[Clark76]

Sorry about the delay.

I believe that the redirects are being cause by an extension installed within FixFox
I would like to see a screen shot of your Extensions. You can find it by going here: Firefox > Addons > Extensions

Please zip the screen shot and upload it in your next reply.

[gimmextra]

Here's the screenshot

[gimmextra]

recently instead of happili it's addedsuccess

[Deejay100six]

Download TDSSKiller.exe and save it to your desktop

• Execute TDSSKiller.exe by doubleclicking on it.
• Press Start Scan
• If Malicious objects are found, do NOT select Cure. Change the action to Skip, and save the log.
• Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt

Please post the contents of that log in your next reply.

[gimmextra]

17:40:30.0923 1072 TDSS rootkit removing tool 2.7.32.0 Apr 23 2012 19:12:34
17:40:31.0171 1072 ============================================================
17:40:31.0171 1072 Current date / time: 2012/04/23 17:40:31.0171
17:40:31.0171 1072 SystemInfo:
17:40:31.0171 1072
17:40:31.0171 1072 OS Version: 6.0.6002 ServicePack: 2.0
17:40:31.0171 1072 Product type: Workstation
17:40:31.0171 1072 ComputerName: EUGENE-PC
17:40:31.0171 1072 UserName: Eugene
17:40:31.0171 1072 Windows directory: C:\Windows
17:40:31.0171 1072 System windows directory: C:\Windows
17:40:31.0171 1072 Running under WOW64
17:40:31.0171 1072 Processor architecture: Intel x64
17:40:31.0171 1072 Number of processors: 4
17:40:31.0171 1072 Page size: 0x1000
17:40:31.0171 1072 Boot type: Normal boot
17:40:31.0171 1072 ============================================================
17:40:32.0128 1072 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:40:32.0136 1072 ============================================================
17:40:32.0136 1072 \Device\Harddisk0\DR0:
17:40:32.0136 1072 MBR partitions:
17:40:32.0136 1072 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x140249A, BlocksNum 0x22EEAD41
17:40:32.0136 1072 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x242ED1DB, BlocksNum 0x33258126
17:40:32.0136 1072 ============================================================
17:40:32.0178 1072 C: <-> \Device\Harddisk0\DR0\Partition0
17:40:32.0209 1072 D: <-> \Device\Harddisk0\DR0\Partition1
17:40:32.0209 1072 ============================================================
17:40:32.0209 1072 Initialize success
17:40:32.0209 1072 ============================================================
17:40:38.0952 3084 ============================================================
17:40:38.0952 3084 Scan started
17:40:38.0952 3084 Mode: Manual;
17:40:38.0952 3084 ============================================================
17:40:40.0975 3084 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
17:40:40.0977 3084 ACPI - ok
17:40:41.0074 3084 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:40:41.0076 3084 AdobeFlashPlayerUpdateSvc - ok
17:40:41.0123 3084 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
17:40:41.0126 3084 adp94xx - ok
17:40:41.0163 3084 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
17:40:41.0166 3084 adpahci - ok
17:40:41.0179 3084 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
17:40:41.0181 3084 adpu160m - ok
17:40:41.0197 3084 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
17:40:41.0199 3084 adpu320 - ok
17:40:41.0216 3084 AeLookupSvc (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll
17:40:41.0217 3084 AeLookupSvc - ok
17:40:41.0279 3084 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys
17:40:41.0281 3084 AFD - ok
17:40:41.0295 3084 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
17:40:41.0296 3084 agp440 - ok
17:40:41.0359 3084 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
17:40:41.0360 3084 aic78xx - ok
17:40:41.0373 3084 ALG (5922f4f59b7868f3d74bbbbeb7b825a3) C:\Windows\System32\alg.exe
17:40:41.0374 3084 ALG - ok
17:40:41.0390 3084 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
17:40:41.0391 3084 aliide - ok
17:40:41.0395 3084 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
17:40:41.0396 3084 amdide - ok
17:40:41.0411 3084 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
17:40:41.0412 3084 AmdK8 - ok
17:40:41.0447 3084 Appinfo (9c37b3fd5615477cb9a0cd116cf43f5c) C:\Windows\System32\appinfo.dll
17:40:41.0449 3084 Appinfo - ok
17:40:41.0539 3084 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:40:41.0541 3084 Apple Mobile Device - ok
17:40:41.0558 3084 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
17:40:41.0559 3084 arc - ok
17:40:41.0567 3084 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
17:40:41.0568 3084 arcsas - ok
17:40:41.0620 3084 Arctosa (e71382eb3e2beec22b2516df3adc1c3f) C:\Windows\system32\drivers\Arctosa.sys
17:40:41.0620 3084 Arctosa - ok
17:40:41.0688 3084 ASInsHelp (edaa17ce771c696655b6585f7cad2100) C:\Windows\SysWow64\drivers\AsInsHelp64.sys
17:40:41.0689 3084 ASInsHelp - ok
17:40:41.0705 3084 AsIO (8065a7659562005127673ac52898675f) C:\Windows\syswow64\drivers\AsIO.sys
17:40:41.0706 3084 AsIO - ok
17:40:41.0746 3084 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
17:40:41.0747 3084 AsyncMac - ok
17:40:41.0766 3084 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
17:40:41.0767 3084 atapi - ok
17:40:41.0805 3084 AudioEndpointBuilder (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
17:40:41.0811 3084 AudioEndpointBuilder - ok
17:40:41.0816 3084 AudioSrv (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
17:40:41.0818 3084 AudioSrv - ok
17:40:42.0017 3084 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
17:40:42.0042 3084 AVGIDSAgent - ok
17:40:42.0161 3084 AVGIDSDriver (fa46adf6e497cf185160f09e603ce2a3) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
17:40:42.0162 3084 AVGIDSDriver - ok
17:40:42.0175 3084 AVGIDSEH (d6b93e5d8b96a66f55a4d2ee7f24667c) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
17:40:42.0176 3084 AVGIDSEH - ok
17:40:42.0181 3084 AVGIDSFilter (ff6551f1ab0da3b30c9dec923f21b504) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
17:40:42.0183 3084 AVGIDSFilter - ok
17:40:42.0204 3084 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
17:40:42.0206 3084 Avgldx64 - ok
17:40:42.0214 3084 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
17:40:42.0214 3084 Avgmfx64 - ok
17:40:42.0248 3084 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
17:40:42.0249 3084 Avgrkx64 - ok
17:40:42.0267 3084 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
17:40:42.0269 3084 Avgtdia - ok
17:40:42.0288 3084 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
17:40:42.0289 3084 avgwd - ok
17:40:42.0314 3084 Beep - ok
17:40:42.0355 3084 BFE (ffb96c2589ffa60473ead78b39fbde29) C:\Windows\System32\bfe.dll
17:40:42.0361 3084 BFE - ok
17:40:42.0435 3084 BITS (6d316f4859634071cc25c4fd4589ad2c) C:\Windows\system32\qmgr.dll
17:40:42.0458 3084 BITS - ok
17:40:42.0481 3084 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
17:40:42.0482 3084 blbdrive - ok
17:40:42.0568 3084 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
17:40:42.0573 3084 Bonjour Service - ok
17:40:42.0598 3084 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
17:40:42.0599 3084 bowser - ok
17:40:42.0634 3084 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
17:40:42.0635 3084 BrFiltLo - ok
17:40:42.0644 3084 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
17:40:42.0644 3084 BrFiltUp - ok
17:40:42.0695 3084 Browser (a1b39de453433b115b4ea69ee0343816) C:\Windows\System32\browser.dll
17:40:42.0697 3084 Browser - ok
17:40:42.0713 3084 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
17:40:42.0714 3084 Brserid - ok
17:40:42.0722 3084 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
17:40:42.0723 3084 BrSerWdm - ok
17:40:42.0727 3084 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
17:40:42.0727 3084 BrUsbMdm - ok
17:40:42.0732 3084 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
17:40:42.0733 3084 BrUsbSer - ok
17:40:42.0746 3084 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
17:40:42.0747 3084 BTHMODEM - ok
17:40:42.0869 3084 catchme - ok
17:40:42.0878 3084 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
17:40:42.0879 3084 cdfs - ok
17:40:42.0901 3084 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
17:40:42.0902 3084 cdrom - ok
17:40:42.0929 3084 CertPropSvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
17:40:42.0930 3084 CertPropSvc - ok
17:40:42.0943 3084 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
17:40:42.0943 3084 circlass - ok
17:40:42.0969 3084 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
17:40:42.0971 3084 CLFS - ok
17:40:43.0023 3084 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:40:43.0025 3084 clr_optimization_v2.0.50727_32 - ok
17:40:43.0054 3084 clr_optimization_v2.0.50727_64 (ce07a466201096f021cd09d631b21540) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:40:43.0056 3084 clr_optimization_v2.0.50727_64 - ok
17:40:43.0125 3084 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:40:43.0126 3084 clr_optimization_v4.0.30319_32 - ok
17:40:43.0146 3084 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:40:43.0148 3084 clr_optimization_v4.0.30319_64 - ok
17:40:43.0152 3084 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
17:40:43.0153 3084 cmdide - ok
17:40:43.0158 3084 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\drivers\compbatt.sys
17:40:43.0158 3084 Compbatt - ok
17:40:43.0162 3084 COMSysApp - ok
17:40:43.0172 3084 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
17:40:43.0173 3084 crcdisk - ok
17:40:43.0215 3084 CryptSvc (18918613e63f387cde4d95ca7d49dcf7) C:\Windows\system32\cryptsvc.dll
17:40:43.0217 3084 CryptSvc - ok
17:40:43.0258 3084 DcomLaunch (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
17:40:43.0267 3084 DcomLaunch - ok
17:40:43.0292 3084 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
17:40:43.0293 3084 DfsC - ok
17:40:43.0411 3084 DFSR (c647f468f7de343df8c143655c5557d4) C:\Windows\system32\DFSR.exe
17:40:43.0437 3084 DFSR - ok
17:40:43.0578 3084 Dhcp (3ed0321127ce70acdaabbf77e157c2a7) C:\Windows\System32\dhcpcsvc.dll
17:40:43.0580 3084 Dhcp - ok
17:40:43.0630 3084 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
17:40:43.0631 3084 disk - ok
17:40:43.0670 3084 Dnscache (06230f1b721494a6df8d47fd395bb1b0) C:\Windows\System32\dnsrslvr.dll
17:40:43.0672 3084 Dnscache - ok
17:40:43.0703 3084 dot3svc (1a7156dd1e850e9914e5e991e3225b94) C:\Windows\System32\dot3svc.dll
17:40:43.0706 3084 dot3svc - ok
17:40:43.0751 3084 DPS (1583b39790db3eaec7edb0cb0140c708) C:\Windows\system32\dps.dll
17:40:43.0753 3084 DPS - ok
17:40:43.0766 3084 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
17:40:43.0767 3084 drmkaud - ok
17:40:43.0788 3084 dump_wmimmc - ok
17:40:43.0830 3084 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
17:40:43.0835 3084 DXGKrnl - ok
17:40:43.0863 3084 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
17:40:43.0865 3084 E1G60 - ok
17:40:43.0884 3084 EagleX64 - ok
17:40:44.0084 3084 EapHost (c2303883fd9be49dc36a6400643002ea) C:\Windows\System32\eapsvc.dll
17:40:44.0087 3084 EapHost - ok
17:40:44.0239 3084 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
17:40:44.0240 3084 Ecache - ok
17:40:44.0288 3084 ehRecvr (14ce384d2e27b64c256bda4dc39c312d) C:\Windows\ehome\ehRecvr.exe
17:40:44.0290 3084 ehRecvr - ok
17:40:44.0307 3084 ehSched (b93159c1313d66fdfbbe876f5189cd52) C:\Windows\ehome\ehsched.exe
17:40:44.0308 3084 ehSched - ok
17:40:44.0339 3084 ehstart (f5ee2527d74449868e3c3227a59bcd28) C:\Windows\ehome\ehstart.dll
17:40:44.0340 3084 ehstart - ok
17:40:44.0358 3084 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
17:40:44.0360 3084 elxstor - ok
17:40:44.0397 3084 EMDMgmt (a9b18b63a4fd6baab83326706d857fab) C:\Windows\system32\emdmgmt.dll
17:40:44.0402 3084 EMDMgmt - ok
17:40:44.0437 3084 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
17:40:44.0437 3084 ErrDev - ok
17:40:44.0466 3084 EventSystem (e12f22b73f153dece721cd45ec05b4af) C:\Windows\system32\es.dll
17:40:44.0470 3084 EventSystem - ok
17:40:44.0486 3084 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
17:40:44.0488 3084 exfat - ok
17:40:44.0507 3084 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
17:40:44.0509 3084 fastfat - ok
17:40:44.0535 3084 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
17:40:44.0536 3084 fdc - ok
17:40:44.0540 3084 fdPHost (bb9267acacd8b7533dd936c34a0cba5e) C:\Windows\system32\fdPHost.dll
17:40:44.0541 3084 fdPHost - ok
17:40:44.0555 3084 FDResPub (300c80931eabbe1db7591c516efe8d0f) C:\Windows\system32\fdrespub.dll
17:40:44.0556 3084 FDResPub - ok
17:40:44.0569 3084 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
17:40:44.0570 3084 FileInfo - ok
17:40:44.0582 3084 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
17:40:44.0583 3084 Filetrace - ok
17:40:44.0594 3084 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
17:40:44.0595 3084 flpydisk - ok
17:40:44.0620 3084 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
17:40:44.0622 3084 FltMgr - ok
17:40:44.0697 3084 FontCache (be1c5bd1ca7ed015bc6fa1ae67e592c8) C:\Windows\system32\FntCache.dll
17:40:44.0720 3084 FontCache - ok
17:40:44.0786 3084 FontCache3.0.0.0 (bc5b0be5af3510b0fd8c140ee42c6d3e) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:40:44.0789 3084 FontCache3.0.0.0 - ok
17:40:44.0828 3084 Fs_Rec (5779b86cd8b32519fbecb136394d946a) C:\Windows\system32\drivers\Fs_Rec.sys
17:40:44.0829 3084 Fs_Rec - ok
17:40:44.0841 3084 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
17:40:44.0842 3084 gagp30kx - ok
17:40:44.0868 3084 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:40:44.0869 3084 GEARAspiWDM - ok
17:40:44.0912 3084 gpsvc (a0e1b575ba8f504968cd40c0faeb2384) C:\Windows\System32\gpsvc.dll
17:40:44.0921 3084 gpsvc - ok
17:40:44.0985 3084 Gun (721ce1551f8198714f3cabfe2147939b) C:\Game\SoftnyxGame\GunBoundIS\Gun64.sys
17:40:44.0986 3084 Gun - ok
17:40:45.0008 3084 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
17:40:45.0008 3084 hamachi - ok
17:40:45.0040 3084 HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys
17:40:45.0042 3084 HdAudAddService - ok
17:40:45.0083 3084 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
17:40:45.0089 3084 HDAudBus - ok
17:40:45.0102 3084 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
17:40:45.0103 3084 HidBth - ok
17:40:45.0113 3084 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
17:40:45.0114 3084 HidIr - ok
17:40:45.0137 3084 hidserv (59361d38a297755d46a540e450202b2a) C:\Windows\System32\hidserv.dll
17:40:45.0138 3084 hidserv - ok
17:40:45.0169 3084 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
17:40:45.0170 3084 HidUsb - ok
17:40:45.0191 3084 hkmsvc (b12f367ea39c0795fd57e31242ce1a5a) C:\Windows\system32\kmsvc.dll
17:40:45.0193 3084 hkmsvc - ok
17:40:45.0227 3084 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
17:40:45.0228 3084 HpCISSs - ok
17:40:45.0265 3084 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
17:40:45.0269 3084 HTTP - ok
17:40:45.0274 3084 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
17:40:45.0275 3084 i2omp - ok
17:40:45.0314 3084 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
17:40:45.0315 3084 i8042prt - ok
17:40:45.0398 3084 ialm (d8ae64dc0924e9e4b532b4e700af35fa) C:\Windows\system32\DRIVERS\igdkmd64.sys
17:40:45.0410 3084 ialm - ok
17:40:45.0489 3084 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
17:40:45.0491 3084 iaStorV - ok
17:40:45.0558 3084 idsvc (749f5f8cedca70f2a512945325fc489d) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:40:45.0563 3084 idsvc - ok
17:40:45.0598 3084 IHA_MessageCenter - ok
17:40:45.0614 3084 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
17:40:45.0615 3084 iirsp - ok
17:40:45.0651 3084 IKEEXT (0c9ea6e654e7b0471741e343a6c671af) C:\Windows\System32\ikeext.dll
17:40:45.0656 3084 IKEEXT - ok
17:40:45.0742 3084 IntcAzAudAddService (e28edf74900e68184f44cfcdd66f1bc3) C:\Windows\system32\drivers\RTKVHD64.sys
17:40:45.0753 3084 IntcAzAudAddService - ok
17:40:45.0829 3084 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
17:40:45.0829 3084 intelide - ok
17:40:45.0847 3084 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
17:40:45.0848 3084 intelppm - ok
17:40:45.0875 3084 IPBusEnum (5624bc1bc5eeb49c0ab76a8114f05ea3) C:\Windows\system32\ipbusenum.dll
17:40:45.0878 3084 IPBusEnum - ok
17:40:45.0905 3084 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:40:45.0906 3084 IpFilterDriver - ok
17:40:45.0935 3084 iphlpsvc (bf0dbfa9792c5c14fa00f61c75116c1b) C:\Windows\System32\iphlpsvc.dll
17:40:45.0938 3084 iphlpsvc - ok
17:40:45.0942 3084 IpInIp - ok
17:40:45.0966 3084 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
17:40:45.0967 3084 IPMIDRV - ok
17:40:45.0981 3084 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
17:40:45.0982 3084 IPNAT - ok
17:40:46.0068 3084 iPod Service (46d249f9db7844cc01050a9345f0f61b) C:\Program Files\iPod\bin\iPodService.exe
17:40:46.0073 3084 iPod Service - ok
17:40:46.0093 3084 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
17:40:46.0094 3084 IRENUM - ok
17:40:46.0122 3084 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
17:40:46.0123 3084 isapnp - ok
17:40:46.0155 3084 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
17:40:46.0156 3084 iScsiPrt - ok
17:40:46.0177 3084 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
17:40:46.0177 3084 iteatapi - ok
17:40:46.0190 3084 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
17:40:46.0190 3084 iteraid - ok
17:40:46.0208 3084 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
17:40:46.0209 3084 kbdclass - ok
17:40:46.0216 3084 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
17:40:46.0216 3084 kbdhid - ok
17:40:46.0245 3084 KeyIso (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
17:40:46.0247 3084 KeyIso - ok
17:40:46.0273 3084 KSecDD (2758d174604f597bbc8a217ff667913d) C:\Windows\system32\Drivers\ksecdd.sys
17:40:46.0276 3084 KSecDD - ok
17:40:46.0292 3084 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
17:40:46.0293 3084 ksthunk - ok
17:40:46.0322 3084 KtmRm (1faf6926f3416d3da05c5b265491bdae) C:\Windows\system32\msdtckrm.dll
17:40:46.0328 3084 KtmRm - ok
17:40:46.0371 3084 LanmanServer (50c7a3cb427e9bb5ed0708a669956ab5) C:\Windows\System32\srvsvc.dll
17:40:46.0374 3084 LanmanServer - ok
17:40:46.0403 3084 LanmanWorkstation (caf86fc1388be1e470f1a7b43e348adb) C:\Windows\System32\wkssvc.dll
17:40:46.0407 3084 LanmanWorkstation - ok
17:40:46.0422 3084 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
17:40:46.0423 3084 lltdio - ok
17:40:46.0448 3084 lltdsvc (961ccbd0b1ccb5675d64976fae37d092) C:\Windows\System32\lltdsvc.dll
17:40:46.0453 3084 lltdsvc - ok
17:40:46.0468 3084 lmhosts (a47f8080cacc23c91fe823ad19aa5612) C:\Windows\System32\lmhsvc.dll
17:40:46.0469 3084 lmhosts - ok
17:40:46.0490 3084 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
17:40:46.0491 3084 LSI_FC - ok
17:40:46.0507 3084 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
17:40:46.0508 3084 LSI_SAS - ok
17:40:46.0522 3084 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
17:40:46.0523 3084 LSI_SCSI - ok
17:40:46.0539 3084 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
17:40:46.0540 3084 luafv - ok
17:40:46.0589 3084 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
17:40:46.0590 3084 MBAMProtector - ok
17:40:46.0658 3084 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:40:46.0664 3084 MBAMService - ok
17:40:46.0682 3084 Mcx2Svc (76a58df02bd4ea29f189b82d0bef17f8) C:\Windows\system32\Mcx2Svc.dll
17:40:46.0685 3084 Mcx2Svc - ok
17:40:46.0713 3084 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
17:40:46.0714 3084 megasas - ok
17:40:46.0758 3084 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
17:40:46.0761 3084 MegaSR - ok
17:40:46.0811 3084 Microsoft SharePoint Workspace Audit Service - ok
17:40:46.0824 3084 MMCSS (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
17:40:46.0826 3084 MMCSS - ok
17:40:46.0839 3084 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
17:40:46.0840 3084 Modem - ok
17:40:46.0852 3084 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
17:40:46.0853 3084 monitor - ok
17:40:46.0866 3084 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
17:40:46.0867 3084 mouclass - ok
17:40:46.0878 3084 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
17:40:46.0879 3084 mouhid - ok
17:40:46.0886 3084 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
17:40:46.0887 3084 MountMgr - ok
17:40:46.0902 3084 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
17:40:46.0903 3084 mpio - ok
17:40:46.0923 3084 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
17:40:46.0924 3084 mpsdrv - ok
17:40:46.0973 3084 MpsSvc (897e3baf68ba406a61682ae39c83900c) C:\Windows\system32\mpssvc.dll
17:40:46.0981 3084 MpsSvc - ok
17:40:47.0011 3084 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
17:40:47.0012 3084 Mraid35x - ok
17:40:47.0033 3084 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
17:40:47.0035 3084 MRxDAV - ok
17:40:47.0066 3084 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:40:47.0067 3084 mrxsmb - ok
17:40:47.0096 3084 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:40:47.0098 3084 mrxsmb10 - ok
17:40:47.0119 3084 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:40:47.0120 3084 mrxsmb20 - ok
17:40:47.0137 3084 msahci (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys
17:40:47.0138 3084 msahci - ok
17:40:47.0212 3084 MSCamSvc (41fb1d61df09c36ccab0b04eec66f6d5) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
17:40:47.0214 3084 MSCamSvc - ok
17:40:47.0231 3084 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
17:40:47.0232 3084 msdsm - ok
17:40:47.0264 3084 MSDTC (7ec02ce772f068ed0beafa3da341a9bc) C:\Windows\System32\msdtc.exe
17:40:47.0266 3084 MSDTC - ok
17:40:47.0289 3084 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
17:40:47.0290 3084 Msfs - ok
17:40:47.0307 3084 MSHUSBVideo (26668cc2920de2497a8e369b16e48ca3) C:\Windows\system32\Drivers\nx6000.sys
17:40:47.0308 3084 MSHUSBVideo - ok
17:40:47.0328 3084 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
17:40:47.0329 3084 msisadrv - ok
17:40:47.0359 3084 MSiSCSI (366b0c1f4478b519c181e37d43dcda32) C:\Windows\system32\iscsiexe.dll
17:40:47.0362 3084 MSiSCSI - ok
17:40:47.0366 3084 msiserver - ok
17:40:47.0380 3084 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
17:40:47.0381 3084 MSKSSRV - ok
17:40:47.0427 3084 msloop (612c71f212c632046c2ac8d558496fee) C:\Windows\system32\DRIVERS\loop.sys
17:40:47.0428 3084 msloop - ok
17:40:47.0436 3084 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
17:40:47.0437 3084 MSPCLOCK - ok
17:40:47.0455 3084 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
17:40:47.0456 3084 MSPQM - ok
17:40:47.0488 3084 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
17:40:47.0490 3084 MsRPC - ok
17:40:47.0510 3084 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
17:40:47.0511 3084 mssmbios - ok
17:40:47.0526 3084 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
17:40:47.0527 3084 MSTEE - ok
17:40:47.0571 3084 MTsensor (6936198f2cc25b39cf5262436c80df46) C:\Windows\system32\DRIVERS\ASACPI.sys
17:40:47.0572 3084 MTsensor - ok
17:40:47.0597 3084 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
17:40:47.0598 3084 Mup - ok
17:40:47.0639 3084 napagent (a5b10c845e7538c60c0f5d87a57cb3f5) C:\Windows\system32\qagentRT.dll
17:40:47.0644 3084 napagent - ok
17:40:47.0674 3084 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
17:40:47.0675 3084 NativeWifiP - ok
17:40:47.0720 3084 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
17:40:47.0725 3084 NDIS - ok
17:40:47.0744 3084 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
17:40:47.0745 3084 NdisTapi - ok
17:40:47.0749 3084 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
17:40:47.0750 3084 Ndisuio - ok
17:40:47.0766 3084 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
17:40:47.0768 3084 NdisWan - ok
17:40:47.0773 3084 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
17:40:47.0774 3084 NDProxy - ok
17:40:47.0823 3084 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
17:40:47.0824 3084 NetBIOS - ok
17:40:47.0848 3084 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
17:40:47.0850 3084 netbt - ok
17:40:47.0886 3084 Netlogon (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
17:40:47.0887 3084 Netlogon - ok
17:40:47.0924 3084 Netman (9b63b29defc0f3115a559d2597bf5d75) C:\Windows\System32\netman.dll
17:40:47.0927 3084 Netman - ok
17:40:47.0947 3084 netprofm (7846d0136cc2b264926a73047ba7688a) C:\Windows\System32\netprofm.dll
17:40:47.0951 3084 netprofm - ok
17:40:48.0004 3084 netr28x (653a267797a4de4a69014ed61945067a) C:\Windows\system32\DRIVERS\netr28x.sys
17:40:48.0009 3084 netr28x - ok
17:40:48.0057 3084 NetTcpPortSharing (74751dda198165947fd7454d83f49825) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:40:48.0058 3084 NetTcpPortSharing - ok
17:40:48.0076 3084 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
17:40:48.0077 3084 nfrd960 - ok
17:40:48.0100 3084 NlaSvc (f145bf4c4668e7e312069f81ef847cfc) C:\Windows\System32\nlasvc.dll
17:40:48.0103 3084 NlaSvc - ok
17:40:48.0151 3084 NPF (351533acc2a069b94e80bbfc177e8fdf) C:\Windows\system32\drivers\npf.sys
17:40:48.0152 3084 NPF - ok
17:40:48.0166 3084 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
17:40:48.0167 3084 Npfs - ok
17:40:48.0182 3084 npggsvc - ok
17:40:48.0187 3084 NPPTNT2 - ok
17:40:48.0208 3084 nsi (acb62baa1c319b17752553df3026eeeb) C:\Windows\system32\nsisvc.dll
17:40:48.0210 3084 nsi - ok
17:40:48.0226 3084 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
17:40:48.0227 3084 nsiproxy - ok
17:40:48.0278 3084 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
17:40:48.0287 3084 Ntfs - ok
17:40:48.0859 3084 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
17:40:48.0860 3084 Null - ok
17:40:49.0344 3084 NVHDA (960e39a54e525df58cb29193147dffa1) C:\Windows\system32\drivers\nvhda64v.sys
17:40:49.0345 3084 NVHDA - ok
17:40:49.0808 3084 nvlddmkm (9c1996dd3c0469bc8933321f15709f5a) C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:40:49.0891 3084 nvlddmkm - ok
17:40:49.0986 3084 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
17:40:49.0987 3084 nvraid - ok
17:40:50.0007 3084 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
17:40:50.0008 3084 nvstor - ok
17:40:50.0069 3084 nvsvc (dfda089bb2cd0ff7e789e2ef6ba1e4ba) C:\Windows\system32\nvvsvc.exe
17:40:50.0080 3084 nvsvc - ok
17:40:50.0231 3084 nvUpdatusService (e7818cd4fb51284c948d68a7a85a69b8) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
17:40:50.0244 3084 nvUpdatusService - ok
17:40:50.0284 3084 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
17:40:50.0286 3084 nv_agp - ok
17:40:50.0289 3084 NwlnkFlt - ok
17:40:50.0294 3084 NwlnkFwd - ok
17:40:50.0325 3084 ohci1394 (7b58953e2f263421fdbb09a192712a85) C:\Windows\system32\drivers\ohci1394.sys
17:40:50.0326 3084 ohci1394 - ok
17:40:50.0383 3084 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:40:50.0384 3084 ose - ok
17:40:50.0568 3084 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:40:50.0596 3084 osppsvc - ok
17:40:50.0664 3084 p2pimsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
17:40:50.0674 3084 p2pimsvc - ok
17:40:50.0683 3084 p2psvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
17:40:50.0689 3084 p2psvc - ok
17:40:50.0720 3084 Parport (4c6a7fd04ddf4db88791048382e3edb1) C:\Windows\system32\DRIVERS\parport.sys
17:40:50.0721 3084 Parport - ok
17:40:50.0738 3084 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
17:40:50.0739 3084 partmgr - ok
17:40:50.0765 3084 PcaSvc (9ab157b374192ff276c1628fbdba2b0e) C:\Windows\System32\pcasvc.dll
17:40:50.0768 3084 PcaSvc - ok
17:40:50.0788 3084 pccsmcfd - ok
17:40:50.0825 3084 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
17:40:50.0827 3084 pci - ok
17:40:50.0850 3084 pciide (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys
17:40:50.0851 3084 pciide - ok
17:40:50.0872 3084 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
17:40:50.0874 3084 pcmcia - ok
17:40:50.0904 3084 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
17:40:50.0909 3084 PEAUTH - ok
17:40:50.0950 3084 PerfHost (0ed8727ea0172860f47258456c06caea) C:\Windows\SysWow64\perfhost.exe
17:40:50.0952 3084 PerfHost - ok
17:40:51.0005 3084 pla (e9e68c1a0f25cf4a7ac966eea74ee89e) C:\Windows\system32\pla.dll
17:40:51.0035 3084 pla - ok
17:40:51.0065 3084 PlugPlay (fe6b0f59215c9fd9f9d26539c58c8b82) C:\Windows\system32\umpnpmgr.dll
17:40:51.0069 3084 PlugPlay - ok
17:40:51.0090 3084 PnkBstrA - ok
17:40:51.0131 3084 PNRPAutoReg (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
17:40:51.0137 3084 PNRPAutoReg - ok
17:40:51.0145 3084 PNRPsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
17:40:51.0151 3084 PNRPsvc - ok
17:40:51.0212 3084 PolicyAgent (89a5560671c2d8b4a4b51f3e1aa069d8) C:\Windows\System32\ipsecsvc.dll
17:40:51.0219 3084 PolicyAgent - ok
17:40:51.0283 3084 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
17:40:51.0284 3084 PptpMiniport - ok
17:40:51.0303 3084 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
17:40:51.0303 3084 Processor - ok
17:40:51.0334 3084 ProfSvc (e058ce4fc2449d8bfa14739c83b7ff2a) C:\Windows\system32\profsvc.dll
17:40:51.0337 3084 ProfSvc - ok
17:40:51.0365 3084 ProtectedStorage (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
17:40:51.0366 3084 ProtectedStorage - ok
17:40:51.0386 3084 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
17:40:51.0387 3084 PSched - ok
17:40:51.0531 3084 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
17:40:51.0532 3084 PxHlpa64 - ok
17:40:51.0575 3084 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
17:40:51.0582 3084 ql2300 - ok
17:40:51.0601 3084 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
17:40:51.0602 3084 ql40xx - ok
17:40:51.0631 3084 QWAVE (90574842c3da781e279061a3eff91f07) C:\Windows\system32\qwave.dll
17:40:51.0635 3084 QWAVE - ok
17:40:51.0648 3084 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
17:40:51.0649 3084 QWAVEdrv - ok
17:40:51.0661 3084 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
17:40:51.0662 3084 RasAcd - ok
17:40:51.0701 3084 RasAuto (b2ae18f847d07f0044404ddf7cb04497) C:\Windows\System32\rasauto.dll
17:40:51.0704 3084 RasAuto - ok
17:40:51.0725 3084 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:40:51.0727 3084 Rasl2tp - ok
17:40:51.0753 3084 RasMan (3ad83e4046c43be510de681588acb8af) C:\Windows\System32\rasmans.dll
17:40:51.0757 3084 RasMan - ok
17:40:51.0774 3084 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
17:40:51.0775 3084 RasPppoe - ok
17:40:51.0794 3084 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
17:40:51.0796 3084 RasSstp - ok
17:40:51.0824 3084 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
17:40:51.0826 3084 rdbss - ok
17:40:51.0848 3084 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:40:51.0849 3084 RDPCDD - ok
17:40:51.0878 3084 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
17:40:51.0880 3084 rdpdr - ok
17:40:51.0884 3084 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
17:40:51.0885 3084 RDPENCDD - ok
17:40:51.0919 3084 RDPWD (5c141fc457f1ac833664789235aca673) C:\Windows\system32\drivers\RDPWD.sys
17:40:51.0921 3084 RDPWD - ok
17:40:51.0945 3084 RemoteAccess (c612b9557da73f70d41f8a6fbc8e5344) C:\Windows\System32\mprdim.dll
17:40:51.0947 3084 RemoteAccess - ok
17:40:51.0970 3084 RemoteRegistry (44b9d8ec2f3ef3a0efb00857af70d861) C:\Windows\system32\regsvc.dll
17:40:51.0974 3084 RemoteRegistry - ok
17:40:52.0043 3084 rpcapd (b60f58f175de20a6739194e85b035178) C:\Program Files (x86)\WinPcap\rpcapd.exe
17:40:52.0045 3084 rpcapd - ok
17:40:52.0075 3084 RpcLocator (f46c457840d4b7a4daafee739ce04102) C:\Windows\system32\locator.exe
17:40:52.0076 3084 RpcLocator - ok
17:40:52.0115 3084 RpcSs (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
17:40:52.0121 3084 RpcSs - ok
17:40:52.0159 3084 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
17:40:52.0160 3084 rspndr - ok
17:40:52.0198 3084 RTL8169 (b263b3aebcde2210d1cc25756601b8ea) C:\Windows\system32\DRIVERS\Rtlh64.sys
17:40:52.0201 3084 RTL8169 - ok
17:40:52.0239 3084 SamSs (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
17:40:52.0240 3084 SamSs - ok
17:40:52.0270 3084 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
17:40:52.0271 3084 sbp2port - ok
17:40:52.0315 3084 SBRE (9aceb2a2362fc87a3825963e61ba9076) C:\Windows\system32\drivers\SBREdrv.sys
17:40:52.0316 3084 SBRE - ok
17:40:52.0352 3084 SCardSvr (fd1cdcf108d5ef3366f00d18b70fb89b) C:\Windows\System32\SCardSvr.dll
17:40:52.0355 3084 SCardSvr - ok
17:40:52.0401 3084 SCDEmu (6ce6f98ea3d07a9c2ce3cd0a5a86352d) C:\Windows\system32\drivers\SCDEmu.sys
17:40:52.0402 3084 SCDEmu - ok
17:40:52.0444 3084 Schedule (0f838c811ad295d2a4489b9993096c63) C:\Windows\system32\schedsvc.dll
17:40:52.0455 3084 Schedule - ok
17:40:52.0477 3084 SCPolicySvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
17:40:52.0478 3084 SCPolicySvc - ok
17:40:52.0496 3084 SDRSVC (4ff71b076a7760fe75ea5ae2d0ee0018) C:\Windows\System32\SDRSVC.dll
17:40:52.0499 3084 SDRSVC - ok
17:40:52.0510 3084 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:40:52.0510 3084 secdrv - ok
17:40:52.0521 3084 seclogon (5acdcbc67fcf894a1815b9f96d704490) C:\Windows\system32\seclogon.dll
17:40:52.0523 3084 seclogon - ok
17:40:52.0532 3084 SENS (90973a64b96cd647ff81c79443618eed) C:\Windows\system32\sens.dll
17:40:52.0534 3084 SENS - ok
17:40:52.0544 3084 Serenum (2449316316411d65bd2c761a6ffb2ce2) C:\Windows\system32\DRIVERS\serenum.sys
17:40:52.0545 3084 Serenum - ok
17:40:52.0577 3084 Serial (4b438170be2fc8e0bd35ee87a960f84f) C:\Windows\system32\DRIVERS\serial.sys
17:40:52.0578 3084 Serial - ok
17:40:52.0594 3084 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
17:40:52.0594 3084 sermouse - ok
17:40:52.0620 3084 SessionEnv (a8e4a4407a09f35dccc3771af590b0c4) C:\Windows\system32\sessenv.dll
17:40:52.0622 3084 SessionEnv - ok
17:40:52.0634 3084 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
17:40:52.0634 3084 sffdisk - ok
17:40:52.0645 3084 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
17:40:52.0645 3084 sffp_mmc - ok
17:40:52.0656 3084 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
17:40:52.0656 3084 sffp_sd - ok
17:40:52.0661 3084 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
17:40:52.0662 3084 sfloppy - ok
17:40:52.0692 3084 SharedAccess (4c5aee179da7e1ee9a9ccb9da289af34) C:\Windows\System32\ipnathlp.dll
17:40:52.0696 3084 SharedAccess - ok
17:40:52.0749 3084 ShellHWDetection (56793271ecdedd350c5add305603e963) C:\Windows\System32\shsvcs.dll
17:40:52.0754 3084 ShellHWDetection - ok
17:40:52.0771 3084 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
17:40:52.0772 3084 SiSRaid2 - ok
17:40:52.0787 3084 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
17:40:52.0788 3084 SiSRaid4 - ok
17:40:52.0878 3084 slsvc (a9a27a8e257b45a604fdad4f26fe7241) C:\Windows\system32\SLsvc.exe
17:40:52.0922 3084 slsvc - ok
17:40:53.0056 3084 SLUINotify (fd74b4b7c2088e390a30c85a896fc3af) C:\Windows\system32\SLUINotify.dll
17:40:53.0058 3084 SLUINotify - ok
17:40:53.0112 3084 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
17:40:53.0113 3084 Smb - ok
17:40:53.0139 3084 SNMPTRAP (f8f47f38909823b1af28d60b96340cff) C:\Windows\System32\snmptrap.exe
17:40:53.0141 3084 SNMPTRAP - ok
17:40:53.0213 3084 speedfan (5f9785e7535f8f602cb294a54962c9e7) C:\Windows\syswow64\speedfan.sys
17:40:53.0214 3084 speedfan - ok
17:40:53.0240 3084 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
17:40:53.0241 3084 spldr - ok
17:40:53.0274 3084 Spooler (f66ff751e7efc816d266977939ef5dc3) C:\Windows\System32\spoolsv.exe
17:40:53.0277 3084 Spooler - ok
17:40:53.0317 3084 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
17:40:53.0320 3084 srv - ok
17:40:53.0347 3084 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
17:40:53.0348 3084 srv2 - ok
17:40:53.0368 3084 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
17:40:53.0369 3084 srvnet - ok
17:40:53.0395 3084 SSDPSRV (192c74646ec5725aef3f80d19ff75f6a) C:\Windows\System32\ssdpsrv.dll
17:40:53.0398 3084 SSDPSRV - ok
17:40:53.0407 3084 SstpSvc (2ee3fa0308e6185ba64a9a7f2e74332b) C:\Windows\system32\sstpsvc.dll
17:40:53.0410 3084 SstpSvc - ok
17:40:53.0414 3084 StarOpen - ok
17:40:53.0483 3084 Steam Client Service - ok
17:40:53.0521 3084 stisvc (15825c1fbfb8779992cb65087f316af5) C:\Windows\System32\wiaservc.dll
17:40:53.0529 3084 stisvc - ok
17:40:53.0558 3084 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
17:40:53.0559 3084 swenum - ok
17:40:53.0618 3084 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
17:40:53.0622 3084 SwitchBoard - ok
17:40:53.0658 3084 swprv (6de37f4de19d4efd9c48c43addbc949a) C:\Windows\System32\swprv.dll
17:40:53.0664 3084 swprv - ok
17:40:53.0685 3084 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
17:40:53.0686 3084 Symc8xx - ok
17:40:53.0699 3084 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
17:40:53.0700 3084 Sym_hi - ok
17:40:53.0715 3084 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
17:40:53.0716 3084 Sym_u3 - ok
17:40:53.0768 3084 SysMain (92d7a8b0f87b036f17d25885937897a6) C:\Windows\system32\sysmain.dll
17:40:53.0779 3084 SysMain - ok
17:40:53.0837 3084 szkg5 (8598e4a12eaa945b35365dd2750b9777) C:\Windows\syswow64\DRIVERS\szkg64.sys
17:40:53.0838 3084 szkg5 - ok
17:40:53.0896 3084 TabletInputService (005ce42567f9113a3bccb3b20073b029) C:\Windows\System32\TabSvc.dll
17:40:53.0899 3084 TabletInputService - ok
17:40:53.0937 3084 TapiSrv (cc2562b4d55e0b6a4758c65407f63b79) C:\Windows\System32\tapisrv.dll
17:40:53.0941 3084 TapiSrv - ok
17:40:53.0963 3084 TBS (cdbe8d7c1e201b911cdc346d06617fb5) C:\Windows\System32\tbssvc.dll
17:40:53.0965 3084 TBS - ok
17:40:54.0090 3084 Tcpip (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\drivers\tcpip.sys
17:40:54.0099 3084 Tcpip - ok
17:40:54.0331 3084 Tcpip6 (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\DRIVERS\tcpip.sys
17:40:54.0339 3084 Tcpip6 - ok
17:40:54.0675 3084 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
17:40:54.0676 3084 tcpipreg - ok
17:40:54.0713 3084 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
17:40:54.0714 3084 TDPIPE - ok
17:40:54.0725 3084 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
17:40:54.0726 3084 TDTCP - ok
17:40:54.0745 3084 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
17:40:54.0746 3084 tdx - ok
17:40:54.0778 3084 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
17:40:54.0779 3084 TermDD - ok
17:40:54.0825 3084 TermService (5cdd30bc217082dac71a9878d9bfd566) C:\Windows\System32\termsrv.dll
17:40:54.0832 3084 TermService - ok
17:40:54.0872 3084 Themes (56793271ecdedd350c5add305603e963) C:\Windows\system32\shsvcs.dll
17:40:54.0875 3084 Themes - ok
17:40:54.0899 3084 THREADORDER (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
17:40:54.0900 3084 THREADORDER - ok
17:40:54.0927 3084 TrkWks (f4689f05af472a651a7b1b7b02d200e7) C:\Windows\System32\trkwks.dll
17:40:54.0930 3084 TrkWks - ok
17:40:54.0955 3084 TrustedInstaller (66328b08ef5a9305d8ede36b93930369) C:\Windows\servicing\TrustedInstaller.exe
17:40:54.0956 3084 TrustedInstaller - ok
17:40:54.0973 3084 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:40:54.0974 3084 tssecsrv - ok
17:40:54.0990 3084 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
17:40:54.0991 3084 tunmp - ok
17:40:55.0043 3084 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
17:40:55.0044 3084 tunnel - ok
17:40:55.0067 3084 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
17:40:55.0068 3084 uagp35 - ok
17:40:55.0102 3084 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
17:40:55.0104 3084 udfs - ok
17:40:55.0115 3084 UI0Detect (060507c4113391394478f6953a79eedc) C:\Windows\system32\UI0Detect.exe
17:40:55.0117 3084 UI0Detect - ok
17:40:55.0141 3084 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
17:40:55.0143 3084 uliagpkx - ok
17:40:55.0166 3084 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
17:40:55.0168 3084 uliahci - ok
17:40:55.0186 3084 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
17:40:55.0187 3084 UlSata - ok
17:40:55.0204 3084 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
17:40:55.0206 3084 ulsata2 - ok
17:40:55.0226 3084 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
17:40:55.0227 3084 umbus - ok
17:40:55.0258 3084 upnphost (7093799ff80e9deca0680d2e3535be60) C:\Windows\System32\upnphost.dll
17:40:55.0264 3084 upnphost - ok
17:40:55.0314 3084 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
17:40:55.0315 3084 USBAAPL64 - ok
17:40:55.0340 3084 usbaudio (c6ba890de6e41857fbe84175519cae7d) C:\Windows\system32\drivers\usbaudio.sys
17:40:55.0341 3084 usbaudio - ok
17:40:55.0383 3084 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
17:40:55.0384 3084 usbccgp - ok
17:40:55.0400 3084 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
17:40:55.0401 3084 usbcir - ok
17:40:55.0428 3084 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
17:40:55.0429 3084 usbehci - ok
17:40:55.0458 3084 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
17:40:55.0460 3084 usbhub - ok
17:40:55.0478 3084 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
17:40:55.0479 3084 usbohci - ok
17:40:55.0498 3084 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
17:40:55.0499 3084 usbprint - ok
17:40:55.0518 3084 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:40:55.0519 3084 USBSTOR - ok
17:40:55.0533 3084 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
17:40:55.0534 3084 usbuhci - ok
17:40:55.0551 3084 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
17:40:55.0553 3084 usbvideo - ok
17:40:55.0574 3084 UxSms (d76e231e4850bb3f88a3d9a78df191e3) C:\Windows\System32\uxsms.dll
17:40:55.0576 3084 UxSms - ok
17:40:55.0599 3084 vds (294945381dfa7ce58cecf0a9896af327) C:\Windows\System32\vds.exe
17:40:55.0603 3084 vds - ok
17:40:55.0619 3084 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
17:40:55.0620 3084 vga - ok
17:40:55.0637 3084 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
17:40:55.0637 3084 VgaSave - ok
17:40:55.0654 3084 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
17:40:55.0654 3084 viaide - ok
17:40:55.0671 3084 vmci - ok
17:40:55.0677 3084 VMnetAdapter - ok
17:40:55.0709 3084 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
17:40:55.0711 3084 volmgr - ok
17:40:55.0761 3084 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
17:40:55.0764 3084 volmgrx - ok
17:40:55.0796 3084 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
17:40:55.0798 3084 volsnap - ok
17:40:55.0817 3084 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
17:40:55.0819 3084 vsmraid - ok
17:40:55.0863 3084 VSS (b75232dad33bfd95bf6f0a3e6bff51e1) C:\Windows\system32\vssvc.exe
17:40:55.0894 3084 VSS - ok
17:40:55.0978 3084 W32Time (f14a7de2ea41883e250892e1e5230a9a) C:\Windows\system32\w32time.dll
17:40:55.0984 3084 W32Time - ok
17:40:56.0018 3084 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
17:40:56.0019 3084 WacomPen - ok
17:40:56.0045 3084 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
17:40:56.0047 3084 Wanarp - ok
17:40:56.0050 3084 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
17:40:56.0051 3084 Wanarpv6 - ok
17:40:56.0097 3084 wcncsvc (b4e4c37d0aa6100090a53213ee2bf1c1) C:\Windows\System32\wcncsvc.dll
17:40:56.0105 3084 wcncsvc - ok
17:40:56.0137 3084 WcsPlugInService (ea4b369560e986f19d93f45a881484ac) C:\Windows\System32\WcsPlugInService.dll
17:40:56.0139 3084 WcsPlugInService - ok
17:40:56.0164 3084 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
17:40:56.0165 3084 Wd - ok
17:40:56.0199 3084 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
17:40:56.0205 3084 Wdf01000 - ok
17:40:56.0223 3084 WdiServiceHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
17:40:56.0226 3084 WdiServiceHost - ok
17:40:56.0229 3084 WdiSystemHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
17:40:56.0232 3084 WdiSystemHost - ok
17:40:56.0262 3084 WebClient (3e6d05381cf35f75ebb055544a8ed9ac) C:\Windows\System32\webclnt.dll
17:40:56.0267 3084 WebClient - ok
17:40:56.0304 3084 Wecsvc (8d40bc587993f876658bf9fb0f7d3462) C:\Windows\system32\wecsvc.dll
17:40:56.0308 3084 Wecsvc - ok
17:40:56.0318 3084 wercplsupport (9c980351d7e96288ea0c23ae232bd065) C:\Windows\System32\wercplsupport.dll
17:40:56.0321 3084 wercplsupport - ok
17:40:56.0345 3084 WerSvc (66b9ecebc46683f47edc06333c075fef) C:\Windows\System32\WerSvc.dll
17:40:56.0348 3084 WerSvc - ok
17:40:56.0381 3084 WinDefend - ok
17:40:56.0388 3084 WinHttpAutoProxySvc - ok
17:40:56.0439 3084 Winmgmt (d2e7296ed1bd26d8db2799770c077a02) C:\Windows\system32\wbem\WMIsvc.dll
17:40:56.0442 3084 Winmgmt - ok
17:40:56.0517 3084 WinRM (6cbb0c68f13b9c2ec1b16f5fa5e7c869) C:\Windows\system32\WsmSvc.dll
17:40:56.0556 3084 WinRM - ok
17:40:56.0663 3084 Wlansvc (ec339c8115e91baed835957e9a677f16) C:\Windows\System32\wlansvc.dll
17:40:56.0672 3084 Wlansvc - ok
17:40:56.0706 3084 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\drivers\wmiacpi.sys
17:40:56.0707 3084 WmiAcpi - ok
17:40:56.0723 3084 wmiApSrv (21fa389e65a852698b6a1341f36ee02d) C:\Windows\system32\wbem\WmiApSrv.exe
17:40:56.0725 3084 wmiApSrv - ok
17:40:56.0742 3084 WMPNetworkSvc - ok
17:40:56.0770 3084 WPCSvc (cbc156c913f099e6680d1df9307db7a8) C:\Windows\System32\wpcsvc.dll
17:40:56.0774 3084 WPCSvc - ok
17:40:56.0804 3084 WPDBusEnum (490a18b4e4d53dc10879deaa8e8b70d9) C:\Windows\system32\wpdbusenum.dll
17:40:56.0807 3084 WPDBusEnum - ok
17:40:56.0846 3084 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
17:40:56.0848 3084 WpdUsb - ok
17:40:56.0956 3084 WPFFontCache_v0400 (991e2c2cf3bc204c2bb2ee1476149e4e) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:40:56.0963 3084 WPFFontCache_v0400 - ok
17:40:56.0979 3084 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
17:40:56.0980 3084 ws2ifsl - ok
17:40:57.0009 3084 wscsvc (9ea3e6d0ef7a5c2b9181961052a4b01a) C:\Windows\system32\wscsvc.dll
17:40:57.0012 3084 wscsvc - ok
17:40:57.0016 3084 WSearch - ok
17:40:57.0087 3084 wuauserv (fb3796754fe00f0bdc87a36f164a5f4d) C:\Windows\system32\wuaueng.dll
17:40:57.0133 3084 wuauserv - ok
17:40:57.0199 3084 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:40:57.0201 3084 WUDFRd - ok
17:40:57.0213 3084 wudfsvc (6cbd51ff913c851d56ed9dc7f2a27dde) C:\Windows\System32\WUDFSvc.dll
17:40:57.0215 3084 wudfsvc - ok
17:40:57.0315 3084 X6va005 - ok
17:40:57.0360 3084 MBR (0x1B8) (4976d4a7a40b83fc7f06ee4bdd84eb9b) \Device\Harddisk0\DR0
17:40:57.0425 3084 \Device\Harddisk0\DR0 - ok
17:40:57.0429 3084 Boot (0x1200) (5a763d762197bbaba52439a9c957ceab) \Device\Harddisk0\DR0\Partition0
17:40:57.0430 3084 \Device\Harddisk0\DR0\Partition0 - ok
17:40:57.0448 3084 Boot (0x1200) (7938f8402f81ec604e60c18c24253037) \Device\Harddisk0\DR0\Partition1
17:40:57.0450 3084 \Device\Harddisk0\DR0\Partition1 - ok
17:40:57.0450 3084 ============================================================
17:40:57.0450 3084 Scan finished
17:40:57.0450 3084 ============================================================
17:40:57.0462 4448 Detected object count: 0
17:40:57.0462 4448 Actual detected object count: 0

[Deejay100six]

Hi,

Please double-click OTL.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).

• Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  
  Code:

  :OTL
  FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{6c4b3bf5-26fe-4373-8571-4e39446b7fd0}: C:\Program Files (x86)\getdislike\getdislike
  [2011/08/22 16:33:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{6c4b3bf5-26fe-4373-8571-4e39446b7fd0}
  FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{5804B2D4-7B75-11E1-826D-B8AC6F996F26}: C:\Users\Eugene\AppData\Local\{5804B2D4-7B75-11E1-826D-B8AC6F996F26}\ [2012/03/31 17:05:56 | 000,000,000 | ---D | M]
  [2012/03/31 17:05:56 | 000,000,000 | ---D | M] (Translate This!) -- C:\USERS\EUGENE\APPDATA\LOCAL\{5804B2D4-7B75-11E1-826D-B8AC6F996F26}
  [2012/03/31 17:05:56 | 000,000,000 | ---D | C] -- C:\Users\Eugene\AppData\Local\{5804B2D4-7B75-11E1-826D-B8AC6F996F26}

• Return to OTL, right click in the "Custom Scans/Fixes" section and choose Paste.
• Click the red Run Fix button.
• OTL may ask to reboot the machine. Please do so.
• If OTL did not reboot the machine, click OK and the log will open. Post the contents of the log in your next reply.
• If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date of the tool run.
  
  Please post a new OTL log.

[gimmextra]

========== OTL ==========
File HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{6c4b3bf5-26fe-4373-8571-4e39446b7fd0}: C:\Program Files (x86)\getdislike\getdislike not found.
C:\Program Files (x86)\Mozilla Firefox\extensions\{6c4b3bf5-26fe-4373-8571-4e39446b7fd0}\chrome folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{6c4b3bf5-26fe-4373-8571-4e39446b7fd0} folder moved successfully.
File HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{5804B2D4-7B75-11E1-826D-B8AC6F996F26}: C:\Users\Eugene\AppData\Local\{5804B2D4-7B75-11E1-826D-B8AC6F996F26}\ not found.
C:\USERS\EUGENE\APPDATA\LOCAL\{5804B2D4-7B75-11E1-826D-B8AC6F996F26}\chrome\content folder moved successfully.
C:\USERS\EUGENE\APPDATA\LOCAL\{5804B2D4-7B75-11E1-826D-B8AC6F996F26}\chrome folder moved successfully.
C:\USERS\EUGENE\APPDATA\LOCAL\{5804B2D4-7B75-11E1-826D-B8AC6F996F26} folder moved successfully.
Folder C:\Users\Eugene\AppData\Local\{5804B2D4-7B75-11E1-826D-B8AC6F996F26}\ not found.

OTL by OldTimer - Version 3.2.40.0 log created on 04242012_165937

[Clark76]

Hello

I will be working with you for the remainder of this thread. Can you please test Firefox and let us know if you are still being redirected? Please let me know the results.

[gimmextra]

so far there hasn't been any signs of being redirected. If i don't reply in a few days then they have probably stopped.

[Clark76]

Good to hear. Lets wait a few days and if you do not experience any redirects then we can safely assume we finally nabbed the culprit and can proceed with some final cleanup routines.

[Clark76]

Hello gimmextra :wave:

I was just checking to see if you have had any redirects for the past couple days? Please let me know.

[gimmextra]

It seems i have been redirected to results-page.net. It just doesn't want to go away

[Clark76]

hmmm. stubborn bugger, isn't it?

Lets first run Malwarebytes' Anti-Malware once more and then see a fresh log from OTL

• Launch Malwarebytes' Anti-Malware
• Click the Update Tab then click on Check for Updates. If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

• Double click on the OTL.exe to run it. Make sure all other windows are closed and to let it run uninterrupted.
• When the window appears, underneath Output at the top change it to Minimal Output.
• Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTListIt.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them all in.

[gimmextra]

Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.04.29.06

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
Eugene :: EUGENE-PC [administrator]

Protection: Enabled

4/29/2012 4:21:00 PM
mbam-log-2012-04-29 (16-21-00).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 220885
Time elapsed: 3 minute(s), 14 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

[gimmextra]

OTL logfile created on: 4/29/2012 4:25:16 PM - Run 2
OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\Eugene\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.00 Gb Total Physical Memory | 6.31 Gb Available Physical Memory | 78.92% Memory free
16.19 Gb Paging File | 14.14 Gb Available in Paging File | 87.34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279.46 Gb Total Space | 145.65 Gb Free Space | 52.12% Space Free | Partition Type: NTFS
Drive D: | 409.17 Gb Total Space | 160.10 Gb Free Space | 39.13% Space Free | Partition Type: NTFS

Computer Name: EUGENE-PC | User Name: Eugene | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Eugene\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Users\Eugene\Local Settings\Apps\F.lux\flux.exe ()
PRC - C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe ()
PRC - C:\Program Files (x86)\ASUS\AASP\1.00.82\aaCenter.exe ()
PRC - C:\Program Files (x86)\RocketDock\RocketDock.exe ()


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Users\Eugene\Local Settings\Apps\F.lux\flux.exe ()
MOD - C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe ()
MOD - C:\Program Files (x86)\ASUS\EPU-4 Engine\AsSpindownTimeout.dll ()
MOD - C:\Program Files (x86)\ASUS\EPU-4 Engine\AiNap.dll ()
MOD - C:\Program Files (x86)\ASUS\EPU-4 Engine\vvc.dll ()
MOD - C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll ()
MOD - C:\Program Files (x86)\ASUS\AASP\1.00.82\aaCenter.exe ()
MOD - C:\Program Files (x86)\ASUS\AASP\1.00.82\cpuutil.dll ()
MOD - C:\Program Files (x86)\RocketDock\RocketDock.exe ()
MOD - C:\Program Files (x86)\RocketDock\RocketDock.dll ()
MOD - C:\Windows\SysWOW64\AsIO.dll ()
MOD - C:\Program Files (x86)\ASUS\AASP\1.00.82\PowerDll.dll ()


========== Win32 Services (SafeList) ==========

SRV:64bit: - (MSCamSvc) -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (npggsvc) -- C:\Windows\SysWOW64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files (x86)\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (SBRE) -- C:\Windows\SysNative\drivers\SBREdrv.sys (GFI Software)
DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\DRIVERS\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\DRIVERS\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\DRIVERS\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\DRIVERS\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSFilter) -- C:\Windows\SysNative\DRIVERS\AVGIDSFilter.Sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (AVGIDSEH) -- C:\Windows\SysNative\DRIVERS\AVGIDSEH.Sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\DRIVERS\AVGIDSDriver.Sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (MSHUSBVideo) -- C:\Windows\SysNative\Drivers\nx6000.sys (Microsoft Corporation)
DRV:64bit: - (NPF) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.)
DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys (Realtek )
DRV:64bit: - (SCDEmu) -- C:\Windows\SysNative\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\Drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\DRIVERS\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (netr28x) -- C:\Windows\SysNative\DRIVERS\netr28x.sys (Ralink Technology, Corp.)
DRV:64bit: - (Arctosa) -- C:\Windows\SysNative\drivers\Arctosa.sys (Razer USA Ltd.)
DRV:64bit: - (msloop) -- C:\Windows\SysNative\DRIVERS\loop.sys (Microsoft Corporation)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\DRIVERS\ASACPI.sys ()
DRV:64bit: - (ialm) -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys (Intel Corporation)
DRV - (Gun) -- C:\Game\SoftnyxGame\GunboundIS\Gun64.sys ()
DRV - (ASInsHelp) -- C:\Windows\SysWOW64\drivers\AsInsHelp64.sys ()
DRV - (StarOpen) -- C:\Windows\SysWow64\drivers\StarOpen.sys ()
DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.yahoo.com"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_233.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Eugene\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Eugene\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/01/31 16:13:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fiddlerhook@fiddler 2.com: C:\Program Files (x86)\Fiddler2\FiddlerHook [2011/11/21 23:40:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/04/26 15:20:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/04/07 20:15:42 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{6c4b3bf5-26fe-4373-8571-4e39446b7fd0}: C:\Program Files (x86)\getdislike\getdislike
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{5804B2D4-7B75-11E1-826D-B8AC6F996F26}: C:\Users\Eugene\AppData\Local\{5804B2D4-7B75-11E1-826D-B8AC6F996F26}\

[2010/12/01 04:32:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eugene\AppData\Roaming\Mozilla\Extensions
[2012/04/26 15:23:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eugene\AppData\Roaming\Mozilla\Firefox\Profiles\tryg8wpz.default\e xtensions
[2012/04/24 16:59:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
() (No name found) -- C:\USERS\EUGENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TRYG8WPZ.DEFAULT\E XTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2010/12/04 04:03:35 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2012/04/26 15:20:42 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/03/24 22:05:55 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/03/24 22:05:55 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{googlerigi nalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFiel dTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:ins tantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Eugene\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppGoo gleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Eugene\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.d ll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Eugene\AppData\Local\Google\Chrome\Application\18.0.1025.162\gcswf 32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Eugene\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plug ins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Eugene\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Entanglement = C:\Users\Eugene\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\
CHR - Extension: Adblock Plus (Beta) = C:\Users\Eugene\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
CHR - Extension: AVG Safe Search = C:\Users\Eugene\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\
CHR - Extension: Poppit = C:\Users\Eugene\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\

O1 HOSTS File: ([2012/04/18 17:41:45 | 000,000,698 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {724D43A0-0D85-11D4-9908-00400523E39A} - No CLSID value found.
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [F.lux] C:\Users\Eugene\Local Settings\Apps\F.lux\flux.exe ()
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9:64bit: - Extra Button: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Program Files (x86)\Fiddler2\Fiddler.exe (Eric Lawrence)
O9:64bit: - Extra 'Tools' menuitem : Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Program Files (x86)\Fiddler2\Fiddler.exe (Eric Lawrence)
O9 - Extra Button: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Program Files (x86)\Fiddler2\Fiddler.exe (Eric Lawrence)
O9 - Extra 'Tools' menuitem : Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Program Files (x86)\Fiddler2\Fiddler.exe (Eric Lawrence)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6BEFA00E-8A4C-4393-BA36-E7F11AC1A886}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8FB02647-45FD-4B43-B5F5-5B9831FA5700}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Eugene\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Eugene\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/04/26 15:20:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/04/26 15:20:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012/04/24 16:59:37 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/04/23 17:40:27 | 000,000,000 | ---D | C] -- C:\Users\Eugene\Desktop\tdsskiller
[2012/04/19 15:52:12 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Eugene\Desktop\OTL.exe
[2012/04/18 17:39:21 | 000,000,000 | ---D | C] -- C:\Users\Eugene\Desktop\HostsXpert
[2012/04/17 23:07:22 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/04/17 23:07:22 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/04/17 23:07:21 | 002,311,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/04/17 23:07:21 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/04/17 23:07:20 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/04/17 23:07:20 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/04/17 23:07:20 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/04/17 23:07:20 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/04/17 23:07:20 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/04/17 23:07:19 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/04/17 23:07:19 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/04/17 18:30:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/04/17 18:30:53 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/04/17 18:30:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/04/16 23:32:05 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/04/16 23:32:05 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/04/16 23:32:05 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/04/16 23:32:05 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/04/16 23:32:05 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/04/16 23:32:04 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/04/16 23:32:04 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/04/16 23:32:04 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/04/16 23:32:04 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/04/16 23:32:04 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/04/16 23:32:04 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/04/16 23:32:04 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/04/16 23:32:04 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/04/16 23:32:03 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/04/16 23:32:03 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/04/16 23:32:03 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/04/16 23:32:03 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/04/16 23:32:02 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/04/16 23:32:02 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/04/16 23:32:02 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/04/16 23:32:02 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/04/16 23:32:02 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/04/16 23:32:02 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\advpack.dll
[2012/04/16 23:32:02 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/04/16 23:32:02 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/04/16 23:32:01 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/04/16 23:32:01 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/04/16 23:32:01 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/04/16 23:32:00 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/04/16 23:32:00 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/04/16 23:32:00 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/04/16 23:32:00 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/04/16 23:32:00 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/04/16 23:32:00 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/04/16 23:32:00 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/04/16 23:31:59 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/04/16 23:31:59 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/04/16 23:31:59 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advpack.dll
[2012/04/16 23:31:59 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/04/16 23:31:59 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/04/16 23:31:59 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/04/16 23:31:59 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/04/16 23:31:59 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/04/16 23:31:59 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/04/16 23:31:59 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/04/16 23:31:58 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/04/16 23:31:58 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/04/16 23:31:58 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/04/16 23:31:58 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/04/16 23:31:58 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/04/16 23:31:58 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/04/16 23:31:58 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/04/16 23:31:58 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/04/16 23:31:58 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/04/16 23:31:58 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/04/16 23:31:58 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/04/16 23:31:57 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/04/16 23:31:57 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/04/16 23:31:57 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/04/16 23:31:57 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/04/16 23:31:57 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/04/16 23:31:57 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/04/16 23:31:57 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/04/16 20:36:20 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/04/16 20:36:20 | 000,000,000 | ---D | C] -- C:\Users\Eugene\AppData\Local\temp
[2012/04/16 20:29:22 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012/04/16 19:46:01 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/04/16 19:46:01 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/04/16 19:46:01 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/04/16 19:45:56 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012/04/16 19:45:52 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/04/16 19:44:32 | 004,465,601 | R--- | C] (Swearware) -- C:\Users\Eugene\Desktop\ComboFix.exe
[2012/04/16 18:32:48 | 002,002,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2012/04/16 18:32:48 | 001,555,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/04/16 18:32:48 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2012/04/16 18:32:47 | 000,834,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2012/04/16 18:32:47 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2012/04/16 18:32:46 | 001,653,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012/04/16 18:32:46 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012/04/16 18:19:28 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2012/04/16 18:19:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Portable Devices
[2012/04/16 18:12:05 | 000,449,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2012/04/16 18:12:05 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2012/04/16 18:12:03 | 001,209,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2012/04/16 18:12:03 | 000,792,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2012/04/16 18:12:03 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2012/04/16 18:12:03 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PhotoMetadataHandler.dll
[2012/04/16 18:12:03 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxdiag.exe
[2012/04/16 18:12:03 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PhotoMetadataHandler.dll
[2012/04/16 18:12:03 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxdiagn.dll
[2012/04/16 18:12:03 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxdiag.exe
[2012/04/16 18:12:03 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2012/04/16 18:12:03 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxdiagn.dll
[2012/04/16 18:11:11 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BthMtpContextHandler.dll
[2012/04/16 18:11:11 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDShextAutoplay.exe
[2012/04/16 18:11:11 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WPDShextAutoplay.exe
[2012/04/16 18:11:09 | 002,727,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpdshext.dll
[2012/04/16 18:11:09 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpd_ci.dll
[2012/04/16 18:11:09 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceApi.dll
[2012/04/16 18:11:09 | 000,433,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDSp.dll
[2012/04/16 18:11:09 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WPDSp.dll
[2012/04/16 18:11:09 | 000,295,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WpdMtp.dll
[2012/04/16 18:11:09 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceWMDRM.dll
[2012/04/16 18:11:09 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceTypes.dll
[2012/04/16 18:11:09 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceWMDRM.dll
[2012/04/16 18:11:09 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceClassExtension.dll
[2012/04/16 18:11:09 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDShServiceObj.dll
[2012/04/16 18:11:09 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceClassExtension.dll
[2012/04/16 18:11:09 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceConnectApi.dll
[2012/04/16 18:11:09 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WpdMtpUS.dll
[2012/04/16 18:11:09 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceConnectApi.dll
[2012/04/16 18:11:09 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WpdUsb.sys
[2012/04/16 18:11:09 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WpdConns.dll
[2012/04/16 17:41:08 | 004,699,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/04/16 17:40:47 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2012/04/16 17:40:47 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2012/04/16 17:40:46 | 003,815,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbon.dll
[2012/04/16 17:40:46 | 003,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbon.dll
[2012/04/16 17:40:46 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbonRes.dll
[2012/04/16 17:40:46 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbonRes.dll
[2012/04/16 17:40:37 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/04/16 17:40:37 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/04/16 17:40:37 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/04/16 17:23:12 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll
[2012/04/16 17:23:10 | 003,068,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xpsservices.dll
[2012/04/16 17:23:10 | 001,257,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MFH264Dec.dll
[2012/04/16 17:23:10 | 000,979,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFH264Dec.dll
[2012/04/16 17:23:10 | 000,566,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012/04/16 17:23:10 | 000,287,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2012/04/16 17:23:10 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2012/04/16 17:23:09 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xpsservices.dll
[2012/04/16 17:23:09 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OpcServices.dll
[2012/04/16 17:23:09 | 001,268,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2012/04/16 17:23:09 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OpcServices.dll
[2012/04/16 17:23:09 | 000,625,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2012/04/16 17:23:09 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MFHEAACdec.dll
[2012/04/16 17:23:09 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
[2012/04/16 17:23:08 | 003,548,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2012/04/16 17:23:08 | 001,032,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printfilterpipelinesvc.exe
[2012/04/16 17:23:08 | 000,377,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfmp4src.dll
[2012/04/16 17:23:08 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winspool.drv
[2012/04/16 17:23:08 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFHEAACdec.dll
[2012/04/16 17:23:08 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2012/04/16 17:23:08 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfmp4src.dll
[2012/04/16 17:23:08 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2012/04/16 17:23:07 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2012/04/16 17:23:07 | 001,204,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2012/04/16 17:23:07 | 000,748,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\stobject.dll
[2012/04/16 17:23:07 | 000,278,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfplat.dll
[2012/04/16 17:23:07 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfplat.dll
[2012/04/16 17:23:07 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2012/04/16 17:23:07 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printfilterpipelineprxy.dll
[2012/04/16 17:23:06 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfps.dll
[2012/04/16 17:23:06 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfpmp.exe
[2012/04/16 17:22:18 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2012/04/16 17:22:17 | 000,479,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2012/04/16 17:21:53 | 000,735,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAutomationCore.dll
[2012/04/16 17:21:53 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAutomationCore.dll
[2012/04/16 17:21:53 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oleaccrc.dll
[2012/04/16 17:21:53 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaccrc.dll
[2012/04/16 17:21:52 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012/04/16 17:21:52 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012/04/16 17:21:36 | 001,570,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012/04/16 17:21:36 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/04/16 17:21:36 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/04/16 17:21:36 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/04/16 17:21:33 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/04/16 17:21:29 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/04/16 17:21:19 | 001,585,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012/04/16 17:21:15 | 000,451,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012/04/16 17:20:56 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/04/16 17:20:55 | 000,211,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winmm.dll
[2012/04/16 17:20:55 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcicda.dll
[2012/04/16 17:20:55 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mciwave.dll
[2012/04/16 17:20:55 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mciseq.dll
[2012/04/16 17:20:55 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciseq.dll
[2012/04/16 17:20:53 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msshsq.dll
[2012/04/16 17:20:52 | 000,559,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012/04/16 17:20:52 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012/04/16 17:20:51 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012/04/16 17:20:48 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2012/04/16 17:20:46 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/04/16 17:20:46 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/04/16 17:20:26 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012/04/16 17:20:26 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012/04/16 17:20:26 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012/04/16 17:20:26 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012/04/16 17:20:26 | 000,100,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Mpeg2Data.ax
[2012/04/16 17:20:26 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSDvbNP.ax
[2012/04/16 17:20:26 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mpeg2Data.ax
[2012/04/16 17:20:26 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDvbNP.ax
[2012/04/16 17:09:09 | 000,708,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpencom.dll
[2012/04/16 17:09:09 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpencom.dll
[2012/04/16 16:36:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\vi-VN
[2012/04/16 16:36:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\eu-ES
[2012/04/16 16:36:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\eu-ES
[2012/04/16 16:36:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ca-ES
[2012/04/16 16:36:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ca-ES
[2012/04/16 16:36:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\vi-VN
[2012/04/16 16:29:44 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2012/04/16 16:18:30 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\compcln.exe
[2012/04/16 16:18:11 | 000,946,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavenge.dll
[2012/04/16 16:17:43 | 003,341,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netshell.dll
[2012/04/16 16:17:43 | 002,247,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkexplorer.dll
[2012/04/16 16:17:42 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NlsLexicons0007.dll
[2012/04/16 16:17:42 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NlsLexicons0007.dll
[2012/04/16 16:17:42 | 003,235,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkmap.dll
[2012/04/16 16:17:42 | 003,174,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netshell.dll
[2012/04/16 16:17:42 | 003,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\networkmap.dll
[2012/04/16 16:17:42 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NlsLexicons0009.dll
[2012/04/16 16:17:42 | 000,469,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\newdev.dll
[2012/04/16 16:17:42 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\newdev.dll
[2012/04/16 16:17:42 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nlhtml.dll
[2012/04/16 16:17:42 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nlhtml.dll
[2012/04/16 16:17:42 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nslookup.exe
[2012/04/16 16:17:42 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\newdev.exe
[2012/04/16 16:17:42 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\newdev.exe
[2012/04/16 16:17:42 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkitemfactory.dll
[2012/04/16 16:17:41 | 000,856,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mswdat10.dll
[2012/04/16 16:17:41 | 000,618,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mswstr10.dll
[2012/04/16 16:17:41 | 000,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxbde40.dll
[2012/04/16 16:17:41 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mtxclu.dll
[2012/04/16 16:17:41 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mtxclu.dll
[2012/04/16 16:17:40 | 000,717,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netlogon.dll
[2012/04/16 16:17:40 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcp60.dll
[2012/04/16 16:17:40 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp60.dll
[2012/04/16 16:17:40 | 000,347,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012/04/16 16:17:40 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msutb.dll
[2012/04/16 16:17:40 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msutb.dll
[2012/04/16 16:17:39 | 002,420,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcenter.dll
[2012/04/16 16:17:39 | 002,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcenter.dll
[2012/04/16 16:17:39 | 001,444,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PerfCenterCPL.dll
[2012/04/16 16:17:39 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PerfCenterCPL.dll
[2012/04/16 16:17:39 | 001,098,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NetProjW.dll
[2012/04/16 16:17:39 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012/04/16 16:17:39 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcaui.dll
[2012/04/16 16:17:39 | 000,589,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncryptui.dll
[2012/04/16 16:17:39 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pcaui.dll
[2012/04/16 16:17:39 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncryptui.dll
[2012/04/16 16:17:39 | 000,307,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pdh.dll
[2012/04/16 16:17:39 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012/04/16 16:17:39 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pdh.dll
[2012/04/16 16:17:39 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netplwiz.dll
[2012/04/16 16:17:39 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netplwiz.dll
[2012/04/16 16:17:39 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mydocs.dll
[2012/04/16 16:17:39 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\phon.ime
[2012/04/16 16:17:39 | 000,049,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pciidex.sys
[2012/04/16 16:17:39 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perfdisk.dll
[2012/04/16 16:17:39 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfdisk.dll
[2012/04/16 16:17:39 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NcdProp.dll
[2012/04/16 16:17:39 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NcdProp.dll
[2012/04/16 16:17:38 | 002,024,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pnidui.dll
[2012/04/16 16:17:38 | 001,823,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pnidui.dll
[2012/04/16 16:17:38 | 000,840,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PhotoScreensaver.scr
[2012/04/16 16:17:38 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PhotoScreensaver.scr
[2012/04/16 16:17:38 | 000,691,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pnpui.dll
[2012/04/16 16:17:38 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pnpsetup.dll
[2012/04/16 16:17:38 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pnpsetup.dll
[2012/04/16 16:17:38 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PkgMgr.exe
[2012/04/16 16:17:38 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PNPXAssoc.dll
[2012/04/16 16:17:38 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PnPUnattend.exe
[2012/04/16 16:17:38 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PnPutil.exe
[2012/04/16 16:17:36 | 001,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pidgenx.dll
[2012/04/16 16:17:36 | 001,093,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pidgenx.dll
[2012/04/16 16:17:36 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\photowiz.dll
[2012/04/16 16:17:36 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\photowiz.dll
[2012/04/16 16:17:36 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2012/04/16 16:17:36 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pintlgnt.ime
[2012/04/16 16:17:36 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbcconf.dll
[2012/04/16 16:17:36 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcconf.dll
[2012/04/16 16:17:36 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ocsetup.exe
[2012/04/16 16:17:36 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ocsetup.exe
[2012/04/16 16:17:34 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntprint.dll
[2012/04/16 16:17:34 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntprint.dll
[2012/04/16 16:17:34 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntmarta.dll
[2012/04/16 16:17:33 | 002,438,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oobefldr.dll
[2012/04/16 16:17:33 | 002,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oobefldr.dll
[2012/04/16 16:17:33 | 000,401,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\P2PGraph.dll
[2012/04/16 16:17:33 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\P2PGraph.dll
[2012/04/16 16:17:33 | 000,212,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\osk.exe
[2012/04/16 16:17:33 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\offfilt.dll
[2012/04/16 16:17:33 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\osk.exe
[2012/04/16 16:17:32 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\offfilt.dll
[2012/04/16 16:17:32 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2012/04/16 16:17:30 | 001,740,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\onex.dll
[2012/04/16 16:17:29 | 001,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\onex.dll
[2012/04/16 16:17:29 | 001,040,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctf.dll
[2012/04/16 16:17:29 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleprn.dll
[2012/04/16 16:17:29 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctfui.dll
[2012/04/16 16:17:29 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oleprn.dll
[2012/04/16 16:17:29 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msctfui.dll
[2012/04/16 16:17:29 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msctfp.dll
[2012/04/16 16:17:29 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsCtfMonitor.dll
[2012/04/16 16:17:28 | 001,499,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdtctm.dll
[2012/04/16 16:17:28 | 000,727,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdtcprx.dll
[2012/04/16 16:17:28 | 000,560,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdtcprx.dll
[2012/04/16 16:17:28 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msexch40.dll
[2012/04/16 16:17:28 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msexcl40.dll
[2012/04/16 16:17:28 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctfp.dll
[2012/04/16 16:17:28 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsCtfMonitor.dll
[2012/04/16 16:17:25 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msimsg.dll
[2012/04/16 16:17:24 | 000,735,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msftedit.dll
[2012/04/16 16:17:24 | 000,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msftedit.dll
[2012/04/16 16:17:24 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2012/04/16 16:17:24 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msimsg.dll
[2012/04/16 16:17:23 | 003,108,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012/04/16 16:17:23 | 000,503,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll
[2012/04/16 16:17:23 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSAC3ENC.DLL
[2012/04/16 16:17:22 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscms.dll
[2012/04/16 16:17:21 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSAC3ENC.DLL
[2012/04/16 16:17:21 | 000,155,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscorier.dll
[2012/04/16 16:17:21 | 000,154,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscorier.dll
[2012/04/16 16:17:21 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscories.dll
[2012/04/16 16:17:21 | 000,073,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscories.dll
[2012/04/16 16:17:20 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mspaint.exe
[2012/04/16 16:17:20 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mspbde40.dll
[2012/04/16 16:17:20 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscandui.dll
[2012/04/16 16:17:20 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscandui.dll
[2012/04/16 16:17:20 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2012/04/16 16:17:20 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2012/04/16 16:17:20 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2012/04/16 16:17:20 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscb.dll
[2012/04/16 16:17:20 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscb.dll
[2012/04/16 16:17:19 | 000,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrepl40.dll
[2012/04/16 16:17:19 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscp.dll
[2012/04/16 16:17:19 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrd3x40.dll
[2012/04/16 16:17:19 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrd2x40.dll
[2012/04/16 16:17:19 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjtes40.dll
[2012/04/16 16:17:19 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msltus40.dll
[2012/04/16 16:17:19 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjter40.dll
[2012/04/16 16:17:19 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2012/04/16 16:17:18 | 001,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjet40.dll
[2012/04/16 16:17:18 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPEG2VDEC.DLL
[2012/04/16 16:17:18 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjint40.dll
[2012/04/16 16:17:18 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msisip.dll
[2012/04/16 16:17:17 | 000,796,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2012/04/16 16:17:17 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSMPEG2VDEC.DLL
[2012/04/16 16:17:17 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2012/04/16 16:17:17 | 000,644,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSMPEG2ENC.DLL
[2012/04/16 16:17:17 | 000,506,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPEG2ENC.DLL
[2012/04/16 16:17:17 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstext40.dll
[2012/04/16 16:17:17 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstask.dll
[2012/04/16 16:17:17 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msnetobj.dll
[2012/04/16 16:17:17 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msnetobj.dll
[2012/04/16 16:17:17 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstlsapi.dll
[2012/04/16 16:17:17 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstlsapi.dll
[2012/04/16 16:17:16 | 002,280,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2012/04/16 16:17:16 | 000,501,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2012/04/16 16:17:16 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscp.dll
[2012/04/16 16:17:16 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssitlb.dll
[2012/04/16 16:17:16 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssitlb.dll
[2012/04/16 16:17:16 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msshooks.dll
[2012/04/16 16:17:16 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msshooks.dll
[2012/04/16 16:17:15 | 001,480,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2012/04/16 16:17:15 | 000,488,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msinfo32.exe
[2012/04/16 16:17:15 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msinfo32.exe
[2012/04/16 16:17:15 | 000,351,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2012/04/16 16:17:15 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2012/04/16 16:17:15 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msstrc.dll
[2012/04/16 16:17:15 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msstrc.dll
[2012/04/16 16:17:15 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msimtf.dll
[2012/04/16 16:17:15 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssprxy.dll
[2012/04/16 16:17:15 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msisip.dll
[2012/04/16 16:17:14 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2012/04/16 16:17:14 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrobj.dll
[2012/04/16 16:17:14 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2012/04/16 16:17:14 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scksp.dll
[2012/04/16 16:17:14 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrobj.dll
[2012/04/16 16:17:14 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2012/04/16 16:17:14 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scksp.dll
[2012/04/16 16:17:13 | 000,499,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdohlp.dll
[2012/04/16 16:17:13 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sdohlp.dll
[2012/04/16 16:17:13 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2012/04/16 16:17:11 | 000,619,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2012/04/16 16:17:11 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\puiapi.dll
[2012/04/16 16:17:11 | 000,055,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PSHED.DLL
[2012/04/16 16:17:10 | 002,028,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Query.dll
[2012/04/16 16:17:10 | 001,244,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RacEngn.dll
[2012/04/16 16:17:10 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RacEngn.dll
[2012/04/16 16:17:10 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2012/04/16 16:17:10 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasapi32.dll
[2012/04/16 16:17:10 | 000,295,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\raschap.dll
[2012/04/16 16:17:10 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\raschap.dll
[2012/04/16 16:17:10 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quick.ime
[2012/04/16 16:17:10 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qintlgnt.ime
[2012/04/16 16:17:10 | 000,123,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2012/04/16 16:17:10 | 000,102,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2012/04/16 16:17:10 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasdiag.dll
[2012/04/16 16:17:10 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasdiag.dll
[2012/04/16 16:17:10 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasdial.exe
[2012/04/16 16:17:10 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasdial.exe
[2012/04/16 16:17:09 | 000,980,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printui.dll
[2012/04/16 16:17:09 | 000,923,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\propsys.dll
[2012/04/16 16:17:09 | 000,898,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powercpl.dll
[2012/04/16 16:17:09 | 000,869,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\printui.dll
[2012/04/16 16:17:09 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powercpl.dll
[2012/04/16 16:17:09 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prnntfy.dll
[2012/04/16 16:17:09 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2012/04/16 16:17:09 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powrprof.dll
[2012/04/16 16:17:08 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prnntfy.dll
[2012/04/16 16:17:08 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\propdefs.dll
[2012/04/16 16:17:08 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\propdefs.dll
[2012/04/16 16:17:07 | 001,165,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationNative_v0300.dll
[2012/04/16 16:17:07 | 000,779,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationNative_v0300.dll
[2012/04/16 16:17:07 | 000,671,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samsrv.dll
[2012/04/16 16:17:07 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\riched20.dll
[2012/04/16 16:17:07 | 000,302,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scansetting.dll
[2012/04/16 16:17:07 | 000,289,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rsaenh.dll
[2012/04/16 16:17:07 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scansetting.dll
[2012/04/16 16:17:07 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationSettings.exe
[2012/04/16 16:17:07 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
[2012/04/16 16:17:07 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys
[2012/04/16 16:17:07 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2012/04/16 16:17:07 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rshx32.dll