
How to add an attachment to a new topic or reply
Step 2
OTL Custom Scan- Download OTL to your desktop.
- Double click on the
icon to run it. - Make sure all other windows are closed and to let it run uninterrupted.
- When the window appears, underneath Output at the top, make sure Stadard output is selected.
- Select Scan all users
- Under the Extra Registry section, check Use SafeList
- Check the boxes beside LOP Check and Purity Check.
- Under the Custom Scans/Fixes box copy and paste this in:
netsvcs %SYSTEMDRIVE%\*.exe /md5start explorer.exe winlogon.exe userinit.exe svchost.exe consrv.dll /md5stop %systemroot%\*. /mp /s %Temp%\smtmp\*.* /s hklm\software\clients\startmenuinternet|command /rs hklm\software\clients\startmenuinternet|command /64 /rs CREATERESTOREPOINT
- Click the
button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic
#3
Posted 06 May 2012 - 03:18 PM
SweetHeart161
- Topic Starter
-
- Member
-
- 89 posts
Member
I can't download aswmbr..says it's infected..
OTL logfile created on: 5/6/2012 5:12:42 PM - Run 1
OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\))())()) (()(()((\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.99 Gb Total Physical Memory | 6.29 Gb Available Physical Memory | 78.75% Memory free
15.98 Gb Paging File | 14.28 Gb Available in Paging File | 89.39% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 46.81 Gb Total Space | 2.90 Gb Free Space | 6.19% Space Free | Partition Type: NTFS
Drive D: | 465.53 Gb Total Space | 274.90 Gb Free Space | 59.05% Space Free | Partition Type: FAT32
Drive F: | 465.69 Gb Total Space | 129.18 Gb Free Space | 27.74% Space Free | Partition Type: FAT32
Drive G: | 232.83 Gb Total Space | 8.05 Gb Free Space | 3.46% Space Free | Partition Type: FAT32
Computer Name: PC | User Name: )) ))()(( (( | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - File not found --
PRC - [2012/04/22 20:01:42 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\))())()) (()(()((\Desktop\OTL.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/01/03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/08/10 05:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\19.1.1.3\ccSvcHst.exe
PRC - [2010/11/12 15:04:06 | 001,037,672 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe
PRC - [2010/11/12 15:04:06 | 000,406,888 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrvProxy.exe
PRC - [2010/11/12 15:04:02 | 001,029,480 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe
PRC - [2010/11/12 15:04:02 | 000,406,888 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrvProxy.exe
PRC - [2010/05/20 16:15:00 | 000,110,736 | R--- | M] (InterVideo) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2010/03/11 14:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2010/01/28 17:34:01 | 000,103,792 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe
PRC - [2009/09/23 16:45:50 | 001,287,176 | ---- | M] (Panda Security) -- C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
PRC - [2009/08/24 15:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe
========== Modules (No Company Name) ==========
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011/08/11 16:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2010/07/28 10:27:16 | 000,267,192 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2010/07/22 16:36:16 | 000,822,192 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2010/02/05 17:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009/11/05 22:05:28 | 000,489,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2009/10/21 09:30:36 | 000,531,520 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\ThpSrv.exe -- (Thpsrv)
SRV:64bit: - [2009/07/28 15:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/02/12 16:43:00 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Windows\SysNative\drivers\o2flash.exe -- (O2FLASH)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/01/03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/08/10 05:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\19.1.1.3\ccSvcHst.exe -- (NIS)
SRV - [2011/02/11 13:45:52 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/11/12 15:04:06 | 001,037,672 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe -- (SpeedDiskService)
SRV - [2010/11/12 15:04:02 | 001,029,480 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe -- (DiskDoctorService)
SRV - [2010/08/23 01:36:31 | 000,332,272 | ---- | M] (Google Inc.) [On_Demand | Stopped] -- C:\ProgramData\Partner\Partner.exe -- (Partner Service)
SRV - [2010/05/20 16:15:00 | 000,110,736 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2010/04/03 16:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/11 14:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010/01/28 17:34:01 | 000,103,792 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe -- (Norton PC Checkup Application Launcher)
SRV - [2009/11/16 16:47:24 | 000,322,416 | ---- | M] (Toshiba America Information Systems) [Auto | Running] -- c:\Program Files (x86)\TOSHIBA\ToshibaFB\fdbpinger.exe -- (fbdpinger)
SRV - [2009/08/24 15:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe -- (PCCUJobMgr)
SRV - [2009/08/13 11:09:08 | 000,297,344 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ToshibaRegistration\TaisRegistPinger.exe -- (taisregispinger)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012/05/05 20:52:34 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/01/17 05:45:56 | 000,188,224 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/08/08 08:38:06 | 000,167,048 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1301010.003\ccSetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2011/08/02 11:22:10 | 000,729,720 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1301010.003\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2011/08/02 11:22:10 | 000,037,496 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1301010.003\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2011/07/28 12:20:02 | 001,084,536 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1301010.003\SymEFA64.sys -- (SymEFA)
DRV:64bit: - [2011/07/25 11:18:40 | 000,401,016 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1301010.003\symnets.sys -- (SymNetS)
DRV:64bit: - [2011/07/25 11:18:36 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1301010.003\SymDS64.sys -- (SymDS)
DRV:64bit: - [2011/07/25 11:15:52 | 000,189,560 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1301010.003\Ironx64.sys -- (SymIRON)
DRV:64bit: - [2011/07/22 09:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 14:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/05/12 14:03:12 | 000,006,144 | ---- | M] (Sophos Plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\1D63.tmp -- (MEMSWEEP2)
DRV:64bit: - [2011/04/29 14:34:32 | 000,100,864 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ser2pl64.sys -- (Ser2pl)
DRV:64bit: - [2010/11/20 05:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 05:32:48 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/11/20 05:32:48 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 01:37:44 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/16 16:00:50 | 000,077,032 | ---- | M] (O2Micro ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\o2mdgx64.sys -- (O2MDGRDR)
DRV:64bit: - [2010/11/12 15:04:10 | 000,191,232 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SymDSMon.sys -- (SymDSMon)
DRV:64bit: - [2010/11/12 15:04:10 | 000,163,384 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SymSpeedDisk.sys -- (SYMSpeedDisk)
DRV:64bit: - [2010/11/09 13:56:12 | 000,049,752 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SBREDrv.sys -- (SBRE)
DRV:64bit: - [2010/06/22 13:28:06 | 000,729,216 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2010/05/08 18:38:56 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2010/03/24 13:55:56 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/02/27 07:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/11/27 15:47:56 | 000,067,072 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009/10/02 13:33:48 | 000,946,688 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192se.sys -- (rtl8192se)
DRV:64bit: - [2009/08/18 18:41:06 | 000,049,568 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2sdgx64.sys -- (O2SDGRDR)
DRV:64bit: - [2009/07/30 20:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/30 18:20:18 | 000,281,648 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/07/14 15:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/29 16:16:20 | 000,014,784 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Thpevm.sys -- (Thpevm)
DRV:64bit: - [2009/06/29 10:25:22 | 000,034,880 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\thpdrv.sys -- (Thpdrv)
DRV:64bit: - [2009/06/19 19:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009/06/15 13:58:50 | 000,012,800 | ---- | M] (TOSHIBA) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\QIOMem.sys -- (QIOMem)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007/04/17 11:51:50 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV - [2011/09/01 16:07:54 | 001,151,096 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20110901.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2011/08/17 18:00:00 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20110818.021\EX64.SYS -- (NAVEX15)
DRV - [2011/08/17 18:00:00 | 000,481,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2011/08/17 18:00:00 | 000,136,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/08/17 18:00:00 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20110818.021\ENG64.SYS -- (NAVENG)
DRV - [2011/07/20 10:43:24 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20110726.001\IDSviA64.sys -- (IDSVia64)
DRV - [2010/11/12 15:04:08 | 000,108,800 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\SymSpeedDisk.sys -- (SYMSpeedDisk)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {A18CE648-2D6E-4248-BC54-FFD2E77C08F2}
IE:64bit: - HKLM\..\SearchScopes\{A18CE648-2D6E-4248-BC54-FFD2E77C08F2}: "URL" = http://www.google.co...ng}&rlz=1I7TSND
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=TSND&bmod=TSND
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=TSND&bmod=TSND
IE - HKLM\..\SearchScopes,DefaultScope = {2267C70A-E9E4-4278-91C5-22BB8D072C81}
IE - HKLM\..\SearchScopes\{2267C70A-E9E4-4278-91C5-22BB8D072C81}: "URL" = http://www.google.co...ng}&rlz=1I7TSND
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=TSND&bmod=TSND
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://start.toshiba.com/g/ [binary data]
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://start.toshiba.com/g/ [binary data]
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=TSND&bmod=TSND
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1000\..\SearchScopes,DefaultScope = {2267C70A-E9E4-4278-91C5-22BB8D072C81}
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1000\..\SearchScopes\{06FC71E0-303A-46F6-BD3B-5F8D376C4D80}: "URL" = http://www.google.co...ng}&rlz=1I7TSND
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1000\..\SearchScopes\{2267C70A-E9E4-4278-91C5-22BB8D072C81}: "URL" = http://www.google.co...ng}&rlz=1I7TSND
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=TSND&bmod=TSND
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://start.toshiba.com/g/ [binary data]
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://start.toshiba.com/g/ [binary data]
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=TSND&bmod=TSND
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1001\..\SearchScopes,DefaultScope = {5CBF10DC-CB52-4DCD-9EDA-5479019288BD}
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1001\..\SearchScopes\{2267C70A-E9E4-4278-91C5-22BB8D072C81}: "URL" = http://www.google.co...ng}&rlz=1I7TSND
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1001\..\SearchScopes\{5CBF10DC-CB52-4DCD-9EDA-5479019288BD}: "URL" = http://www.google.co...ng}&rlz=1I7TSND
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Program Files (x86)\Google\Update\1.2.183.23\npGoogleOneClick8.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\IPSFFPlgn\ [2012/05/05 20:52:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\coFFPlgn\ [2012/05/06 10:47:00 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg64.dll (Google Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.1.3\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.1.3\IPS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.1.3\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-3189586276-199909604-3004978317-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-21-3189586276-199909604-3004978317-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-3189586276-199909604-3004978317-1001\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.1.3\CoIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3189586276-199909604-3004978317-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/08/20 23:12:38 | 000,000,016 | -H-- | M] () - F:\AUTORUN.INF -- [ FAT32 ]
O32 - AutoRun File - [2009/08/20 23:16:02 | 000,000,016 | -H-- | M] () - G:\AUTORUN.INF -- [ FAT32 ]
O33 - MountPoints2\{2603f5cf-8d99-11de-b198-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{2603f5cf-8d99-11de-b198-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012/05/06 15:42:57 | 000,000,000 | ---D | C] -- C:\Users\)) ))()(( ((\AppData\Roaming\Google
[2012/05/06 15:42:57 | 000,000,000 | ---D | C] -- C:\Users\)) ))()(( ((\AppData\Local\Google
[2012/05/05 23:48:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012/05/05 23:38:28 | 001,451,840 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvhdagenco6420103.dll
[2012/05/05 23:38:28 | 000,188,224 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\drivers\nvhda64v.sys
[2012/05/05 23:38:28 | 000,031,040 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvhdap64.dll
[2012/05/05 23:38:20 | 025,720,128 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvoglv64.dll
[2012/05/05 23:38:20 | 025,246,528 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvcompiler.dll
[2012/05/05 23:38:20 | 019,584,320 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvoglv32.dll
[2012/05/05 23:38:20 | 017,984,320 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvd3dumx.dll
[2012/05/05 23:38:20 | 017,551,680 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvcompiler.dll
[2012/05/05 23:38:20 | 008,138,048 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvcuda.dll
[2012/05/05 23:38:20 | 008,029,504 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvwgf2um.dll
[2012/05/05 23:38:20 | 005,981,504 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvcuda.dll
[2012/05/05 23:38:20 | 002,881,344 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvcuvenc.dll
[2012/05/05 23:38:20 | 002,681,152 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvcuvid.dll
[2012/05/05 23:38:20 | 002,524,992 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvcuvid.dll
[2012/05/05 23:38:20 | 002,444,608 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvcuvenc.dll
[2012/05/05 23:38:20 | 002,367,808 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvapi.dll
[2012/05/05 23:38:20 | 001,738,048 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvdispco64.dll
[2012/05/05 23:38:20 | 001,466,176 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvgenco64.dll
[2012/05/05 23:36:25 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2012/05/05 23:34:23 | 000,100,864 | ---- | C] (Prolific Technology Inc.) -- C:\windows\SysNative\drivers\ser2pl64.sys
[2012/05/05 23:34:23 | 000,035,892 | ---- | C] (Prolific Technology Inc.) -- C:\windows\SysWow64\SER9PL.sys
[2012/05/05 23:28:05 | 000,027,472 | ---- | C] (Sunbelt Software) -- C:\windows\SysNative\sbbd.exe
[2012/05/05 23:28:04 | 000,049,752 | ---- | C] (Sunbelt Software) -- C:\windows\SysNative\drivers\SBREDrv.sys
[2012/05/05 23:27:38 | 000,000,000 | ---D | C] -- C:\VIPRERESCUE
[2012/05/05 23:26:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012/05/05 23:26:51 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012/05/05 23:26:51 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012/05/05 23:26:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/05/05 23:26:24 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\javaws.exe
[2012/05/05 23:26:24 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\javaw.exe
[2012/05/05 23:26:24 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\java.exe
[2012/05/05 23:26:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/05/05 23:26:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
[2012/05/05 23:26:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sophos
[2012/05/05 23:13:15 | 000,000,000 | ---D | C] -- C:\Users\)) ))()(( ((\AppData\Roaming\Malwarebytes
[2012/05/05 23:13:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/05/05 23:13:11 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2012/05/05 23:13:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/05/05 23:13:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/05/05 22:09:33 | 000,000,000 | ---D | C] -- C:\ubuntu
[2012/05/05 21:39:44 | 000,000,000 | ---D | C] -- C:\Users\)) ))()(( ((\AppData\Local\CrashDumps
[2012/05/05 20:56:56 | 000,000,000 | ---D | C] -- C:\Intel
[2012/05/05 20:54:50 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\SDA
[2012/05/05 20:54:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\O2Micro
[2012/05/05 20:54:18 | 000,000,000 | ---D | C] -- C:\Users\)) ))()(( ((\AppData\Roaming\WinBatch
[2012/05/05 20:53:38 | 000,000,000 | ---D | C] -- C:\Users\)) ))()(( ((\AppData\Local\Norman Malware Cleaner
[2012/05/05 20:52:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2012/05/05 20:52:34 | 000,174,200 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\SYMEVENT64x86.SYS
[2012/05/05 20:52:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2012/05/05 20:52:34 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2012/05/05 20:52:31 | 001,084,536 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1301010.003\SymEFA64.sys
[2012/05/05 20:52:31 | 000,729,720 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1301010.003\srtsp64.sys
[2012/05/05 20:52:31 | 000,451,192 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1301010.003\SymDS64.sys
[2012/05/05 20:52:31 | 000,401,016 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1301010.003\symnets.sys
[2012/05/05 20:52:31 | 000,189,560 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1301010.003\Ironx64.sys
[2012/05/05 20:52:31 | 000,167,048 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1301010.003\ccSetx64.sys
[2012/05/05 20:52:31 | 000,037,496 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1301010.003\srtspx64.sys
[2012/05/05 20:52:08 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\NISx64
[2012/05/05 20:52:08 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\NISx64\1301010.003
[2012/05/05 20:52:07 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
[2012/05/05 20:52:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Internet Security
[2012/05/05 20:50:42 | 000,000,000 | ---D | C] -- C:\Users\)) ))()(( ((\AppData\Roaming\Norton Utilities
[2012/05/05 20:31:57 | 000,000,000 | ---D | C] -- C:\Quarantine
[2012/05/05 20:28:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton Installer
[2012/05/05 20:27:53 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2012/05/05 20:26:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Utilities 15
[2012/05/05 20:26:24 | 000,191,232 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\SymDSMon.sys
[2012/05/05 20:26:24 | 000,163,384 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\SymSpeedDisk.sys
[2012/05/05 20:26:24 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml4a.dll
[2012/05/05 20:26:23 | 000,108,800 | ---- | C] (Symantec Corporation) -- C:\windows\SysWow64\drivers\SymSpeedDisk.sys
[2012/05/05 20:26:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec
[2012/05/05 20:26:22 | 001,101,824 | ---- | C] (Woodbury Associates Limited) -- C:\windows\SysWow64\UniBox210.ocx
[2012/05/05 20:26:22 | 000,880,640 | ---- | C] (Woodbury Associates Limited) -- C:\windows\SysWow64\UniBox10.ocx
[2012/05/05 20:26:22 | 000,506,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml.dll
[2012/05/05 20:26:22 | 000,212,992 | ---- | C] (Woodbury Associates Limited) -- C:\windows\SysWow64\UniBoxVB12.ocx
[2012/05/05 20:26:21 | 001,081,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSCOMCTL.OCX
[2012/05/05 20:26:21 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSCOMCT2.OCX
[2012/05/05 20:26:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2012/05/05 20:26:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Utilities 15
[2012/05/05 20:20:32 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSAC3ENC.DLL
[2012/05/05 20:20:32 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mprddm.dll
[2012/05/05 20:20:32 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstask.dll
[2012/05/05 20:20:32 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mobsync.exe
[2012/05/05 20:20:32 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mobsync.exe
[2012/05/05 20:20:32 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2012/05/05 20:20:31 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdri.dll
[2012/05/05 20:20:31 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscories.dll
[2012/05/05 20:20:30 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc42u.dll
[2012/05/05 20:20:30 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll
[2012/05/05 20:20:30 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qedit.dll
[2012/05/05 20:20:30 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll
[2012/05/05 20:20:30 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\raschap.dll
[2012/05/05 20:20:30 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MediaMetadataHandler.dll
[2012/05/05 20:20:30 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iTVData.dll
[2012/05/05 20:20:30 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\itircl.dll
[2012/05/05 20:20:30 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll
[2012/05/05 20:20:30 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kstvtune.ax
[2012/05/05 20:20:30 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\logagent.exe
[2012/05/05 20:20:30 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ksxbar.ax
[2012/05/05 20:20:30 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetmib1.dll
[2012/05/05 20:20:30 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2012/05/05 20:20:30 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\lsmproxy.dll
[2012/05/05 20:20:30 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDCZ1.DLL
[2012/05/05 20:20:30 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDBLR.DLL
[2012/05/05 20:20:30 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDLT1.DLL
[2012/05/05 20:20:30 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDINTEL.DLL
[2012/05/05 20:20:29 | 001,808,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pnidui.dll
[2012/05/05 20:20:29 | 001,115,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RacEngn.dll
[2012/05/05 20:20:29 | 001,050,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\printui.dll
[2012/05/05 20:20:29 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sbe.dll
[2012/05/05 20:20:29 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sdcpl.dll
[2012/05/05 20:20:29 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netlogon.dll
[2012/05/05 20:20:29 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate.exe
[2012/05/05 20:20:29 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ReAgent.dll
[2012/05/05 20:20:29 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Ribbons.scr
[2012/05/05 20:20:29 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netjoin.dll
[2012/05/05 20:20:29 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\schtasks.exe
[2012/05/05 20:20:29 | 000,171,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\scsiport.sys
[2012/05/05 20:20:29 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RDPENCDD.dll
[2012/05/05 20:20:29 | 000,098,816 | ---- | C] (Microsoft) -- C:\windows\SysWow64\Robocopy.exe
[2012/05/05 20:20:29 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2012/05/05 20:20:29 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pifmgr.dll
[2012/05/05 20:20:29 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdprefdrvapi.dll
[2012/05/05 20:20:28 | 002,652,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netshell.dll
[2012/05/05 20:20:28 | 001,731,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll
[2012/05/05 20:20:28 | 000,898,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\OobeFldr.dll
[2012/05/05 20:20:28 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netcfgx.dll
[2012/05/05 20:20:28 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbctrac.dll
[2012/05/05 20:20:28 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncsi.dll
[2012/05/05 20:20:28 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netiohlp.dll
[2012/05/05 20:20:28 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\perfmon.exe
[2012/05/05 20:20:28 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nslookup.exe
[2012/05/05 20:20:28 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nlsbres.dll
[2012/05/05 20:20:28 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ncryptui.dll
[2012/05/05 20:20:28 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MultiDigiMon.exe
[2012/05/05 20:20:28 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netiougc.exe
[2012/05/05 20:20:27 | 005,563,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2012/05/05 20:20:27 | 003,391,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dbgeng.dll
[2012/05/05 20:20:27 | 002,067,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d9.dll
[2012/05/05 20:20:27 | 001,927,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\authui.dll
[2012/05/05 20:20:27 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\certmgr.dll
[2012/05/05 20:20:27 | 001,792,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\authui.dll
[2012/05/05 20:20:27 | 001,340,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\diagperf.dll
[2012/05/05 20:20:27 | 001,087,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dbghelp.dll
[2012/05/05 20:20:27 | 001,003,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cryptui.dll
[2012/05/05 20:20:27 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cdosys.dll
[2012/05/05 20:20:27 | 000,665,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AuxiliaryDisplayCpl.dll
[2012/05/05 20:20:27 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\comdlg32.dll
[2012/05/05 20:20:27 | 000,573,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10level9.dll
[2012/05/05 20:20:27 | 000,460,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\certcli.dll
[2012/05/05 20:20:27 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[2012/05/05 20:20:27 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2012/05/05 20:20:27 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bcdedit.exe
[2012/05/05 20:20:27 | 000,337,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe
[2012/05/05 20:20:27 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1core.dll
[2012/05/05 20:20:27 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cmd.exe
[2012/05/05 20:20:27 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\activeds.dll
[2012/05/05 20:20:27 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bcdsrv.dll
[2012/05/05 20:20:27 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cdd.dll
[2012/05/05 20:20:27 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AuxiliaryDisplayServices.dll
[2012/05/05 20:20:27 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\consent.exe
[2012/05/05 20:20:27 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\windows\SysNative\drivers\amdsata.sys
[2012/05/05 20:20:27 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\CertPolEng.dll
[2012/05/05 20:20:27 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\acppage.dll
[2012/05/05 20:20:27 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pdhui.dll
[2012/05/05 20:20:27 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Diskdump.sys
[2012/05/05 20:20:27 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\windows\SysNative\drivers\amdxata.sys
[2012/05/05 20:20:27 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\C_ISCII.DLL
[2012/05/05 20:20:26 | 001,866,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ExplorerFrame.dll
[2012/05/05 20:20:26 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ExplorerFrame.dll
[2012/05/05 20:20:26 | 001,244,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imapi2fs.dll
[2012/05/05 20:20:26 | 001,066,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Display.dll
[2012/05/05 20:20:26 | 000,867,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SearchFolder.dll
[2012/05/05 20:20:26 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\evr.dll
[2012/05/05 20:20:26 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imkr80.ime
[2012/05/05 20:20:26 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\systemcpl.dll
[2012/05/05 20:20:26 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\imapi2.dll
[2012/05/05 20:20:26 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sysmon.ocx
[2012/05/05 20:20:26 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2012/05/05 20:20:26 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Faultrep.dll
[2012/05/05 20:20:26 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dxgmms1.sys
[2012/05/05 20:20:26 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2012/05/05 20:20:26 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dskquoui.dll
[2012/05/05 20:20:26 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\diskpart.exe
[2012/05/05 20:20:26 | 000,078,720 | ---- | C] (Hewlett-Packard Company) -- C:\windows\SysNative\drivers\HpSAMD.sys
[2012/05/05 20:20:26 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ftp.exe
[2012/05/05 20:20:26 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\g711codc.ax
[2012/05/05 20:20:26 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\elsTrans.dll
[2012/05/05 20:20:25 | 002,157,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\themecpl.dll
[2012/05/05 20:20:25 | 001,197,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskschd.dll
[2012/05/05 20:20:25 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TabletPC.cpl
[2012/05/05 20:20:25 | 000,451,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shwebsvc.dll
[2012/05/05 20:20:25 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srchadmin.dll
[2012/05/05 20:20:25 | 000,244,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sqmapi.dll
[2012/05/05 20:20:25 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spp.dll
[2012/05/05 20:20:25 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sysclass.dll
[2012/05/05 20:20:25 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\storport.sys
[2012/05/05 20:20:25 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tcpipcfg.dll
[2012/05/05 20:20:25 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\thumbcache.dll
[2012/05/05 20:20:25 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\shsetup.dll
[2012/05/05 20:20:25 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sppinst.dll
[2012/05/05 20:20:25 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tabcal.exe
[2012/05/05 20:20:25 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\spbcd.dll
[2012/05/05 20:20:24 | 002,621,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wucltux.dll
[2012/05/05 20:20:24 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMVDECOD.DLL
[2012/05/05 20:20:24 | 001,753,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vssapi.dll
[2012/05/05 20:20:24 | 001,232,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMADMOD.DLL
[2012/05/05 20:20:24 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wdc.dll
[2012/05/05 20:20:24 | 000,978,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMSPDMOD.DLL
[2012/05/05 20:20:24 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpmde.dll
[2012/05/05 20:20:24 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.efi
[2012/05/05 20:20:24 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmdrmdev.dll
[2012/05/05 20:20:24 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpd_ci.dll
[2012/05/05 20:20:24 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpeffects.dll
[2012/05/05 20:20:24 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.exe
[2012/05/05 20:20:24 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.efi
[2012/05/05 20:20:24 | 000,527,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmdrmnet.dll
[2012/05/05 20:20:24 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.exe
[2012/05/05 20:20:24 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wvc.dll
[2012/05/05 20:20:24 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wiadefui.dll
[2012/05/05 20:20:24 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\webio.dll
[2012/05/05 20:20:24 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WPDSp.dll
[2012/05/05 20:20:24 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\untfs.dll
[2012/05/05 20:20:24 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\webio.dll
[2012/05/05 20:20:24 | 000,297,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ws2_32.dll
[2012/05/05 20:20:24 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wsqmcons.exe
[2012/05/05 20:20:24 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wwanconn.dll
[2012/05/05 20:20:24 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpdwcn.dll
[2012/05/05 20:20:24 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpsrcwp.dll
[2012/05/05 20:20:24 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuwebv.dll
[2012/05/05 20:20:24 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsRasterService.dll
[2012/05/05 20:20:24 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vss_ps.dll
[2012/05/05 20:20:24 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\umb.dll
[2012/05/05 20:20:24 | 000,051,200 | ---- | C] (Twain Working Group) -- C:\windows\twain_32.dll
[2012/05/05 20:20:24 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tzutil.exe
[2012/05/05 20:20:24 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbisurf.ax
[2012/05/05 20:20:24 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\unlodctr.exe
[2012/05/05 20:20:24 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapp.exe
[2012/05/05 20:20:24 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\userinit.exe
[2012/05/05 20:20:24 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wsdchngr.dll
[2012/05/05 20:20:24 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WerFaultSecure.exe
[2012/05/05 20:20:23 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc.dll
[2012/05/05 20:20:23 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wavemsp.dll
[2012/05/05 20:20:23 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\shacct.dll
[2012/05/05 20:20:22 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setupugc.exe
[2012/05/05 20:20:17 | 004,120,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mf.dll
[2012/05/05 20:20:17 | 002,086,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ole32.dll
[2012/05/05 20:20:17 | 001,911,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\OpcServices.dll
[2012/05/05 20:20:17 | 000,957,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mblctr.exe
[2012/05/05 20:20:17 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc40u.dll
[2012/05/05 20:20:17 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2012/05/05 20:20:17 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfds.dll
[2012/05/05 20:20:17 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nshipsec.dll
[2012/05/05 20:20:17 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSAC3ENC.DLL
[2012/05/05 20:20:17 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ksproxy.ax
[2012/05/05 20:20:17 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MFPlay.dll
[2012/05/05 20:20:17 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\OnLineIDCpl.dll
[2012/05/05 20:20:17 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfps.dll
[2012/05/05 20:20:17 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mprapi.dll
[2012/05/05 20:20:17 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\itircl.dll
[2012/05/05 20:20:17 | 000,155,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscorier.dll
[2012/05/05 20:20:17 | 000,154,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mscorier.dll
[2012/05/05 20:20:17 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\logoncli.dll
[2012/05/05 20:20:17 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\logman.exe
[2012/05/05 20:20:17 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\luainstall.dll
[2012/05/05 20:20:17 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mimefilt.dll
[2012/05/05 20:20:17 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netutils.dll
[2012/05/05 20:20:17 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\LogonUI.exe
[2012/05/05 20:20:17 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDTUF.DLL
[2012/05/05 20:20:17 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDGKL.DLL
[2012/05/05 20:20:17 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDINBEN.DLL
[2012/05/05 20:20:17 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDUS.DLL
[2012/05/05 20:20:17 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDSF.DLL
[2012/05/05 20:20:16 | 003,727,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\accessibilitycpl.dll
[2012/05/05 20:20:16 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssrch.dll
[2012/05/05 20:20:16 | 001,049,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstsc.exe
[2012/05/05 20:20:16 | 000,902,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d2d1.dll
[2012/05/05 20:20:16 | 000,787,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d11.dll
[2012/05/05 20:20:16 | 000,668,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\autochk.exe
[2012/05/05 20:20:16 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssvp.dll
[2012/05/05 20:20:16 | 000,571,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mspbda.dll
[2012/05/05 20:20:16 | 000,549,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ActionCenterCPL.dll
[2012/05/05 20:20:16 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdrm.dll
[2012/05/05 20:20:16 | 000,363,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\diskraid.exe
[2012/05/05 20:20:16 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\apphelp.dll
[2012/05/05 20:20:16 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msihnd.dll
[2012/05/05 20:20:16 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dot3ui.dll
[2012/05/05 20:20:16 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\drvstore.dll
[2012/05/05 20:20:16 | 000,303,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msinfo32.exe
[2012/05/05 20:20:16 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\OnLineIDCpl.dll
[2012/05/05 20:20:16 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ocsetup.exe
[2012/05/05 20:20:16 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ocsetapi.dll
[2012/05/05 20:20:16 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cca.dll
[2012/05/05 20:20:16 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dot3cfg.dll
[2012/05/05 20:20:16 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netapi32.dll
[2012/05/05 20:20:16 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MuiUnattend.exe
[2012/05/05 20:20:16 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dot3cfg.dll
[2012/05/05 20:20:16 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\NAPCRYPT.DLL
[2012/05/05 20:20:16 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\NAPCRYPT.DLL
[2012/05/05 20:20:16 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\choice.exe
[2012/05/05 20:20:16 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdmo.dll
[2012/05/05 20:20:16 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\muifontsetup.dll
[2012/05/05 20:20:16 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2012/05/05 20:20:15 | 002,755,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\themeui.dll
[2012/05/05 20:20:15 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\explorer.exe
[2012/05/05 20:20:15 | 001,698,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\esent.dll
[2012/05/05 20:20:15 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tquery.dll
[2012/05/05 20:20:15 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\DxpTaskSync.dll
[2012/05/05 20:20:15 | 001,334,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\CertEnroll.dll
[2012/05/05 20:20:15 | 001,148,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IMJP10.IME
[2012/05/05 20:20:15 | 001,027,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\IMJP10.IME
[2012/05/05 20:20:15 | 000,899,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Bubbles.scr
[2012/05/05 20:20:15 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Bubbles.scr
[2012/05/05 20:20:15 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fontext.dll
[2012/05/05 20:20:15 | 000,675,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DXPTaskRingtone.dll
[2012/05/05 20:20:15 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\EncDec.dll
[2012/05/05 20:20:15 | 000,503,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imapi2.dll
[2012/05/05 20:20:15 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fveapi.dll
[2012/05/05 20:20:15 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tsmf.dll
[2012/05/05 20:20:15 | 000,281,600 | ---- | C] (Microsoft) -- C:\windows\SysNative\DShowRdpFilter.dll
[2012/05/05 20:20:15 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\eapp3hst.dll
[2012/05/05 20:20:15 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\eapphost.dll
[2012/05/05 20:20:15 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dxdiagn.dll
[2012/05/05 20:20:15 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\efscore.dll
[2012/05/05 20:20:15 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2012/05/05 20:20:15 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cabview.dll
[2012/05/05 20:20:15 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fde.dll
[2012/05/05 20:20:15 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\eappgnui.dll
[2012/05/05 20:20:15 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\browcli.dll
[2012/05/05 20:20:15 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\HotStartUserAgent.dll
[2012/05/05 20:20:15 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\elsTrans.dll
[2012/05/05 20:20:15 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\TRAPI.dll
[2012/05/05 20:20:15 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TRAPI.dll
[2012/05/05 20:20:14 | 003,860,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UIRibbon.dll
[2012/05/05 20:20:14 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2012/05/05 20:20:13 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UIRibbon.dll
[2012/05/05 20:20:13 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SyncCenter.dll
[2012/05/05 20:20:13 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UIRibbonRes.dll
[2012/05/05 20:20:13 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UIRibbonRes.dll
[2012/05/05 20:20:13 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TsUsbGDCoInstaller.dll
[2012/05/05 20:20:13 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2012/05/05 20:20:12 | 003,957,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WinSAT.exe
[2012/05/05 20:20:12 | 002,543,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpdshext.dll
[2012/05/05 20:20:12 | 002,262,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SyncCenter.dll
[2012/05/05 20:20:12 | 001,624,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMPEncEn.dll
[2012/05/05 20:20:12 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMVDECOD.DLL
[2012/05/05 20:20:12 | 001,363,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wdc.dll
[2012/05/05 20:20:12 | 001,243,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMNetMgr.dll
[2012/05/05 20:20:12 | 000,800,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usp10.dll
[2012/05/05 20:20:12 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32spl.dll
[2012/05/05 20:20:12 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMSPDMOD.DLL
[2012/05/05 20:20:12 | 000,666,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMVSDECD.DLL
[2012/05/05 20:20:12 | 000,633,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\riched20.dll
[2012/05/05 20:20:12 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\usercpl.dll
[2012/05/05 20:20:12 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wvc.dll
[2012/05/05 20:20:12 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\taskschd.dll
[2012/05/05 20:20:12 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\win32spl.dll
[2012/05/05 20:20:12 | 000,474,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sysmon.ocx
[2012/05/05 20:20:12 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsGdiConverter.dll
[2012/05/05 20:20:12 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlanui.dll
[2012/05/05 20:20:12 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scesrv.dll
[2012/05/05 20:20:12 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64win.dll
[2012/05/05 20:20:12 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wusa.exe
[2012/05/05 20:20:12 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scansetting.dll
[2012/05/05 20:20:12 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskmgr.exe
[2012/05/05 20:20:12 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskbarcpl.dll
[2012/05/05 20:20:12 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll
[2012/05/05 20:20:12 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsRasterService.dll
[2012/05/05 20:20:12 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Ribbons.scr
[2012/05/05 20:20:12 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\upnp.dll
[2012/05/05 20:20:12 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\VBICodec.ax
[2012/05/05 20:20:12 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wdscore.dll
[2012/05/05 20:20:12 | 000,178,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuwebv.dll
[2012/05/05 20:20:12 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\t2embed.dll
[2012/05/05 20:20:12 | 000,128,000 | ---- | C] (Microsoft) -- C:\windows\SysNative\Robocopy.exe
[2012/05/05 20:20:12 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WPDShServiceObj.dll
[2012/05/05 20:20:12 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\t2embed.dll
[2012/05/05 20:20:12 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSTPager.ax
[2012/05/05 20:20:12 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\regapi.dll
[2012/05/05 20:20:12 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UserAccountControlSettings.dll
[2012/05/05 20:20:12 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wsnmp32.dll
[2012/05/05 20:20:12 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\takeown.exe
[2012/05/05 20:20:12 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\runonce.exe
[2012/05/05 20:20:12 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rtutils.dll
[2012/05/05 20:20:12 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\relog.exe
[2012/05/05 20:20:12 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapp.exe
[2012/05/05 20:20:12 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\syssetup.dll
[2012/05/05 20:20:12 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\schedcli.dll
[2012/05/05 20:20:12 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64cpu.dll
[2012/05/05 20:20:12 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\riched32.dll
[2012/05/05 20:20:11 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\quartz.dll
[2012/05/05 20:20:11 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SmiEngine.dll
[2012/05/05 20:20:11 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sud.dll
[2012/05/05 20:20:11 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PerfCenterCPL.dll
[2012/05/05 20:20:11 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spinstall.exe
[2012/05/05 20:20:11 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qdvd.dll
[2012/05/05 20:20:11 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\StructuredQuery.dll
[2012/05/05 20:20:11 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\powercpl.dll
[2012/05/05 20:20:11 | 000,418,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppwinob.dll
[2012/05/05 20:20:11 | 000,372,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rastls.dll
[2012/05/05 20:20:11 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sharemediacpl.dll
[2012/05/05 20:20:11 | 000,349,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\slui.exe
[2012/05/05 20:20:11 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spreview.exe
[2012/05/05 20:20:11 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpdd.dll
[2012/05/05 20:20:11 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srrstr.dll
[2012/05/05 20:20:11 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spwizui.dll
[2012/05/05 20:20:11 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qdv.dll
[2012/05/05 20:20:11 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pdh.dll
[2012/05/05 20:20:11 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppcomapi.dll
[2012/05/05 20:20:11 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sppcomapi.dll
[2012/05/05 20:20:11 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qcap.dll
[2012/05/05 20:20:11 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PortableDeviceSyncProvider.dll
[2012/05/05 20:20:11 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\perfmon.exe
[2012/05/05 20:20:11 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\powercfg.cpl
[2012/05/05 20:20:11 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setupcln.dll
[2012/05/05 20:20:11 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\logman.exe
[2012/05/05 20:20:11 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rastapi.dll
[2012/05/05 20:20:11 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\splwow64.exe
[2012/05/05 20:20:11 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\slwga.dll
[2012/05/05 20:20:11 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shunimpl.dll
[2012/05/05 20:20:10 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[2012/05/05 20:20:10 | 000,955,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\localspl.dll
[2012/05/05 20:20:10 | 000,919,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2012/05/05 20:20:10 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\imapi2fs.dll
[2012/05/05 20:20:10 | 000,653,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lpksetup.exe
[2012/05/05 20:20:10 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MediaMetadataHandler.dll
[2012/05/05 20:20:10 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mcbuilder.exe
[2012/05/05 20:20:10 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IPHLPAPI.DLL
[2012/05/05 20:20:10 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Kswdmcap.ax
[2012/05/05 20:20:10 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\migisol.dll
[2012/05/05 20:20:10 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll
[2012/05/05 20:20:10 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\manage-bde.exe
[2012/05/05 20:20:10 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Mpeg2Data.ax
[2012/05/05 20:20:10 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDSG.DLL
[2012/05/05 20:20:10 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kbdlk41a.dll
[2012/05/05 20:20:10 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDTUF.DLL
[2012/05/05 20:20:10 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDSG.DLL
[2012/05/05 20:20:10 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDNEPR.DLL
[2012/05/05 20:20:10 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDUGHR1.DLL
[2012/05/05 20:20:10 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDTAJIK.DLL
[2012/05/05 20:20:10 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDPO.DLL
[2012/05/05 20:20:10 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDINORI.DLL
[2012/05/05 20:20:10 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDINKAN.DLL
[2012/05/05 20:20:10 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDINKAN.DLL
[2012/05/05 20:20:10 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDINHIN.DLL
[2012/05/05 20:20:10 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDBULG.DLL
[2012/05/05 20:20:10 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDUGHR1.DLL
[2012/05/05 20:20:10 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDMAORI.DLL
[2012/05/05 20:20:10 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDBLR.DLL
[2012/05/05 20:20:09 | 002,494,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netshell.dll
[2012/05/05 20:20:09 | 002,130,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\networkmap.dll
[2012/05/05 20:20:09 | 001,750,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pnidui.dll
[2012/05/05 20:20:09 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msftedit.dll
[2012/05/05 20:20:09 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PortableDeviceApi.dll
[2012/05/05 20:20:09 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbc32.dll
[2012/05/05 20:20:09 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2012/05/05 20:20:09 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PerfCenterCPL.dll
[2012/05/05 20:20:09 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nshwfp.dll
[2012/05/05 20:20:09 | 000,641,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msscp.dll
[2012/05/05 20:20:09 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mscms.dll
[2012/05/05 20:20:09 | 000,435,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PortableDeviceStatus.dll
[2012/05/05 20:20:09 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ipsmsnap.dll
[2012/05/05 20:20:09 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msnetobj.dll
[2012/05/05 20:20:09 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\clusapi.dll
[2012/05/05 20:20:09 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msieftp.dll
[2012/05/05 20:20:09 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iTVData.dll
[2012/05/05 20:20:09 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iprtrmgr.dll
[2012/05/05 20:20:09 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iprtrmgr.dll
[2012/05/05 20:20:09 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mpg2splt.ax
[2012/05/05 20:20:09 | 000,242,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Mystify.scr
[2012/05/05 20:20:09 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstask.dll
[2012/05/05 20:20:09 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PortableDeviceSyncProvider.dll
[2012/05/05 20:20:09 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSNP.ax
[2012/05/05 20:20:09 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msorcl32.dll
[2012/05/05 20:20:09 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netid.dll
[2012/05/05 20:20:09 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbctrac.dll
[2012/05/05 20:20:09 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iscsicli.exe
[2012/05/05 20:20:09 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\NAPHLPR.DLL
[2012/05/05 20:20:09 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\isoburn.exe
[2012/05/05 20:20:09 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nci.dll
[2012/05/05 20:20:09 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\olethk32.dll
[2012/05/05 20:20:09 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\napdsnap.dll
[2012/05/05 20:20:09 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nlsbres.dll
[2012/05/05 20:20:09 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\napdsnap.dll
[2012/05/05 20:20:09 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PnPUnattend.exe
[2012/05/05 20:20:09 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSDvbNP.ax
[2012/05/05 20:20:09 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbcconf.dll
[2012/05/05 20:20:09 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iscsium.dll
[2012/05/05 20:20:09 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netbtugc.exe
[2012/05/05 20:20:09 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nrpsrv.dll
[2012/05/05 20:20:09 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\muifontsetup.dll
[2012/05/05 20:20:08 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\CertEnroll.dll
[2012/05/05 20:20:08 | 001,065,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptui.dll
[2012/05/05 20:20:08 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\calc.exe
[2012/05/05 20:20:08 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DevicePairingFolder.dll
[2012/05/05 20:20:08 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\DevicePairingFolder.dll
[2012/05/05 20:20:08 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cabview.dll
[2012/05/05 20:20:08 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\desk.cpl
[2012/05/05 20:20:08 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\CertPolEng.dll
[2012/05/05 20:20:07 | 000,934,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FirewallControlPanel.dll
[2012/05/05 20:20:07 | 000,856,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\FirewallControlPanel.dll
[2012/05/05 20:20:07 | 000,840,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\blackbox.dll
[2012/05/05 20:20:07 | 000,777,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\autochk.exe
[2012/05/05 20:20:07 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ActionCenter.dll
[2012/05/05 20:20:07 | 000,740,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\batmeter.dll
[2012/05/05 20:20:07 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AuxiliaryDisplayCpl.dll
[2012/05/05 20:20:07 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\DXPTaskRingtone.dll
[2012/05/05 20:20:07 | 000,537,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ActionCenterCPL.dll
[2012/05/05 20:20:07 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\biocpl.dll
[2012/05/05 20:20:07 | 000,495,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drmmgrtn.dll
[2012/05/05 20:20:07 | 000,459,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DXP.dll
[2012/05/05 20:20:07 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gdi32.dll
[2012/05/05 20:20:07 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysNative\atmfd.dll
[2012/05/05 20:20:07 | 000,359,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\eudcedit.exe
[2012/05/05 20:20:07 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hgcpl.dll
[2012/05/05 20:20:07 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dot3ui.dll
[2012/05/05 20:20:07 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\hgcpl.dll
[2012/05/05 20:20:07 | 000,298,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bcryptprimitives.dll
[2012/05/05 20:20:07 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\eudcedit.exe
[2012/05/05 20:20:07 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpx.dll
[2012/05/05 20:20:07 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hgprint.dll
[2012/05/05 20:20:07 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\FWPUCLNT.DLL
[2012/05/05 20:20:07 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2012/05/05 20:20:07 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ie4uinit.exe
[2012/05/05 20:20:07 | 000,166,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\basecsp.dll
[2012/05/05 20:20:07 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\diskpart.exe
[2012/05/05 20:20:07 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fphc.dll
[2012/05/05 20:20:07 | 000,116,224 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\windows\SysNative\fms.dll
[2012/05/05 20:20:07 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dnscmmc.dll
[2012/05/05 20:20:07 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fontsub.dll
[2012/05/05 20:20:07 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\hidclass.sys
[2012/05/05 20:20:07 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\windows\bfsvc.exe
[2012/05/05 20:20:07 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\findstr.exe
[2012/05/05 20:20:07 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\g711codc.ax
[2012/05/05 20:20:07 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\BlbEvents.dll
[2012/05/05 20:20:07 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\windows\SysNative\atmlib.dll
[2012/05/05 20:20:07 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\acppage.dll
[2012/05/05 20:20:07 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ftp.exe
[2012/05/05 20:20:07 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FXSMON.dll
[2012/05/05 20:20:07 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dsauth.dll
[2012/05/05 20:20:07 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FXSUNATD.exe
[2012/05/05 20:20:07 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnaddr.dll
[2012/05/05 20:20:06 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\esent.dll
[2012/05/05 20:20:06 | 002,193,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\themecpl.dll
[2012/05/05 20:20:06 | 001,457,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DxpTaskSync.dll
[2012/05/05 20:20:06 | 000,722,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\EncDec.dll
[2012/05/05 20:20:06 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\timedate.cpl
[2012/05/05 20:20:06 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\untfs.dll
[2012/05/05 20:20:06 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\upnp.dll
[2012/05/05 20:20:06 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tlscsp.dll
[2012/05/05 20:20:06 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tcpmonui.dll
[2012/05/05 20:20:06 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fdeploy.dll
[2012/05/05 20:20:06 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\takeown.exe
[2012/05/05 20:20:06 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\USBCAMD2.sys
[2012/05/05 20:20:05 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\twext.dll
[2012/05/05 20:20:05 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\twext.dll
[2012/05/05 20:20:05 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspicli.dll
[2012/05/05 20:20:05 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\unimdmat.dll
[2012/05/05 20:20:05 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\TsUsbFlt.sys
[2012/05/05 20:20:05 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tzutil.exe
[2012/05/05 20:20:05 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspisrv.dll
[2012/05/05 20:20:02 | 001,190,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecs.dll
[2012/05/05 20:20:02 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsPrint.dll
[2012/05/05 20:20:02 | 000,781,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmdrmsdk.dll
[2012/05/05 20:20:02 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapi.dll
[2012/05/05 20:20:02 | 000,475,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlangpui.dll
[2012/05/05 20:20:02 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winspool.drv
[2012/05/05 20:20:02 | 000,431,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WPDSp.dll
[2012/05/05 20:20:02 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlanmsm.dll
[2012/05/05 20:20:02 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlanmsm.dll
[2012/05/05 20:20:02 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMPhoto.dll
[2012/05/05 20:20:02 | 000,390,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winlogon.exe
[2012/05/05 20:20:02 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wusa.exe
[2012/05/05 20:20:02 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsAnytimeUpgradeResults.exe
[2012/05/05 20:20:02 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpsrcwp.dll
[2012/05/05 20:20:02 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wintrust.dll
[2012/05/05 20:20:02 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wudriver.dll
[2012/05/05 20:20:02 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wkscli.dll
[2012/05/05 20:20:02 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wsnmp32.dll
[2012/05/05 20:20:02 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wwanprotdim.dll
[2012/05/05 20:20:02 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups.dll
[2012/05/05 20:20:01 | 002,055,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Query.dll
[2012/05/05 20:20:01 | 001,281,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\werconcpl.dll
[2012/05/05 20:20:01 | 001,219,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rpcrt4.dll
[2012/05/05 20:20:01 | 001,212,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\propsys.dll
[2012/05/05 20:20:01 | 001,158,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\webservices.dll
[2012/05/05 20:20:01 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Vault.dll
[2012/05/05 20:20:01 | 000,782,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\webservices.dll
[2012/05/05 20:20:01 | 000,691,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\VAN.dll
[2012/05/05 20:20:01 | 000,612,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2012/05/05 20:20:01 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMVSDECD.DLL
[2012/05/05 20:20:01 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wiadefui.dll
[2012/05/05 20:20:01 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rastls.dll
[2012/05/05 20:20:01 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc_isv.dll
[2012/05/05 20:20:01 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wimgapi.dll
[2012/05/05 20:20:01 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wer.dll
[2012/05/05 20:20:01 | 000,337,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\raschap.dll
[2012/05/05 20:20:01 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wimserv.exe
[2012/05/05 20:20:01 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate_isv.exe
[2012/05/05 20:20:01 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate_ssp_isv.exe
[2012/05/05 20:20:01 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rstrui.exe
[2012/05/05 20:20:01 | 000,266,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\QAGENT.DLL
[2012/05/05 20:20:01 | 000,255,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wavemsp.dll
[2012/05/05 20:20:01 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scecli.dll
[2012/05/05 20:20:01 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vdsutil.dll
[2012/05/05 20:20:01 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\scecli.dll
[2012/05/05 20:20:01 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\QAGENT.DLL
[2012/05/05 20:20:01 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\remotepg.dll
[2012/05/05 20:20:01 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rpchttp.dll
[2012/05/05 20:20:01 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc_ssp_isv.dll
[2012/05/05 20:20:01 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\prntvpt.dll
[2012/05/05 20:20:01 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wiavideo.dll
[2012/05/05 20:20:01 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\QCLIPROV.DLL
[2012/05/05 20:20:01 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\psisrndr.ax
[2012/05/05 20:20:01 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\w32tm.exe
[2012/05/05 20:20:01 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdpd3d.dll
[2012/05/05 20:20:01 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\relog.exe
[2012/05/05 20:20:01 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\proquota.exe
[2012/05/05 20:20:01 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\prevhost.exe
[2012/05/05 20:20:01 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secur32.dll
[2012/05/05 20:20:01 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\userinit.exe
[2012/05/05 20:20:01 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ReAgentc.exe
[2012/05/05 20:20:00 | 001,556,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RacEngn.dll
[2012/05/05 20:20:00 | 000,503,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srcore.dll
[2012/05/05 20:20:00 | 000,446,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sqlcese30.dll
[2012/05/05 20:20:00 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SndVol.exe
[2012/05/05 20:20:00 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SndVolSSO.dll
[2012/05/05 20:20:00 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppnp.dll
[2012/05/05 20:20:00 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\QUTIL.DLL
[2012/05/05 20:20:00 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\QCLIPROV.DLL
[2012/05/05 20:20:00 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spopk.dll
[2012/05/05 20:19:59 | 003,966,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2012/05/05 20:19:59 | 003,911,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2012/05/05 20:19:59 | 003,207,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mf.dll
[2012/05/05 20:19:59 | 003,205,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mmcndmgr.dll
[2012/05/05 20:19:59 | 002,151,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mmcndmgr.dll
[2012/05/05 20:19:59 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\onexui.dll
[2012/05/05 20:19:59 | 000,905,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mmsys.cpl
[2012/05/05 20:19:59 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mmsys.cpl
[2012/05/05 20:19:59 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PortableDeviceStatus.dll
[2012/05/05 20:19:59 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfds.dll
[2012/05/05 20:19:59 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mprddm.dll
[2012/05/05 20:19:59 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mcbuilder.exe
[2012/05/05 20:19:59 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mpg2splt.ax
[2012/05/05 20:19:59 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netplwiz.dll
[2012/05/05 20:19:59 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\logoncli.dll
[2012/05/05 20:19:59 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Kswdmcap.ax
[2012/05/05 20:19:59 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntlanman.dll
[2012/05/05 20:19:59 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netid.dll
[2012/05/05 20:19:59 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nslookup.exe
[2012/05/05 20:19:59 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mciavi32.dll
[2012/05/05 20:19:59 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mapistub.dll
[2012/05/05 20:19:59 | 000,048,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netfxperf.dll
[2012/05/05 20:19:59 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDTUQ.DLL
[2012/05/05 20:19:59 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDSF.DLL
[2012/05/05 20:19:59 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDPO.DLL
[2012/05/05 20:19:59 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDGR1.DLL
[2012/05/05 20:19:59 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDNEPR.DLL
[2012/05/05 20:19:59 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDMON.DLL
[2012/05/05 20:19:59 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDINMAR.DLL
[2012/05/05 20:19:59 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDTURME.DLL
[2012/05/05 20:19:59 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDGEO.DLL
[2012/05/05 20:19:59 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDGEO.DLL
[2012/05/05 20:19:58 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssrch.dll
[2012/05/05 20:19:58 | 001,116,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstsc.exe
[2012/05/05 20:19:58 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssvp.dll
[2012/05/05 20:19:58 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbc32.dll
[2012/05/05 20:19:58 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntshrui.dll
[2012/05/05 20:19:58 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msieftp.dll
[2012/05/05 20:19:58 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbcjt32.dll
[2012/05/05 20:19:58 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssphtb.dll
[2012/05/05 20:19:58 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Mystify.scr
[2012/05/05 20:19:58 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\onex.dll
[2012/05/05 20:19:58 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2012/05/05 20:19:58 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ocsetup.exe
[2012/05/05 20:19:58 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ocsetapi.dll
[2012/05/05 20:19:58 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll
[2012/05/05 20:19:58 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\net1.exe
[2012/05/05 20:19:58 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mydocs.dll
[2012/05/05 20:19:58 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msvfw32.dll
[2012/05/05 20:19:58 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cmstp.exe
[2012/05/05 20:19:58 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncryptui.dll
[2012/05/05 20:19:58 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbcconf.dll
[2012/05/05 20:19:58 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msasn1.dll
[2012/05/05 20:19:58 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pifmgr.dll
[2012/05/05 20:19:57 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cdosys.dll
[2012/05/05 20:19:57 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dfshim.dll
[2012/05/05 20:19:57 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DeviceCenter.dll
[2012/05/05 20:19:57 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\certcli.dll
[2012/05/05 20:19:57 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cfgmgr32.dll
[2012/05/05 20:19:57 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\davclnt.dll
[2012/05/05 20:19:56 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AuthFWSnapin.dll
[2012/05/05 20:19:56 | 003,745,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\accessibilitycpl.dll
[2012/05/05 20:19:56 | 001,838,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10warp.dll
[2012/05/05 20:19:56 | 000,958,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\actxprxy.dll
[2012/05/05 20:19:56 | 000,780,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ActionCenter.dll
[2012/05/05 20:19:56 | 000,763,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\autofmt.exe
[2012/05/05 20:19:56 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\evr.dll
[2012/05/05 20:19:56 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d11.dll
[2012/05/05 20:19:56 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2012/05/05 20:19:56 | 000,422,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drvstore.dll
[2012/05/05 20:19:56 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\intl.cpl
[2012/05/05 20:19:56 | 000,263,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hal.dll
[2012/05/05 20:19:56 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ActionQueue.dll
[2012/05/05 20:19:56 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\adsldp.dll
[2012/05/05 20:19:56 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bcdboot.exe
[2012/05/05 20:19:56 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetpp.dll
[2012/05/05 20:19:56 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\autoplay.dll
[2012/05/05 20:19:56 | 000,144,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\basecsp.dll
[2012/05/05 20:19:56 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dwmredir.dll
[2012/05/05 20:19:56 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cabinet.dll
[2012/05/05 20:19:56 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\avifil32.dll
[2012/05/05 20:19:56 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dsauth.dll
[2012/05/05 20:19:56 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\httpapi.dll
[2012/05/05 20:19:55 | 002,872,320 | ---- | C] (Microsoft Corporation) -- C:\windows\explorer.exe
[2012/05/05 20:19:55 | 002,314,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tquery.dll
[2012/05/05 20:19:55 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Display.dll
[2012/05/05 20:19:55 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fontext.dll
[2012/05/05 20:19:55 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sqlsrv32.dll
[2012/05/05 20:19:55 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpdxm.dll
[2012/05/05 20:19:55 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dnsapi.dll
[2012/05/05 20:19:55 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\spwizeng.dll
[2012/05/05 20:19:55 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMPhoto.dll
[2012/05/05 20:19:55 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sqlcese30.dll
[2012/05/05 20:19:55 | 000,304,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\efscore.dll
[2012/05/05 20:19:55 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\srchadmin.dll
[2012/05/05 20:19:55 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpdxm.dll
[2012/05/05 20:19:55 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PresentationHost.exe
[2012/05/05 20:19:55 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ssText3d.scr
[2012/05/05 20:19:55 | 000,288,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\FWPKCLNT.SYS
[2012/05/05 20:19:55 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SndVol.exe
[2012/05/05 20:19:55 | 000,253,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tcpipcfg.dll
[2012/05/05 20:19:55 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SndVolSSO.dll
[2012/05/05 20:19:55 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WinSCard.dll
[2012/05/05 20:19:55 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll
[2012/05/05 20:19:55 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\framedynos.dll
[2012/05/05 20:19:55 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\framedyn.dll
[2012/05/05 20:19:55 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\syncui.dll
[2012/05/05 20:19:55 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fde.dll
[2012/05/05 20:19:55 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpps.dll
[2012/05/05 20:19:55 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srvcli.dll
[2012/05/05 20:19:55 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sppc.dll
[2012/05/05 20:19:55 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dot3msm.dll
[2012/05/05 20:19:55 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dot3api.dll
[2012/05/05 20:19:55 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wscapi.dll
[2012/05/05 20:19:55 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wdiasqmmodule.dll
[2012/05/05 20:19:55 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\spwizres.dll
[2012/05/05 20:19:54 | 002,250,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SensorsCpl.dll
[2012/05/05 20:19:54 | 001,900,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\setupapi.dll
[2012/05/05 20:19:54 | 001,572,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\quartz.dll
[2012/05/05 20:19:54 | 001,098,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Vault.dll
[2012/05/05 20:19:54 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcore.dll
[2012/05/05 20:19:54 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMADMOD.DLL
[2012/05/05 20:19:54 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdpcore.dll
[2012/05/05 20:19:54 | 000,529,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wbemcomn.dll
[2012/05/05 20:19:54 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmdrmdev.dll
[2012/05/05 20:19:54 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shlwapi.dll
[2012/05/05 20:19:54 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmdrmnet.dll
[2012/05/05 20:19:54 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\prnfldr.dll
[2012/05/05 20:19:54 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\unimdm.tsp
[2012/05/05 20:19:54 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate_ssp.exe
[2012/05/05 20:19:54 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\schtasks.exe
[2012/05/05 20:19:54 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qdv.dll
[2012/05/05 20:19:54 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vpnike.dll
[2012/05/05 20:19:54 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qasf.dll
[2012/05/05 20:19:54 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shdocvw.dll
[2012/05/05 20:19:54 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rpchttp.dll
[2012/05/05 20:19:54 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\prncache.dll
[2012/05/05 20:19:54 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\QSHVHOST.DLL
[2012/05/05 20:19:54 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\recovery.dll
[2012/05/05 20:19:54 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shacct.dll
[2012/05/05 20:19:54 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc_ssp.dll
[2012/05/05 20:19:54 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\uxlib.dll
[2012/05/05 20:19:54 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\sdbus.sys
[2012/05/05 20:19:54 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\QUTIL.DLL
[2012/05/05 20:19:54 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\QSVRMGMT.DLL
[2012/05/05 20:19:54 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\setbcdlocale.dll
[2012/05/05 20:19:54 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vpnikeapi.dll
[2012/05/05 20:19:54 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\shimgvw.dll
[2012/05/05 20:19:54 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\utildll.dll
[2012/05/05 20:19:54 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\proquota.exe
[2012/05/05 20:19:54 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\schedcli.dll
[2012/05/05 20:19:54 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdprefdrvapi.dll
[2012/05/05 20:19:54 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\riched32.dll
[2012/05/05 20:19:53 | 003,215,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstscax.dll
[2012/05/05 20:19:53 | 003,211,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msi.dll
[2012/05/05 20:19:53 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netcenter.dll
[2012/05/05 20:19:53 | 001,538,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2012/05/05 20:19:53 | 001,326,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\NaturalLanguage6.dll
[2012/05/05 20:19:53 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc40.dll
[2012/05/05 20:19:53 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netcfgx.dll
[2012/05/05 20:19:53 | 000,497,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\main.cpl
[2012/05/05 20:19:53 | 000,433,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MCEWMDRMNDBootstrap.dll
[2012/05/05 20:19:53 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\localsec.dll
[2012/05/05 20:19:53 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nltest.exe
[2012/05/05 20:19:53 | 000,373,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\intl.cpl
[2012/05/05 20:19:53 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mtxclu.dll
[2012/05/05 20:19:53 | 000,344,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntprint.dll
[2012/05/05 20:19:53 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mtxclu.dll
[2012/05/05 20:19:53 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntprint.dll
[2012/05/05 20:19:53 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mprapi.dll
[2012/05/05 20:19:53 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netiohlp.dll
[2012/05/05 20:19:53 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\input.dll
[2012/05/05 20:19:53 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netplwiz.dll
[2012/05/05 20:19:53 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netjoin.dll
[2012/05/05 20:19:53 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ncsi.dll
[2012/05/05 20:19:53 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iscsicli.exe
[2012/05/05 20:19:53 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MdSched.exe
[2012/05/05 20:19:53 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mydocs.dll
[2012/05/05 20:19:53 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\NAPHLPR.DLL
[2012/05/05 20:19:53 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Mpeg2Data.ax
[2012/05/05 20:19:53 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\isoburn.exe
[2012/05/05 20:19:53 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\kstvtune.ax
[2012/05/05 20:19:53 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imagehlp.dll
[2012/05/05 20:19:53 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2012/05/05 20:19:53 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsmproxy.dll
[2012/05/05 20:19:53 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netfxperf.dll
[2012/05/05 20:19:53 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ksxbar.ax
[2012/05/05 20:19:53 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\httpapi.dll
[2012/05/05 20:19:53 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mimefilt.dll
[2012/05/05 20:19:53 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mciqtz32.dll
[2012/05/05 20:19:53 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iscsium.dll
[2012/05/05 20:19:53 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mciqtz32.dll
[2012/05/05 20:19:53 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDCZ1.DLL
[2012/05/05 20:19:53 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\kbdlk41a.dll
[2012/05/05 20:19:53 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDINTAM.DLL
[2012/05/05 20:19:53 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDGR1.DLL
[2012/05/05 20:19:53 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDGKL.DLL
[2012/05/05 20:19:53 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDTURME.DLL
[2012/05/05 20:19:53 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDMAORI.DLL
[2012/05/05 20:19:53 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDINBEN.DLL
[2012/05/05 20:19:53 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDBULG.DLL
[2012/05/05 20:19:53 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDBASH.DLL
[2012/05/05 20:19:52 | 002,746,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gameux.dll
[2012/05/05 20:19:52 | 002,522,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dbgeng.dll
[2012/05/05 20:19:52 | 002,217,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bootres.dll
[2012/05/05 20:19:52 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dfshim.dll
[2012/05/05 20:19:52 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\certmgr.dll
[2012/05/05 20:19:52 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll
[2012/05/05 20:19:52 | 001,509,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdtctm.dll
[2012/05/05 20:19:52 | 001,456,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\crypt32.dll
[2012/05/05 20:19:52 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSMPEG2ENC.DLL
[2012/05/05 20:19:52 | 000,897,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\azroles.dll
[2012/05/05 20:19:52 | 000,854,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dbghelp.dll
[2012/05/05 20:19:52 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\autoconv.exe
[2012/05/05 20:19:52 | 000,762,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\azroles.dll
[2012/05/05 20:19:52 | 000,749,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\batmeter.dll
[2012/05/05 20:19:52 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\blackbox.dll
[2012/05/05 20:19:52 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bthprops.cpl
[2012/05/05 20:19:52 | 000,685,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dsuiext.dll
[2012/05/05 20:19:52 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxgi.dll
[2012/05/05 20:19:52 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\autofmt.exe
[2012/05/05 20:19:52 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msscp.dll
[2012/05/05 20:19:52 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\eapp3hst.dll
[2012/05/05 20:19:52 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cmd.exe
[2012/05/05 20:19:52 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Faultrep.dll
[2012/05/05 20:19:52 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\eapphost.dll
[2012/05/05 20:19:52 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AudioSes.dll
[2012/05/05 20:19:52 | 000,295,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\framedynos.dll
[2012/05/05 20:19:52 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\atmfd.dll
[2012/05/05 20:19:52 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSNP.ax
[2012/05/05 20:19:52 | 000,279,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxdiagn.dll
[2012/05/05 20:19:52 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\framedyn.dll
[2012/05/05 20:19:52 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\diskraid.exe
[2012/05/05 20:19:52 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FXSCOVER.exe
[2012/05/05 20:19:52 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msnetobj.dll
[2012/05/05 20:19:52 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\defaultlocationcpl.dll
[2012/05/05 20:19:52 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\clusapi.dll
[2012/05/05 20:19:52 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\credui.dll
[2012/05/05 20:19:52 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\bitsadmin.exe
[2012/05/05 20:19:52 | 000,179,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Classpnp.sys
[2012/05/05 20:19:52 | 000,155,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\ataport.sys
[2012/05/05 20:19:52 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\autoplay.dll
[2012/05/05 20:19:52 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\aaclient.dll
[2012/05/05 20:19:52 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\audiodg.exe
[2012/05/05 20:19:52 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aitagent.exe
[2012/05/05 20:19:52 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\eappgnui.dll
[2012/05/05 20:19:52 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fphc.dll
[2012/05/05 20:19:52 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\amstream.dll
[2012/05/05 20:19:52 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cmstp.exe
[2012/05/05 20:19:52 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hbaapi.dll
[2012/05/05 20:19:52 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSDvbNP.ax
[2012/05/05 20:19:52 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fdProxy.dll
[2012/05/05 20:19:52 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fontsub.dll
[2012/05/05 20:19:52 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\amstream.dll
[2012/05/05 20:19:52 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\djoin.exe
[2012/05/05 20:19:52 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\SysWow64\atmlib.dll
[2012/05/05 20:19:52 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AzSqlExt.dll
[2012/05/05 20:19:52 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AzSqlExt.dll
[2012/05/05 20:19:52 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bitsperf.dll
[2012/05/05 20:19:52 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\BWUnpairElevated.dll
[2012/05/05 20:19:52 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdxm.ocx
[2012/05/05 20:19:52 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxmasf.dll
[2012/05/05 20:19:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-ums-l1-1-0.dll
[2012/05/05 20:19:51 | 001,008,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\user32.dll
[2012/05/05 20:19:51 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\TSWorkspace.dll
[2012/05/05 20:19:51 | 000,586,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dfrgui.exe
[2012/05/05 20:19:51 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\DeviceCenter.dll
[2012/05/05 20:19:51 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\timedate.cpl
[2012/05/05 20:19:51 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskcomp.dll
[2012/05/05 20:19:51 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskeng.exe
[2012/05/05 20:19:51 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\drmmgrtn.dll
[2012/05/05 20:19:51 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpx.dll
[2012/05/05 20:19:51 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ssText3d.scr
[2012/05/05 20:19:51 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\unimdm.tsp
[2012/05/05 20:19:51 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tsmf.dll
[2012/05/05 20:19:51 | 000,252,928 | ---- | C] (Microsoft) -- C:\windows\SysWow64\DShowRdpFilter.dll
[2012/05/05 20:19:51 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbccp32.dll
[2012/05/05 20:19:51 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dot3msm.dll
[2012/05/05 20:19:51 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dot3api.dll
[2012/05/05 20:19:51 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\unimdmat.dll
[2012/05/05 20:19:51 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tlscsp.dll
[2012/05/05 20:19:51 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskhost.exe
[2012/05/05 20:19:51 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tsgqec.dll
[2012/05/05 20:19:51 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbrpm.sys
[2012/05/05 20:19:51 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dnscacheugc.exe
[2012/05/05 20:19:51 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sscore.dll
[2012/05/05 20:19:51 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spwmp.dll
[2012/05/05 20:19:50 | 014,633,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmp.dll
[2012/05/05 20:19:50 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmploc.DLL
[2012/05/05 20:19:50 | 003,027,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMVCORE.DLL
[2012/05/05 20:19:50 | 003,008,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xpsservices.dll
[2012/05/05 20:19:50 | 001,712,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xpsservices.dll
[2012/05/05 20:19:50 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlanpref.dll
[2012/05/05 20:19:50 | 001,326,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlanpref.dll
[2012/05/05 20:19:50 | 001,082,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppobjs.dll
[2012/05/05 20:19:50 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpmde.dll
[2012/05/05 20:19:50 | 000,769,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sud.dll
[2012/05/05 20:19:50 | 000,681,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFx.dll
[2012/05/05 20:19:50 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmdrmsdk.dll
[2012/05/05 20:19:50 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlanui.dll
[2012/05/05 20:19:50 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlangpui.dll
[2012/05/05 20:19:50 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wisptis.exe
[2012/05/05 20:19:50 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Wldap32.dll
[2012/05/05 20:19:50 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsGdiConverter.dll
[2012/05/05 20:19:50 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsta.dll
[2012/05/05 20:19:50 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFHost.exe
[2012/05/05 20:19:50 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wpdwcn.dll
[2012/05/05 20:19:50 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vdsbas.dll
[2012/05/05 20:19:50 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFPlatform.dll
[2012/05/05 20:19:50 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\syncui.dll
[2012/05/05 20:19:50 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFCoinstaller.dll
[2012/05/05 20:19:50 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\vbisurf.ax
[2012/05/05 20:19:50 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\spopk.dll
[2012/05/05 20:19:50 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\syssetup.dll
[2012/05/05 20:19:49 | 000,974,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WFS.exe
[2012/05/05 20:19:49 | 000,501,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WinSATAPI.dll
[2012/05/05 20:19:49 | 000,429,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\puiobj.dll
[2012/05/05 20:19:49 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qasf.dll
[2012/05/05 20:19:49 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\QSHVHOST.DLL
[2012/05/05 20:19:49 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rasppp.dll
[2012/05/05 20:19:49 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdpencom.dll
[2012/05/05 20:19:49 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rasppp.dll
[2012/05/05 20:19:49 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorekmts.dll
[2012/05/05 20:19:49 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\QSVRMGMT.DLL
[2012/05/05 20:19:49 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpd3d.dll
[2012/05/05 20:19:49 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WavDest.dll
[2012/05/05 20:19:49 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WerFaultSecure.exe
[2012/05/05 20:19:49 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\vpnikeapi.dll
[2012/05/05 20:19:47 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ReAgent.dll
[2012/05/05 20:19:47 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PkgMgr.exe
[2012/05/05 20:19:47 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PkgMgr.exe
[2012/05/05 20:19:47 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\remotepg.dll
[2012/05/05 20:19:47 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2012/05/05 20:19:47 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpwsx.dll
[2012/05/05 20:19:47 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\regapi.dll
[2012/05/05 20:19:47 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\resutils.dll
[2012/05/05 20:19:46 | 002,202,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SensorsCpl.dll
[2012/05/05 20:19:46 | 000,932,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\printui.dll
[2012/05/05 20:19:46 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\OobeFldr.dll
[2012/05/05 20:19:46 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\samsrv.dll
[2012/05/05 20:19:46 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msftedit.dll
[2012/05/05 20:19:46 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc.dll
[2012/05/05 20:19:46 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\powercpl.dll
[2012/05/05 20:19:46 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\shwebsvc.dll
[2012/05/05 20:19:46 | 000,416,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\prnfldr.dll
[2012/05/05 20:19:46 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\photowiz.dll
[2012/05/05 20:19:46 | 000,359,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate.exe
[2012/05/05 20:19:46 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PresentationHost.exe
[2012/05/05 20:19:46 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pdh.dll
[2012/05/05 20:19:46 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msconfig.exe
[2012/05/05 20:19:46 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sethc.exe
[2012/05/05 20:19:46 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate_ssp_isv.exe
[2012/05/05 20:19:46 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sethc.exe
[2012/05/05 20:19:46 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\scansetting.dll
[2012/05/05 20:19:46 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SmartcardCredentialProvider.dll
[2012/05/05 20:19:46 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SmartcardCredentialProvider.dll
[2012/05/05 20:19:46 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scavengeui.dll
[2012/05/05 20:19:46 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\rmcast.sys
[2012/05/05 20:19:46 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shsetup.dll
[2012/05/05 20:19:46 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbccp32.dll
[2012/05/05 20:19:46 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\prncache.dll
[2012/05/05 20:19:46 | 000,109,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PresentationHostProxy.dll
[2012/05/05 20:19:46 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\psisrndr.ax
[2012/05/05 20:19:46 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PresentationHostProxy.dll
[2012/05/05 20:19:46 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\setupcl.exe
[2012/05/05 20:19:46 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc_ssp_isv.dll
[2012/05/05 20:19:46 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\samcli.dll
[2012/05/05 20:19:46 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RpcRtRemote.dll
[2012/05/05 20:19:46 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\runonce.exe
[2012/05/05 20:19:46 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PrintIsolationProxy.dll
[2012/05/05 20:19:46 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shimgvw.dll
[2012/05/05 20:19:46 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\prevhost.exe
[2012/05/05 20:19:46 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msdmo.dll
[2012/05/05 20:19:46 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shgina.dll
[2012/05/05 20:19:46 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sisbkup.dll
[2012/05/05 20:19:46 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\shgina.dll
[2012/05/05 20:19:46 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sisbkup.dll
[2012/05/05 20:19:46 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\perfts.dll
[2012/05/05 20:19:46 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\slwga.dll
[2012/05/05 20:19:46 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msdxm.ocx
[2012/05/05 20:19:45 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmploc.DLL
[2012/05/05 20:19:45 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmp.dll
[2012/05/05 20:19:45 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AuthFWSnapin.dll
[2012/05/05 20:19:45 | 002,072,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMPEncEn.dll
[2012/05/05 20:19:45 | 001,003,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMNetMgr.dll
[2012/05/05 20:19:45 | 000,933,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sqlsrv32.dll
[2012/05/05 20:19:45 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appwiz.cpl
[2012/05/05 20:19:45 | 000,679,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\autoconv.exe
[2012/05/05 20:19:45 | 000,649,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\appwiz.cpl
[2012/05/05 20:19:45 | 000,582,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sxs.dll
[2012/05/05 20:19:45 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmicmiplugin.dll
[2012/05/05 20:19:45 | 000,481,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpps.dll
[2012/05/05 20:19:45 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\azroleui.dll
[2012/05/05 20:19:45 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spwizeng.dll
[2012/05/05 20:19:45 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpeffects.dll
[2012/05/05 20:19:45 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WinSATAPI.dll
[2012/05/05 20:19:45 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\azroleui.dll
[2012/05/05 20:19:45 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\stobject.dll
[2012/05/05 20:19:45 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wksprt.exe
[2012/05/05 20:19:45 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sqmapi.dll
[2012/05/05 20:19:45 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppc.dll
[2012/05/05 20:19:45 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpshell.dll
[2012/05/05 20:19:45 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpshell.dll
[2012/05/05 20:19:45 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2012/05/05 20:19:45 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spbcd.dll
[2012/05/05 20:19:45 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2012/05/05 20:19:45 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wkscli.dll
[2012/05/05 20:19:45 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tsgqec.dll
[2012/05/05 20:19:45 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sscore.dll
[2012/05/05 20:19:45 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\spwmp.dll
[2012/05/05 20:19:45 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spwizres.dll
[2012/05/05 20:19:44 | 002,851,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\themeui.dll
[2012/05/05 20:19:44 | 002,146,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\networkmap.dll
[2012/05/05 20:19:44 | 001,672,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\networkexplorer.dll
[2012/05/05 20:19:44 | 001,264,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sdclt.exe
[2012/05/05 20:19:44 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\OpcServices.dll
[2012/05/05 20:19:44 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sdengin2.dll
[2012/05/05 20:19:44 | 001,118,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sbe.dll
[2012/05/05 20:19:44 | 001,080,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\onexui.dll
[2012/05/05 20:19:44 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\oleaut32.dll
[2012/05/05 20:19:44 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qedit.dll
[2012/05/05 20:19:44 | 000,477,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PhotoScreensaver.scr
[2012/05/05 20:19:44 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nshipsec.dll
[2012/05/05 20:19:44 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\termmgr.dll
[2012/05/05 20:19:44 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\systemcpl.dll
[2012/05/05 20:19:44 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PhotoScreensaver.scr
[2012/05/05 20:19:44 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qdvd.dll
[2012/05/05 20:19:44 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate_isv.exe
[2012/05/05 20:19:44 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\termmgr.dll
[2012/05/05 20:19:44 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\puiobj.dll
[2012/05/05 20:19:44 | 000,307,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\scesrv.dll
[2012/05/05 20:19:44 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\taskcomp.dll
[2012/05/05 20:19:44 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\photowiz.dll
[2012/05/05 20:19:44 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate_ssp.exe
[2012/05/05 20:19:44 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\recdisc.exe
[2012/05/05 20:19:44 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\onex.dll
[2012/05/05 20:19:44 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\taskmgr.exe
[2012/05/05 20:19:44 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpencom.dll
[2012/05/05 20:19:44 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qcap.dll
[2012/05/05 20:19:44 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\powercfg.cpl
[2012/05/05 20:19:44 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\prntvpt.dll
[2012/05/05 20:19:44 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wscapi.dll
[2012/05/05 20:19:44 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\repair-bde.exe
[2012/05/05 20:19:44 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\profprov.dll
[2012/05/05 20:19:44 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\tdi.sys
[2012/05/05 20:19:44 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wsdchngr.dll
[2012/05/05 20:19:44 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcfgex.dll
[2012/05/05 20:19:43 | 003,715,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstscax.dll
[2012/05/05 20:19:43 | 001,644,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netcenter.dll
[2012/05/05 20:19:43 | 001,466,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2012/05/05 20:19:43 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsPrint.dll
[2012/05/05 20:19:43 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Narrator.exe
[2012/05/05 20:19:43 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSMPEG2ENC.DLL
[2012/05/05 20:19:43 | 000,812,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpccpl.dll
[2012/05/05 20:19:43 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\VAN.dll
[2012/05/05 20:19:43 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ipsmsnap.dll
[2012/05/05 20:19:43 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapi.dll
[2012/05/05 20:19:43 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\localsec.dll
[2012/05/05 20:19:43 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc_isv.dll
[2012/05/05 20:19:43 | 000,378,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msinfo32.exe
[2012/05/05 20:19:43 | 000,376,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\netio.sys
[2012/05/05 20:19:43 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsm.exe
[2012/05/05 20:19:43 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netdiagfx.dll
[2012/05/05 20:19:43 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netdiagfx.dll
[2012/05/05 20:19:43 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ksproxy.ax
[2012/05/05 20:19:43 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msutb.dll
[2012/05/05 20:19:43 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\vdsbas.dll
[2012/05/05 20:19:43 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aaclient.dll
[2012/05/05 20:19:43 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\uxlib.dll
[2012/05/05 20:19:43 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\VBICodec.ax
[2012/05/05 20:19:43 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\net1.exe
[2012/05/05 20:19:43 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wiavideo.dll
[2012/05/05 20:19:43 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\userenv.dll
[2012/05/05 20:19:43 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nci.dll
[2012/05/05 20:19:43 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wudriver.dll
[2012/05/05 20:19:43 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc_ssp.dll
[2012/05/05 20:19:43 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WSTPager.ax
[2012/05/05 20:19:43 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\vfwwdm32.dll
[2012/05/05 20:19:43 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetmib1.dll
[2012/05/05 20:19:43 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuauclt.exe
[2012/05/05 20:19:43 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups2.dll
[2012/05/05 20:19:43 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wups.dll
[2012/05/05 20:19:43 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wshirda.dll
[2012/05/05 20:19:43 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wshirda.dll
[2012/05/05 20:19:43 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDTUQ.DLL
[2012/05/05 20:19:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDLT1.DLL
[2012/05/05 20:19:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDINTEL.DLL
[2012/05/05 20:19:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDINTAM.DLL
[2012/05/05 20:19:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDINORI.DLL
[2012/05/05 20:19:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDINMAR.DLL
[2012/05/05 20:19:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDINHIN.DLL
[2012/05/05 20:19:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDBASH.DLL
[2012/05/05 20:19:43 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDUS.DLL
[2012/05/05 20:19:43 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDTAJIK.DLL
[2012/05/05 20:19:43 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDMON.DLL
[2012/05/05 20:19:42 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\gameux.dll
[2012/05/05 20:19:42 | 001,632,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dwmcore.dll
[2012/05/05 20:19:42 | 001,371,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dwmcore.dll
[2012/05/05 20:19:42 | 001,202,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DiagCpl.dll
[2012/05/05 20:19:42 | 001,009,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mcmde.dll
[2012/05/05 20:19:42 | 000,960,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\CPFilters.dll
[2012/05/05 20:19:42 | 000,780,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ci.dll
[2012/05/05 20:19:42 | 000,750,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TSWorkspace.dll
[2012/05/05 20:19:42 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dsuiext.dll
[2012/05/05 20:19:42 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\bthprops.cpl
[2012/05/05 20:19:42 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\CPFilters.dll
[2012/05/05 20:19:42 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\comctl32.dll
[2012/05/05 20:19:42 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usercpl.dll
[2012/05/05 20:19:42 | 000,623,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FXSAPI.dll
[2012/05/05 20:19:42 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dfrgui.exe
[2012/05/05 20:19:42 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\main.cpl
[2012/05/05 20:19:42 | 000,434,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FXSTIFF.dll
[2012/05/05 20:19:42 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\imkr80.ime
[2012/05/05 20:19:42 | 000,366,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\zipfldr.dll
[2012/05/05 20:19:42 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbport.sys
[2012/05/05 20:19:42 | 000,312,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MCEWMDRMNDBootstrap.dll
[2012/05/05 20:19:42 | 000,299,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mcupdate_GenuineIntel.dll
[2012/05/05 20:19:42 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfreadwrite.dll
[2012/05/05 20:19:42 | 000,239,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dskquoui.dll
[2012/05/05 20:19:42 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bitsadmin.exe
[2012/05/05 20:19:42 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\defaultlocationcpl.dll
[2012/05/05 20:19:42 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfreadwrite.dll
[2012/05/05 20:19:42 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ifsutil.dll
[2012/05/05 20:19:42 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MFPlay.dll
[2012/05/05 20:19:42 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ifsutil.dll
[2012/05/05 20:19:42 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\EhStorAPI.dll
[2012/05/05 20:19:42 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\desk.cpl
[2012/05/05 20:19:42 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dnscmmc.dll
[2012/05/05 20:19:42 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2012/05/05 20:19:42 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\windows\SysWow64\fms.dll
[2012/05/05 20:19:42 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mapistub.dll
[2012/05/05 20:19:42 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mapi32.dll
[2012/05/05 20:19:42 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\windows\SysWow64\iccvid.dll
[2012/05/05 20:19:42 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UserAccountControlSettings.dll
[2012/05/05 20:19:42 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fdeploy.dll
[2012/05/05 20:19:42 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\findstr.exe
[2012/05/05 20:19:42 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\hbaapi.dll
[2012/05/05 20:19:42 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cca.dll
[2012/05/05 20:19:42 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\browcli.dll
[2012/05/05 20:19:42 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cscapi.dll
[2012/05/05 20:19:42 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\luainstall.dll
[2012/05/05 20:19:42 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cscdll.dll
[2012/05/05 20:19:42 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\bitsperf.dll
[2012/05/05 20:19:42 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fixmapi.exe
[2012/05/05 20:19:42 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\C_ISCII.DLL
[2012/05/05 20:19:42 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dxmasf.dll
[2012/05/05 20:19:42 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnaddr.dll
[2012/05/05 20:18:00 | 000,000,000 | ---D | C] -- C:\ProgramData\PCSettings
[2012/05/05 20:15:52 | 000,000,000 | ---D | C] -- C:\windows\SysNative\EventProviders
[2012/05/05 20:15:48 | 000,000,000 | ---D | C] -- C:\ca7de3afaabbe1e5b1d6a4
[2012/05/05 20:07:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012/05/05 20:07:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012/05/05 20:06:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
[2012/05/05 20:06:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda USB Vaccine
[2012/05/05 20:06:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
[2012/05/05 20:05:46 | 000,000,000 | ---D | C] -- C:\Users\)) ))()(( ((\AppData\Roaming\Toshiba
[2012/05/05 20:04:35 | 000,000,000 | R--D | C] -- C:\Users\)) ))()(( ((\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/05/05 20:04:35 | 000,000,000 | R--D | C] -- C:\Users\)) ))()(( ((\Searches
[2012/05/05 20:04:35 | 000,000,000 | R--D | C] -- C:\Users\)) ))()(( ((\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/05/05 20:04:35 | 000,000,000 | -H-D | C] -- C:\Users\)) ))()(( ((\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/05/05 20:04:34 | 000,000,000 | ---D | C] -- C:\Users\)) ))()(( ((\AppData\Roaming\Identities
[2012/05/05 20:04:33 | 000,000,000 | R--D | C] -- C:\Users\)) ))()(( ((\Contacts
[2012/05/05 20:04:32 | 000,000,000 | ---D | C] -- C:\Users\)) ))()(( ((\AppData\Local\VirtualStore
[2012/05/05 20:04:29 | 000,000,000 | -HSD | C] -- C:\Users\)) ))()(( ((\AppData\Local\Temporary Internet Files
[2012/05/05 20:04:29 | 000,000,000 | -HSD | C] -- C:\Users\)) ))()(( ((\Templates
[2012/05/05 20:04:29 | 000,000,000 | -HSD | C] -- C:\Users\)) ))()(( ((\Start Menu
[2012/05/05 20:04:29 | 000,000,000 | -HSD | C] -- C:\Users\)) ))()(( ((\SendTo
[2012/05/05 20:04:29 | 000,000,000 | -HSD | C] -- C:\Users\)) ))()(( ((\Recent
[2012/05/05 20:04:29 | 000,000,000 | -HSD | C] -- C:\Users\)) ))()(( ((\PrintHood
[2012/05/05 20:04:29 | 000,000,000 | -HSD | C] -- C:\Users\)) ))()(( ((\NetHood
[2012/05/05 20:04:29 | 000,000,000 | -HSD | C] -- C:\Users\)) ))()(( ((\Documents\My Videos
[2012/05/05 20:04:29 | 000,000,000 | -HSD | C] -- C:\Users\)) ))()(( ((\Documents\My Pictures
[2012/05/05 20:04:29 | 000,000,000 | -HSD | C] -- C:\Users\)) ))()(( ((\Documents\My Music
[2012/05/05 20:04:29 | 000,000,000 | -HSD | C] -- C:\Users\)) ))()(( ((\My Documents
[2012/05/05 20:04:29 | 000,000,000 | -HSD | C] -- C:\Users\)) ))()(( ((\Local Settings
[2012/05/05 20:04:29 | 000,000,000 | -HSD | C] -- C:\Users\)) ))()(( ((\AppData\Local\History
[2012/05/05 20:04:29 | 000,000,000 | -HSD | C] -- C:\Users\)) ))()(( ((\Cookies
[2012/05/05 20:04:29 | 000,000,000 | -HSD | C] -- C:\Users\)) ))()(( ((\Application Data
[2012/05/05 20:04:29 | 000,000,000 | -HSD | C] -- C:\Users\)) ))()(( ((\AppData\Local\Application Data
[2012/05/05 20:04:24 | 000,000,000 | ---D | C] -- C:\Users\)) ))()(( ((\AppData\Local\Temp
[2012/05/05 20:04:24 | 000,000,000 | ---D | C] -- C:\Users\)) ))()(( ((\AppData\Local\Microsoft
[2012/05/05 20:04:24 | 000,000,000 | ---D | C] -- C:\Users\)) ))()(( ((\AppData\Roaming\Media Center Programs
[2012/05/05 20:04:23 | 000,000,000 | --SD | C] -- C:\Users\)) ))()(( ((\AppData\Roaming\Microsoft
[2012/05/05 20:04:23 | 000,000,000 | R--D | C] -- C:\Users\)) ))()(( ((\Videos
[2012/05/05 20:04:23 | 000,000,000 | R--D | C] -- C:\Users\)) ))()(( ((\Saved Games
[2012/05/05 20:04:23 | 000,000,000 | R--D | C] -- C:\Users\)) ))()(( ((\Pictures
[2012/05/05 20:04:23 | 000,000,000 | R--D | C] -- C:\Users\)) ))()(( ((\Music
[2012/05/05 20:04:23 | 000,000,000 | R--D | C] -- C:\Users\)) ))()(( ((\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/05/05 20:04:23 | 000,000,000 | R--D | C] -- C:\Users\)) ))()(( ((\Links
[2012/05/05 20:04:23 | 000,000,000 | R--D | C] -- C:\Users\)) ))()(( ((\Favorites
[2012/05/05 20:04:23 | 000,000,000 | R--D | C] -- C:\Users\)) ))()(( ((\Downloads
[2012/05/05 20:04:23 | 000,000,000 | R--D | C] -- C:\Users\)) ))()(( ((\Documents
[2012/05/05 20:04:23 | 000,000,000 | R--D | C] -- C:\Users\)) ))()(( ((\Desktop
[2012/05/05 20:04:23 | 000,000,000 | R--D | C] -- C:\Users\)) ))()(( ((\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/05/05 20:04:23 | 000,000,000 | -H-D | C] -- C:\Users\)) ))()(( ((\AppData
[2 C:\windows\SysNative\*.tmp files -> C:\windows\SysNative\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/05/06 17:04:16 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/05/06 16:41:05 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/06 15:42:55 | 000,001,448 | ---- | M] () -- C:\Users\)) ))()(( ((\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/05/06 15:27:00 | 000,000,538 | ---- | M] () -- C:\windows\tasks\SUPERAntiSpyware Scheduled Task ac4a9588-abcb-4422-861e-454a2d3f9202.job
[2012/05/06 14:50:59 | 000,015,568 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/06 14:50:59 | 000,015,568 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/06 10:51:12 | 000,713,888 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/05/06 10:51:12 | 000,615,360 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/05/06 10:51:12 | 000,103,702 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/05/06 10:47:10 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/06 10:46:53 | 2138,415,103 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/06 02:00:00 | 000,000,538 | ---- | M] () -- C:\windows\tasks\SUPERAntiSpyware Scheduled Task 7f54ad3c-5d1e-4a2d-b9c4-8fbffa43652b.job
[2012/05/05 23:47:56 | 001,491,497 | ---- | M] () -- C:\windows\SysNative\drivers\NISx64\1301010.003\Cat.DB
[2012/05/05 23:28:09 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\SBRC.dat
[2012/05/05 23:26:56 | 000,001,819 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
[2012/05/05 23:26:15 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\deployJava1.dll
[2012/05/05 23:26:15 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\javaws.exe
[2012/05/05 23:26:15 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\javaw.exe
[2012/05/05 23:26:15 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\java.exe
[2012/05/05 23:13:12 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/05 22:11:59 | 000,116,633 | ---- | M] () -- C:\wubildr
[2012/05/05 22:11:59 | 000,008,192 | ---- | M] () -- C:\wubildr.mbr
[2012/05/05 20:52:34 | 000,174,200 | ---- | M] (Symantec Corporation) -- C:\windows\SysNative\drivers\SYMEVENT64x86.SYS
[2012/05/05 20:52:34 | 000,007,530 | ---- | M] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.CAT
[2012/05/05 20:52:34 | 000,000,855 | ---- | M] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.INF
[2012/05/05 20:52:33 | 000,002,575 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2012/05/05 20:38:42 | 000,000,288 | ---- | M] () -- C:\windows\tasks\NUSchedule.job
[2012/05/05 20:38:41 | 000,275,352 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012/05/05 20:35:46 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msclmd.dll
[2012/05/05 20:35:46 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msclmd.dll
[2012/05/05 20:26:33 | 000,001,059 | ---- | M] () -- C:\Users\Public\Desktop\Norton Utilities 15.lnk
[2012/05/05 20:07:53 | 000,002,030 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/05/05 20:01:11 | 000,000,013 | RHS- | M] () -- C:\windows\SysNative\drivers\fbd.sys
[2 C:\windows\SysNative\*.tmp files -> C:\windows\SysNative\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/05/06 15:42:55 | 000,001,448 | ---- | C] () -- C:\Users\)) ))()(( ((\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/05/05 23:34:23 | 000,026,719 | ---- | C] () -- C:\windows\SysWow64\SERSPL.VXD
[2012/05/05 23:28:09 | 000,000,000 | ---- | C] () -- C:\windows\SysWow64\SBRC.dat
[2012/05/05 23:27:03 | 000,000,538 | ---- | C] () -- C:\windows\tasks\SUPERAntiSpyware Scheduled Task ac4a9588-abcb-4422-861e-454a2d3f9202.job
[2012/05/05 23:27:02 | 000,000,538 | ---- | C] () -- C:\windows\tasks\SUPERAntiSpyware Scheduled Task 7f54ad3c-5d1e-4a2d-b9c4-8fbffa43652b.job
[2012/05/05 23:26:56 | 000,001,819 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
[2012/05/05 23:13:12 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/05 22:11:59 | 000,116,633 | ---- | C] () -- C:\wubildr
[2012/05/05 22:11:59 | 000,008,192 | ---- | C] () -- C:\wubildr.mbr
[2012/05/05 20:52:34 | 001,491,497 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1301010.003\Cat.DB
[2012/05/05 20:52:34 | 000,007,530 | ---- | C] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.CAT
[2012/05/05 20:52:34 | 000,000,855 | ---- | C] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.INF
[2012/05/05 20:52:33 | 000,002,575 | ---- | C] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2012/05/05 20:52:16 | 000,003,433 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1301010.003\SymEFA.inf
[2012/05/05 20:52:16 | 000,002,852 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1301010.003\SymDS.inf
[2012/05/05 20:52:16 | 000,001,440 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1301010.003\SymNet.inf
[2012/05/05 20:52:16 | 000,001,438 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1301010.003\srtsp64.inf
[2012/05/05 20:52:16 | 000,001,420 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1301010.003\srtspx64.inf
[2012/05/05 20:52:16 | 000,000,854 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1301010.003\ccSetx64.inf
[2012/05/05 20:52:16 | 000,000,772 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1301010.003\Iron.inf
[2012/05/05 20:52:08 | 000,007,510 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1301010.003\ccSetx64.cat
[2012/05/05 20:52:08 | 000,007,504 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1301010.003\srtspx64.cat
[2012/05/05 20:52:08 | 000,007,502 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1301010.003\SymEFA64.cat
[2012/05/05 20:52:08 | 000,007,500 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1301010.003\srtsp64.cat
[2012/05/05 20:52:08 | 000,007,496 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1301010.003\SymDS64.cat
[2012/05/05 20:52:08 | 000,007,492 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1301010.003\iron.cat
[2012/05/05 20:52:08 | 000,007,458 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1301010.003\symnet64.cat
[2012/05/05 20:52:08 | 000,002,801 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1301010.003\SymVTcer.dat
[2012/05/05 20:52:08 | 000,000,172 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1301010.003\isolate.ini
[2012/05/05 20:28:19 | 000,000,288 | ---- | C] () -- C:\windows\tasks\NUSchedule.job
[2012/05/05 20:26:33 | 000,001,059 | ---- | C] () -- C:\Users\Public\Desktop\Norton Utilities 15.lnk
[2012/05/05 20:26:22 | 000,039,784 | ---- | C] () -- C:\windows\SysNative\CleanMFT64.exe
[2012/05/05 20:20:25 | 000,347,904 | ---- | C] () -- C:\windows\SysNative\systemsf.ebd
[2012/05/05 20:20:06 | 000,001,041 | ---- | C] () -- C:\windows\SysWow64\tcpbidi.xml
[2012/05/05 20:19:44 | 000,105,559 | ---- | C] () -- C:\windows\SysWow64\RacRules.xml
[2012/05/05 20:19:44 | 000,105,559 | ---- | C] () -- C:\windows\SysNative\RacRules.xml
[2012/05/05 20:19:44 | 000,010,429 | ---- | C] () -- C:\windows\SysNative\ScavengeSpace.xml
[2012/05/05 20:07:53 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/05/05 20:07:53 | 000,002,030 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/05/05 20:04:38 | 000,001,420 | ---- | C] () -- C:\Users\)) ))()(( ((\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/05/05 20:04:36 | 000,001,454 | ---- | C] () -- C:\Users\)) ))()(( ((\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/05/05 20:04:26 | 000,000,290 | ---- | C] () -- C:\Users\)) ))()(( ((\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/05/05 20:04:26 | 000,000,272 | ---- | C] () -- C:\Users\)) ))()(( ((\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/05/05 20:01:11 | 000,000,013 | RHS- | C] () -- C:\windows\SysNative\drivers\fbd.sys
[2010/08/23 00:09:28 | 001,345,184 | ---- | C] () -- C:\windows\ROnce.exe
========== LOP Check ==========
[2012/05/05 20:05:46 | 000,000,000 | ---D | M] -- C:\Users\)) ))()(( ((\AppData\Roaming\Toshiba
[2012/05/05 20:54:18 | 000,000,000 | ---D | M] -- C:\Users\)) ))()(( ((\AppData\Roaming\WinBatch
[2012/05/05 23:10:15 | 000,000,000 | ---D | M] -- C:\Users\))())()) (()(()((\AppData\Roaming\Toshiba
[2012/05/05 20:00:50 | 000,000,000 | ---D | M] -- C:\Users\))())()) (()(()((\AppData\Roaming\WinBatch
[2012/05/05 20:38:42 | 000,000,288 | ---- | M] () -- C:\windows\Tasks\NUSchedule.job
[2009/07/13 22:08:49 | 000,006,170 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT
[2012/05/06 02:00:00 | 000,000,538 | ---- | M] () -- C:\windows\Tasks\SUPERAntiSpyware Scheduled Task 7f54ad3c-5d1e-4a2d-b9c4-8fbffa43652b.job
[2012/05/06 15:27:00 | 000,000,538 | ---- | M] () -- C:\windows\Tasks\SUPERAntiSpyware Scheduled Task ac4a9588-abcb-4422-861e-454a2d3f9202.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< MD5 for: EXPLORER.EXE >
[2009/07/13 18:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009/10/30 22:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2010/11/20 04:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SysWOW64\explorer.exe
[2010/11/20 04:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/02 23:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009/10/30 23:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/02 22:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 05:24:46 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\explorer.exe
[2010/11/20 05:24:46 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/30 23:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/02 22:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 18:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/30 23:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009/08/02 23:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: SVCHOST.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 18:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 18:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 18:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\windows\SysNative\svchost.exe
[2009/07/13 18:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: USERINIT.EXE >
[2010/11/20 04:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 04:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 18:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 18:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 05:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010/11/20 05:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010/11/20 05:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\windows\SysNative\winlogon.exe
[2010/11/20 05:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 18:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 00:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/27 23:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< %systemroot%\*./mp /s >
< %Temp%\srntmp\*,* /s >
< hklm\software\clients\startmenu\internet|command /rs >
< hklm\software\clients\startmenu\internet|command /64 /rs >
========== Alternate Data Streams ==========
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:D3A96964
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:D287FACF
< End of report >
OTL logfile created on: 5/6/2012 5:12:42 PM - Run 1
OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\))())()) (()(()((\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.99 Gb Total Physical Memory | 6.29 Gb Available Physical Memory | 78.75% Memory free
15.98 Gb Paging File | 14.28 Gb Available in Paging File | 89.39% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 46.81 Gb Total Space | 2.90 Gb Free Space | 6.19% Space Free | Partition Type: NTFS
Drive D: | 465.53 Gb Total Space | 274.90 Gb Free Space | 59.05% Space Free | Partition Type: FAT32
Drive F: | 465.69 Gb Total Space | 129.18 Gb Free Space | 27.74% Space Free | Partition Type: FAT32
Drive G: | 232.83 Gb Total Space | 8.05 Gb Free Space | 3.46% Space Free | Partition Type: FAT32
Computer Name: PC | User Name: )) ))()(( (( | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - File not found --
PRC - [2012/04/22 20:01:42 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\))())()) (()(()((\Desktop\OTL.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/01/03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/08/10 05:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\19.1.1.3\ccSvcHst.exe
PRC - [2010/11/12 15:04:06 | 001,037,672 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe
PRC - [2010/11/12 15:04:06 | 000,406,888 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrvProxy.exe
PRC - [2010/11/12 15:04:02 | 001,029,480 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe
PRC - [2010/11/12 15:04:02 | 000,406,888 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrvProxy.exe
PRC - [2010/05/20 16:15:00 | 000,110,736 | R--- | M] (InterVideo) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2010/03/11 14:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2010/01/28 17:34:01 | 000,103,792 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe
PRC - [2009/09/23 16:45:50 | 001,287,176 | ---- | M] (Panda Security) -- C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
PRC - [2009/08/24 15:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe
========== Modules (No Company Name) ==========
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011/08/11 16:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2010/07/28 10:27:16 | 000,267,192 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2010/07/22 16:36:16 | 000,822,192 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2010/02/05 17:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009/11/05 22:05:28 | 000,489,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2009/10/21 09:30:36 | 000,531,520 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\ThpSrv.exe -- (Thpsrv)
SRV:64bit: - [2009/07/28 15:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/02/12 16:43:00 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Windows\SysNative\drivers\o2flash.exe -- (O2FLASH)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/01/03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/08/10 05:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\19.1.1.3\ccSvcHst.exe -- (NIS)
SRV - [2011/02/11 13:45:52 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/11/12 15:04:06 | 001,037,672 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe -- (SpeedDiskService)
SRV - [2010/11/12 15:04:02 | 001,029,480 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe -- (DiskDoctorService)
SRV - [2010/08/23 01:36:31 | 000,332,272 | ---- | M] (Google Inc.) [On_Demand | Stopped] -- C:\ProgramData\Partner\Partner.exe -- (Partner Service)
SRV - [2010/05/20 16:15:00 | 000,110,736 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2010/04/03 16:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/11 14:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010/01/28 17:34:01 | 000,103,792 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe -- (Norton PC Checkup Application Launcher)
SRV - [2009/11/16 16:47:24 | 000,322,416 | ---- | M] (Toshiba America Information Systems) [Auto | Running] -- c:\Program Files (x86)\TOSHIBA\ToshibaFB\fdbpinger.exe -- (fbdpinger)
SRV - [2009/08/24 15:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe -- (PCCUJobMgr)
SRV - [2009/08/13 11:09:08 | 000,297,344 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ToshibaRegistration\TaisRegistPinger.exe -- (taisregispinger)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012/05/05 20:52:34 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/01/17 05:45:56 | 000,188,224 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/08/08 08:38:06 | 000,167,048 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1301010.003\ccSetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2011/08/02 11:22:10 | 000,729,720 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1301010.003\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2011/08/02 11:22:10 | 000,037,496 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1301010.003\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2011/07/28 12:20:02 | 001,084,536 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1301010.003\SymEFA64.sys -- (SymEFA)
DRV:64bit: - [2011/07/25 11:18:40 | 000,401,016 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1301010.003\symnets.sys -- (SymNetS)
DRV:64bit: - [2011/07/25 11:18:36 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1301010.003\SymDS64.sys -- (SymDS)
DRV:64bit: - [2011/07/25 11:15:52 | 000,189,560 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1301010.003\Ironx64.sys -- (SymIRON)
DRV:64bit: - [2011/07/22 09:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 14:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/05/12 14:03:12 | 000,006,144 | ---- | M] (Sophos Plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\1D63.tmp -- (MEMSWEEP2)
DRV:64bit: - [2011/04/29 14:34:32 | 000,100,864 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ser2pl64.sys -- (Ser2pl)
DRV:64bit: - [2010/11/20 05:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 05:32:48 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/11/20 05:32:48 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 01:37:44 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/16 16:00:50 | 000,077,032 | ---- | M] (O2Micro ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\o2mdgx64.sys -- (O2MDGRDR)
DRV:64bit: - [2010/11/12 15:04:10 | 000,191,232 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SymDSMon.sys -- (SymDSMon)
DRV:64bit: - [2010/11/12 15:04:10 | 000,163,384 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SymSpeedDisk.sys -- (SYMSpeedDisk)
DRV:64bit: - [2010/11/09 13:56:12 | 000,049,752 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SBREDrv.sys -- (SBRE)
DRV:64bit: - [2010/06/22 13:28:06 | 000,729,216 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2010/05/08 18:38:56 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2010/03/24 13:55:56 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/02/27 07:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/11/27 15:47:56 | 000,067,072 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009/10/02 13:33:48 | 000,946,688 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192se.sys -- (rtl8192se)
DRV:64bit: - [2009/08/18 18:41:06 | 000,049,568 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2sdgx64.sys -- (O2SDGRDR)
DRV:64bit: - [2009/07/30 20:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/30 18:20:18 | 000,281,648 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/07/14 15:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/29 16:16:20 | 000,014,784 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Thpevm.sys -- (Thpevm)
DRV:64bit: - [2009/06/29 10:25:22 | 000,034,880 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\thpdrv.sys -- (Thpdrv)
DRV:64bit: - [2009/06/19 19:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009/06/15 13:58:50 | 000,012,800 | ---- | M] (TOSHIBA) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\QIOMem.sys -- (QIOMem)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007/04/17 11:51:50 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV - [2011/09/01 16:07:54 | 001,151,096 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20110901.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2011/08/17 18:00:00 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20110818.021\EX64.SYS -- (NAVEX15)
DRV - [2011/08/17 18:00:00 | 000,481,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2011/08/17 18:00:00 | 000,136,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/08/17 18:00:00 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20110818.021\ENG64.SYS -- (NAVENG)
DRV - [2011/07/20 10:43:24 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20110726.001\IDSviA64.sys -- (IDSVia64)
DRV - [2010/11/12 15:04:08 | 000,108,800 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\SymSpeedDisk.sys -- (SYMSpeedDisk)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {A18CE648-2D6E-4248-BC54-FFD2E77C08F2}
IE:64bit: - HKLM\..\SearchScopes\{A18CE648-2D6E-4248-BC54-FFD2E77C08F2}: "URL" = http://www.google.co...ng}&rlz=1I7TSND
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=TSND&bmod=TSND
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=TSND&bmod=TSND
IE - HKLM\..\SearchScopes,DefaultScope = {2267C70A-E9E4-4278-91C5-22BB8D072C81}
IE - HKLM\..\SearchScopes\{2267C70A-E9E4-4278-91C5-22BB8D072C81}: "URL" = http://www.google.co...ng}&rlz=1I7TSND
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=TSND&bmod=TSND
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://start.toshiba.com/g/ [binary data]
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://start.toshiba.com/g/ [binary data]
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=TSND&bmod=TSND
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1000\..\SearchScopes,DefaultScope = {2267C70A-E9E4-4278-91C5-22BB8D072C81}
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1000\..\SearchScopes\{06FC71E0-303A-46F6-BD3B-5F8D376C4D80}: "URL" = http://www.google.co...ng}&rlz=1I7TSND
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1000\..\SearchScopes\{2267C70A-E9E4-4278-91C5-22BB8D072C81}: "URL" = http://www.google.co...ng}&rlz=1I7TSND
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=TSND&bmod=TSND
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://start.toshiba.com/g/ [binary data]
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://start.toshiba.com/g/ [binary data]
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=TSND&bmod=TSND
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1001\..\SearchScopes,DefaultScope = {5CBF10DC-CB52-4DCD-9EDA-5479019288BD}
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1001\..\SearchScopes\{2267C70A-E9E4-4278-91C5-22BB8D072C81}: "URL" = http://www.google.co...ng}&rlz=1I7TSND
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1001\..\SearchScopes\{5CBF10DC-CB52-4DCD-9EDA-5479019288BD}: "URL" = http://www.google.co...ng}&rlz=1I7TSND
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3189586276-199909604-3004978317-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Program Files (x86)\Google\Update\1.2.183.23\npGoogleOneClick8.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\IPSFFPlgn\ [2012/05/05 20:52:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\coFFPlgn\ [2012/05/06 10:47:00 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg64.dll (Google Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.1.3\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.1.3\IPS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.1.3\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-3189586276-199909604-3004978317-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-21-3189586276-199909604-3004978317-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-3189586276-199909604-3004978317-1001\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.1.3\CoIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3189586276-199909604-3004978317-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/08/20 23:12:38 | 000,000,016 | -H-- | M] () - F:\AUTORUN.INF -- [ FAT32 ]
O32 - AutoRun File - [2009/08/20 23:16:02 | 000,000,016 | -H-- | M] () - G:\AUTORUN.INF -- [ FAT32 ]
O33 - MountPoints2\{2603f5cf-8d99-11de-b198-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{2603f5cf-8d99-11de-b198-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012/05/06 15:42:57 | 000,000,000 | ---D | C] -- C:\Users\)) ))()(( ((\AppData\Roaming\Google
[2012/05/06 15:42:57 | 000,000,000 | ---D | C] -- C:\Users\)) ))()(( ((\AppData\Local\Google
[2012/05/05 23:48:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012/05/05 23:38:28 | 001,451,840 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvhdagenco6420103.dll
[2012/05/05 23:38:28 | 000,188,224 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\drivers\nvhda64v.sys
[2012/05/05 23:38:28 | 000,031,040 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvhdap64.dll
[2012/05/05 23:38:20 | 025,720,128 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvoglv64.dll
[2012/05/05 23:38:20 | 025,246,528 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvcompiler.dll
[2012/05/05 23:38:20 | 019,584,320 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvoglv32.dll
[2012/05/05 23:38:20 | 017,984,320 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvd3dumx.dll
[2012/05/05 23:38:20 | 017,551,680 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvcompiler.dll
[2012/05/05 23:38:20 | 008,138,048 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvcuda.dll
[2012/05/05 23:38:20 | 008,029,504 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvwgf2um.dll
[2012/05/05 23:38:20 | 005,981,504 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvcuda.dll
[2012/05/05 23:38:20 | 002,881,344 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvcuvenc.dll
[2012/05/05 23:38:20 | 002,681,152 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvcuvid.dll
[2012/05/05 23:38:20 | 002,524,992 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvcuvid.dll
[2012/05/05 23:38:20 | 002,444,608 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvcuvenc.dll
[2012/05/05 23:38:20 | 002,367,808 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvapi.dll
[2012/05/05 23:38:20 | 001,738,048 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvdispco64.dll
[2012/05/05 23:38:20 | 001,466,176 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvgenco64.dll
[2012/05/05 23:36:25 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2012/05/05 23:34:23 | 000,100,864 | ---- | C] (Prolific Technology Inc.) -- C:\windows\SysNative\drivers\ser2pl64.sys
[2012/05/05 23:34:23 | 000,035,892 | ---- | C] (Prolific Technology Inc.) -- C:\windows\SysWow64\SER9PL.sys
[2012/05/05 23:28:05 | 000,027,472 | ---- | C] (Sunbelt Software) -- C:\windows\SysNative\sbbd.exe
[2012/05/05 23:28:04 | 000,049,752 | ---- | C] (Sunbelt Software) -- C:\windows\SysNative\drivers\SBREDrv.sys
[2012/05/05 23:27:38 | 000,000,000 | ---D | C] -- C:\VIPRERESCUE
[2012/05/05 23:26:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012/05/05 23:26:51 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012/05/05 23:26:51 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012/05/05 23:26:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/05/05 23:26:24 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\javaws.exe
[2012/05/05 23:26:24 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\javaw.exe
[2012/05/05 23:26:24 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\java.exe
[2012/05/05 23:26:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/05/05 23:26:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
[2012/05/05 23:26:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sophos
[2012/05/05 23:13:15 | 000,000,000 | ---D | C] -- C:\Users\)) ))()(( ((\AppData\Roaming\Malwarebytes
[2012/05/05 23:13:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/05/05 23:13:11 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2012/05/05 23:13:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/05/05 23:13:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/05/05 22:09:33 | 000,000,000 | ---D | C] -- C:\ubuntu
[2012/05/05 21:39:44 | 000,000,000 | ---D | C] -- C:\Users\)) ))()(( ((\AppData\Local\CrashDumps
[2012/05/05 20:56:56 | 000,000,000 | ---D | C] -- C:\Intel
[2012/05/05 20:54:50 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\SDA
[2012/05/05 20:54:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\O2Micro
[2012/05/05 20:54:18 | 000,000,000 | ---D | C] -- C:\Users\)) ))()(( ((\AppData\Roaming\WinBatch
[2012/05/05 20:53:38 | 000,000,000 | ---D | C] -- C:\Users\)) ))()(( ((\AppData\Local\Norman Malware Cleaner
[2012/05/05 20:52:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2012/05/05 20:52:34 | 000,174,200 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\SYMEVENT64x86.SYS
[2012/05/05 20:52:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2012/05/05 20:52:34 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2012/05/05 20:52:31 | 001,084,536 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1301010.003\SymEFA64.sys
[2012/05/05 20:52:31 | 000,729,720 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1301010.003\srtsp64.sys
[2012/05/05 20:52:31 | 000,451,192 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1301010.003\SymDS64.sys
[2012/05/05 20:52:31 | 000,401,016 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1301010.003\symnets.sys
[2012/05/05 20:52:31 | 000,189,560 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1301010.003\Ironx64.sys
[2012/05/05 20:52:31 | 000,167,048 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1301010.003\ccSetx64.sys
[2012/05/05 20:52:31 | 000,037,496 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1301010.003\srtspx64.sys
[2012/05/05 20:52:08 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\NISx64
[2012/05/05 20:52:08 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\NISx64\1301010.003
[2012/05/05 20:52:07 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
[2012/05/05 20:52:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Internet Security
[2012/05/05 20:50:42 | 000,000,000 | ---D | C] -- C:\Users\)) ))()(( ((\AppData\Roaming\Norton Utilities
[2012/05/05 20:31:57 | 000,000,000 | ---D | C] -- C:\Quarantine
[2012/05/05 20:28:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton Installer
[2012/05/05 20:27:53 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2012/05/05 20:26:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Utilities 15
[2012/05/05 20:26:24 | 000,191,232 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\SymDSMon.sys
[2012/05/05 20:26:24 | 000,163,384 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\SymSpeedDisk.sys
[2012/05/05 20:26:24 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml4a.dll
[2012/05/05 20:26:23 | 000,108,800 | ---- | C] (Symantec Corporation) -- C:\windows\SysWow64\drivers\SymSpeedDisk.sys
[2012/05/05 20:26:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec
[2012/05/05 20:26:22 | 001,101,824 | ---- | C] (Woodbury Associates Limited) -- C:\windows\SysWow64\UniBox210.ocx
[2012/05/05 20:26:22 | 000,880,640 | ---- | C] (Woodbury Associates Limited) -- C:\windows\SysWow64\UniBox10.ocx
[2012/05/05 20:26:22 | 000,506,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml.dll
[2012/05/05 20:26:22 | 000,212,992 | ---- | C] (Woodbury Associates Limited) -- C:\windows\SysWow64\UniBoxVB12.ocx
[2012/05/05 20:26:21 | 001,081,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSCOMCTL.OCX
[2012/05/05 20:26:21 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSCOMCT2.OCX
[2012/05/05 20:26:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2012/05/05 20:26:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Utilities 15
[2012/05/05 20:20:32 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSAC3ENC.DLL
[2012/05/05 20:20:32 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mprddm.dll
[2012/05/05 20:20:32 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstask.dll
[2012/05/05 20:20:32 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mobsync.exe
[2012/05/05 20:20:32 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mobsync.exe
[2012/05/05 20:20:32 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2012/05/05 20:20:31 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdri.dll
[2012/05/05 20:20:31 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscories.dll
[2012/05/05 20:20:30 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc42u.dll
[2012/05/05 20:20:30 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll
[2012/05/05 20:20:30 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qedit.dll
[2012/05/05 20:20:30 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll
[2012/05/05 20:20:30 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\raschap.dll
[2012/05/05 20:20:30 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MediaMetadataHandler.dll
[2012/05/05 20:20:30 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iTVData.dll
[2012/05/05 20:20:30 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\itircl.dll
[2012/05/05 20:20:30 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll
[2012/05/05 20:20:30 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kstvtune.ax
[2012/05/05 20:20:30 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\logagent.exe
[2012/05/05 20:20:30 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ksxbar.ax
[2012/05/05 20:20:30 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetmib1.dll
[2012/05/05 20:20:30 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2012/05/05 20:20:30 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\lsmproxy.dll
[2012/05/05 20:20:30 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDCZ1.DLL
[2012/05/05 20:20:30 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDBLR.DLL
[2012/05/05 20:20:30 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDLT1.DLL
[2012/05/05 20:20:30 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDINTEL.DLL
[2012/05/05 20:20:29 | 001,808,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pnidui.dll
[2012/05/05 20:20:29 | 001,115,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RacEngn.dll
[2012/05/05 20:20:29 | 001,050,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\printui.dll
[2012/05/05 20:20:29 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sbe.dll
[2012/05/05 20:20:29 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sdcpl.dll
[2012/05/05 20:20:29 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netlogon.dll
[2012/05/05 20:20:29 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate.exe
[2012/05/05 20:20:29 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ReAgent.dll
[2012/05/05 20:20:29 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Ribbons.scr
[2012/05/05 20:20:29 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netjoin.dll
[2012/05/05 20:20:29 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\schtasks.exe
[2012/05/05 20:20:29 | 000,171,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\scsiport.sys
[2012/05/05 20:20:29 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RDPENCDD.dll
[2012/05/05 20:20:29 | 000,098,816 | ---- | C] (Microsoft) -- C:\windows\SysWow64\Robocopy.exe
[2012/05/05 20:20:29 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2012/05/05 20:20:29 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pifmgr.dll
[2012/05/05 20:20:29 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdprefdrvapi.dll
[2012/05/05 20:20:28 | 002,652,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netshell.dll
[2012/05/05 20:20:28 | 001,731,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll
[2012/05/05 20:20:28 | 000,898,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\OobeFldr.dll
[2012/05/05 20:20:28 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netcfgx.dll
[2012/05/05 20:20:28 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbctrac.dll
[2012/05/05 20:20:28 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncsi.dll
[2012/05/05 20:20:28 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netiohlp.dll
[2012/05/05 20:20:28 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\perfmon.exe
[2012/05/05 20:20:28 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nslookup.exe
[2012/05/05 20:20:28 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nlsbres.dll
[2012/05/05 20:20:28 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ncryptui.dll
[2012/05/05 20:20:28 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MultiDigiMon.exe
[2012/05/05 20:20:28 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netiougc.exe
[2012/05/05 20:20:27 | 005,563,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2012/05/05 20:20:27 | 003,391,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dbgeng.dll
[2012/05/05 20:20:27 | 002,067,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d9.dll
[2012/05/05 20:20:27 | 001,927,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\authui.dll
[2012/05/05 20:20:27 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\certmgr.dll
[2012/05/05 20:20:27 | 001,792,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\authui.dll
[2012/05/05 20:20:27 | 001,340,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\diagperf.dll
[2012/05/05 20:20:27 | 001,087,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dbghelp.dll
[2012/05/05 20:20:27 | 001,003,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cryptui.dll
[2012/05/05 20:20:27 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cdosys.dll
[2012/05/05 20:20:27 | 000,665,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AuxiliaryDisplayCpl.dll
[2012/05/05 20:20:27 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\comdlg32.dll
[2012/05/05 20:20:27 | 000,573,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10level9.dll
[2012/05/05 20:20:27 | 000,460,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\certcli.dll
[2012/05/05 20:20:27 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[2012/05/05 20:20:27 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2012/05/05 20:20:27 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bcdedit.exe
[2012/05/05 20:20:27 | 000,337,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe
[2012/05/05 20:20:27 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1core.dll
[2012/05/05 20:20:27 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cmd.exe
[2012/05/05 20:20:27 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\activeds.dll
[2012/05/05 20:20:27 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bcdsrv.dll
[2012/05/05 20:20:27 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cdd.dll
[2012/05/05 20:20:27 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AuxiliaryDisplayServices.dll
[2012/05/05 20:20:27 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\consent.exe
[2012/05/05 20:20:27 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\windows\SysNative\drivers\amdsata.sys
[2012/05/05 20:20:27 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\CertPolEng.dll
[2012/05/05 20:20:27 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\acppage.dll
[2012/05/05 20:20:27 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pdhui.dll
[2012/05/05 20:20:27 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Diskdump.sys
[2012/05/05 20:20:27 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\windows\SysNative\drivers\amdxata.sys
[2012/05/05 20:20:27 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\C_ISCII.DLL
[2012/05/05 20:20:26 | 001,866,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ExplorerFrame.dll
[2012/05/05 20:20:26 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ExplorerFrame.dll
[2012/05/05 20:20:26 | 001,244,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imapi2fs.dll
[2012/05/05 20:20:26 | 001,066,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Display.dll
[2012/05/05 20:20:26 | 000,867,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SearchFolder.dll
[2012/05/05 20:20:26 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\evr.dll
[2012/05/05 20:20:26 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imkr80.ime
[2012/05/05 20:20:26 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\systemcpl.dll
[2012/05/05 20:20:26 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\imapi2.dll
[2012/05/05 20:20:26 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sysmon.ocx
[2012/05/05 20:20:26 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2012/05/05 20:20:26 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Faultrep.dll
[2012/05/05 20:20:26 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dxgmms1.sys
[2012/05/05 20:20:26 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2012/05/05 20:20:26 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dskquoui.dll
[2012/05/05 20:20:26 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\diskpart.exe
[2012/05/05 20:20:26 | 000,078,720 | ---- | C] (Hewlett-Packard Company) -- C:\windows\SysNative\drivers\HpSAMD.sys
[2012/05/05 20:20:26 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ftp.exe
[2012/05/05 20:20:26 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\g711codc.ax
[2012/05/05 20:20:26 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\elsTrans.dll
[2012/05/05 20:20:25 | 002,157,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\themecpl.dll
[2012/05/05 20:20:25 | 001,197,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskschd.dll
[2012/05/05 20:20:25 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TabletPC.cpl
[2012/05/05 20:20:25 | 000,451,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shwebsvc.dll
[2012/05/05 20:20:25 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srchadmin.dll
[2012/05/05 20:20:25 | 000,244,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sqmapi.dll
[2012/05/05 20:20:25 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spp.dll
[2012/05/05 20:20:25 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sysclass.dll
[2012/05/05 20:20:25 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\storport.sys
[2012/05/05 20:20:25 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tcpipcfg.dll
[2012/05/05 20:20:25 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\thumbcache.dll
[2012/05/05 20:20:25 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\shsetup.dll
[2012/05/05 20:20:25 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sppinst.dll
[2012/05/05 20:20:25 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tabcal.exe
[2012/05/05 20:20:25 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\spbcd.dll
[2012/05/05 20:20:24 | 002,621,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wucltux.dll
[2012/05/05 20:20:24 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMVDECOD.DLL
[2012/05/05 20:20:24 | 001,753,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vssapi.dll
[2012/05/05 20:20:24 | 001,232,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMADMOD.DLL
[2012/05/05 20:20:24 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wdc.dll
[2012/05/05 20:20:24 | 000,978,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMSPDMOD.DLL
[2012/05/05 20:20:24 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpmde.dll
[2012/05/05 20:20:24 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.efi
[2012/05/05 20:20:24 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmdrmdev.dll
[2012/05/05 20:20:24 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpd_ci.dll
[2012/05/05 20:20:24 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpeffects.dll
[2012/05/05 20:20:24 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.exe
[2012/05/05 20:20:24 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.efi
[2012/05/05 20:20:24 | 000,527,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmdrmnet.dll
[2012/05/05 20:20:24 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.exe
[2012/05/05 20:20:24 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wvc.dll
[2012/05/05 20:20:24 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wiadefui.dll
[2012/05/05 20:20:24 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\webio.dll
[2012/05/05 20:20:24 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WPDSp.dll
[2012/05/05 20:20:24 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\untfs.dll
[2012/05/05 20:20:24 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\webio.dll
[2012/05/05 20:20:24 | 000,297,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ws2_32.dll
[2012/05/05 20:20:24 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wsqmcons.exe
[2012/05/05 20:20:24 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wwanconn.dll
[2012/05/05 20:20:24 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpdwcn.dll
[2012/05/05 20:20:24 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpsrcwp.dll
[2012/05/05 20:20:24 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuwebv.dll
[2012/05/05 20:20:24 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsRasterService.dll
[2012/05/05 20:20:24 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vss_ps.dll
[2012/05/05 20:20:24 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\umb.dll
[2012/05/05 20:20:24 | 000,051,200 | ---- | C] (Twain Working Group) -- C:\windows\twain_32.dll
[2012/05/05 20:20:24 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tzutil.exe
[2012/05/05 20:20:24 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbisurf.ax
[2012/05/05 20:20:24 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\unlodctr.exe
[2012/05/05 20:20:24 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapp.exe
[2012/05/05 20:20:24 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\userinit.exe
[2012/05/05 20:20:24 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wsdchngr.dll
[2012/05/05 20:20:24 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WerFaultSecure.exe
[2012/05/05 20:20:23 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc.dll
[2012/05/05 20:20:23 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wavemsp.dll
[2012/05/05 20:20:23 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\shacct.dll
[2012/05/05 20:20:22 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setupugc.exe
[2012/05/05 20:20:17 | 004,120,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mf.dll
[2012/05/05 20:20:17 | 002,086,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ole32.dll
[2012/05/05 20:20:17 | 001,911,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\OpcServices.dll
[2012/05/05 20:20:17 | 000,957,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mblctr.exe
[2012/05/05 20:20:17 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc40u.dll
[2012/05/05 20:20:17 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2012/05/05 20:20:17 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfds.dll
[2012/05/05 20:20:17 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nshipsec.dll
[2012/05/05 20:20:17 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSAC3ENC.DLL
[2012/05/05 20:20:17 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ksproxy.ax
[2012/05/05 20:20:17 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MFPlay.dll
[2012/05/05 20:20:17 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\OnLineIDCpl.dll
[2012/05/05 20:20:17 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfps.dll
[2012/05/05 20:20:17 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mprapi.dll
[2012/05/05 20:20:17 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\itircl.dll
[2012/05/05 20:20:17 | 000,155,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscorier.dll
[2012/05/05 20:20:17 | 000,154,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mscorier.dll
[2012/05/05 20:20:17 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\logoncli.dll
[2012/05/05 20:20:17 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\logman.exe
[2012/05/05 20:20:17 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\luainstall.dll
[2012/05/05 20:20:17 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mimefilt.dll
[2012/05/05 20:20:17 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netutils.dll
[2012/05/05 20:20:17 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\LogonUI.exe
[2012/05/05 20:20:17 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDTUF.DLL
[2012/05/05 20:20:17 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDGKL.DLL
[2012/05/05 20:20:17 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDINBEN.DLL
[2012/05/05 20:20:17 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDUS.DLL
[2012/05/05 20:20:17 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDSF.DLL
[2012/05/05 20:20:16 | 003,727,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\accessibilitycpl.dll
[2012/05/05 20:20:16 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssrch.dll
[2012/05/05 20:20:16 | 001,049,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstsc.exe
[2012/05/05 20:20:16 | 000,902,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d2d1.dll
[2012/05/05 20:20:16 | 000,787,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d11.dll
[2012/05/05 20:20:16 | 000,668,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\autochk.exe
[2012/05/05 20:20:16 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssvp.dll
[2012/05/05 20:20:16 | 000,571,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mspbda.dll
[2012/05/05 20:20:16 | 000,549,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ActionCenterCPL.dll
[2012/05/05 20:20:16 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdrm.dll
[2012/05/05 20:20:16 | 000,363,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\diskraid.exe
[2012/05/05 20:20:16 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\apphelp.dll
[2012/05/05 20:20:16 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msihnd.dll
[2012/05/05 20:20:16 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dot3ui.dll
[2012/05/05 20:20:16 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\drvstore.dll
[2012/05/05 20:20:16 | 000,303,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msinfo32.exe
[2012/05/05 20:20:16 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\OnLineIDCpl.dll
[2012/05/05 20:20:16 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ocsetup.exe
[2012/05/05 20:20:16 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ocsetapi.dll
[2012/05/05 20:20:16 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cca.dll
[2012/05/05 20:20:16 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dot3cfg.dll
[2012/05/05 20:20:16 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netapi32.dll
[2012/05/05 20:20:16 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MuiUnattend.exe
[2012/05/05 20:20:16 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dot3cfg.dll
[2012/05/05 20:20:16 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\NAPCRYPT.DLL
[2012/05/05 20:20:16 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\NAPCRYPT.DLL
[2012/05/05 20:20:16 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\choice.exe
[2012/05/05 20:20:16 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdmo.dll
[2012/05/05 20:20:16 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\muifontsetup.dll
[2012/05/05 20:20:16 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2012/05/05 20:20:15 | 002,755,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\themeui.dll
[2012/05/05 20:20:15 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\explorer.exe
[2012/05/05 20:20:15 | 001,698,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\esent.dll
[2012/05/05 20:20:15 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tquery.dll
[2012/05/05 20:20:15 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\DxpTaskSync.dll
[2012/05/05 20:20:15 | 001,334,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\CertEnroll.dll
[2012/05/05 20:20:15 | 001,148,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IMJP10.IME
[2012/05/05 20:20:15 | 001,027,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\IMJP10.IME
[2012/05/05 20:20:15 | 000,899,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Bubbles.scr
[2012/05/05 20:20:15 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Bubbles.scr
[2012/05/05 20:20:15 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fontext.dll
[2012/05/05 20:20:15 | 000,675,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DXPTaskRingtone.dll
[2012/05/05 20:20:15 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\EncDec.dll
[2012/05/05 20:20:15 | 000,503,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imapi2.dll
[2012/05/05 20:20:15 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fveapi.dll
[2012/05/05 20:20:15 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tsmf.dll
[2012/05/05 20:20:15 | 000,281,600 | ---- | C] (Microsoft) -- C:\windows\SysNative\DShowRdpFilter.dll
[2012/05/05 20:20:15 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\eapp3hst.dll
[2012/05/05 20:20:15 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\eapphost.dll
[2012/05/05 20:20:15 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dxdiagn.dll
[2012/05/05 20:20:15 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\efscore.dll
[2012/05/05 20:20:15 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2012/05/05 20:20:15 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cabview.dll
[2012/05/05 20:20:15 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fde.dll
[2012/05/05 20:20:15 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\eappgnui.dll
[2012/05/05 20:20:15 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\browcli.dll
[2012/05/05 20:20:15 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\HotStartUserAgent.dll
[2012/05/05 20:20:15 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\elsTrans.dll
[2012/05/05 20:20:15 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\TRAPI.dll
[2012/05/05 20:20:15 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TRAPI.dll
[2012/05/05 20:20:14 | 003,860,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UIRibbon.dll
[2012/05/05 20:20:14 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2012/05/05 20:20:13 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UIRibbon.dll
[2012/05/05 20:20:13 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SyncCenter.dll
[2012/05/05 20:20:13 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UIRibbonRes.dll
[2012/05/05 20:20:13 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UIRibbonRes.dll
[2012/05/05 20:20:13 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TsUsbGDCoInstaller.dll
[2012/05/05 20:20:13 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2012/05/05 20:20:12 | 003,957,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WinSAT.exe
[2012/05/05 20:20:12 | 002,543,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpdshext.dll
[2012/05/05 20:20:12 | 002,262,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SyncCenter.dll
[2012/05/05 20:20:12 | 001,624,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMPEncEn.dll
[2012/05/05 20:20:12 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMVDECOD.DLL
[2012/05/05 20:20:12 | 001,363,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wdc.dll
[2012/05/05 20:20:12 | 001,243,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMNetMgr.dll
[2012/05/05 20:20:12 | 000,800,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usp10.dll
[2012/05/05 20:20:12 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32spl.dll
[2012/05/05 20:20:12 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMSPDMOD.DLL
[2012/05/05 20:20:12 | 000,666,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMVSDECD.DLL
[2012/05/05 20:20:12 | 000,633,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\riched20.dll
[2012/05/05 20:20:12 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\usercpl.dll
[2012/05/05 20:20:12 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wvc.dll
[2012/05/05 20:20:12 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\taskschd.dll
[2012/05/05 20:20:12 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\win32spl.dll
[2012/05/05 20:20:12 | 000,474,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sysmon.ocx
[2012/05/05 20:20:12 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsGdiConverter.dll
[2012/05/05 20:20:12 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlanui.dll
[2012/05/05 20:20:12 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scesrv.dll
[2012/05/05 20:20:12 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64win.dll
[2012/05/05 20:20:12 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wusa.exe
[2012/05/05 20:20:12 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scansetting.dll
[2012/05/05 20:20:12 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskmgr.exe
[2012/05/05 20:20:12 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskbarcpl.dll
[2012/05/05 20:20:12 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll
[2012/05/05 20:20:12 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsRasterService.dll
[2012/05/05 20:20:12 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Ribbons.scr
[2012/05/05 20:20:12 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\upnp.dll
[2012/05/05 20:20:12 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\VBICodec.ax
[2012/05/05 20:20:12 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wdscore.dll
[2012/05/05 20:20:12 | 000,178,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuwebv.dll
[2012/05/05 20:20:12 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\t2embed.dll
[2012/05/05 20:20:12 | 000,128,000 | ---- | C] (Microsoft) -- C:\windows\SysNative\Robocopy.exe
[2012/05/05 20:20:12 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WPDShServiceObj.dll
[2012/05/05 20:20:12 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\t2embed.dll
[2012/05/05 20:20:12 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSTPager.ax
[2012/05/05 20:20:12 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\regapi.dll
[2012/05/05 20:20:12 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UserAccountControlSettings.dll
[2012/05/05 20:20:12 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wsnmp32.dll
[2012/05/05 20:20:12 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\takeown.exe
[2012/05/05 20:20:12 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\runonce.exe
[2012/05/05 20:20:12 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rtutils.dll
[2012/05/05 20:20:12 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\relog.exe
[2012/05/05 20:20:12 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapp.exe
[2012/05/05 20:20:12 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\syssetup.dll
[2012/05/05 20:20:12 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\schedcli.dll
[2012/05/05 20:20:12 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64cpu.dll
[2012/05/05 20:20:12 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\riched32.dll
[2012/05/05 20:20:11 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\quartz.dll
[2012/05/05 20:20:11 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SmiEngine.dll
[2012/05/05 20:20:11 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sud.dll
[2012/05/05 20:20:11 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PerfCenterCPL.dll
[2012/05/05 20:20:11 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spinstall.exe
[2012/05/05 20:20:11 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qdvd.dll
[2012/05/05 20:20:11 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\StructuredQuery.dll
[2012/05/05 20:20:11 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\powercpl.dll
[2012/05/05 20:20:11 | 000,418,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppwinob.dll
[2012/05/05 20:20:11 | 000,372,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rastls.dll
[2012/05/05 20:20:11 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sharemediacpl.dll
[2012/05/05 20:20:11 | 000,349,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\slui.exe
[2012/05/05 20:20:11 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spreview.exe
[2012/05/05 20:20:11 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpdd.dll
[2012/05/05 20:20:11 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srrstr.dll
[2012/05/05 20:20:11 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spwizui.dll
[2012/05/05 20:20:11 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qdv.dll
[2012/05/05 20:20:11 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pdh.dll
[2012/05/05 20:20:11 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppcomapi.dll
[2012/05/05 20:20:11 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sppcomapi.dll
[2012/05/05 20:20:11 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qcap.dll
[2012/05/05 20:20:11 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PortableDeviceSyncProvider.dll
[2012/05/05 20:20:11 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\perfmon.exe
[2012/05/05 20:20:11 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\powercfg.cpl
[2012/05/05 20:20:11 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setupcln.dll
[2012/05/05 20:20:11 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\logman.exe
[2012/05/05 20:20:11 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rastapi.dll
[2012/05/05 20:20:11 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\splwow64.exe
[2012/05/05 20:20:11 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\slwga.dll
[2012/05/05 20:20:11 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shunimpl.dll
[2012/05/05 20:20:10 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[2012/05/05 20:20:10 | 000,955,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\localspl.dll
[2012/05/05 20:20:10 | 000,919,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2012/05/05 20:20:10 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\imapi2fs.dll
[2012/05/05 20:20:10 | 000,653,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lpksetup.exe
[2012/05/05 20:20:10 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MediaMetadataHandler.dll
[2012/05/05 20:20:10 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mcbuilder.exe
[2012/05/05 20:20:10 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IPHLPAPI.DLL
[2012/05/05 20:20:10 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Kswdmcap.ax
[2012/05/05 20:20:10 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\migisol.dll
[2012/05/05 20:20:10 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll
[2012/05/05 20:20:10 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\manage-bde.exe
[2012/05/05 20:20:10 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Mpeg2Data.ax
[2012/05/05 20:20:10 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDSG.DLL
[2012/05/05 20:20:10 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kbdlk41a.dll
[2012/05/05 20:20:10 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDTUF.DLL
[2012/05/05 20:20:10 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDSG.DLL
[2012/05/05 20:20:10 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDNEPR.DLL
[2012/05/05 20:20:10 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDUGHR1.DLL
[2012/05/05 20:20:10 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDTAJIK.DLL
[2012/05/05 20:20:10 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDPO.DLL
[2012/05/05 20:20:10 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDINORI.DLL
[2012/05/05 20:20:10 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDINKAN.DLL
[2012/05/05 20:20:10 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDINKAN.DLL
[2012/05/05 20:20:10 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDINHIN.DLL
[2012/05/05 20:20:10 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDBULG.DLL
[2012/05/05 20:20:10 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDUGHR1.DLL
[2012/05/05 20:20:10 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDMAORI.DLL
[2012/05/05 20:20:10 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDBLR.DLL
[2012/05/05 20:20:09 | 002,494,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netshell.dll
[2012/05/05 20:20:09 | 002,130,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\networkmap.dll
[2012/05/05 20:20:09 | 001,750,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pnidui.dll
[2012/05/05 20:20:09 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msftedit.dll
[2012/05/05 20:20:09 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PortableDeviceApi.dll
[2012/05/05 20:20:09 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbc32.dll
[2012/05/05 20:20:09 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2012/05/05 20:20:09 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PerfCenterCPL.dll
[2012/05/05 20:20:09 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nshwfp.dll
[2012/05/05 20:20:09 | 000,641,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msscp.dll
[2012/05/05 20:20:09 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mscms.dll
[2012/05/05 20:20:09 | 000,435,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PortableDeviceStatus.dll
[2012/05/05 20:20:09 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ipsmsnap.dll
[2012/05/05 20:20:09 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msnetobj.dll
[2012/05/05 20:20:09 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\clusapi.dll
[2012/05/05 20:20:09 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msieftp.dll
[2012/05/05 20:20:09 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iTVData.dll
[2012/05/05 20:20:09 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iprtrmgr.dll
[2012/05/05 20:20:09 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iprtrmgr.dll
[2012/05/05 20:20:09 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mpg2splt.ax
[2012/05/05 20:20:09 | 000,242,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Mystify.scr
[2012/05/05 20:20:09 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstask.dll
[2012/05/05 20:20:09 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PortableDeviceSyncProvider.dll
[2012/05/05 20:20:09 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSNP.ax
[2012/05/05 20:20:09 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msorcl32.dll
[2012/05/05 20:20:09 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netid.dll
[2012/05/05 20:20:09 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbctrac.dll
[2012/05/05 20:20:09 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iscsicli.exe
[2012/05/05 20:20:09 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\NAPHLPR.DLL
[2012/05/05 20:20:09 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\isoburn.exe
[2012/05/05 20:20:09 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nci.dll
[2012/05/05 20:20:09 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\olethk32.dll
[2012/05/05 20:20:09 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\napdsnap.dll
[2012/05/05 20:20:09 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nlsbres.dll
[2012/05/05 20:20:09 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\napdsnap.dll
[2012/05/05 20:20:09 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PnPUnattend.exe
[2012/05/05 20:20:09 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSDvbNP.ax
[2012/05/05 20:20:09 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbcconf.dll
[2012/05/05 20:20:09 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iscsium.dll
[2012/05/05 20:20:09 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netbtugc.exe
[2012/05/05 20:20:09 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nrpsrv.dll
[2012/05/05 20:20:09 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\muifontsetup.dll
[2012/05/05 20:20:08 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\CertEnroll.dll
[2012/05/05 20:20:08 | 001,065,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptui.dll
[2012/05/05 20:20:08 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\calc.exe
[2012/05/05 20:20:08 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DevicePairingFolder.dll
[2012/05/05 20:20:08 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\DevicePairingFolder.dll
[2012/05/05 20:20:08 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cabview.dll
[2012/05/05 20:20:08 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\desk.cpl
[2012/05/05 20:20:08 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\CertPolEng.dll
[2012/05/05 20:20:07 | 000,934,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FirewallControlPanel.dll
[2012/05/05 20:20:07 | 000,856,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\FirewallControlPanel.dll
[2012/05/05 20:20:07 | 000,840,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\blackbox.dll
[2012/05/05 20:20:07 | 000,777,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\autochk.exe
[2012/05/05 20:20:07 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ActionCenter.dll
[2012/05/05 20:20:07 | 000,740,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\batmeter.dll
[2012/05/05 20:20:07 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AuxiliaryDisplayCpl.dll
[2012/05/05 20:20:07 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\DXPTaskRingtone.dll
[2012/05/05 20:20:07 | 000,537,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ActionCenterCPL.dll
[2012/05/05 20:20:07 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\biocpl.dll
[2012/05/05 20:20:07 | 000,495,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drmmgrtn.dll
[2012/05/05 20:20:07 | 000,459,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DXP.dll
[2012/05/05 20:20:07 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gdi32.dll
[2012/05/05 20:20:07 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysNative\atmfd.dll
[2012/05/05 20:20:07 | 000,359,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\eudcedit.exe
[2012/05/05 20:20:07 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hgcpl.dll
[2012/05/05 20:20:07 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dot3ui.dll
[2012/05/05 20:20:07 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\hgcpl.dll
[2012/05/05 20:20:07 | 000,298,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bcryptprimitives.dll
[2012/05/05 20:20:07 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\eudcedit.exe
[2012/05/05 20:20:07 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpx.dll
[2012/05/05 20:20:07 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hgprint.dll
[2012/05/05 20:20:07 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\FWPUCLNT.DLL
[2012/05/05 20:20:07 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2012/05/05 20:20:07 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ie4uinit.exe
[2012/05/05 20:20:07 | 000,166,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\basecsp.dll
[2012/05/05 20:20:07 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\diskpart.exe
[2012/05/05 20:20:07 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fphc.dll
[2012/05/05 20:20:07 | 000,116,224 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\windows\SysNative\fms.dll
[2012/05/05 20:20:07 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dnscmmc.dll
[2012/05/05 20:20:07 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fontsub.dll
[2012/05/05 20:20:07 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\hidclass.sys
[2012/05/05 20:20:07 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\windows\bfsvc.exe
[2012/05/05 20:20:07 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\findstr.exe
[2012/05/05 20:20:07 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\g711codc.ax
[2012/05/05 20:20:07 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\BlbEvents.dll
[2012/05/05 20:20:07 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\windows\SysNative\atmlib.dll
[2012/05/05 20:20:07 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\acppage.dll
[2012/05/05 20:20:07 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ftp.exe
[2012/05/05 20:20:07 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FXSMON.dll
[2012/05/05 20:20:07 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dsauth.dll
[2012/05/05 20:20:07 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FXSUNATD.exe
[2012/05/05 20:20:07 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnaddr.dll
[2012/05/05 20:20:06 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\esent.dll
[2012/05/05 20:20:06 | 002,193,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\themecpl.dll
[2012/05/05 20:20:06 | 001,457,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DxpTaskSync.dll
[2012/05/05 20:20:06 | 000,722,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\EncDec.dll
[2012/05/05 20:20:06 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\timedate.cpl
[2012/05/05 20:20:06 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\untfs.dll
[2012/05/05 20:20:06 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\upnp.dll
[2012/05/05 20:20:06 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tlscsp.dll
[2012/05/05 20:20:06 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tcpmonui.dll
[2012/05/05 20:20:06 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fdeploy.dll
[2012/05/05 20:20:06 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\takeown.exe
[2012/05/05 20:20:06 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\USBCAMD2.sys
[2012/05/05 20:20:05 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\twext.dll
[2012/05/05 20:20:05 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\twext.dll
[2012/05/05 20:20:05 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspicli.dll
[2012/05/05 20:20:05 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\unimdmat.dll
[2012/05/05 20:20:05 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\TsUsbFlt.sys
[2012/05/05 20:20:05 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tzutil.exe
[2012/05/05 20:20:05 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspisrv.dll
[2012/05/05 20:20:02 | 001,190,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecs.dll
[2012/05/05 20:20:02 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsPrint.dll
[2012/05/05 20:20:02 | 000,781,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmdrmsdk.dll
[2012/05/05 20:20:02 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapi.dll
[2012/05/05 20:20:02 | 000,475,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlangpui.dll
[2012/05/05 20:20:02 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winspool.drv
[2012/05/05 20:20:02 | 000,431,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WPDSp.dll
[2012/05/05 20:20:02 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlanmsm.dll
[2012/05/05 20:20:02 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlanmsm.dll
[2012/05/05 20:20:02 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMPhoto.dll
[2012/05/05 20:20:02 | 000,390,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winlogon.exe
[2012/05/05 20:20:02 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wusa.exe
[2012/05/05 20:20:02 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsAnytimeUpgradeResults.exe
[2012/05/05 20:20:02 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpsrcwp.dll
[2012/05/05 20:20:02 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wintrust.dll
[2012/05/05 20:20:02 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wudriver.dll
[2012/05/05 20:20:02 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wkscli.dll
[2012/05/05 20:20:02 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wsnmp32.dll
[2012/05/05 20:20:02 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wwanprotdim.dll
[2012/05/05 20:20:02 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups.dll
[2012/05/05 20:20:01 | 002,055,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Query.dll
[2012/05/05 20:20:01 | 001,281,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\werconcpl.dll
[2012/05/05 20:20:01 | 001,219,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rpcrt4.dll
[2012/05/05 20:20:01 | 001,212,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\propsys.dll
[2012/05/05 20:20:01 | 001,158,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\webservices.dll
[2012/05/05 20:20:01 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Vault.dll
[2012/05/05 20:20:01 | 000,782,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\webservices.dll
[2012/05/05 20:20:01 | 000,691,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\VAN.dll
[2012/05/05 20:20:01 | 000,612,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2012/05/05 20:20:01 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMVSDECD.DLL
[2012/05/05 20:20:01 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wiadefui.dll
[2012/05/05 20:20:01 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rastls.dll
[2012/05/05 20:20:01 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc_isv.dll
[2012/05/05 20:20:01 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wimgapi.dll
[2012/05/05 20:20:01 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wer.dll
[2012/05/05 20:20:01 | 000,337,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\raschap.dll
[2012/05/05 20:20:01 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wimserv.exe
[2012/05/05 20:20:01 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate_isv.exe
[2012/05/05 20:20:01 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate_ssp_isv.exe
[2012/05/05 20:20:01 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rstrui.exe
[2012/05/05 20:20:01 | 000,266,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\QAGENT.DLL
[2012/05/05 20:20:01 | 000,255,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wavemsp.dll
[2012/05/05 20:20:01 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scecli.dll
[2012/05/05 20:20:01 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vdsutil.dll
[2012/05/05 20:20:01 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\scecli.dll
[2012/05/05 20:20:01 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\QAGENT.DLL
[2012/05/05 20:20:01 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\remotepg.dll
[2012/05/05 20:20:01 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rpchttp.dll
[2012/05/05 20:20:01 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc_ssp_isv.dll
[2012/05/05 20:20:01 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\prntvpt.dll
[2012/05/05 20:20:01 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wiavideo.dll
[2012/05/05 20:20:01 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\QCLIPROV.DLL
[2012/05/05 20:20:01 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\psisrndr.ax
[2012/05/05 20:20:01 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\w32tm.exe
[2012/05/05 20:20:01 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdpd3d.dll
[2012/05/05 20:20:01 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\relog.exe
[2012/05/05 20:20:01 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\proquota.exe
[2012/05/05 20:20:01 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\prevhost.exe
[2012/05/05 20:20:01 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secur32.dll
[2012/05/05 20:20:01 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\userinit.exe
[2012/05/05 20:20:01 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ReAgentc.exe
[2012/05/05 20:20:00 | 001,556,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RacEngn.dll
[2012/05/05 20:20:00 | 000,503,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srcore.dll
[2012/05/05 20:20:00 | 000,446,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sqlcese30.dll
[2012/05/05 20:20:00 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SndVol.exe
[2012/05/05 20:20:00 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SndVolSSO.dll
[2012/05/05 20:20:00 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppnp.dll
[2012/05/05 20:20:00 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\QUTIL.DLL
[2012/05/05 20:20:00 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\QCLIPROV.DLL
[2012/05/05 20:20:00 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spopk.dll
[2012/05/05 20:19:59 | 003,966,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2012/05/05 20:19:59 | 003,911,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2012/05/05 20:19:59 | 003,207,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mf.dll
[2012/05/05 20:19:59 | 003,205,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mmcndmgr.dll
[2012/05/05 20:19:59 | 002,151,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mmcndmgr.dll
[2012/05/05 20:19:59 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\onexui.dll
[2012/05/05 20:19:59 | 000,905,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mmsys.cpl
[2012/05/05 20:19:59 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mmsys.cpl
[2012/05/05 20:19:59 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PortableDeviceStatus.dll
[2012/05/05 20:19:59 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfds.dll
[2012/05/05 20:19:59 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mprddm.dll
[2012/05/05 20:19:59 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mcbuilder.exe
[2012/05/05 20:19:59 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mpg2splt.ax
[2012/05/05 20:19:59 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netplwiz.dll
[2012/05/05 20:19:59 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\logoncli.dll
[2012/05/05 20:19:59 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Kswdmcap.ax
[2012/05/05 20:19:59 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntlanman.dll
[2012/05/05 20:19:59 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netid.dll
[2012/05/05 20:19:59 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nslookup.exe
[2012/05/05 20:19:59 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mciavi32.dll
[2012/05/05 20:19:59 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mapistub.dll
[2012/05/05 20:19:59 | 000,048,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netfxperf.dll
[2012/05/05 20:19:59 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDTUQ.DLL
[2012/05/05 20:19:59 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDSF.DLL
[2012/05/05 20:19:59 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDPO.DLL
[2012/05/05 20:19:59 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDGR1.DLL
[2012/05/05 20:19:59 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDNEPR.DLL
[2012/05/05 20:19:59 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDMON.DLL
[2012/05/05 20:19:59 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDINMAR.DLL
[2012/05/05 20:19:59 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDTURME.DLL
[2012/05/05 20:19:59 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDGEO.DLL
[2012/05/05 20:19:59 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDGEO.DLL
[2012/05/05 20:19:58 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssrch.dll
[2012/05/05 20:19:58 | 001,116,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstsc.exe
[2012/05/05 20:19:58 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssvp.dll
[2012/05/05 20:19:58 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbc32.dll
[2012/05/05 20:19:58 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntshrui.dll
[2012/05/05 20:19:58 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msieftp.dll
[2012/05/05 20:19:58 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbcjt32.dll
[2012/05/05 20:19:58 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssphtb.dll
[2012/05/05 20:19:58 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Mystify.scr
[2012/05/05 20:19:58 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\onex.dll
[2012/05/05 20:19:58 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2012/05/05 20:19:58 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ocsetup.exe
[2012/05/05 20:19:58 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ocsetapi.dll
[2012/05/05 20:19:58 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll
[2012/05/05 20:19:58 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\net1.exe
[2012/05/05 20:19:58 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mydocs.dll
[2012/05/05 20:19:58 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msvfw32.dll
[2012/05/05 20:19:58 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cmstp.exe
[2012/05/05 20:19:58 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncryptui.dll
[2012/05/05 20:19:58 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbcconf.dll
[2012/05/05 20:19:58 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msasn1.dll
[2012/05/05 20:19:58 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pifmgr.dll
[2012/05/05 20:19:57 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cdosys.dll
[2012/05/05 20:19:57 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dfshim.dll
[2012/05/05 20:19:57 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DeviceCenter.dll
[2012/05/05 20:19:57 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\certcli.dll
[2012/05/05 20:19:57 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cfgmgr32.dll
[2012/05/05 20:19:57 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\davclnt.dll
[2012/05/05 20:19:56 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AuthFWSnapin.dll
[2012/05/05 20:19:56 | 003,745,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\accessibilitycpl.dll
[2012/05/05 20:19:56 | 001,838,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10warp.dll
[2012/05/05 20:19:56 | 000,958,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\actxprxy.dll
[2012/05/05 20:19:56 | 000,780,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ActionCenter.dll
[2012/05/05 20:19:56 | 000,763,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\autofmt.exe
[2012/05/05 20:19:56 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\evr.dll
[2012/05/05 20:19:56 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d11.dll
[2012/05/05 20:19:56 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2012/05/05 20:19:56 | 000,422,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drvstore.dll
[2012/05/05 20:19:56 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\intl.cpl
[2012/05/05 20:19:56 | 000,263,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hal.dll
[2012/05/05 20:19:56 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ActionQueue.dll
[2012/05/05 20:19:56 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\adsldp.dll
[2012/05/05 20:19:56 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bcdboot.exe
[2012/05/05 20:19:56 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetpp.dll
[2012/05/05 20:19:56 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\autoplay.dll
[2012/05/05 20:19:56 | 000,144,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\basecsp.dll
[2012/05/05 20:19:56 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dwmredir.dll
[2012/05/05 20:19:56 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cabinet.dll
[2012/05/05 20:19:56 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\avifil32.dll
[2012/05/05 20:19:56 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dsauth.dll
[2012/05/05 20:19:56 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\httpapi.dll
[2012/05/05 20:19:55 | 002,872,320 | ---- | C] (Microsoft Corporation) -- C:\windows\explorer.exe
[2012/05/05 20:19:55 | 002,314,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tquery.dll
[2012/05/05 20:19:55 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Display.dll
[2012/05/05 20:19:55 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fontext.dll
[2012/05/05 20:19:55 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sqlsrv32.dll
[2012/05/05 20:19:55 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpdxm.dll
[2012/05/05 20:19:55 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dnsapi.dll
[2012/05/05 20:19:55 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\spwizeng.dll
[2012/05/05 20:19:55 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMPhoto.dll
[2012/05/05 20:19:55 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sqlcese30.dll
[2012/05/05 20:19:55 | 000,304,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\efscore.dll
[2012/05/05 20:19:55 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\srchadmin.dll
[2012/05/05 20:19:55 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpdxm.dll
[2012/05/05 20:19:55 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PresentationHost.exe
[2012/05/05 20:19:55 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ssText3d.scr
[2012/05/05 20:19:55 | 000,288,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\FWPKCLNT.SYS
[2012/05/05 20:19:55 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SndVol.exe
[2012/05/05 20:19:55 | 000,253,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tcpipcfg.dll
[2012/05/05 20:19:55 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SndVolSSO.dll
[2012/05/05 20:19:55 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WinSCard.dll
[2012/05/05 20:19:55 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll
[2012/05/05 20:19:55 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\framedynos.dll
[2012/05/05 20:19:55 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\framedyn.dll
[2012/05/05 20:19:55 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\syncui.dll
[2012/05/05 20:19:55 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fde.dll
[2012/05/05 20:19:55 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpps.dll
[2012/05/05 20:19:55 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srvcli.dll
[2012/05/05 20:19:55 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sppc.dll
[2012/05/05 20:19:55 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dot3msm.dll
[2012/05/05 20:19:55 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dot3api.dll
[2012/05/05 20:19:55 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wscapi.dll
[2012/05/05 20:19:55 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wdiasqmmodule.dll
[2012/05/05 20:19:55 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\spwizres.dll
[2012/05/05 20:19:54 | 002,250,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SensorsCpl.dll
[2012/05/05 20:19:54 | 001,900,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\setupapi.dll
[2012/05/05 20:19:54 | 001,572,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\quartz.dll
[2012/05/05 20:19:54 | 001,098,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Vault.dll
[2012/05/05 20:19:54 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcore.dll
[2012/05/05 20:19:54 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMADMOD.DLL
[2012/05/05 20:19:54 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdpcore.dll
[2012/05/05 20:19:54 | 000,529,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wbemcomn.dll
[2012/05/05 20:19:54 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmdrmdev.dll
[2012/05/05 20:19:54 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shlwapi.dll
[2012/05/05 20:19:54 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmdrmnet.dll
[2012/05/05 20:19:54 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\prnfldr.dll
[2012/05/05 20:19:54 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\unimdm.tsp
[2012/05/05 20:19:54 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate_ssp.exe
[2012/05/05 20:19:54 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\schtasks.exe
[2012/05/05 20:19:54 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qdv.dll
[2012/05/05 20:19:54 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vpnike.dll
[2012/05/05 20:19:54 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qasf.dll
[2012/05/05 20:19:54 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shdocvw.dll
[2012/05/05 20:19:54 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rpchttp.dll
[2012/05/05 20:19:54 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\prncache.dll
[2012/05/05 20:19:54 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\QSHVHOST.DLL
[2012/05/05 20:19:54 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\recovery.dll
[2012/05/05 20:19:54 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shacct.dll
[2012/05/05 20:19:54 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc_ssp.dll
[2012/05/05 20:19:54 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\uxlib.dll
[2012/05/05 20:19:54 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\sdbus.sys
[2012/05/05 20:19:54 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\QUTIL.DLL
[2012/05/05 20:19:54 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\QSVRMGMT.DLL
[2012/05/05 20:19:54 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\setbcdlocale.dll
[2012/05/05 20:19:54 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vpnikeapi.dll
[2012/05/05 20:19:54 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\shimgvw.dll
[2012/05/05 20:19:54 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\utildll.dll
[2012/05/05 20:19:54 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\proquota.exe
[2012/05/05 20:19:54 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\schedcli.dll
[2012/05/05 20:19:54 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdprefdrvapi.dll
[2012/05/05 20:19:54 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\riched32.dll
[2012/05/05 20:19:53 | 003,215,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstscax.dll
[2012/05/05 20:19:53 | 003,211,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msi.dll
[2012/05/05 20:19:53 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netcenter.dll
[2012/05/05 20:19:53 | 001,538,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2012/05/05 20:19:53 | 001,326,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\NaturalLanguage6.dll
[2012/05/05 20:19:53 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc40.dll
[2012/05/05 20:19:53 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netcfgx.dll
[2012/05/05 20:19:53 | 000,497,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\main.cpl
[2012/05/05 20:19:53 | 000,433,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MCEWMDRMNDBootstrap.dll
[2012/05/05 20:19:53 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\localsec.dll
[2012/05/05 20:19:53 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nltest.exe
[2012/05/05 20:19:53 | 000,373,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\intl.cpl
[2012/05/05 20:19:53 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mtxclu.dll
[2012/05/05 20:19:53 | 000,344,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntprint.dll
[2012/05/05 20:19:53 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mtxclu.dll
[2012/05/05 20:19:53 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntprint.dll
[2012/05/05 20:19:53 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mprapi.dll
[2012/05/05 20:19:53 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netiohlp.dll
[2012/05/05 20:19:53 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\input.dll
[2012/05/05 20:19:53 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netplwiz.dll
[2012/05/05 20:19:53 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netjoin.dll
[2012/05/05 20:19:53 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ncsi.dll
[2012/05/05 20:19:53 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iscsicli.exe
[2012/05/05 20:19:53 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MdSched.exe
[2012/05/05 20:19:53 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mydocs.dll
[2012/05/05 20:19:53 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\NAPHLPR.DLL
[2012/05/05 20:19:53 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Mpeg2Data.ax
[2012/05/05 20:19:53 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\isoburn.exe
[2012/05/05 20:19:53 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\kstvtune.ax
[2012/05/05 20:19:53 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imagehlp.dll
[2012/05/05 20:19:53 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2012/05/05 20:19:53 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsmproxy.dll
[2012/05/05 20:19:53 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netfxperf.dll
[2012/05/05 20:19:53 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ksxbar.ax
[2012/05/05 20:19:53 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\httpapi.dll
[2012/05/05 20:19:53 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mimefilt.dll
[2012/05/05 20:19:53 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mciqtz32.dll
[2012/05/05 20:19:53 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iscsium.dll
[2012/05/05 20:19:53 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mciqtz32.dll
[2012/05/05 20:19:53 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDCZ1.DLL
[2012/05/05 20:19:53 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\kbdlk41a.dll
[2012/05/05 20:19:53 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDINTAM.DLL
[2012/05/05 20:19:53 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDGR1.DLL
[2012/05/05 20:19:53 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDGKL.DLL
[2012/05/05 20:19:53 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDTURME.DLL
[2012/05/05 20:19:53 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDMAORI.DLL
[2012/05/05 20:19:53 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDINBEN.DLL
[2012/05/05 20:19:53 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDBULG.DLL
[2012/05/05 20:19:53 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDBASH.DLL
[2012/05/05 20:19:52 | 002,746,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gameux.dll
[2012/05/05 20:19:52 | 002,522,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dbgeng.dll
[2012/05/05 20:19:52 | 002,217,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bootres.dll
[2012/05/05 20:19:52 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dfshim.dll
[2012/05/05 20:19:52 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\certmgr.dll
[2012/05/05 20:19:52 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll
[2012/05/05 20:19:52 | 001,509,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdtctm.dll
[2012/05/05 20:19:52 | 001,456,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\crypt32.dll
[2012/05/05 20:19:52 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSMPEG2ENC.DLL
[2012/05/05 20:19:52 | 000,897,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\azroles.dll
[2012/05/05 20:19:52 | 000,854,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dbghelp.dll
[2012/05/05 20:19:52 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\autoconv.exe
[2012/05/05 20:19:52 | 000,762,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\azroles.dll
[2012/05/05 20:19:52 | 000,749,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\batmeter.dll
[2012/05/05 20:19:52 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\blackbox.dll
[2012/05/05 20:19:52 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bthprops.cpl
[2012/05/05 20:19:52 | 000,685,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dsuiext.dll
[2012/05/05 20:19:52 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxgi.dll
[2012/05/05 20:19:52 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\autofmt.exe
[2012/05/05 20:19:52 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msscp.dll
[2012/05/05 20:19:52 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\eapp3hst.dll
[2012/05/05 20:19:52 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cmd.exe
[2012/05/05 20:19:52 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Faultrep.dll
[2012/05/05 20:19:52 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\eapphost.dll
[2012/05/05 20:19:52 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AudioSes.dll
[2012/05/05 20:19:52 | 000,295,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\framedynos.dll
[2012/05/05 20:19:52 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\atmfd.dll
[2012/05/05 20:19:52 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSNP.ax
[2012/05/05 20:19:52 | 000,279,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxdiagn.dll
[2012/05/05 20:19:52 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\framedyn.dll
[2012/05/05 20:19:52 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\diskraid.exe
[2012/05/05 20:19:52 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FXSCOVER.exe
[2012/05/05 20:19:52 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msnetobj.dll
[2012/05/05 20:19:52 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\defaultlocationcpl.dll
[2012/05/05 20:19:52 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\clusapi.dll
[2012/05/05 20:19:52 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\credui.dll
[2012/05/05 20:19:52 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\bitsadmin.exe
[2012/05/05 20:19:52 | 000,179,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Classpnp.sys
[2012/05/05 20:19:52 | 000,155,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\ataport.sys
[2012/05/05 20:19:52 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\autoplay.dll
[2012/05/05 20:19:52 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\aaclient.dll
[2012/05/05 20:19:52 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\audiodg.exe
[2012/05/05 20:19:52 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aitagent.exe
[2012/05/05 20:19:52 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\eappgnui.dll
[2012/05/05 20:19:52 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fphc.dll
[2012/05/05 20:19:52 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\amstream.dll
[2012/05/05 20:19:52 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cmstp.exe
[2012/05/05 20:19:52 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hbaapi.dll
[2012/05/05 20:19:52 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSDvbNP.ax
[2012/05/05 20:19:52 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fdProxy.dll
[2012/05/05 20:19:52 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fontsub.dll
[2012/05/05 20:19:52 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\amstream.dll
[2012/05/05 20:19:52 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\djoin.exe
[2012/05/05 20:19:52 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\SysWow64\atmlib.dll
[2012/05/05 20:19:52 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AzSqlExt.dll
[2012/05/05 20:19:52 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AzSqlExt.dll
[2012/05/05 20:19:52 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bitsperf.dll
[2012/05/05 20:19:52 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\BWUnpairElevated.dll
[2012/05/05 20:19:52 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdxm.ocx
[2012/05/05 20:19:52 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxmasf.dll
[2012/05/05 20:19:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-ums-l1-1-0.dll
[2012/05/05 20:19:51 | 001,008,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\user32.dll
[2012/05/05 20:19:51 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\TSWorkspace.dll
[2012/05/05 20:19:51 | 000,586,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dfrgui.exe
[2012/05/05 20:19:51 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\DeviceCenter.dll
[2012/05/05 20:19:51 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\timedate.cpl
[2012/05/05 20:19:51 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskcomp.dll
[2012/05/05 20:19:51 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskeng.exe
[2012/05/05 20:19:51 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\drmmgrtn.dll
[2012/05/05 20:19:51 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpx.dll
[2012/05/05 20:19:51 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ssText3d.scr
[2012/05/05 20:19:51 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\unimdm.tsp
[2012/05/05 20:19:51 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tsmf.dll
[2012/05/05 20:19:51 | 000,252,928 | ---- | C] (Microsoft) -- C:\windows\SysWow64\DShowRdpFilter.dll
[2012/05/05 20:19:51 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbccp32.dll
[2012/05/05 20:19:51 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dot3msm.dll
[2012/05/05 20:19:51 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dot3api.dll
[2012/05/05 20:19:51 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\unimdmat.dll
[2012/05/05 20:19:51 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tlscsp.dll
[2012/05/05 20:19:51 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskhost.exe
[2012/05/05 20:19:51 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tsgqec.dll
[2012/05/05 20:19:51 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbrpm.sys
[2012/05/05 20:19:51 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dnscacheugc.exe
[2012/05/05 20:19:51 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sscore.dll
[2012/05/05 20:19:51 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spwmp.dll
[2012/05/05 20:19:50 | 014,633,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmp.dll
[2012/05/05 20:19:50 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmploc.DLL
[2012/05/05 20:19:50 | 003,027,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMVCORE.DLL
[2012/05/05 20:19:50 | 003,008,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xpsservices.dll
[2012/05/05 20:19:50 | 001,712,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xpsservices.dll
[2012/05/05 20:19:50 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlanpref.dll
[2012/05/05 20:19:50 | 001,326,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlanpref.dll
[2012/05/05 20:19:50 | 001,082,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppobjs.dll
[2012/05/05 20:19:50 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpmde.dll
[2012/05/05 20:19:50 | 000,769,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sud.dll
[2012/05/05 20:19:50 | 000,681,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFx.dll
[2012/05/05 20:19:50 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmdrmsdk.dll
[2012/05/05 20:19:50 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlanui.dll
[2012/05/05 20:19:50 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlangpui.dll
[2012/05/05 20:19:50 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wisptis.exe
[2012/05/05 20:19:50 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Wldap32.dll
[2012/05/05 20:19:50 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsGdiConverter.dll
[2012/05/05 20:19:50 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsta.dll
[2012/05/05 20:19:50 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFHost.exe
[2012/05/05 20:19:50 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wpdwcn.dll
[2012/05/05 20:19:50 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vdsbas.dll
[2012/05/05 20:19:50 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFPlatform.dll
[2012/05/05 20:19:50 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\syncui.dll
[2012/05/05 20:19:50 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFCoinstaller.dll
[2012/05/05 20:19:50 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\vbisurf.ax
[2012/05/05 20:19:50 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\spopk.dll
[2012/05/05 20:19:50 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\syssetup.dll
[2012/05/05 20:19:49 | 000,974,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WFS.exe
[2012/05/05 20:19:49 | 000,501,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WinSATAPI.dll
[2012/05/05 20:19:49 | 000,429,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\puiobj.dll
[2012/05/05 20:19:49 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qasf.dll
[2012/05/05 20:19:49 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\QSHVHOST.DLL
[2012/05/05 20:19:49 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rasppp.dll
[2012/05/05 20:19:49 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdpencom.dll
[2012/05/05 20:19:49 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rasppp.dll
[2012/05/05 20:19:49 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorekmts.dll
[2012/05/05 20:19:49 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\QSVRMGMT.DLL
[2012/05/05 20:19:49 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpd3d.dll
[2012/05/05 20:19:49 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WavDest.dll
[2012/05/05 20:19:49 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WerFaultSecure.exe
[2012/05/05 20:19:49 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\vpnikeapi.dll
[2012/05/05 20:19:47 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ReAgent.dll
[2012/05/05 20:19:47 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PkgMgr.exe
[2012/05/05 20:19:47 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PkgMgr.exe
[2012/05/05 20:19:47 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\remotepg.dll
[2012/05/05 20:19:47 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2012/05/05 20:19:47 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpwsx.dll
[2012/05/05 20:19:47 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\regapi.dll
[2012/05/05 20:19:47 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\resutils.dll
[2012/05/05 20:19:46 | 002,202,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SensorsCpl.dll
[2012/05/05 20:19:46 | 000,932,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\printui.dll
[2012/05/05 20:19:46 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\OobeFldr.dll
[2012/05/05 20:19:46 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\samsrv.dll
[2012/05/05 20:19:46 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msftedit.dll
[2012/05/05 20:19:46 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc.dll
[2012/05/05 20:19:46 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\powercpl.dll
[2012/05/05 20:19:46 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\shwebsvc.dll
[2012/05/05 20:19:46 | 000,416,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\prnfldr.dll
[2012/05/05 20:19:46 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\photowiz.dll
[2012/05/05 20:19:46 | 000,359,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate.exe
[2012/05/05 20:19:46 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PresentationHost.exe
[2012/05/05 20:19:46 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pdh.dll
[2012/05/05 20:19:46 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msconfig.exe
[2012/05/05 20:19:46 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sethc.exe
[2012/05/05 20:19:46 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate_ssp_isv.exe
[2012/05/05 20:19:46 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sethc.exe
[2012/05/05 20:19:46 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\scansetting.dll
[2012/05/05 20:19:46 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SmartcardCredentialProvider.dll
[2012/05/05 20:19:46 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SmartcardCredentialProvider.dll
[2012/05/05 20:19:46 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scavengeui.dll
[2012/05/05 20:19:46 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\rmcast.sys
[2012/05/05 20:19:46 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shsetup.dll
[2012/05/05 20:19:46 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbccp32.dll
[2012/05/05 20:19:46 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\prncache.dll
[2012/05/05 20:19:46 | 000,109,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PresentationHostProxy.dll
[2012/05/05 20:19:46 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\psisrndr.ax
[2012/05/05 20:19:46 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PresentationHostProxy.dll
[2012/05/05 20:19:46 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\setupcl.exe
[2012/05/05 20:19:46 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc_ssp_isv.dll
[2012/05/05 20:19:46 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\samcli.dll
[2012/05/05 20:19:46 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RpcRtRemote.dll
[2012/05/05 20:19:46 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\runonce.exe
[2012/05/05 20:19:46 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PrintIsolationProxy.dll
[2012/05/05 20:19:46 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shimgvw.dll
[2012/05/05 20:19:46 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\prevhost.exe
[2012/05/05 20:19:46 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msdmo.dll
[2012/05/05 20:19:46 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shgina.dll
[2012/05/05 20:19:46 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sisbkup.dll
[2012/05/05 20:19:46 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\shgina.dll
[2012/05/05 20:19:46 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sisbkup.dll
[2012/05/05 20:19:46 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\perfts.dll
[2012/05/05 20:19:46 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\slwga.dll
[2012/05/05 20:19:46 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msdxm.ocx
[2012/05/05 20:19:45 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmploc.DLL
[2012/05/05 20:19:45 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmp.dll
[2012/05/05 20:19:45 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AuthFWSnapin.dll
[2012/05/05 20:19:45 | 002,072,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMPEncEn.dll
[2012/05/05 20:19:45 | 001,003,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMNetMgr.dll
[2012/05/05 20:19:45 | 000,933,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sqlsrv32.dll
[2012/05/05 20:19:45 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appwiz.cpl
[2012/05/05 20:19:45 | 000,679,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\autoconv.exe
[2012/05/05 20:19:45 | 000,649,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\appwiz.cpl
[2012/05/05 20:19:45 | 000,582,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sxs.dll
[2012/05/05 20:19:45 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmicmiplugin.dll
[2012/05/05 20:19:45 | 000,481,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpps.dll
[2012/05/05 20:19:45 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\azroleui.dll
[2012/05/05 20:19:45 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spwizeng.dll
[2012/05/05 20:19:45 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpeffects.dll
[2012/05/05 20:19:45 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WinSATAPI.dll
[2012/05/05 20:19:45 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\azroleui.dll
[2012/05/05 20:19:45 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\stobject.dll
[2012/05/05 20:19:45 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wksprt.exe
[2012/05/05 20:19:45 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sqmapi.dll
[2012/05/05 20:19:45 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppc.dll
[2012/05/05 20:19:45 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpshell.dll
[2012/05/05 20:19:45 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpshell.dll
[2012/05/05 20:19:45 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2012/05/05 20:19:45 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spbcd.dll
[2012/05/05 20:19:45 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2012/05/05 20:19:45 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wkscli.dll
[2012/05/05 20:19:45 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tsgqec.dll
[2012/05/05 20:19:45 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sscore.dll
[2012/05/05 20:19:45 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\spwmp.dll
[2012/05/05 20:19:45 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spwizres.dll
[2012/05/05 20:19:44 | 002,851,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\themeui.dll
[2012/05/05 20:19:44 | 002,146,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\networkmap.dll
[2012/05/05 20:19:44 | 001,672,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\networkexplorer.dll
[2012/05/05 20:19:44 | 001,264,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sdclt.exe
[2012/05/05 20:19:44 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\OpcServices.dll
[2012/05/05 20:19:44 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sdengin2.dll
[2012/05/05 20:19:44 | 001,118,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sbe.dll
[2012/05/05 20:19:44 | 001,080,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\onexui.dll
[2012/05/05 20:19:44 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\oleaut32.dll
[2012/05/05 20:19:44 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qedit.dll
[2012/05/05 20:19:44 | 000,477,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PhotoScreensaver.scr
[2012/05/05 20:19:44 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nshipsec.dll
[2012/05/05 20:19:44 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\termmgr.dll
[2012/05/05 20:19:44 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\systemcpl.dll
[2012/05/05 20:19:44 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PhotoScreensaver.scr
[2012/05/05 20:19:44 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qdvd.dll
[2012/05/05 20:19:44 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate_isv.exe
[2012/05/05 20:19:44 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\termmgr.dll
[2012/05/05 20:19:44 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\puiobj.dll
[2012/05/05 20:19:44 | 000,307,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\scesrv.dll
[2012/05/05 20:19:44 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\taskcomp.dll
[2012/05/05 20:19:44 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\photowiz.dll
[2012/05/05 20:19:44 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate_ssp.exe
[2012/05/05 20:19:44 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\recdisc.exe
[2012/05/05 20:19:44 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\onex.dll
[2012/05/05 20:19:44 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\taskmgr.exe
[2012/05/05 20:19:44 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpencom.dll
[2012/05/05 20:19:44 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qcap.dll
[2012/05/05 20:19:44 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\powercfg.cpl
[2012/05/05 20:19:44 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\prntvpt.dll
[2012/05/05 20:19:44 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wscapi.dll
[2012/05/05 20:19:44 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\repair-bde.exe
[2012/05/05 20:19:44 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\profprov.dll
[2012/05/05 20:19:44 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\tdi.sys
[2012/05/05 20:19:44 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wsdchngr.dll
[2012/05/05 20:19:44 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcfgex.dll
[2012/05/05 20:19:43 | 003,715,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstscax.dll
[2012/05/05 20:19:43 | 001,644,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netcenter.dll
[2012/05/05 20:19:43 | 001,466,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2012/05/05 20:19:43 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsPrint.dll
[2012/05/05 20:19:43 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Narrator.exe
[2012/05/05 20:19:43 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSMPEG2ENC.DLL
[2012/05/05 20:19:43 | 000,812,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpccpl.dll
[2012/05/05 20:19:43 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\VAN.dll
[2012/05/05 20:19:43 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ipsmsnap.dll
[2012/05/05 20:19:43 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapi.dll
[2012/05/05 20:19:43 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\localsec.dll
[2012/05/05 20:19:43 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc_isv.dll
[2012/05/05 20:19:43 | 000,378,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msinfo32.exe
[2012/05/05 20:19:43 | 000,376,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\netio.sys
[2012/05/05 20:19:43 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsm.exe
[2012/05/05 20:19:43 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netdiagfx.dll
[2012/05/05 20:19:43 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netdiagfx.dll
[2012/05/05 20:19:43 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ksproxy.ax
[2012/05/05 20:19:43 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msutb.dll
[2012/05/05 20:19:43 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\vdsbas.dll
[2012/05/05 20:19:43 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aaclient.dll
[2012/05/05 20:19:43 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\uxlib.dll
[2012/05/05 20:19:43 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\VBICodec.ax
[2012/05/05 20:19:43 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\net1.exe
[2012/05/05 20:19:43 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wiavideo.dll
[2012/05/05 20:19:43 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\userenv.dll
[2012/05/05 20:19:43 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nci.dll
[2012/05/05 20:19:43 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wudriver.dll
[2012/05/05 20:19:43 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc_ssp.dll
[2012/05/05 20:19:43 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WSTPager.ax
[2012/05/05 20:19:43 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\vfwwdm32.dll
[2012/05/05 20:19:43 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetmib1.dll
[2012/05/05 20:19:43 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuauclt.exe
[2012/05/05 20:19:43 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups2.dll
[2012/05/05 20:19:43 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wups.dll
[2012/05/05 20:19:43 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wshirda.dll
[2012/05/05 20:19:43 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wshirda.dll
[2012/05/05 20:19:43 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDTUQ.DLL
[2012/05/05 20:19:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDLT1.DLL
[2012/05/05 20:19:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDINTEL.DLL
[2012/05/05 20:19:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDINTAM.DLL
[2012/05/05 20:19:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDINORI.DLL
[2012/05/05 20:19:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDINMAR.DLL
[2012/05/05 20:19:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDINHIN.DLL
[2012/05/05 20:19:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDBASH.DLL
[2012/05/05 20:19:43 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDUS.DLL
[2012/05/05 20:19:43 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDTAJIK.DLL
[2012/05/05 20:19:43 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDMON.DLL
[2012/05/05 20:19:42 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\gameux.dll
[2012/05/05 20:19:42 | 001,632,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dwmcore.dll
[2012/05/05 20:19:42 | 001,371,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dwmcore.dll
[2012/05/05 20:19:42 | 001,202,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DiagCpl.dll
[2012/05/05 20:19:42 | 001,009,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mcmde.dll
[2012/05/05 20:19:42 | 000,960,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\CPFilters.dll
[2012/05/05 20:19:42 | 000,780,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ci.dll
[2012/05/05 20:19:42 | 000,750,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TSWorkspace.dll
[2012/05/05 20:19:42 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dsuiext.dll
[2012/05/05 20:19:42 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\bthprops.cpl
[2012/05/05 20:19:42 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\CPFilters.dll
[2012/05/05 20:19:42 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\comctl32.dll
[2012/05/05 20:19:42 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usercpl.dll
[2012/05/05 20:19:42 | 000,623,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FXSAPI.dll
[2012/05/05 20:19:42 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dfrgui.exe
[2012/05/05 20:19:42 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\main.cpl
[2012/05/05 20:19:42 | 000,434,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FXSTIFF.dll
[2012/05/05 20:19:42 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\imkr80.ime
[2012/05/05 20:19:42 | 000,366,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\zipfldr.dll
[2012/05/05 20:19:42 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbport.sys
[2012/05/05 20:19:42 | 000,312,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MCEWMDRMNDBootstrap.dll
[2012/05/05 20:19:42 | 000,299,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mcupdate_GenuineIntel.dll
[2012/05/05 20:19:42 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfreadwrite.dll
[2012/05/05 20:19:42 | 000,239,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dskquoui.dll
[2012/05/05 20:19:42 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bitsadmin.exe
[2012/05/05 20:19:42 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\defaultlocationcpl.dll
[2012/05/05 20:19:42 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfreadwrite.dll
[2012/05/05 20:19:42 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ifsutil.dll
[2012/05/05 20:19:42 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MFPlay.dll
[2012/05/05 20:19:42 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ifsutil.dll
[2012/05/05 20:19:42 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\EhStorAPI.dll
[2012/05/05 20:19:42 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\desk.cpl
[2012/05/05 20:19:42 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dnscmmc.dll
[2012/05/05 20:19:42 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2012/05/05 20:19:42 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\windows\SysWow64\fms.dll
[2012/05/05 20:19:42 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mapistub.dll
[2012/05/05 20:19:42 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mapi32.dll
[2012/05/05 20:19:42 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\windows\SysWow64\iccvid.dll
[2012/05/05 20:19:42 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UserAccountControlSettings.dll
[2012/05/05 20:19:42 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fdeploy.dll
[2012/05/05 20:19:42 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\findstr.exe
[2012/05/05 20:19:42 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\hbaapi.dll
[2012/05/05 20:19:42 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cca.dll
[2012/05/05 20:19:42 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\browcli.dll
[2012/05/05 20:19:42 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cscapi.dll
[2012/05/05 20:19:42 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\luainstall.dll
[2012/05/05 20:19:42 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cscdll.dll
[2012/05/05 20:19:42 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\bitsperf.dll
[2012/05/05 20:19:42 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fixmapi.exe
[2012/05/05 20:19:42 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\C_ISCII.DLL
[2012/05/05 20:19:42 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dxmasf.dll
[2012/05/05 20:19:42 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnaddr.dll
[2012/05/05 20:18:00 | 000,000,000 | ---D | C] -- C:\ProgramData\PCSettings
[2012/05/05 20:15:52 | 000,000,000 | ---D | C] -- C:\windows\SysNative\EventProviders
[2012/05/05 20:15:48 | 000,000,000 | ---D | C] -- C:\ca7de3afaabbe1e5b1d6a4
[2012/05/05 20:07:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012/05/05 20:07:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012/05/05 20:06:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
[2012/05/05 20:06:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda USB Vaccine
[2012/05/05 20:06:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
[2012/05/05 20:05:46 | 000,000,000 | ---D | C] -- C:\Users\)) ))()(( ((\AppData\Roaming\Toshiba
[2012/05/05 20:04:35 | 000,000,000 | R--D | C] -- C:\Users\)) ))()(( ((\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/05/05 20:04:35 | 000,000,000 | R--D | C] -- C:\Users\)) ))()(( ((\Searches
[2012/05/05 20:04:35 | 000,000,000 | R--D | C] -- C:\Users\)) ))()(( ((\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/05/05 20:04:35 | 000,000,000 | -H-D | C] -- C:\Users\)) ))()(( ((\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/05/05 20:04:34 | 000,000,000 | ---D | C] -- C:\Users\)) ))()(( ((\AppData\Roaming\Identities
[2012/05/05 20:04:33 | 000,000,000 | R--D | C] -- C:\Users\)) ))()(( ((\Contacts
[2012/05/05 20:04:32 | 000,000,000 | ---D | C] -- C:\Users\)) ))()(( ((\AppData\Local\VirtualStore
[2012/05/05 20:04:29 | 000,000,000 | -HSD | C] -- C:\Users\)) ))()(( ((\AppData\Local\Temporary Internet Files
[2012/05/05 20:04:29 | 000,000,000 | -HSD | C] -- C:\Users\)) ))()(( ((\Templates
[2012/05/05 20:04:29 | 000,000,000 | -HSD | C] -- C:\Users\)) ))()(( ((\Start Menu
[2012/05/05 20:04:29 | 000,000,000 | -HSD | C] -- C:\Users\)) ))()(( ((\SendTo
[2012/05/05 20:04:29 | 000,000,000 | -HSD | C] -- C:\Users\)) ))()(( ((\Recent
[2012/05/05 20:04:29 | 000,000,000 | -HSD | C] -- C:\Users\)) ))()(( ((\PrintHood
[2012/05/05 20:04:29 | 000,000,000 | -HSD | C] -- C:\Users\)) ))()(( ((\NetHood
[2012/05/05 20:04:29 | 000,000,000 | -HSD | C] -- C:\Users\)) ))()(( ((\Documents\My Videos
[2012/05/05 20:04:29 | 000,000,000 | -HSD | C] -- C:\Users\)) ))()(( ((\Documents\My Pictures
[2012/05/05 20:04:29 | 000,000,000 | -HSD | C] -- C:\Users\)) ))()(( ((\Documents\My Music
[2012/05/05 20:04:29 | 000,000,000 | -HSD | C] -- C:\Users\)) ))()(( ((\My Documents
[2012/05/05 20:04:29 | 000,000,000 | -HSD | C] -- C:\Users\)) ))()(( ((\Local Settings
[2012/05/05 20:04:29 | 000,000,000 | -HSD | C] -- C:\Users\)) ))()(( ((\AppData\Local\History
[2012/05/05 20:04:29 | 000,000,000 | -HSD | C] -- C:\Users\)) ))()(( ((\Cookies
[2012/05/05 20:04:29 | 000,000,000 | -HSD | C] -- C:\Users\)) ))()(( ((\Application Data
[2012/05/05 20:04:29 | 000,000,000 | -HSD | C] -- C:\Users\)) ))()(( ((\AppData\Local\Application Data
[2012/05/05 20:04:24 | 000,000,000 | ---D | C] -- C:\Users\)) ))()(( ((\AppData\Local\Temp
[2012/05/05 20:04:24 | 000,000,000 | ---D | C] -- C:\Users\)) ))()(( ((\AppData\Local\Microsoft
[2012/05/05 20:04:24 | 000,000,000 | ---D | C] -- C:\Users\)) ))()(( ((\AppData\Roaming\Media Center Programs
[2012/05/05 20:04:23 | 000,000,000 | --SD | C] -- C:\Users\)) ))()(( ((\AppData\Roaming\Microsoft
[2012/05/05 20:04:23 | 000,000,000 | R--D | C] -- C:\Users\)) ))()(( ((\Videos
[2012/05/05 20:04:23 | 000,000,000 | R--D | C] -- C:\Users\)) ))()(( ((\Saved Games
[2012/05/05 20:04:23 | 000,000,000 | R--D | C] -- C:\Users\)) ))()(( ((\Pictures
[2012/05/05 20:04:23 | 000,000,000 | R--D | C] -- C:\Users\)) ))()(( ((\Music
[2012/05/05 20:04:23 | 000,000,000 | R--D | C] -- C:\Users\)) ))()(( ((\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/05/05 20:04:23 | 000,000,000 | R--D | C] -- C:\Users\)) ))()(( ((\Links
[2012/05/05 20:04:23 | 000,000,000 | R--D | C] -- C:\Users\)) ))()(( ((\Favorites
[2012/05/05 20:04:23 | 000,000,000 | R--D | C] -- C:\Users\)) ))()(( ((\Downloads
[2012/05/05 20:04:23 | 000,000,000 | R--D | C] -- C:\Users\)) ))()(( ((\Documents
[2012/05/05 20:04:23 | 000,000,000 | R--D | C] -- C:\Users\)) ))()(( ((\Desktop
[2012/05/05 20:04:23 | 000,000,000 | R--D | C] -- C:\Users\)) ))()(( ((\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/05/05 20:04:23 | 000,000,000 | -H-D | C] -- C:\Users\)) ))()(( ((\AppData
[2 C:\windows\SysNative\*.tmp files -> C:\windows\SysNative\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/05/06 17:04:16 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/05/06 16:41:05 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/06 15:42:55 | 000,001,448 | ---- | M] () -- C:\Users\)) ))()(( ((\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/05/06 15:27:00 | 000,000,538 | ---- | M] () -- C:\windows\tasks\SUPERAntiSpyware Scheduled Task ac4a9588-abcb-4422-861e-454a2d3f9202.job
[2012/05/06 14:50:59 | 000,015,568 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/06 14:50:59 | 000,015,568 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/06 10:51:12 | 000,713,888 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/05/06 10:51:12 | 000,615,360 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/05/06 10:51:12 | 000,103,702 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/05/06 10:47:10 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/06 10:46:53 | 2138,415,103 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/06 02:00:00 | 000,000,538 | ---- | M] () -- C:\windows\tasks\SUPERAntiSpyware Scheduled Task 7f54ad3c-5d1e-4a2d-b9c4-8fbffa43652b.job
[2012/05/05 23:47:56 | 001,491,497 | ---- | M] () -- C:\windows\SysNative\drivers\NISx64\1301010.003\Cat.DB
[2012/05/05 23:28:09 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\SBRC.dat
[2012/05/05 23:26:56 | 000,001,819 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
[2012/05/05 23:26:15 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\deployJava1.dll
[2012/05/05 23:26:15 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\javaws.exe
[2012/05/05 23:26:15 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\javaw.exe
[2012/05/05 23:26:15 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\java.exe
[2012/05/05 23:13:12 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/05 22:11:59 | 000,116,633 | ---- | M] () -- C:\wubildr
[2012/05/05 22:11:59 | 000,008,192 | ---- | M] () -- C:\wubildr.mbr
[2012/05/05 20:52:34 | 000,174,200 | ---- | M] (Symantec Corporation) -- C:\windows\SysNative\drivers\SYMEVENT64x86.SYS
[2012/05/05 20:52:34 | 000,007,530 | ---- | M] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.CAT
[2012/05/05 20:52:34 | 000,000,855 | ---- | M] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.INF
[2012/05/05 20:52:33 | 000,002,575 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2012/05/05 20:38:42 | 000,000,288 | ---- | M] () -- C:\windows\tasks\NUSchedule.job
[2012/05/05 20:38:41 | 000,275,352 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012/05/05 20:35:46 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msclmd.dll
[2012/05/05 20:35:46 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msclmd.dll
[2012/05/05 20:26:33 | 000,001,059 | ---- | M] () -- C:\Users\Public\Desktop\Norton Utilities 15.lnk
[2012/05/05 20:07:53 | 000,002,030 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/05/05 20:01:11 | 000,000,013 | RHS- | M] () -- C:\windows\SysNative\drivers\fbd.sys
[2 C:\windows\SysNative\*.tmp files -> C:\windows\SysNative\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/05/06 15:42:55 | 000,001,448 | ---- | C] () -- C:\Users\)) ))()(( ((\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/05/05 23:34:23 | 000,026,719 | ---- | C] () -- C:\windows\SysWow64\SERSPL.VXD
[2012/05/05 23:28:09 | 000,000,000 | ---- | C] () -- C:\windows\SysWow64\SBRC.dat
[2012/05/05 23:27:03 | 000,000,538 | ---- | C] () -- C:\windows\tasks\SUPERAntiSpyware Scheduled Task ac4a9588-abcb-4422-861e-454a2d3f9202.job
[2012/05/05 23:27:02 | 000,000,538 | ---- | C] () -- C:\windows\tasks\SUPERAntiSpyware Scheduled Task 7f54ad3c-5d1e-4a2d-b9c4-8fbffa43652b.job
[2012/05/05 23:26:56 | 000,001,819 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
[2012/05/05 23:13:12 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/05 22:11:59 | 000,116,633 | ---- | C] () -- C:\wubildr
[2012/05/05 22:11:59 | 000,008,192 | ---- | C] () -- C:\wubildr.mbr
[2012/05/05 20:52:34 | 001,491,497 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1301010.003\Cat.DB
[2012/05/05 20:52:34 | 000,007,530 | ---- | C] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.CAT
[2012/05/05 20:52:34 | 000,000,855 | ---- | C] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.INF
[2012/05/05 20:52:33 | 000,002,575 | ---- | C] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2012/05/05 20:52:16 | 000,003,433 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1301010.003\SymEFA.inf
[2012/05/05 20:52:16 | 000,002,852 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1301010.003\SymDS.inf
[2012/05/05 20:52:16 | 000,001,440 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1301010.003\SymNet.inf
[2012/05/05 20:52:16 | 000,001,438 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1301010.003\srtsp64.inf
[2012/05/05 20:52:16 | 000,001,420 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1301010.003\srtspx64.inf
[2012/05/05 20:52:16 | 000,000,854 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1301010.003\ccSetx64.inf
[2012/05/05 20:52:16 | 000,000,772 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1301010.003\Iron.inf
[2012/05/05 20:52:08 | 000,007,510 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1301010.003\ccSetx64.cat
[2012/05/05 20:52:08 | 000,007,504 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1301010.003\srtspx64.cat
[2012/05/05 20:52:08 | 000,007,502 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1301010.003\SymEFA64.cat
[2012/05/05 20:52:08 | 000,007,500 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1301010.003\srtsp64.cat
[2012/05/05 20:52:08 | 000,007,496 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1301010.003\SymDS64.cat
[2012/05/05 20:52:08 | 000,007,492 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1301010.003\iron.cat
[2012/05/05 20:52:08 | 000,007,458 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1301010.003\symnet64.cat
[2012/05/05 20:52:08 | 000,002,801 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1301010.003\SymVTcer.dat
[2012/05/05 20:52:08 | 000,000,172 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1301010.003\isolate.ini
[2012/05/05 20:28:19 | 000,000,288 | ---- | C] () -- C:\windows\tasks\NUSchedule.job
[2012/05/05 20:26:33 | 000,001,059 | ---- | C] () -- C:\Users\Public\Desktop\Norton Utilities 15.lnk
[2012/05/05 20:26:22 | 000,039,784 | ---- | C] () -- C:\windows\SysNative\CleanMFT64.exe
[2012/05/05 20:20:25 | 000,347,904 | ---- | C] () -- C:\windows\SysNative\systemsf.ebd
[2012/05/05 20:20:06 | 000,001,041 | ---- | C] () -- C:\windows\SysWow64\tcpbidi.xml
[2012/05/05 20:19:44 | 000,105,559 | ---- | C] () -- C:\windows\SysWow64\RacRules.xml
[2012/05/05 20:19:44 | 000,105,559 | ---- | C] () -- C:\windows\SysNative\RacRules.xml
[2012/05/05 20:19:44 | 000,010,429 | ---- | C] () -- C:\windows\SysNative\ScavengeSpace.xml
[2012/05/05 20:07:53 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/05/05 20:07:53 | 000,002,030 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/05/05 20:04:38 | 000,001,420 | ---- | C] () -- C:\Users\)) ))()(( ((\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/05/05 20:04:36 | 000,001,454 | ---- | C] () -- C:\Users\)) ))()(( ((\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/05/05 20:04:26 | 000,000,290 | ---- | C] () -- C:\Users\)) ))()(( ((\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/05/05 20:04:26 | 000,000,272 | ---- | C] () -- C:\Users\)) ))()(( ((\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/05/05 20:01:11 | 000,000,013 | RHS- | C] () -- C:\windows\SysNative\drivers\fbd.sys
[2010/08/23 00:09:28 | 001,345,184 | ---- | C] () -- C:\windows\ROnce.exe
========== LOP Check ==========
[2012/05/05 20:05:46 | 000,000,000 | ---D | M] -- C:\Users\)) ))()(( ((\AppData\Roaming\Toshiba
[2012/05/05 20:54:18 | 000,000,000 | ---D | M] -- C:\Users\)) ))()(( ((\AppData\Roaming\WinBatch
[2012/05/05 23:10:15 | 000,000,000 | ---D | M] -- C:\Users\))())()) (()(()((\AppData\Roaming\Toshiba
[2012/05/05 20:00:50 | 000,000,000 | ---D | M] -- C:\Users\))())()) (()(()((\AppData\Roaming\WinBatch
[2012/05/05 20:38:42 | 000,000,288 | ---- | M] () -- C:\windows\Tasks\NUSchedule.job
[2009/07/13 22:08:49 | 000,006,170 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT
[2012/05/06 02:00:00 | 000,000,538 | ---- | M] () -- C:\windows\Tasks\SUPERAntiSpyware Scheduled Task 7f54ad3c-5d1e-4a2d-b9c4-8fbffa43652b.job
[2012/05/06 15:27:00 | 000,000,538 | ---- | M] () -- C:\windows\Tasks\SUPERAntiSpyware Scheduled Task ac4a9588-abcb-4422-861e-454a2d3f9202.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< MD5 for: EXPLORER.EXE >
[2009/07/13 18:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009/10/30 22:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2010/11/20 04:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SysWOW64\explorer.exe
[2010/11/20 04:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/02 23:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009/10/30 23:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/02 22:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 05:24:46 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\explorer.exe
[2010/11/20 05:24:46 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/30 23:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/02 22:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 18:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/30 23:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009/08/02 23:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: SVCHOST.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 18:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 18:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 18:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\windows\SysNative\svchost.exe
[2009/07/13 18:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: USERINIT.EXE >
[2010/11/20 04:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 04:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 18:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 18:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 05:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010/11/20 05:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010/11/20 05:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\windows\SysNative\winlogon.exe
[2010/11/20 05:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 18:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 00:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/27 23:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< %systemroot%\*./mp /s >
< %Temp%\srntmp\*,* /s >
< hklm\software\clients\startmenu\internet|command /rs >
< hklm\software\clients\startmenu\internet|command /64 /rs >
========== Alternate Data Streams ==========
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:D3A96964
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:D287FACF
< End of report >
#5
Posted 07 May 2012 - 09:43 AM
CompCav
-
- Expert
-
- 12,454 posts
Member 5k
This topic has been closed. The malware issue was resolved in another topic.
If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
