Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Mystery File: Large, hides, jumps locations. Unknown Malware. [Solved]

Started by dovvydragon , Sep 27 2012 06:16 AM

  • This topic is locked This topic is locked

#1
dovvydragon
Posted 27 September 2012 - 06:16 AM

dovvydragon

    Member

  • Member
  • PipPip
  • 13 posts
I have a file somewhere on my computer that is taking up at least 10GB. It is not a program, and searches do not locate it. The way I located it before was to look at the properties of each of my folders, starting with C and narrowing it down. I found it in the top folder inside the windows folder (C\windows\??) but I do not remember what it was called. I deleted the folder after jumping through several "are you the administrator" hoops. Once permanently deleted, there was still a huge file in my windows folder, this time in a different folder. Searches looking for large files do not find anything near the size of what I have seen (searches listed files around 150MB at the most). I scanned with Malwarebytes, Avast, and AVG (uninstalled avast then installed AVG) with 0 threats or malware found. I installed windows 7 on this computer a week or two ago, which reformatted the hard drive. I think this file appeared a few days after I finished installing all the basic programs (I think only windows updates). I have installed a few programs since then, but my computer is very tiny and cannot hold much besides the mystery file. I realize that I may be being an idiot and this is a necessary or operating system file, but I don't think that sort of thing would behave this way. Thanks for reading, and I hope you can help me :)

OTL:


OTL logfile created on: 9/26/2012 11:16:28 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dovvy Dragon\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1014.43 Mb Total Physical Memory | 121.04 Mb Available Physical Memory | 11.93% Memory free
1.78 Gb Paging File | 0.38 Gb Available in Paging File | 21.45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 14.28 Gb Total Space | 0.11 Gb Free Space | 0.79% Space Free | Partition Type: NTFS

Computer Name: DOVVYDRAGON-PC | User Name: Dovvy Dragon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/26 22:57:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dovvy Dragon\Desktop\OTL.exe
PRC - [2012/09/24 14:59:44 | 000,392,320 | ---- | M] (LG Electronics) -- C:\LGMobileUpgrade\LGMOBILEAX\BYR_Client\VZWNotiAgent.exe
PRC - [2012/09/14 05:35:58 | 003,039,352 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe
PRC - [2012/09/12 05:41:24 | 000,713,848 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgrsx.exe
PRC - [2012/08/27 02:27:10 | 001,108,088 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe
PRC - [2012/08/20 04:53:34 | 000,184,304 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe
PRC - [2012/08/20 04:52:42 | 005,751,928 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe
PRC - [2012/08/20 04:52:34 | 000,783,992 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgemcx.exe
PRC - [2012/08/20 04:52:26 | 000,450,168 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe
PRC - [2012/07/27 13:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 05:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/20 12:30:50 | 000,813,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\SetPoint\SetPoint.exe
PRC - [2009/07/10 12:42:32 | 000,055,824 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
PRC - [2007/02/13 01:25:18 | 000,452,144 | ---- | M] (Compal Electronics, Inc.) -- C:\Program Files\Compal\Smart Battery\SMBTray.exe


========== Modules (No Company Name) ==========

MOD - [2012/09/25 02:42:58 | 000,460,312 | ---- | M] () -- C:\Users\Dovvy Dragon\AppData\Local\Google\Chrome\Application\22.0.1229.79\ppgooglenaclpluginchrome.dll
MOD - [2012/09/25 02:42:55 | 004,005,912 | ---- | M] () -- C:\Users\Dovvy Dragon\AppData\Local\Google\Chrome\Application\22.0.1229.79\pdf.dll
MOD - [2012/09/25 02:41:39 | 000,578,072 | ---- | M] () -- C:\Users\Dovvy Dragon\AppData\Local\Google\Chrome\Application\22.0.1229.79\libglesv2.dll
MOD - [2012/09/25 02:41:38 | 000,123,416 | ---- | M] () -- C:\Users\Dovvy Dragon\AppData\Local\Google\Chrome\Application\22.0.1229.79\libegl.dll
MOD - [2012/09/25 02:41:27 | 000,156,712 | ---- | M] () -- C:\Users\Dovvy Dragon\AppData\Local\Google\Chrome\Application\22.0.1229.79\avutil-51.dll
MOD - [2012/09/25 02:41:26 | 000,275,496 | ---- | M] () -- C:\Users\Dovvy Dragon\AppData\Local\Google\Chrome\Application\22.0.1229.79\avformat-54.dll
MOD - [2012/09/25 02:41:24 | 002,168,360 | ---- | M] () -- C:\Users\Dovvy Dragon\AppData\Local\Google\Chrome\Application\22.0.1229.79\avcodec-54.dll
MOD - [2012/08/27 21:33:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/08/27 21:33:08 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/07/20 12:27:14 | 000,017,936 | ---- | M] () -- C:\Program Files\SetPoint\khalwrapper.dll
MOD - [2007/03/28 17:37:16 | 000,110,592 | ---- | M] () -- C:\Windows\System32\EMSC.dll


========== Services (SafeList) ==========

SRV - [2012/09/19 17:08:42 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012/08/20 04:53:34 | 000,184,304 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012/08/20 04:52:42 | 005,751,928 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/07/27 13:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2009/07/13 18:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 18:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 18:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - [2012/09/17 18:58:56 | 000,051,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/09/14 05:34:34 | 000,089,440 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2012/09/12 11:47:22 | 000,164,704 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/09/12 11:47:04 | 000,151,648 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/08/13 16:40:54 | 000,176,096 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2012/08/10 04:52:28 | 000,019,808 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2012/08/10 04:52:18 | 000,035,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2012/08/09 13:56:44 | 000,178,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avglogx.sys -- (Avglogx)
DRV - [2011/02/14 02:42:00 | 000,025,216 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2011/02/14 02:42:00 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2011/02/14 02:42:00 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2010/11/20 05:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 05:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 05:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 03:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 03:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 02:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 02:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009/06/17 09:56:32 | 000,028,560 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2009/06/17 09:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009/06/17 09:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2008/09/09 11:58:32 | 000,099,216 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2007/03/14 10:16:42 | 000,009,856 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\EMSC.sys -- (EMSC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3B 84 97 4B 1A 96 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Dovvy Dragon\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Dovvy Dragon\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)



========== Chrome ==========

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Dovvy Dragon\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Dovvy Dragon\AppData\Local\Google\Chrome\Application\22.0.1229.79\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Dovvy Dragon\AppData\Local\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Dovvy Dragon\AppData\Local\Google\Chrome\Application\22.0.1229.79\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Dovvy Dragon\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: Google Drive = C:\Users\Dovvy Dragon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: LastPass = C:\Users\Dovvy Dragon\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.12_0\
CHR - Extension: RuneScape Wiki Browser = C:\Users\Dovvy Dragon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jonhaaaeeggjfhmpihhelogminkpicpn\2.0_0\
CHR - Extension: Chrono Days Sim Date = C:\Users\Dovvy Dragon\AppData\Local\Google\Chrome\User Data\Default\Extensions\klgadbdcffhaklfdpmmhfgpngpmohpfo\13.4331.235_0\
CHR - Extension: Google Play Books = C:\Users\Dovvy Dragon\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb\1.1.3_0\
CHR - Extension: Citelighter = C:\Users\Dovvy Dragon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgpbmbhocboaalioananelcgfahjpai\1.0.1.10_0\
CHR - Extension: Runescape Toolbar For Google Chrome = C:\Users\Dovvy Dragon\AppData\Local\Google\Chrome\User Data\Default\Extensions\omkoedpgiabakfkoefehjfmnlkpepfmp\1.5.2_0\

O1 HOSTS File: ([2009/06/10 14:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [SMBTray] C:\Program Files\Compal\Smart Battery\SMBTray.exe (Compal Electronics, Inc.)
O4 - HKCU..\Run: [Akamai NetSession Interface] "C:\Users\Dovvy Dragon\AppData\Local\Akamai\netsession_win.exe" File not found
O4 - HKCU..\Run: [BYR_AGENT] C:\LGMobileUpgrade\LGMOBILEAX\BYR_Client\VZWNotiAgent.exe (LG Electronics)
O4 - Startup: C:\Users\Dovvy Dragon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trillian.lnk = C:\Program Files\Trillian\trillian.exe (Cerulean Studios)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C4CC78AB-1A34-43F2-ABE9-69D245AEBB61}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 14:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{25819c3a-01f3-11e2-9b94-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{25819c3a-01f3-11e2-9b94-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Start.exe
O33 - MountPoints2\{acee152b-0842-11e2-8799-0024e895696e}\Shell - "" = AutoRun
O33 - MountPoints2\{acee152b-0842-11e2-8799-0024e895696e}\Shell\AutoRun\command - "" = D:\TL_Bootstrap.exe
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/09/26 22:57:36 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Dovvy Dragon\Desktop\OTL.exe
[2012/09/26 22:41:13 | 000,998,536 | ---- | C] (Solid State Networks) -- C:\Users\Dovvy Dragon\Desktop\install_flashplayer11x32_mssd_aih.exe
[2012/09/26 22:38:26 | 039,483,256 | ---- | C] (Apple Inc.) -- C:\Users\Dovvy Dragon\Desktop\QuickTimeInstaller.exe
[2012/09/26 22:34:22 | 144,609,768 | ---- | C] (Installation Program) -- C:\Users\Dovvy Dragon\Desktop\verizon25-2.5.192-3.exe
[2012/09/26 19:58:18 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml4r.dll
[2012/09/26 19:58:18 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml4a.dll
[2012/09/26 19:50:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VZW Software Upgrade Assistant - LG
[2012/09/26 19:49:47 | 000,000,000 | ---D | C] -- C:\LGMobileUpgrade
[2012/09/26 18:35:46 | 000,000,000 | ---D | C] -- C:\Program Files\LG Electronics
[2012/09/25 18:23:41 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OxpsConverter.exe
[2012/09/24 20:47:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012/09/24 20:39:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2012/09/24 20:37:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2012/09/24 20:37:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2012/09/24 20:35:29 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012/09/24 20:29:16 | 000,000,000 | ---D | C] -- C:\Users\Dovvy Dragon\AppData\Local\Microsoft Help
[2012/09/24 20:28:17 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012/09/24 20:28:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012/09/24 20:25:47 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012/09/24 11:12:14 | 000,000,000 | ---D | C] -- C:\Users\Dovvy Dragon\AppData\Roaming\Adobe
[2012/09/24 11:12:14 | 000,000,000 | ---D | C] -- C:\Users\Dovvy Dragon\AppData\Local\Adobe
[2012/09/24 11:07:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012/09/24 11:07:12 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012/09/24 11:04:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012/09/22 16:48:22 | 000,000,000 | ---D | C] -- C:\Users\Dovvy Dragon\AppData\Roaming\AVG2013
[2012/09/22 16:39:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012/09/22 16:39:53 | 000,000,000 | ---D | C] -- C:\Users\Dovvy Dragon\AppData\Roaming\TuneUp Software
[2012/09/22 16:33:56 | 000,000,000 | -H-D | C] -- C:\$AVG
[2012/09/22 16:33:53 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
[2012/09/22 16:29:58 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2012/09/22 15:16:41 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/09/22 15:16:41 | 000,000,000 | ---D | C] -- C:\Users\Dovvy Dragon\AppData\Local\MFAData
[2012/09/22 15:16:41 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012/09/22 15:16:41 | 000,000,000 | ---D | C] -- C:\Users\Dovvy Dragon\AppData\Local\Avg2013
[2012/09/22 14:13:42 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/09/22 14:13:42 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/09/22 14:02:03 | 000,000,000 | ---D | C] -- C:\Users\Dovvy Dragon\AppData\Roaming\Malwarebytes
[2012/09/22 14:01:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/09/22 14:01:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/09/22 14:01:40 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/09/22 14:01:40 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/09/22 12:46:40 | 000,696,320 | ---- | C] (Compal Electronics, Inc.) -- C:\Windows\System32\SMB.cpl
[2012/09/22 12:46:40 | 000,000,000 | ---D | C] -- C:\Users\Dovvy Dragon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Compal
[2012/09/22 12:46:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Compal
[2012/09/22 12:20:28 | 000,000,000 | ---D | C] -- C:\Users\Dovvy Dragon\AppData\Roaming\Logitech
[2012/09/22 12:14:40 | 000,170,512 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\kemutb.dll
[2012/09/22 12:14:40 | 000,145,936 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\KemUtil.dll
[2012/09/22 12:14:40 | 000,117,264 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\KemWnd.dll
[2012/09/22 12:14:40 | 000,084,496 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\KemXML.dll
[2012/09/22 12:14:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SetPoint
[2012/09/22 12:13:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech
[2012/09/22 12:12:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logishrd
[2012/09/22 12:12:39 | 000,000,000 | ---D | C] -- C:\Program Files\SetPoint
[2012/09/21 20:56:21 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/09/21 20:56:13 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/09/21 20:56:10 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/09/21 20:56:10 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/09/21 20:56:09 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/09/21 20:56:00 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/09/21 20:55:59 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/09/21 20:55:55 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/09/20 18:46:27 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2012/09/20 18:45:11 | 000,230,912 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNMLM9D.DLL
[2012/09/20 16:56:33 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
[2012/09/20 16:55:50 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2012/09/20 16:55:49 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2012/09/20 16:55:43 | 000,240,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2012/09/20 16:55:42 | 000,187,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2012/09/20 16:54:21 | 000,148,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys
[2012/09/20 16:54:20 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe
[2012/09/20 03:04:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012/09/20 02:16:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2012/09/20 02:14:21 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2012/09/20 00:23:30 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012/09/20 00:23:21 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012/09/20 00:23:14 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012/09/20 00:23:14 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012/09/20 00:23:14 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012/09/20 00:23:14 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012/09/20 00:23:14 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012/09/20 00:23:14 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012/09/20 00:23:14 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012/09/20 00:23:14 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012/09/20 00:23:14 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012/09/20 00:23:14 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012/09/20 00:23:14 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012/09/20 00:23:14 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012/09/20 00:23:14 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012/09/20 00:23:14 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012/09/20 00:23:14 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012/09/20 00:23:14 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012/09/20 00:23:14 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012/09/20 00:23:14 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012/09/20 00:23:14 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012/09/20 00:23:14 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012/09/20 00:23:14 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012/09/20 00:23:13 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012/09/20 00:23:13 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012/09/20 00:23:13 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012/09/20 00:23:13 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012/09/20 00:23:13 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012/09/20 00:23:13 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012/09/19 22:33:35 | 000,000,000 | ---D | C] -- C:\Program Files\Compal
[2012/09/19 22:30:31 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2012/09/19 22:27:41 | 000,000,000 | ---D | C] -- C:\Users\Dovvy Dragon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape
[2012/09/19 22:27:12 | 000,000,000 | ---D | C] -- C:\Users\Dovvy Dragon\jagexcache
[2012/09/19 22:17:57 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2012/09/19 22:16:35 | 000,110,080 | ---- | C] (JMicron Technology Corporation) -- C:\Windows\System32\JmCrIcon.dll
[2012/09/19 22:16:34 | 000,000,000 | ---D | C] -- C:\Windows\JMCR_DIR
[2012/09/19 22:15:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2012/09/19 22:15:31 | 000,099,216 | ---- | C] (JMicron Technology Corporation) -- C:\Windows\System32\drivers\jmcr.sys
[2012/09/19 22:09:37 | 000,000,000 | ---D | C] -- C:\Users\Dovvy Dragon\AppData\Local\ElevatedDiagnostics
[2012/09/19 21:17:16 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LSCSHostPolicy.dll
[2012/09/19 21:17:16 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\TsUsbFlt.sys
[2012/09/19 21:17:15 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
[2012/09/19 21:17:09 | 001,171,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012/09/19 21:17:09 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2012/09/19 21:17:09 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2012/09/19 21:17:08 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tssrvlic.dll
[2012/09/19 21:16:59 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2012/09/19 21:16:56 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2012/09/19 21:16:56 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2012/09/19 21:16:55 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2012/09/19 21:16:50 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll
[2012/09/19 21:16:46 | 003,207,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2012/09/19 21:16:45 | 001,334,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2012/09/19 21:16:45 | 000,520,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2012/09/19 21:16:41 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2012/09/19 21:16:41 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2012/09/19 21:16:34 | 001,115,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2012/09/19 21:16:33 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWSnapin.dll
[2012/09/19 21:16:29 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2012/09/19 21:16:25 | 001,828,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2012/09/19 21:16:25 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2012/09/19 21:16:20 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe
[2012/09/19 21:16:20 | 000,280,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe
[2012/09/19 21:16:20 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PushPrinterConnections.exe
[2012/09/19 21:16:19 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2012/09/19 21:16:18 | 001,371,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmcore.dll
[2012/09/19 21:16:18 | 000,863,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2012/09/19 21:16:17 | 003,367,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2012/09/19 21:16:17 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavengeui.dll
[2012/09/19 21:16:16 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWorkspace.dll
[2012/09/19 21:16:15 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsmf.dll
[2012/09/19 21:16:14 | 002,522,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2012/09/19 21:16:13 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2012/09/19 21:16:13 | 000,260,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpshell.exe
[2012/09/19 21:16:11 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2012/09/19 21:16:10 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpprefcl.dll
[2012/09/19 21:16:06 | 000,252,928 | ---- | C] (Microsoft) -- C:\Windows\System32\DShowRdpFilter.dll
[2012/09/19 21:16:05 | 002,151,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2012/09/19 21:16:05 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2012/09/19 21:16:05 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2012/09/19 21:16:05 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2012/09/19 21:16:04 | 001,792,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2012/09/19 21:16:04 | 000,974,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppobjs.dll
[2012/09/19 21:16:02 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2012/09/19 21:16:01 | 001,712,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2012/09/19 21:16:01 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2012/09/19 21:16:01 | 000,508,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2012/09/19 21:16:01 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2012/09/19 21:16:01 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe
[2012/09/19 21:16:00 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppwinob.dll
[2012/09/19 21:15:56 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
[2012/09/19 21:15:50 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll
[2012/09/19 21:15:49 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfds.dll
[2012/09/19 21:15:49 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpendp.dll
[2012/09/19 21:15:48 | 000,442,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2012/09/19 21:15:48 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2012/09/19 21:15:47 | 001,063,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\werconcpl.dll
[2012/09/19 21:15:47 | 000,762,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2012/09/19 21:15:47 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appmgr.dll
[2012/09/19 21:15:47 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpclip.exe
[2012/09/19 21:15:47 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2012/09/19 21:15:45 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2012/09/19 21:15:45 | 000,508,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2012/09/19 21:15:45 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2012/09/19 21:15:45 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2012/09/19 21:15:45 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2012/09/19 21:15:45 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpinit.exe
[2012/09/19 21:15:45 | 000,144,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2012/09/19 21:15:44 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\calc.exe
[2012/09/19 21:15:44 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSATAPI.dll
[2012/09/19 21:15:43 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2012/09/19 21:15:43 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2012/09/19 21:15:43 | 000,477,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe
[2012/09/19 21:15:43 | 000,271,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fveapi.dll
[2012/09/19 21:15:43 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vpnike.dll
[2012/09/19 21:15:42 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tspubwmi.dll
[2012/09/19 21:15:41 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hgprint.dll
[2012/09/19 21:15:34 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prncache.dll
[2012/09/19 21:15:33 | 000,690,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2012/09/19 21:15:33 | 000,458,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2012/09/19 21:15:33 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2012/09/19 21:15:33 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2012/09/19 21:15:33 | 000,175,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\vmbus.sys
[2012/09/19 21:15:33 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net1.exe
[2012/09/19 21:15:33 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2012/09/19 21:15:33 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aitagent.exe
[2012/09/19 21:15:32 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2012/09/19 21:15:31 | 002,504,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2012/09/19 21:15:31 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2012/09/19 21:15:31 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2012/09/19 21:15:31 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSHVHOST.DLL
[2012/09/19 21:15:31 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2012/09/19 21:15:31 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2012/09/19 21:15:30 | 001,750,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2012/09/19 21:15:30 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2012/09/19 21:15:29 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2012/09/19 21:15:29 | 000,907,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdengin2.dll
[2012/09/19 21:15:29 | 000,782,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webservices.dll
[2012/09/19 21:15:29 | 000,464,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrptadm.dll
[2012/09/19 21:15:29 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netdiagfx.dll
[2012/09/19 21:15:29 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmicsvc.exe
[2012/09/19 21:15:29 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscfgwmi.dll
[2012/09/19 21:15:29 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fde.dll
[2012/09/19 21:15:29 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbGDCoInstaller.dll
[2012/09/19 21:15:28 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2012/09/19 21:15:27 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ENC.DLL
[2012/09/19 21:15:27 | 000,727,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2012/09/19 21:15:27 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscobj.dll
[2012/09/19 21:15:26 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2012/09/19 21:15:26 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcl.exe
[2012/09/19 21:15:25 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DXPTaskRingtone.dll
[2012/09/19 21:15:25 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2012/09/19 21:15:18 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2012/09/19 21:15:17 | 001,624,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPEncEn.dll
[2012/09/19 21:15:17 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2012/09/19 21:15:17 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vaultsvc.dll
[2012/09/19 21:15:17 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
[2012/09/19 21:15:17 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2012/09/19 21:15:16 | 002,217,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootres.dll
[2012/09/19 21:15:16 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Narrator.exe
[2012/09/19 21:15:15 | 000,679,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2012/09/19 21:15:15 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2012/09/19 21:15:15 | 000,303,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2012/09/19 21:15:15 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2012/09/19 21:15:15 | 000,194,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\halmacpi.dll
[2012/09/19 21:15:15 | 000,194,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hal.dll
[2012/09/19 21:15:15 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2012/09/19 21:15:15 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2012/09/19 21:15:15 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2012/09/19 21:15:15 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\proquota.exe
[2012/09/19 21:15:14 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2012/09/19 21:15:14 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2012/09/19 21:15:14 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2012/09/19 21:15:14 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedyn.dll
[2012/09/19 21:15:14 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2012/09/19 21:15:14 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2012/09/19 21:15:13 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2012/09/19 21:15:13 | 000,665,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll
[2012/09/19 21:15:13 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DXP.dll
[2012/09/19 21:15:13 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2012/09/19 21:15:13 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL
[2012/09/19 21:15:13 | 000,155,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2012/09/19 21:15:13 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netid.dll
[2012/09/19 21:15:11 | 001,326,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2012/09/19 21:15:11 | 001,131,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2012/09/19 21:15:11 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Vault.dll
[2012/09/19 21:15:11 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2012/09/19 21:15:11 | 000,132,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2012/09/19 21:15:11 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nci.dll
[2012/09/19 21:15:10 | 001,003,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2012/09/19 21:15:10 | 000,098,816 | ---- | C] (Microsoft) -- C:\Windows\System32\Robocopy.exe
[2012/09/19 21:15:09 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DxpTaskSync.dll
[2012/09/19 21:15:09 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Display.dll
[2012/09/19 21:15:09 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2012/09/19 21:15:09 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\termmgr.dll
[2012/09/19 21:15:09 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiobj.dll
[2012/09/19 21:15:09 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sharemediacpl.dll
[2012/09/19 21:15:09 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2012/09/19 21:15:09 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\userinit.exe
[2012/09/19 21:15:08 | 001,188,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DiagCpl.dll
[2012/09/19 21:15:08 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2012/09/19 21:15:08 | 000,140,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\scsiport.sys
[2012/09/19 21:15:08 | 000,043,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\winhv.sys
[2012/09/19 21:15:04 | 000,040,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\vmstorfl.sys
[2012/09/19 21:15:03 | 001,066,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2012/09/19 21:15:03 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logoncli.dll
[2012/09/19 21:15:01 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\biocpl.dll
[2012/09/19 21:15:01 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2012/09/19 21:15:00 | 000,856,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallControlPanel.dll
[2012/09/19 21:15:00 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadefui.dll
[2012/09/19 21:15:00 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msconfig.exe
[2012/09/19 21:15:00 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppcomapi.dll
[2012/09/19 21:15:00 | 000,028,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storvsc.sys
[2012/09/19 21:14:59 | 002,202,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SensorsCpl.dll
[2012/09/19 21:14:59 | 002,157,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2012/09/19 21:14:59 | 000,766,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2012/09/19 21:14:59 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2012/09/19 21:14:59 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hgcpl.dll
[2012/09/19 21:14:59 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2012/09/19 21:14:59 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscmmc.dll
[2012/09/19 21:14:58 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2012/09/19 21:14:58 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localsec.dll
[2012/09/19 21:14:58 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprddm.dll
[2012/09/19 21:14:58 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2012/09/19 21:14:57 | 003,727,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2012/09/19 21:14:57 | 001,644,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2012/09/19 21:14:57 | 000,941,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2012/09/19 21:14:57 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VAN.dll
[2012/09/19 21:14:57 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2012/09/19 21:14:57 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2012/09/19 21:14:57 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2012/09/19 21:14:57 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2012/09/19 21:14:57 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizeng.dll
[2012/09/19 21:14:57 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2012/09/19 21:14:57 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroleui.dll
[2012/09/19 21:14:57 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprt.exe
[2012/09/19 21:14:57 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll
[2012/09/19 21:14:57 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdsrv.dll
[2012/09/19 21:14:57 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prntvpt.dll
[2012/09/19 21:14:57 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2012/09/19 21:14:57 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w32tm.exe
[2012/09/19 21:14:56 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\main.cpl
[2012/09/19 21:14:56 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSAC3ENC.DLL
[2012/09/19 21:14:56 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2012/09/19 21:14:56 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2012/09/19 21:14:55 | 002,130,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2012/09/19 21:14:55 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbda.dll
[2012/09/19 21:14:55 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnfldr.dll
[2012/09/19 21:14:55 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2012/09/19 21:14:55 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2012/09/19 21:14:55 | 000,312,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MCEWMDRMNDBootstrap.dll
[2012/09/19 21:14:55 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldp.dll
[2012/09/19 21:14:55 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netjoin.dll
[2012/09/19 21:14:53 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OnLineIDCpl.dll
[2012/09/19 21:14:49 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2012/09/19 21:14:49 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionCenter.dll
[2012/09/19 21:14:49 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slui.exe
[2012/09/19 21:14:49 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2012/09/19 21:14:49 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskbarcpl.dll
[2012/09/19 21:14:48 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2012/09/19 21:14:48 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2012/09/19 21:14:48 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtrmgr.dll
[2012/09/19 21:14:48 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\defaultlocationcpl.dll
[2012/09/19 21:14:48 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2012/09/19 21:14:48 | 000,137,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\halacpi.dll
[2012/09/19 21:14:48 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2012/09/19 21:14:48 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2012/09/19 21:14:48 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
[2012/09/19 21:14:48 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2012/09/19 21:14:47 | 000,577,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2012/09/19 21:14:47 | 000,537,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionCenterCPL.dll
[2012/09/19 21:14:47 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2012/09/19 21:14:47 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\intl.cpl
[2012/09/19 21:14:47 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\efscore.dll
[2012/09/19 21:14:47 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifsutil.dll
[2012/09/19 21:14:47 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recovery.dll
[2012/09/19 21:14:47 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sisbkup.dll
[2012/09/19 21:14:46 | 000,750,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdcpl.dll
[2012/09/19 21:14:46 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabletPC.cpl
[2012/09/19 21:14:46 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2012/09/19 21:14:45 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2012/09/19 21:14:45 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceCenter.dll
[2012/09/19 21:14:45 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdedit.exe
[2012/09/19 21:14:45 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppnp.dll
[2012/09/19 21:14:44 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OobeFldr.dll
[2012/09/19 21:14:44 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2012/09/19 21:14:44 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshwfp.dll
[2012/09/19 21:14:44 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2012/09/19 21:14:44 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2012/09/19 21:14:44 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2012/09/19 21:14:44 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recdisc.exe
[2012/09/19 21:14:44 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksproxy.ax
[2012/09/19 21:14:44 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fvecpl.dll
[2012/09/19 21:14:44 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2012/09/19 21:14:44 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2012/09/19 21:14:44 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdboot.exe
[2012/09/19 21:14:44 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPHLPR.DLL
[2012/09/19 21:14:44 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSTPager.ax
[2012/09/19 21:14:44 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpsign.exe
[2012/09/19 21:14:43 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2012/09/19 21:14:43 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshipsec.dll
[2012/09/19 21:14:43 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll
[2012/09/19 21:14:43 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe
[2012/09/19 21:14:43 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wavemsp.dll
[2012/09/19 21:14:43 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpsrcwp.dll
[2012/09/19 21:14:43 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll
[2012/09/19 21:14:43 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\migisol.dll
[2012/09/19 21:14:43 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll
[2012/09/19 21:14:43 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\isoburn.exe
[2012/09/19 21:14:43 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2012/09/19 21:14:42 | 000,586,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgui.exe
[2012/09/19 21:14:42 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wvc.dll
[2012/09/19 21:14:42 | 000,438,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AdmTmpl.dll
[2012/09/19 21:14:42 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2012/09/19 21:14:42 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wimgapi.dll
[2012/09/19 21:14:42 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3ui.dll
[2012/09/19 21:14:42 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ReAgent.dll
[2012/09/19 21:14:42 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2012/09/19 21:14:42 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll
[2012/09/19 21:14:42 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2012/09/19 21:14:42 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzutil.exe
[2012/09/19 21:14:40 | 000,051,200 | ---- | C] (Twain Working Group) -- C:\Windows\twain_32.dll
[2012/09/19 21:14:39 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2012/09/19 21:14:39 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qasf.dll
[2012/09/19 21:14:39 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcap.dll
[2012/09/19 21:14:39 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationSettings.exe
[2012/09/19 21:14:39 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uxlib.dll
[2012/09/19 21:14:39 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupugc.exe
[2012/09/19 21:14:38 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2012/09/19 21:14:38 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssText3d.scr
[2012/09/19 21:14:38 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srrstr.dll
[2012/09/19 21:14:38 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingFolder.dll
[2012/09/19 21:14:38 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanconn.dll
[2012/09/19 21:14:38 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2012/09/19 21:14:38 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2012/09/19 21:14:38 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2012/09/19 21:14:37 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2012/09/19 21:14:37 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wimserv.exe
[2012/09/19 21:14:37 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2012/09/19 21:14:37 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2012/09/19 21:14:37 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfmon.exe
[2012/09/19 21:14:37 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\acppage.dll
[2012/09/19 21:14:35 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2012/09/19 21:14:35 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeResults.exe
[2012/09/19 21:14:35 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2012/09/19 21:14:35 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPCRYPT.DLL
[2012/09/19 21:14:34 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onexui.dll
[2012/09/19 21:14:34 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nltest.exe
[2012/09/19 21:14:34 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iTVData.dll
[2012/09/19 21:14:34 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpdwcn.dll
[2012/09/19 21:14:34 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetapi.dll
[2012/09/19 21:14:34 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsbas.dll
[2012/09/19 21:14:34 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UserAccountControlSettings.dll
[2012/09/19 21:14:34 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe
[2012/09/19 21:14:34 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\runonce.exe
[2012/09/19 21:14:34 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vpnikeapi.dll
[2012/09/19 21:14:33 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2012/09/19 21:14:33 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2012/09/19 21:14:32 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Bubbles.scr
[2012/09/19 21:14:32 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmdev.dll
[2012/09/19 21:14:32 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlcese30.dll
[2012/09/19 21:14:32 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2012/09/19 21:14:32 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsadmin.exe
[2012/09/19 21:14:32 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFPlay.dll
[2012/09/19 21:14:32 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2012/09/19 21:14:32 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll
[2012/09/19 21:14:32 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tabcal.exe
[2012/09/19 21:14:32 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2012/09/19 21:14:32 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdmat.dll
[2012/09/19 21:14:32 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpd3d.dll
[2012/09/19 21:14:32 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsium.dll
[2012/09/19 21:14:32 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsmproxy.dll
[2012/09/19 21:14:31 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2012/09/19 21:14:31 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceStatus.dll
[2012/09/19 21:14:31 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2012/09/19 21:14:31 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceSyncProvider.dll
[2012/09/19 21:14:31 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2012/09/19 21:14:31 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MdSched.exe
[2012/09/19 21:14:31 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kstvtune.ax
[2012/09/19 21:14:31 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2012/09/19 21:14:31 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olethk32.dll
[2012/09/19 21:14:31 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2012/09/19 21:14:31 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\djoin.exe
[2012/09/19 21:14:30 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Ribbons.scr
[2012/09/19 21:14:30 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanprotdim.dll
[2012/09/19 21:14:29 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2012/09/19 21:14:29 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mystify.scr
[2012/09/19 21:14:29 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionQueue.dll
[2012/09/19 21:14:29 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercfg.cpl
[2012/09/19 21:14:29 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CscMig.dll
[2012/09/19 21:14:29 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSVRMGMT.DLL
[2012/09/19 21:14:29 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapistub.dll
[2012/09/19 21:14:29 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapi32.dll
[2012/09/19 21:14:29 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpremove.exe
[2012/09/19 21:14:29 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2012/09/19 21:14:28 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOD.DLL
[2012/09/19 21:14:28 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2012/09/19 21:14:28 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmnet.dll
[2012/09/19 21:14:28 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdv.dll
[2012/09/19 21:14:28 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2012/09/19 21:14:28 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqmapi.dll
[2012/09/19 21:14:28 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VBICodec.ax
[2012/09/19 21:14:28 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
[2012/09/19 21:14:28 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2012/09/19 21:14:28 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiavideo.dll
[2012/09/19 21:14:28 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax
[2012/09/19 21:14:28 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fphc.dll
[2012/09/19 21:14:28 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\takeown.exe
[2012/09/19 21:14:28 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\utildll.dll
[2012/09/19 21:14:28 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
[2012/09/19 21:14:27 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2012/09/19 21:14:27 | 000,567,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2012/09/19 21:14:27 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattend.dll
[2012/09/19 21:14:27 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelPost.exe
[2012/09/19 21:14:27 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcln.dll
[2012/09/19 21:14:27 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppinst.dll
[2012/09/19 21:14:27 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstp.exe
[2012/09/19 21:14:27 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QCLIPROV.DLL
[2012/09/19 21:14:27 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MuiUnattend.exe
[2012/09/19 21:14:27 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cca.dll
[2012/09/19 21:14:27 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vfwwdm32.dll
[2012/09/19 21:14:27 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2012/09/19 21:14:27 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\umb.dll
[2012/09/19 21:14:27 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdhui.dll
[2012/09/19 21:14:27 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basesrv.dll
[2012/09/19 21:14:27 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qprocess.exe
[2012/09/19 21:14:27 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msg.exe
[2012/09/19 21:14:26 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msorcl32.dll
[2012/09/19 21:14:26 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\desk.cpl
[2012/09/19 21:14:26 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BdeHdCfg.exe
[2012/09/19 21:14:26 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2012/09/19 21:14:26 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\relog.exe
[2012/09/19 21:14:26 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PrintIsolationProxy.dll
[2012/09/19 21:14:26 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AzSqlExt.dll
[2012/09/19 21:14:26 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qwinsta.exe
[2012/09/19 21:14:26 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chglogon.exe
[2012/09/19 21:14:25 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsicli.exe
[2012/09/19 21:14:25 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2012/09/19 21:14:24 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WavDest.dll
[2012/09/19 21:14:22 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wkscli.dll
[2012/09/19 21:14:18 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\itircl.dll
[2012/09/19 21:14:18 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2012/09/19 21:14:18 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2012/09/19 21:14:18 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2012/09/19 21:14:18 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amstream.dll
[2012/09/19 21:14:18 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spbcd.dll
[2012/09/19 21:14:18 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MultiDigiMon.exe
[2012/09/19 21:14:18 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netbtugc.exe
[2012/09/19 21:14:18 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quser.exe
[2012/09/19 21:14:18 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nrpsrv.dll
[2012/09/19 21:14:17 | 001,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2012/09/19 21:14:17 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSTIFF.dll
[2012/09/19 21:14:17 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2012/09/19 21:14:17 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2012/09/19 21:14:17 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpps.dll
[2012/09/19 21:14:17 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppc.dll
[2012/09/19 21:14:17 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2012/09/19 21:14:17 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2012/09/19 21:14:17 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tlscsp.dll
[2012/09/19 21:14:17 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertPolEng.dll
[2012/09/19 21:14:17 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2012/09/19 21:14:17 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2012/09/19 21:14:17 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksxbar.ax
[2012/09/19 21:14:17 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciqtz32.dll
[2012/09/19 21:14:17 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiarpc.dll
[2012/09/19 21:14:17 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2012/09/19 21:14:17 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tskill.exe
[2012/09/19 21:14:17 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chgport.exe
[2012/09/19 21:14:17 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsdiscon.exe
[2012/09/19 21:14:17 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ReAgentc.exe
[2012/09/19 21:14:17 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscon.exe
[2012/09/19 21:14:17 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdi.sys
[2012/09/19 21:14:17 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qappsrv.exe
[2012/09/19 21:14:17 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logoff.exe
[2012/09/19 21:14:17 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shadow.exe
[2012/09/19 21:14:17 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rwinsta.exe
[2012/09/19 21:14:17 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chgusr.exe
[2012/09/19 21:14:17 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spopk.dll
[2012/09/19 21:14:17 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syssetup.dll
[2012/09/19 21:14:17 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\muifontsetup.dll
[2012/09/19 21:14:16 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\manage-bde.exe
[2012/09/19 21:14:16 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\repair-bde.exe
[2012/09/19 21:14:16 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmicres.dll
[2012/09/19 21:14:16 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetmib1.dll
[2012/09/19 21:14:16 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\g711codc.ax
[2012/09/19 21:14:16 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\luainstall.dll
[2012/09/19 21:14:16 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmstorfltres.dll
[2012/09/19 21:14:16 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe
[2012/09/19 21:14:16 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbisurf.ax
[2012/09/19 21:14:16 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdiasqmmodule.dll
[2012/09/19 21:14:16 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll
[2012/09/19 21:14:16 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbrpm.sys
[2012/09/19 21:14:16 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe
[2012/09/19 21:14:16 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll
[2012/09/19 21:14:16 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdprefdrvapi.dll
[2012/09/19 21:14:16 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reset.exe
[2012/09/19 21:14:16 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\change.exe
[2012/09/19 21:14:16 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\query.exe
[2012/09/19 21:14:15 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2012/09/19 21:14:15 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPENCDD.dll
[2012/09/19 21:14:15 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmbusres.dll
[2012/09/19 21:14:15 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2012/09/19 21:14:15 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2012/09/19 21:14:15 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSMON.dll
[2012/09/19 21:14:15 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\elsTrans.dll
[2012/09/19 21:14:15 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TRAPI.dll
[2012/09/19 21:14:15 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfts.dll
[2012/09/19 21:14:14 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napdsnap.dll
[2012/09/19 21:14:14 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsauth.dll
[2012/09/19 21:14:14 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsperf.dll
[2012/09/19 21:14:14 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schedcli.dll
[2012/09/19 21:14:14 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sscore.dll
[2012/09/19 21:14:13 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2012/09/19 21:14:13 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll
[2012/09/19 21:14:13 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\VMBusHID.sys
[2012/09/19 21:14:13 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll
[2012/09/19 21:14:13 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcfgex.dll
[2012/09/19 21:14:11 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VmbusCoinstaller.dll
[2012/09/19 21:14:11 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VmdCoinstall.dll
[2012/09/19 21:14:11 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IcCoinstall.dll
[2012/09/19 21:14:11 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmictimeprovider.dll
[2012/09/19 21:14:11 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2012/09/19 21:14:11 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2012/09/19 21:14:11 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmbuspipe.dll
[2012/09/19 21:14:11 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshirda.dll
[2012/09/19 21:14:11 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2012/09/19 21:14:10 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPREFDD.dll
[2012/09/19 21:14:10 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\C_ISCII.DLL
[2012/09/19 21:14:09 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shunimpl.dll
[2012/09/19 21:14:09 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2012/09/19 21:14:09 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2012/09/19 21:14:03 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2012/09/19 21:14:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDUS.DLL
[2012/09/19 21:14:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDUGHR1.DLL
[2012/09/19 21:14:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTURME.DLL
[2012/09/19 21:14:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTAJIK.DLL
[2012/09/19 21:14:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDMON.DLL
[2012/09/19 21:14:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDMAORI.DLL
[2012/09/19 21:14:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDLT1.DLL
[2012/09/19 21:14:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINTEL.DLL
[2012/09/19 21:14:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINORI.DLL
[2012/09/19 21:14:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINKAN.DLL
[2012/09/19 21:14:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBULG.DLL
[2012/09/19 21:14:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBLR.DLL
[2012/09/19 21:14:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBASH.DLL
[2012/09/19 21:14:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGEO.DLL
[2012/09/19 21:14:02 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlsbres.dll
[2012/09/19 21:14:02 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BlbEvents.dll
[2012/09/19 21:14:02 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pifmgr.dll
[2012/09/19 21:14:02 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizres.dll
[2012/09/19 21:14:02 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDSG.DLL
[2012/09/19 21:14:02 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbdlk41a.dll
[2012/09/19 21:14:02 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDCZ1.DLL
[2012/09/19 21:14:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTUQ.DLL
[2012/09/19 21:14:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTUF.DLL
[2012/09/19 21:14:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDSF.DLL
[2012/09/19 21:14:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDPO.DLL
[2012/09/19 21:14:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDNEPR.DLL
[2012/09/19 21:14:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINBEN.DLL
[2012/09/19 21:14:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGR1.DLL
[2012/09/19 21:14:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGKL.DLL
[2012/09/19 21:14:02 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINTAM.DLL
[2012/09/19 21:14:02 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINMAR.DLL
[2012/09/19 21:14:02 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINHIN.DLL
[2012/09/19 21:14:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\vms3cap.sys
[2012/09/19 21:14:02 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnaddr.dll
[2012/09/19 21:13:37 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2012/09/19 21:13:11 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll
[2012/09/19 20:14:33 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
[2012/09/19 20:13:27 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2012/09/19 20:13:27 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2012/09/19 20:13:23 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2012/09/19 20:13:13 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012/09/19 20:13:13 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2012/09/19 20:13:13 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012/09/19 20:12:03 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2012/09/19 20:12:03 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2012/09/19 20:12:02 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2012/09/19 20:12:02 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2012/09/19 20:12:02 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2012/09/19 20:12:00 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2012/09/19 20:11:52 | 000,919,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll
[2012/09/19 20:11:29 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012/09/19 20:03:44 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2012/09/19 20:03:43 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2012/09/19 20:02:51 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012/09/19 20:02:50 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2012/09/19 20:02:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2012/09/19 20:00:53 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/09/19 20:00:00 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2012/09/19 20:00:00 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2012/09/19 19:59:58 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2012/09/19 19:59:58 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2012/09/19 19:59:58 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2012/09/19 19:59:57 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2012/09/19 19:59:52 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012/09/19 19:59:18 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll
[2012/09/19 19:59:01 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/09/19 19:59:00 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/09/19 19:58:50 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOVER.exe
[2012/09/19 19:58:49 | 000,802,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WFS.exe
[2012/09/19 19:58:26 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2012/09/19 19:58:20 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2012/09/19 19:57:53 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2012/09/19 19:57:49 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2012/09/19 19:57:36 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2012/09/19 19:57:36 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2012/09/19 19:57:36 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2012/09/19 19:57:26 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012/09/19 19:57:26 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012/09/19 19:57:00 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2012/09/19 19:57:00 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012/09/19 19:57:00 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2012/09/19 19:57:00 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2012/09/19 19:57:00 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2012/09/19 19:57:00 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2012/09/19 19:57:00 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/09/19 19:57:00 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2012/09/19 19:57:00 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2012/09/19 19:57:00 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2012/09/19 19:57:00 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2012/09/19 19:57:00 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2012/09/19 19:57:00 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/09/19 19:57:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2012/09/19 19:57:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/09/19 19:57:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2012/09/19 19:57:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/09/19 19:57:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2012/09/19 19:57:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2012/09/19 19:57:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2012/09/19 19:56:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2012/09/19 19:56:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/09/19 19:56:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/09/19 19:56:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2012/09/19 19:56:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2012/09/19 19:56:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2012/09/19 19:56:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2012/09/19 19:56:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2012/09/19 19:56:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2012/09/19 19:56:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2012/09/19 19:56:40 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2012/09/19 19:56:35 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll
[2012/09/19 19:56:25 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
[2012/09/19 19:56:16 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll
[2012/09/19 19:56:16 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2012/09/19 19:56:15 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll
[2012/09/19 19:56:15 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll
[2012/09/19 19:56:15 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll
[2012/09/19 19:56:08 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\profprov.dll
[2012/09/19 19:55:54 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012/09/19 19:55:54 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012/09/19 19:55:46 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2012/09/19 19:55:46 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2012/09/19 19:55:46 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe
[2012/09/19 19:54:15 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012/09/19 19:49:06 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012/09/19 19:32:26 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012/09/19 17:15:24 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat
[2012/09/19 11:14:09 | 000,000,000 | ---D | C] -- C:\Users\Dovvy Dragon\AppData\Local\Diagnostics
[2012/09/19 10:10:42 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2012/09/19 10:10:35 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2012/09/19 10:01:57 | 000,219,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2012/09/19 10:01:57 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2012/09/19 01:33:14 | 000,000,000 | ---D | C] -- C:\Users\Dovvy Dragon\AppData\Local\Apple Computer
[2012/09/19 01:33:13 | 000,000,000 | ---D | C] -- C:\Users\Dovvy Dragon\AppData\Roaming\Apple Computer
[2012/09/19 01:33:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/09/19 01:32:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2012/09/19 01:29:56 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/09/19 01:29:14 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/09/19 01:29:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012/09/19 01:29:14 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2012/09/19 01:27:14 | 000,000,000 | ---D | C] -- C:\Users\Dovvy Dragon\AppData\Local\Apple
[2012/09/19 01:27:10 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2012/09/19 01:25:46 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012/09/19 01:24:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012/09/19 01:24:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012/09/19 01:23:09 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012/09/19 01:03:06 | 000,000,000 | ---D | C] -- C:\Users\Dovvy Dragon\AppData\Roaming\Trillian
[2012/09/19 01:01:45 | 000,000,000 | ---D | C] -- C:\Program Files\Trillian
[2012/09/18 21:31:03 | 000,000,000 | ---D | C] -- C:\Users\Dovvy Dragon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/09/18 21:29:30 | 000,000,000 | ---D | C] -- C:\Users\Dovvy Dragon\AppData\Local\Google
[2012/09/18 21:20:07 | 000,000,000 | ---D | C] -- C:\Users\Dovvy Dragon\AppData\Local\Deployment
[2012/09/18 21:20:07 | 000,000,000 | ---D | C] -- C:\Users\Dovvy Dragon\AppData\Local\Apps
[2012/09/18 21:00:17 | 001,002,008 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igxpun.exe
[2012/09/18 21:00:17 | 000,000,000 | ---D | C] -- C:\Windows\System32\x64
[2012/09/18 20:55:40 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpudd.dll
[2012/09/18 20:55:40 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdpvideominiport.sys
[2012/09/18 20:55:39 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll
[2012/09/18 20:48:50 | 000,237,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2012/09/18 20:43:14 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012/09/18 20:43:10 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012/09/18 20:42:11 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012/09/18 20:42:11 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2012/09/18 20:42:11 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012/09/18 20:41:43 | 000,000,000 | R--D | C] -- C:\Users\Dovvy Dragon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/09/18 20:41:43 | 000,000,000 | R--D | C] -- C:\Users\Dovvy Dragon\Searches
[2012/09/18 20:41:43 | 000,000,000 | R--D | C] -- C:\Users\Dovvy Dragon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/09/18 20:41:43 | 000,000,000 | -H-D | C] -- C:\Users\Dovvy Dragon\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/09/18 20:41:39 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012/09/18 20:41:39 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012/09/18 20:41:06 | 000,000,000 | ---D | C] -- C:\Users\Dovvy Dragon\AppData\Roaming\Identities
[2012/09/18 20:40:41 | 000,000,000 | R--D | C] -- C:\Users\Dovvy Dragon\Contacts
[2012/09/18 20:40:12 | 000,000,000 | ---D | C] -- C:\Users\Dovvy Dragon\AppData\Local\VirtualStore
[2012/09/18 20:40:05 | 000,000,000 | -HSD | C] -- C:\Users\Dovvy Dragon\AppData\Local\Temporary Internet Files
[2012/09/18 20:40:05 | 000,000,000 | -HSD | C] -- C:\Users\Dovvy Dragon\Templates
[2012/09/18 20:40:05 | 000,000,000 | -HSD | C] -- C:\Users\Dovvy Dragon\Start Menu
[2012/09/18 20:40:05 | 000,000,000 | -HSD | C] -- C:\Users\Dovvy Dragon\SendTo
[2012/09/18 20:40:05 | 000,000,000 | -HSD | C] -- C:\Users\Dovvy Dragon\Recent
[2012/09/18 20:40:05 | 000,000,000 | -HSD | C] -- C:\Users\Dovvy Dragon\PrintHood
[2012/09/18 20:40:05 | 000,000,000 | -HSD | C] -- C:\Users\Dovvy Dragon\NetHood
[2012/09/18 20:40:05 | 000,000,000 | -HSD | C] -- C:\Users\Dovvy Dragon\Documents\My Videos
[2012/09/18 20:40:05 | 000,000,000 | -HSD | C] -- C:\Users\Dovvy Dragon\Documents\My Pictures
[2012/09/18 20:40:05 | 000,000,000 | -HSD | C] -- C:\Users\Dovvy Dragon\Documents\My Music
[2012/09/18 20:40:05 | 000,000,000 | -HSD | C] -- C:\Users\Dovvy Dragon\My Documents
[2012/09/18 20:40:05 | 000,000,000 | -HSD | C] -- C:\Users\Dovvy Dragon\Local Settings
[2012/09/18 20:40:05 | 000,000,000 | -HSD | C] -- C:\Users\Dovvy Dragon\AppData\Local\History
[2012/09/18 20:40:05 | 000,000,000 | -HSD | C] -- C:\Users\Dovvy Dragon\Cookies
[2012/09/18 20:40:05 | 000,000,000 | -HSD | C] -- C:\Users\Dovvy Dragon\Application Data
[2012/09/18 20:40:05 | 000,000,000 | -HSD | C] -- C:\Users\Dovvy Dragon\AppData\Local\Application Data
[2012/09/18 20:40:00 | 000,000,000 | --SD | C] -- C:\Users\Dovvy Dragon\AppData\Roaming\Microsoft
[2012/09/18 20:40:00 | 000,000,000 | R--D | C] -- C:\Users\Dovvy Dragon\Videos
[2012/09/18 20:40:00 | 000,000,000 | R--D | C] -- C:\Users\Dovvy Dragon\Saved Games
[2012/09/18 20:40:00 | 000,000,000 | R--D | C] -- C:\Users\Dovvy Dragon\Pictures
[2012/09/18 20:40:00 | 000,000,000 | R--D | C] -- C:\Users\Dovvy Dragon\Music
[2012/09/18 20:40:00 | 000,000,000 | R--D | C] -- C:\Users\Dovvy Dragon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/09/18 20:40:00 | 000,000,000 | R--D | C] -- C:\Users\Dovvy Dragon\Links
[2012/09/18 20:40:00 | 000,000,000 | R--D | C] -- C:\Users\Dovvy Dragon\Favorites
[2012/09/18 20:40:00 | 000,000,000 | R--D | C] -- C:\Users\Dovvy Dragon\Downloads
[2012/09/18 20:40:00 | 000,000,000 | R--D | C] -- C:\Users\Dovvy Dragon\Documents
[2012/09/18 20:40:00 | 000,000,000 | R--D | C] -- C:\Users\Dovvy Dragon\Desktop
[2012/09/18 20:40:00 | 000,000,000 | R--D | C] -- C:\Users\Dovvy Dragon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/09/18 20:40:00 | 000,000,000 | -H-D | C] -- C:\Users\Dovvy Dragon\AppData
[2012/09/18 20:40:00 | 000,000,000 | ---D | C] -- C:\Users\Dovvy Dragon\AppData\Local\Temp
[2012/09/18 20:40:00 | 000,000,000 | ---D | C] -- C:\Users\Dovvy Dragon\AppData\Local\Microsoft
[2012/09/18 20:40:00 | 000,000,000 | ---D | C] -- C:\Users\Dovvy Dragon\AppData\Roaming\Media Center Programs
[2012/09/18 20:39:18 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012/09/18 18:44:05 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012/09/18 18:43:45 | 000,000,000 | -HSD | C] -- C:\Boot
[2012/09/18 17:48:03 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/09/18 17:45:46 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012/09/18 17:44:31 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012/09/17 18:58:56 | 000,051,936 | ---- | C] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\System32\drivers\avgidshx.sys
[2012/09/14 05:34:34 | 000,089,440 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2012/09/12 11:47:22 | 000,164,704 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2012/09/12 11:47:04 | 000,151,648 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys

========== Files - Modified Within 30 Days ==========

[2012/09/26 23:42:12 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1353964990-1959731864-2731504602-1001UA.job
[2012/09/26 22:57:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dovvy Dragon\Desktop\OTL.exe
[2012/09/26 22:41:16 | 000,998,536 | ---- | M] (Solid State Networks) -- C:\Users\Dovvy Dragon\Desktop\install_flashplayer11x32_mssd_aih.exe
[2012/09/26 22:39:10 | 039,483,256 | ---- | M] (Apple Inc.) -- C:\Users\Dovvy Dragon\Desktop\QuickTimeInstaller.exe
[2012/09/26 22:37:21 | 144,609,768 | ---- | M] (Installation Program) -- C:\Users\Dovvy Dragon\Desktop\verizon25-2.5.192-3.exe
[2012/09/26 21:41:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1353964990-1959731864-2731504602-1001Core.job
[2012/09/26 18:37:31 | 000,014,912 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/26 18:37:31 | 000,014,912 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/26 18:29:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/26 18:29:17 | 797,777,920 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/26 11:20:27 | 001,898,858 | ---- | M] () -- C:\Users\Dovvy Dragon\Desktop\Rise of Fascism.pdf
[2012/09/26 11:07:37 | 000,097,991 | ---- | M] () -- C:\Users\Dovvy Dragon\Desktop\Goldhagen & Holocaust.pdf
[2012/09/26 11:06:59 | 000,097,460 | ---- | M] () -- C:\Users\Dovvy Dragon\Desktop\The Formation of the Western Alliance.pdf
[2012/09/26 11:06:44 | 000,202,690 | ---- | M] () -- C:\Users\Dovvy Dragon\Desktop\Cold War Project.pdf
[2012/09/26 09:54:44 | 000,002,528 | ---- | M] () -- C:\Users\Dovvy Dragon\Desktop\Google Chrome.lnk
[2012/09/25 18:14:42 | 000,045,119 | ---- | M] () -- C:\Users\Dovvy Dragon\Desktop\Topic 2 - Game Design Overview.rtf
[2012/09/25 18:14:14 | 017,906,543 | ---- | M] () -- C:\Users\Dovvy Dragon\Desktop\Communism, Fascism, & Authoritarianism.pdf
[2012/09/25 18:08:49 | 000,624,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/09/25 18:08:49 | 000,106,522 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/09/25 13:39:27 | 000,001,417 | ---- | M] () -- C:\Users\Dovvy Dragon\Desktop\Internet Explorer.lnk
[2012/09/25 13:13:22 | 000,296,360 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/09/24 11:10:13 | 000,001,989 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/09/23 22:04:00 | 000,747,021 | ---- | M] () -- C:\Users\Dovvy Dragon\Desktop\Drew Steinfeld HIS 247 001 PD3 p2.JPG
[2012/09/23 22:03:26 | 000,849,034 | ---- | M] () -- C:\Users\Dovvy Dragon\Desktop\Drew Steinfeld HIS 247 001 PD3 p1.JPG
[2012/09/22 16:39:55 | 000,000,935 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2012/09/22 14:01:47 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/22 12:16:08 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
[2012/09/22 12:16:08 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
[2012/09/22 12:15:50 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_LUsbFilt_01005.Wdf
[2012/09/22 12:14:40 | 000,001,853 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SetPoint.lnk
[2012/09/20 04:37:11 | 000,001,411 | ---- | M] () -- C:\Users\Dovvy Dragon\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/09/20 03:53:15 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msclmd.dll
[2012/09/20 00:23:31 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012/09/20 00:23:23 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012/09/20 00:23:14 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012/09/20 00:23:14 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012/09/20 00:23:14 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012/09/20 00:23:14 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012/09/20 00:23:14 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012/09/20 00:23:14 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012/09/20 00:23:14 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012/09/20 00:23:14 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012/09/20 00:23:14 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012/09/20 00:23:14 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012/09/20 00:23:14 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012/09/20 00:23:14 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012/09/20 00:23:14 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012/09/20 00:23:14 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012/09/20 00:23:14 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012/09/20 00:23:14 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012/09/20 00:23:14 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012/09/20 00:23:14 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012/09/20 00:23:14 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012/09/20 00:23:14 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012/09/20 00:23:14 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012/09/20 00:23:14 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012/09/20 00:23:13 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012/09/20 00:23:13 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012/09/20 00:23:13 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012/09/20 00:23:13 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012/09/20 00:23:13 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012/09/20 00:23:13 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012/09/19 22:27:40 | 000,002,106 | ---- | M] () -- C:\Users\Dovvy Dragon\Desktop\RuneScape.lnk
[2012/09/19 22:17:59 | 000,000,125 | ---- | M] () -- C:\Windows\xUninstall.bat
[2012/09/19 01:33:05 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/09/19 01:20:21 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/09/19 01:03:06 | 000,001,041 | ---- | M] () -- C:\Users\Dovvy Dragon\Desktop\Trillian.lnk
[2012/09/19 01:03:06 | 000,001,005 | ---- | M] () -- C:\Users\Dovvy Dragon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trillian.lnk
[2012/09/18 18:43:52 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2012/09/18 17:52:50 | 000,042,045 | ---- | M] () -- C:\Windows\System32\license.rtf
[2012/09/17 18:58:56 | 000,051,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\System32\drivers\avgidshx.sys
[2012/09/14 05:34:34 | 000,089,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2012/09/12 11:47:22 | 000,164,704 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2012/09/12 11:47:04 | 000,151,648 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2012/09/07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

========== Files Created - No Company Name ==========

[2012/09/26 19:58:18 | 000,002,395 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
[2012/09/26 11:20:26 | 001,898,858 | ---- | C] () -- C:\Users\Dovvy Dragon\Desktop\Rise of Fascism.pdf
[2012/09/26 11:07:36 | 000,097,991 | ---- | C] () -- C:\Users\Dovvy Dragon\Desktop\Goldhagen & Holocaust.pdf
[2012/09/26 11:06:59 | 000,097,460 | ---- | C] () -- C:\Users\Dovvy Dragon\Desktop\The Formation of the Western Alliance.pdf
[2012/09/26 11:06:42 | 000,202,690 | ---- | C] () -- C:\Users\Dovvy Dragon\Desktop\Cold War Project.pdf
[2012/09/25 18:14:42 | 000,045,119 | ---- | C] () -- C:\Users\Dovvy Dragon\Desktop\Topic 2 - Game Design Overview.rtf
[2012/09/25 18:13:13 | 017,906,543 | ---- | C] () -- C:\Users\Dovvy Dragon\Desktop\Communism, Fascism, & Authoritarianism.pdf
[2012/09/25 13:39:27 | 000,001,417 | ---- | C] () -- C:\Users\Dovvy Dragon\Desktop\Internet Explorer.lnk
[2012/09/24 11:10:13 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/09/24 11:10:13 | 000,001,989 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/09/24 01:10:04 | 000,849,034 | ---- | C] () -- C:\Users\Dovvy Dragon\Desktop\Drew Steinfeld HIS 247 001 PD3 p1.JPG
[2012/09/24 01:10:04 | 000,747,021 | ---- | C] () -- C:\Users\Dovvy Dragon\Desktop\Drew Steinfeld HIS 247 001 PD3 p2.JPG
[2012/09/22 16:39:55 | 000,000,935 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2012/09/22 14:01:47 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/22 12:16:08 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
[2012/09/22 12:16:08 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
[2012/09/22 12:15:50 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_LUsbFilt_01005.Wdf
[2012/09/22 12:14:40 | 000,001,853 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SetPoint.lnk
[2012/09/20 04:37:11 | 000,001,417 | ---- | C] () -- C:\Users\Dovvy Dragon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/09/20 00:23:14 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012/09/19 22:35:17 | 000,110,592 | ---- | C] () -- C:\Windows\System32\EMSC.dll
[2012/09/19 22:27:40 | 000,002,136 | ---- | C] () -- C:\Users\Dovvy Dragon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk
[2012/09/19 22:27:40 | 000,002,106 | ---- | C] () -- C:\Users\Dovvy Dragon\Desktop\RuneScape.lnk
[2012/09/19 22:17:59 | 000,000,125 | ---- | C] () -- C:\Windows\xUninstall.bat
[2012/09/19 21:17:08 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2012/09/19 21:16:31 | 000,146,852 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2012/09/19 21:14:17 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2012/09/19 21:14:15 | 000,010,429 | ---- | C] () -- C:\Windows\System32\ScavengeSpace.xml
[2012/09/19 21:14:01 | 000,105,559 | ---- | C] () -- C:\Windows\System32\RacRules.xml
[2012/09/19 01:33:05 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/09/19 01:27:10 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012/09/19 01:20:21 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/09/19 01:03:06 | 000,001,071 | ---- | C] () -- C:\Users\Dovvy Dragon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trillian.lnk
[2012/09/19 01:03:06 | 000,001,041 | ---- | C] () -- C:\Users\Dovvy Dragon\Desktop\Trillian.lnk
[2012/09/19 01:03:06 | 000,001,005 | ---- | C] () -- C:\Users\Dovvy Dragon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trillian.lnk
[2012/09/18 21:31:15 | 000,002,528 | ---- | C] () -- C:\Users\Dovvy Dragon\Desktop\Google Chrome.lnk
[2012/09/18 21:29:38 | 000,000,936 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1353964990-1959731864-2731504602-1001UA.job
[2012/09/18 21:29:32 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1353964990-1959731864-2731504602-1001Core.job
[2012/09/18 20:52:32 | 000,001,411 | ---- | C] () -- C:\Users\Dovvy Dragon\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/09/18 20:40:01 | 000,000,290 | ---- | C] () -- C:\Users\Dovvy Dragon\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/09/18 20:40:01 | 000,000,272 | ---- | C] () -- C:\Users\Dovvy Dragon\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/09/18 18:43:52 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2012/09/18 18:43:46 | 000,383,786 | RHS- | C] () -- C:\bootmgr
[2012/09/18 17:52:28 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012/09/18 17:52:11 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012/09/18 17:44:31 | 797,777,920 | -HS- | C] () -- C:\hiberfil.sys

========== ZeroAccess Check ==========

[2009/07/13 21:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 21:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 05:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 18:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
  • 0

Advertisements

#2
Essexboy
Posted 27 September 2012 - 06:52 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi I can see no apparent malware, so lets see if we can find what is creating this mega folder

Lets have a quick look at the hard drive layout and see what sort of files are taking the space

Download and install windirstat
Run the programme
Select your main drive
When the pacmen have finished there will be a graphic display of your drive
Please attach that as a screenshot
Posted Image
Also if you can see the weird folder then let me know what it is
  • 0

#3
dovvydragon
Posted 27 September 2012 - 06:55 AM

dovvydragon

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
Thanks so much for the quick reply, will do it later today :) Have to leave for class now ;)
  • 0

#4
dovvydragon
Posted 27 September 2012 - 10:29 AM

dovvydragon

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
Got the scan done, here it is. Looks like the biggest folder is the winsxs folder, but it doesn't seem like the folders inside it add up to how much that folder is taking up. That was just a quick look over though, I didn't add them up.

Attached Thumbnails

  • Screen Shot.png

  • 0

#5
Essexboy
Posted 27 September 2012 - 11:37 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Winsxs is the windows folder that contains all the necessary system duplicate files. There is an explanation here

The reason it appears to take up so much space is that for a windows 7 system the HDD is far to small
Drive C: | 14.28 Gb Total Space | 0.11 Gb Free Space | 0.79% Space Free | Partition Type: NTFS

As you can see the size on my system is just over 8.5 Gb, but my drive is 1 terrabyte in size so the space is actually quite minimal



The downside of this in your case is that windows is unable to defragment your drive, this will result in a slower performance and probability of file corruption at some stage

There are some alternatives :

Purchase a larger drive, install windows onto that and use it as your main drive
Purchase a larger drive but use it as a slave and install all programmes bar windows onto the slave

For windows 7 I would allow at least 20Gb as shown by my sizing on my windows folder



I hope that gives you some food for thought, if you have any questions then fire away
  • 0

#6
dovvydragon
Posted 27 September 2012 - 05:09 PM

dovvydragon

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
Thank you so much, I guess I didn't realize how small my computer was since installing windows 7. Sorry you spent time on this, lol.
  • 0

#7
Essexboy
Posted 28 September 2012 - 07:12 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Not a problem at all, if you want further help on this then I would recommend that you post in the hardware forum. Here they can advise you on the right type of hardrive and how to got about switching. If you post the link here I will get a tech to assist you :)

Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Commands
    [resethosts]
    [emptytemp]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use will change that
  • Go to control panel
  • Select folder options (Appearance > Folder options in category view)
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.

SPRING CLEAN

To manually create a new Restore Point
  • Go to Control Panel and select System
  • Select System
  • On the left select System Protection and accept the warning if you get one
  • Select System Protection Tab
  • Select Create at the bottom
  • Type in a name i.e. Clean
  • Select Create

Now we can purge the old ones
  • GoStart > All programs > Accessories > system tools
  • Right click Disc cleanup and select run as administrator
  • Select Your main drive and accept the warning if you get one
  • For a few moments the system will make some calculations
  • Select the More Options tab
  • In the System Restore and Shadow Backups select Clean up
  • Select Delete on the pop up
  • Select OK
  • Select Delete

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:
Posted Image
Malwarebytes. Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?

Keep safe :wave:
  • 0

#8
Essexboy
Posted 30 September 2012 - 01:18 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP