1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Google Redirect Virus HELP Please!

Discussion in 'Virus & Other Malware Removal' started by gimmextra, Apr 4, 2012.

Thread Status:
Not open for further replies.
Advertisement
  1. Clark76

    Clark76

    Joined:
    Nov 7, 2008
    Messages:
    32
    Hello,

    Due to some personal issues which came up Dave is unable to reply back to you so I will be helping him out during this time.

    Please visit this page to download and install Windows Vista Service Pack 2.

    After SP2 is installed go to start >> programs >> Windows Update. Download and install all available updates and then revisit Windows Update as you rarely get them all in one go. You should keep going back until the site says there are no more updates available.

    Now, delete your copy of Combofix and download a fresh one from one of these links.

    Link 1
    Link 2

    Then run Combofix by double clicking its icon and post the log back here
     
  2. gimmextra

    gimmextra Thread Starter

    Joined:
    Apr 4, 2012
    Messages:
    54
    ComboFix 12-04-16.02 - Eugene 04/16/2012 19:47:53.3.4 - x64
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.8190.6391 [GMT -4:00]
    Running from: c:\users\Eugene\Desktop\ComboFix.exe
    AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\windows\System32\bitsadmin.exe . . . is infected!!
    .
    c:\windows\SysWOW64\bitsadmin.exe . . . is infected!!
    .
    .
    ((((((((((((((((((((((((( Files Created from 2012-03-17 to 2012-04-17 )))))))))))))))))))))))))))))))
    .
    .
    2012-04-17 00:25 . 2012-04-17 00:29 -------- d-----w- c:\users\Eugene\AppData\Local\temp
    2012-04-17 00:25 . 2012-04-17 00:25 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
    2012-04-17 00:25 . 2012-04-17 00:25 -------- d-----w- c:\users\Default\AppData\Local\temp
    2012-04-16 22:32 . 2012-02-14 16:49 327680 ----a-w- c:\windows\system32\d3d10_1core.dll
    2012-04-16 22:32 . 2012-02-14 15:45 219648 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
    2012-04-16 22:32 . 2012-02-13 14:38 2002944 ----a-w- c:\windows\system32\d3d10warp.dll
    2012-04-16 22:32 . 2012-02-13 14:12 1172480 ----a-w- c:\windows\SysWow64\d3d10warp.dll
    2012-04-16 22:32 . 2012-02-13 14:03 1555968 ----a-w- c:\windows\system32\DWrite.dll
    2012-04-16 22:32 . 2012-02-13 13:47 683008 ----a-w- c:\windows\SysWow64\d2d1.dll
    2012-04-16 22:32 . 2012-02-13 13:44 1068544 ----a-w- c:\windows\SysWow64\DWrite.dll
    2012-04-16 22:32 . 2012-02-14 16:49 196096 ----a-w- c:\windows\system32\d3d10_1.dll
    2012-04-16 22:32 . 2012-02-14 15:45 160768 ----a-w- c:\windows\SysWow64\d3d10_1.dll
    2012-04-16 22:32 . 2012-02-13 14:06 834048 ----a-w- c:\windows\system32\d2d1.dll
    2012-04-16 22:32 . 2011-03-12 22:52 1653760 ----a-w- c:\windows\system32\XpsPrint.dll
    2012-04-16 22:32 . 2011-03-12 21:55 876032 ----a-w- c:\windows\SysWow64\XpsPrint.dll
    2012-04-16 22:19 . 2012-04-16 22:19 -------- d-----w- c:\program files\Windows Portable Devices
    2012-04-16 22:19 . 2012-04-16 22:19 -------- d-----w- c:\program files (x86)\Windows Portable Devices
    2012-04-16 22:11 . 2009-10-01 01:02 30208 ----a-w- c:\windows\SysWow64\WPDShextAutoplay.exe
    2012-04-16 21:41 . 2012-03-06 06:44 4699520 ----a-w- c:\windows\system32\ntoskrnl.exe
    2012-04-16 21:23 . 2011-01-20 14:57 231936 ----a-w- c:\windows\system32\XpsRasterService.dll
    2012-04-16 21:22 . 2011-02-22 14:13 288768 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
    2012-04-16 21:21 . 2012-03-01 11:01 2409784 ----a-w- c:\program files (x86)\Windows Mail\OESpamFilter.dat
    2012-04-16 21:20 . 2011-12-14 16:38 621056 ----a-w- c:\windows\system32\msvcrt.dll
    2012-04-16 21:09 . 2012-01-09 16:16 708096 ----a-w- c:\windows\system32\rdpencom.dll
    2012-04-16 21:09 . 2012-01-09 15:54 613376 ----a-w- c:\windows\SysWow64\rdpencom.dll
    2012-04-16 21:09 . 2012-01-09 14:27 209920 ----a-w- c:\windows\system32\drivers\rdpwd.sys
    2012-04-16 20:36 . 2012-04-16 20:37 -------- d-----w- c:\windows\SysWow64\ca-ES
    2012-04-16 20:36 . 2012-04-16 20:37 -------- d-----w- c:\windows\SysWow64\vi-VN
    2012-04-16 20:36 . 2012-04-16 20:37 -------- d-----w- c:\windows\SysWow64\eu-ES
    2012-04-16 20:36 . 2012-04-16 20:37 -------- d-----w- c:\windows\system32\ca-ES
    2012-04-16 20:36 . 2012-04-16 20:37 -------- d-----w- c:\windows\system32\eu-ES
    2012-04-16 20:36 . 2012-04-16 20:37 -------- d-----w- c:\windows\system32\vi-VN
    2012-04-16 20:29 . 2012-04-16 20:29 -------- d-----w- c:\windows\system32\SPReview
    2012-04-16 20:18 . 2009-04-11 04:07 3584 ----a-w- c:\windows\system32\drivers\en-US\hdaudbus.sys.mui
    2012-04-16 20:18 . 2009-04-11 04:10 56320 ----a-w- c:\windows\system32\compcln.exe
    2012-04-16 20:18 . 2009-04-11 04:05 7680 ----a-w- c:\windows\system32\drivers\en-US\bthport.sys.mui
    2012-04-16 20:18 . 2009-04-11 04:11 946688 ----a-w- c:\windows\system32\scavenge.dll
    2012-04-16 20:16 . 2009-04-11 04:11 667648 ----a-w- c:\windows\system32\autoplay.dll
    2012-04-16 20:15 . 2009-04-11 03:26 303616 ----a-w- c:\windows\SysWow64\gdi32.dll
    2012-04-16 20:14 . 2009-04-11 04:11 936448 ----a-w- c:\windows\system32\SmiEngine.dll
    2012-04-16 19:58 . 2012-04-16 19:58 -------- d-----w- c:\windows\system32\EventProviders
    2012-04-13 14:51 . 2012-03-20 07:51 8669240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EDFCDE4B-C13B-40CD-833B-261950EC5CF5}\mpengine.dll
    2012-04-07 19:29 . 2012-04-07 19:38 -------- d-----w- c:\program files (x86)\AC Tool
    2012-04-06 15:15 . 2012-04-14 04:15 8741536 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
    2012-04-06 14:57 . 2012-04-14 04:15 418464 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2012-04-04 19:41 . 2012-04-08 00:04 -------- d--h--w- c:\users\Eugene\AppData\Roaming\ijjigame
    2012-04-04 19:39 . 2012-04-08 00:15 -------- d-----w- c:\program files (x86)\REACTOR
    2012-04-03 03:37 . 2012-04-03 03:37 -------- d-----w- c:\users\Eugene\AppData\Local\PackageAware
    2012-04-03 00:42 . 2012-04-03 00:42 -------- d-----w- C:\TDSSKiller_Quarantine
    2012-04-02 23:48 . 2012-01-12 13:28 57976 ----a-r- c:\windows\system32\drivers\SBREDrv.sys
    2012-04-02 23:02 . 2012-04-02 23:02 -------- d-----w- c:\users\Eugene\AppData\Roaming\Malwarebytes
    2012-04-02 23:02 . 2012-04-02 23:02 -------- d-----w- c:\programdata\Malwarebytes
    2012-03-31 21:05 . 2012-03-31 21:05 -------- d-----w- c:\users\Eugene\AppData\Local\{5804B2D4-7B75-11E1-826D-B8AC6F996F26}
    2012-03-31 20:50 . 2012-03-31 20:50 -------- d-----w- c:\users\Eugene\AppData\Local\TrinityEntertainmentNetwo
    2012-03-29 20:59 . 2012-03-29 20:59 23376 ----a-r- c:\windows\SysWow64\SZIO5.dll
    2012-03-29 20:59 . 2012-03-29 20:59 546640 ----a-r- c:\windows\SysWow64\SZComp5.dll
    2012-03-29 20:59 . 2012-03-29 20:59 481104 ----a-r- c:\windows\SysWow64\SZBase5.dll
    2012-03-25 02:05 . 2012-03-25 02:05 592824 ----a-w- c:\program files (x86)\Mozilla Firefox\gkmedias.dll
    2012-03-25 02:05 . 2012-03-25 02:05 44472 ----a-w- c:\program files (x86)\Mozilla Firefox\mozglue.dll
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-04-14 04:15 . 2011-05-15 13:33 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-03-16 00:41 . 2011-07-03 00:22 298016 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
    2012-03-16 00:41 . 2011-07-03 00:20 298016 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
    2012-03-16 00:41 . 2011-07-03 00:20 281408 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
    2012-03-10 22:17 . 2011-07-03 00:19 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
    2012-02-23 18:09 . 2012-02-23 18:09 29008 ----a-r- c:\windows\SysWow64\IS3XDat5.dll
    2012-02-23 18:09 . 2012-02-23 18:09 390992 ----a-r- c:\windows\SysWow64\IS3UI5.dll
    2012-02-23 18:09 . 2012-02-23 18:09 231248 ----a-r- c:\windows\SysWow64\IS3Win325.dll
    2012-02-23 18:09 . 2012-02-23 18:09 100176 ----a-r- c:\windows\SysWow64\IS3Svc5.dll
    2012-02-23 18:09 . 2012-02-23 18:09 132944 ----a-r- c:\windows\SysWow64\IS3HTUI5.dll
    2012-02-23 18:09 . 2012-02-23 18:09 104272 ----a-r- c:\windows\SysWow64\IS3Inet5.dll
    2012-02-23 18:09 . 2012-02-23 18:09 67408 ----a-r- c:\windows\SysWow64\IS3Hks5.dll
    2012-02-23 18:09 . 2012-02-23 18:09 456528 ----a-r- c:\windows\SysWow64\IS3DBA5.dll
    2012-02-23 18:09 . 2012-02-23 18:09 808784 ----a-r- c:\windows\SysWow64\IS3Base5.dll
    2012-02-23 14:18 . 2010-12-01 08:38 279656 ------w- c:\windows\system32\MpSigStub.exe
    2012-02-10 02:43 . 2012-02-10 02:43 9717568 ----a-w- c:\windows\system32\nvwgf2umx.dll
    2012-02-10 02:43 . 2012-02-10 02:43 8008000 ----a-w- c:\windows\system32\nvcuda.dll
    2012-02-10 02:43 . 2012-02-10 02:43 7713088 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
    2012-02-10 02:43 . 2012-02-10 02:43 68928 ----a-w- c:\windows\system32\OpenCL.dll
    2012-02-10 02:43 . 2012-02-10 02:43 61248 ----a-w- c:\windows\SysWow64\OpenCL.dll
    2012-02-10 02:43 . 2012-02-10 02:43 5892928 ----a-w- c:\windows\SysWow64\nvcuda.dll
    2012-02-10 02:43 . 2012-02-10 02:43 2872640 ----a-w- c:\windows\system32\nvcuvenc.dll
    2012-02-10 02:43 . 2012-02-10 02:43 2672448 ----a-w- c:\windows\system32\nvcuvid.dll
    2012-02-10 02:43 . 2012-02-10 02:43 25541952 ----a-w- c:\windows\system32\nvoglv64.dll
    2012-02-10 02:43 . 2012-02-10 02:43 25222976 ----a-w- c:\windows\system32\nvcompiler.dll
    2012-02-10 02:43 . 2012-02-10 02:43 2517312 ----a-w- c:\windows\SysWow64\nvcuvid.dll
    2012-02-10 02:43 . 2012-02-10 02:43 2437440 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
    2012-02-10 02:43 . 2012-02-10 02:43 19443520 ----a-w- c:\windows\SysWow64\nvoglv32.dll
    2012-02-10 02:43 . 2012-02-10 02:43 17543488 ----a-w- c:\windows\SysWow64\nvcompiler.dll
    2012-02-10 02:43 . 2012-02-10 02:43 1737536 ----a-w- c:\windows\system32\nvdispco64.dll
    2012-02-10 02:43 . 2012-02-10 02:43 1466176 ----a-w- c:\windows\system32\nvgenco64.dll
    2012-02-10 02:43 . 2012-02-10 02:43 13624128 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
    2012-02-10 02:43 . 2011-07-03 01:01 15009600 ----a-w- c:\windows\SysWow64\nvd3dum.dll
    2012-02-10 02:43 . 2009-04-14 03:00 2660160 ----a-w- c:\windows\system32\nvapi64.dll
    2012-02-10 02:43 . 2009-04-14 03:00 2301248 ----a-w- c:\windows\SysWow64\nvapi.dll
    2012-02-10 02:43 . 2009-04-14 03:00 17642816 ----a-w- c:\windows\system32\nvd3dumx.dll
    2012-01-19 14:22 . 2012-01-19 14:22 45936 ----a-r- c:\windows\system32\SBBD.EXE
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
    "F.lux"="c:\users\Eugene\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656]
    "Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2011-08-20 3077528]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-08-31 40368]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
    "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
    "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-12-08 421736]
    "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
    @="Service"
    .
    R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-14 253088]
    .
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
    Akamai REG_MULTI_SZ Akamai
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-04-17 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 04:15]
    .
    2012-04-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2913236317-814230174-4002188810-1000Core.job
    - c:\users\Eugene\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-01 08:35]
    .
    2012-04-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2913236317-814230174-4002188810-1000UA.job
    - c:\users\Eugene\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-01 08:35]
    .
    .
    --------- x86-64 -----------
    .
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-02-03 6975520]
    "Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-02-03 1833504]
    .
    ------- Supplementary Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    mLocal Page = %SystemRoot%\system32\blank.htm
    TCP: DhcpNameServer = 192.168.1.1
    CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
    FF - ProfilePath - c:\users\Eugene\AppData\Roaming\Mozilla\Firefox\Profiles\tryg8wpz.default\
    FF - prefs.js: browser.startup.homepage - www.yahoo.com
    .
    - - - - ORPHANS REMOVED - - - -
    .
    AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_blr.exe
    .
    .
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\npggsvc]
    "ImagePath"="c:\windows\system32\GameMon.des -service"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\X6va005]
    "ImagePath"="\??\c:\users\Eugene\AppData\Local\Temp\0056E37.tmp"
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
    "Version"=hex:7e,3b,03,06,95,ba,b5,99,27,30,93,d3,bc,b4,f9,d3,23,5f,31,1c,f5,
    14,6e,10,08,e4,e6,3e,d7,cc,ab,23,21,8e,13,38,ed,3c,dc,f6,96,46,1e,f3,ef,ab,\
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_233_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_233_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.11"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
    @="Shockwave Flash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
    @Denied: (A 2) (Everyone)
    @=""
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
    @="FlashBroker"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
    "Version"=hex:7e,3b,03,06,95,ba,b5,99,27,30,93,d3,bc,b4,f9,d3,23,5f,31,1c,f5,
    14,6e,10,08,e4,e6,3e,d7,cc,ab,23,21,8e,13,38,ed,3c,dc,f6,96,46,1e,f3,ef,ab,\
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
    "SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
    00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
    @Denied: (A) (Everyone)
    "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
    "Key"="ActionsPane3"
    "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\program files (x86)\ASUS\AASP\1.00.82\aaCenter.exe
    c:\program files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
    c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe
    c:\windows\SysWOW64\PnkBstrA.exe
    c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe
    c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    .
    **************************************************************************
    .
    Completion time: 2012-04-16 20:36:17 - machine was rebooted
    ComboFix-quarantined-files.txt 2012-04-17 00:36
    .
    Pre-Run: 174,671,851,520 bytes free
    Post-Run: 175,046,455,296 bytes free
    .
    - - End Of File - - 2B413F9BE6146DCBA095D0493B9A1015
     
  3. Clark76

    Clark76

    Joined:
    Nov 7, 2008
    Messages:
    32
    I see you already have Malwarebytes' Anti-Malware installed on your computer
    • Launch Malwarebytes' Anti-Malware
    • Click the Update Tab then click on Check for Updates. If an update is found, it will download and install the latest version.
    • Once the program has loaded, select "Perform Quick Scan", then click Scan.
    • The scan may take some time to finish,so please be patient.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked, and click Remove Selected.
    • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    • Copy&Paste the entire report in your next reply.
     
  4. gimmextra

    gimmextra Thread Starter

    Joined:
    Apr 4, 2012
    Messages:
    54
    Malwarebytes Anti-Malware (Trial) 1.61.0.1400
    www.malwarebytes.org

    Database version: v2012.04.17.06

    Windows Vista Service Pack 2 x64 NTFS
    Internet Explorer 9.0.8112.16421
    Eugene :: EUGENE-PC [administrator]

    Protection: Disabled

    4/17/2012 6:31:37 PM
    mbam-log-2012-04-17 (18-31-37).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 217138
    Time elapsed: 5 minute(s), 13 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)
     
  5. gimmextra

    gimmextra Thread Starter

    Joined:
    Apr 4, 2012
    Messages:
    54
    although MBAM may not have found any threats i am still being redirected to sites like happili
     
  6. Clark76

    Clark76

    Joined:
    Nov 7, 2008
    Messages:
    32
    Do the redirects occur with all browsers or just Firefox?

    How are you connected in the internet? Wired? Wireless? Through a router? Directly into a modem?


    Please go to: VirusTotal

    • On the page you'll find a "Browse" button.
    • Click on it and navigate to the following file:

      c:\windows\System32\bitsadmin.exe

    • Then click the "Send File" button just below.
    • This will scan the file. Please be patient.
    • Once scanned, copy and paste the results in your next reply.

    If VirusTotal is busy, try the same at Jotti

    Repeat the above steps for this file also:

    c:\windows\SysWOW64\bitsadmin.exe



    Download HostsXpert.
    • Unzip HostsXpert to it's own folder.
    • Run HostsXpert.exe
    • Click "Make Writable?" in the upper left corner.
    • Click "Restore MS Hosts file" and then click OK.
    • Close HostsXpert.
    • Note: If a custom Hosts file was in place, you'll have to edit those entries back in.

    Please let me know if after running this if the redirects still occur.
     
  7. gimmextra

    gimmextra Thread Starter

    Joined:
    Apr 4, 2012
    Messages:
    54
    I typically only use firefox, maybe every once in awhile i may use another browser.I did 2 or 3 searches on IE and Chrome and haven't seen any redirects. I'm connected to the internet wired through a router. After the HostsXpert i did a few google seraches but nothing has come up so far. If i get redirected again ill post.


    [FONT=&quot]Filename: [/FONT]
    [FONT=&quot]bitsadmin.exe [/FONT]
    [FONT=&quot]Status: [/FONT]
    [FONT=&quot]Scan finished. 0 out of 20 scanners reported malware.[/FONT]
    [FONT=&quot]Scan taken on: [/FONT]
    [FONT=&quot]Wed 18 Apr 2012 23:33:06 (CET) [/FONT][FONT=&quot]Permalink[/FONT][FONT=&quot][/FONT]




    [FONT=&quot] [/FONT]​
    [FONT=&quot]Bottom of Form[/FONT]​

    [FONT=&quot]Additional info[/FONT]
    [FONT=&quot]File size: [/FONT]
    [FONT=&quot]192000 bytes [/FONT]
    [FONT=&quot]Filetype: [/FONT]
    [FONT=&quot]PE32 executable for MS Windows (console) Intel 80386 32-bit [/FONT]
    [FONT=&quot]MD5: [/FONT]
    [FONT=&quot]e2954ddaba3fa4d53aec2f51afb488c0 [/FONT]
    [FONT=&quot]SHA1: [/FONT]
    [FONT=&quot]fcfca1556e8559b8c60678284ed19ac31270be0d [/FONT]
    [FONT=&quot] [/FONT]
    [FONT=&quot] [/FONT]
    [FONT=&quot]Scanners[/FONT]
    [FONT=&quot][​IMG][/FONT][FONT=&quot][/FONT]
    [FONT=&quot]2012-04-18 Found nothing[/FONT]
    [FONT=&quot][​IMG][/FONT][FONT=&quot][/FONT]
    [FONT=&quot]2012-04-18 Found nothing[/FONT]
    [FONT=&quot][​IMG][/FONT][FONT=&quot][/FONT]
    [FONT=&quot]2012-04-18 Found nothing[/FONT]
    [FONT=&quot][​IMG][/FONT][FONT=&quot][/FONT]
    [FONT=&quot]2012-04-18 Found nothing[/FONT]
    [FONT=&quot][​IMG][/FONT][FONT=&quot][/FONT]
    [FONT=&quot]2012-04-18 Found nothing[/FONT]
    [FONT=&quot][​IMG][/FONT][FONT=&quot][/FONT]
    [FONT=&quot]2012-04-18 Found nothing[/FONT]
    [FONT=&quot][​IMG][/FONT][FONT=&quot][/FONT]
    [FONT=&quot]2012-04-18 Found nothing[/FONT]
    [FONT=&quot][​IMG][/FONT][FONT=&quot][/FONT]
    [FONT=&quot]2012-04-18 Found nothing[/FONT]
    [FONT=&quot][​IMG][/FONT][FONT=&quot][/FONT]
    [FONT=&quot]2012-04-18 Found nothing[/FONT]
    [FONT=&quot][​IMG][/FONT][FONT=&quot][/FONT]
    [FONT=&quot]2012-04-18 Found nothing[/FONT]
    [FONT=&quot][​IMG][/FONT][FONT=&quot][/FONT]
    [FONT=&quot]2012-04-18 Found nothing[/FONT]
    [FONT=&quot][​IMG][/FONT][FONT=&quot][/FONT]
    [FONT=&quot]2012-04-18 Found nothing[/FONT]
    [FONT=&quot][​IMG][/FONT][FONT=&quot][/FONT]
    [FONT=&quot]2012-04-18 Found nothing[/FONT]
    [FONT=&quot][​IMG][/FONT][FONT=&quot][/FONT]
    [FONT=&quot]2012-04-18 Found nothing[/FONT]
    [FONT=&quot][​IMG][/FONT][FONT=&quot][/FONT]
    [FONT=&quot]2012-04-18 Found nothing[/FONT]
    [FONT=&quot][​IMG][/FONT][FONT=&quot][/FONT]
    [FONT=&quot]2012-04-18 Found nothing[/FONT]
    [FONT=&quot][​IMG][/FONT][FONT=&quot][/FONT]
    [FONT=&quot]2012-04-18 Found nothing[/FONT]
    [FONT=&quot][​IMG][/FONT][FONT=&quot][/FONT]
    [FONT=&quot]2012-04-18 Found nothing[/FONT]
    [FONT=&quot][​IMG][/FONT][FONT=&quot][/FONT]
    [FONT=&quot]2012-04-18 Found nothing[/FONT]
    [FONT=&quot][​IMG][/FONT][FONT=&quot][/FONT]
    [FONT=&quot]2012-04-18 Found nothing[/FONT]







    [FONT=&quot]Jotti's malware scan[/FONT]
    [FONT=&quot]Top of Form[/FONT]​

    [FONT=&quot]Filename: [/FONT]
    [FONT=&quot]bitsadmin.exe [/FONT]
    [FONT=&quot]Status: [/FONT]
    [FONT=&quot]Scan finished. 0 out of 20 scanners reported malware.[/FONT]
    [FONT=&quot]Scan taken on: [/FONT]
    [FONT=&quot]Wed 18 Apr 2012 23:35:43 (CET) [/FONT][FONT=&quot]Permalink[/FONT][FONT=&quot][/FONT]




    [FONT=&quot] [/FONT]​
    [FONT=&quot]Bottom of Form[/FONT]​

    [FONT=&quot]Additional info[/FONT]
    [FONT=&quot]File size: [/FONT]
    [FONT=&quot]192000 bytes [/FONT]
    [FONT=&quot]Filetype: [/FONT]
    [FONT=&quot]PE32 executable for MS Windows (console) Intel 80386 32-bit [/FONT]
    [FONT=&quot]MD5: [/FONT]
    [FONT=&quot]e2954ddaba3fa4d53aec2f51afb488c0 [/FONT]
    [FONT=&quot]SHA1: [/FONT]
    [FONT=&quot]fcfca1556e8559b8c60678284ed19ac31270be0d [/FONT]
    [FONT=&quot] [/FONT]
    [FONT=&quot] [/FONT]
    [FONT=&quot]Scanners[/FONT]
    [FONT=&quot][​IMG][/FONT][FONT=&quot][/FONT]
    [FONT=&quot]2012-04-18 Found nothing[/FONT]
    [FONT=&quot][​IMG][/FONT][FONT=&quot][/FONT]
    [FONT=&quot]2012-04-18 Found nothing[/FONT]
    [FONT=&quot][​IMG][/FONT][FONT=&quot][/FONT]
    [FONT=&quot]2012-04-18 Found nothing[/FONT]
    [FONT=&quot][​IMG][/FONT][FONT=&quot][/FONT]
    [FONT=&quot]2012-04-18 Found nothing[/FONT]
    [FONT=&quot][​IMG][/FONT][FONT=&quot][/FONT]
    [FONT=&quot]2012-04-18 Found nothing[/FONT]
    [FONT=&quot][​IMG][/FONT][FONT=&quot][/FONT]
    [FONT=&quot]2012-04-18 Found nothing[/FONT]
    [FONT=&quot][​IMG][/FONT][FONT=&quot][/FONT]
    [FONT=&quot]2012-04-18 Found nothing[/FONT]
    [FONT=&quot][​IMG][/FONT][FONT=&quot][/FONT]
    [FONT=&quot]2012-04-18 Found nothing[/FONT]
    [FONT=&quot][​IMG][/FONT][FONT=&quot][/FONT]
    [FONT=&quot]2012-04-18 Found nothing[/FONT]
    [FONT=&quot][​IMG][/FONT][FONT=&quot][/FONT]
    [FONT=&quot]2012-04-18 Found nothing[/FONT]
    [FONT=&quot][​IMG][/FONT][FONT=&quot][/FONT]
    [FONT=&quot]2012-04-18 Found nothing[/FONT]
    [FONT=&quot][​IMG][/FONT][FONT=&quot][/FONT]
    [FONT=&quot]2012-04-18 Found nothing[/FONT]
    [FONT=&quot][​IMG][/FONT][FONT=&quot][/FONT]
    [FONT=&quot]2012-04-18 Found nothing[/FONT]
    [FONT=&quot][​IMG][/FONT][FONT=&quot][/FONT]
    [FONT=&quot]2012-04-18 Found nothing[/FONT]
    [FONT=&quot][​IMG][/FONT][FONT=&quot][/FONT]
    [FONT=&quot]2012-04-18 Found nothing[/FONT]
    [FONT=&quot][​IMG][/FONT][FONT=&quot][/FONT]
    [FONT=&quot]2012-04-18 Found nothing[/FONT]
    [FONT=&quot][​IMG][/FONT][FONT=&quot][/FONT]
    [FONT=&quot]2012-04-18 Found nothing[/FONT]
    [FONT=&quot][​IMG][/FONT][FONT=&quot][/FONT]
    [FONT=&quot]2012-04-18 Found nothing[/FONT]
    [FONT=&quot][​IMG][/FONT][FONT=&quot][/FONT]
    [FONT=&quot]2012-04-18 Found nothing[/FONT]
    [FONT=&quot][​IMG][/FONT][FONT=&quot][/FONT]
    [FONT=&quot]2012-04-18 Found nothing[/FONT]




    [FONT=&quot] [/FONT]​
     
  8. gimmextra

    gimmextra Thread Starter

    Joined:
    Apr 4, 2012
    Messages:
    54
    i was just redirected again to happili in firefox
     
  9. Clark76

    Clark76

    Joined:
    Nov 7, 2008
    Messages:
    32
    • Download OTL to your desktop.
    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • When the window appears, underneath Output at the top change it to Minimal Output.
    • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
      • When the scan completes, it will open two notepad windows. OTListIt.Txt and Extras.Txt. These are saved in the same location as OTL.
      • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them all in.
     
  10. gimmextra

    gimmextra Thread Starter

    Joined:
    Apr 4, 2012
    Messages:
    54
  11. gimmextra

    gimmextra Thread Starter

    Joined:
    Apr 4, 2012
    Messages:
    54
    OTL logfile created on: 4/19/2012 3:56:06 PM - Run 1
    OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\Eugene\Desktop
    64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    8.00 Gb Total Physical Memory | 6.46 Gb Available Physical Memory | 80.75% Memory free
    16.19 Gb Paging File | 14.32 Gb Available in Paging File | 88.42% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 279.46 Gb Total Space | 156.44 Gb Free Space | 55.98% Space Free | Partition Type: NTFS
    Drive D: | 409.17 Gb Total Space | 194.61 Gb Free Space | 47.56% Space Free | Partition Type: NTFS

    Computer Name: EUGENE-PC | User Name: Eugene | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Users\Eugene\Desktop\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
    PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
    PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
    PRC - C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
    PRC - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
    PRC - C:\Users\Eugene\Local Settings\Apps\F.lux\flux.exe ()
    PRC - C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe ()
    PRC - C:\Program Files (x86)\ASUS\AASP\1.00.82\aaCenter.exe ()
    PRC - C:\Program Files (x86)\RocketDock\RocketDock.exe ()


    ========== Modules (No Company Name) ==========

    MOD - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
    MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
    MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
    MOD - C:\Users\Eugene\Local Settings\Apps\F.lux\flux.exe ()
    MOD - C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe ()
    MOD - C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll ()
    MOD - C:\Program Files (x86)\ASUS\AASP\1.00.82\aaCenter.exe ()
    MOD - C:\Program Files (x86)\ASUS\AASP\1.00.82\cpuutil.dll ()
    MOD - C:\Program Files (x86)\RocketDock\RocketDock.exe ()
    MOD - C:\Program Files (x86)\RocketDock\RocketDock.dll ()
    MOD - C:\Windows\SysWOW64\AsIO.dll ()
    MOD - C:\Program Files (x86)\ASUS\AASP\1.00.82\PowerDll.dll ()


    ========== Win32 Services (SafeList) ==========

    SRV:64bit: - (MSCamSvc) -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe (Microsoft Corporation)
    SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
    SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
    SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
    SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
    SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
    SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
    SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
    SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
    SRV - (npggsvc) -- C:\Windows\SysWOW64\GameMon.des (INCA Internet Co., Ltd.)
    SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files (x86)\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
    SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
    SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
    SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
    DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
    DRV:64bit: - (SBRE) -- C:\Windows\SysNative\drivers\SBREdrv.sys (GFI Software)
    DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\DRIVERS\avgldx64.sys (AVG Technologies CZ, s.r.o.)
    DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\DRIVERS\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
    DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\DRIVERS\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
    DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\DRIVERS\avgtdia.sys (AVG Technologies CZ, s.r.o.)
    DRV:64bit: - (AVGIDSFilter) -- C:\Windows\SysNative\DRIVERS\AVGIDSFilter.Sys (AVG Technologies CZ, s.r.o. )
    DRV:64bit: - (AVGIDSEH) -- C:\Windows\SysNative\DRIVERS\AVGIDSEH.Sys (AVG Technologies CZ, s.r.o. )
    DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\DRIVERS\AVGIDSDriver.Sys (AVG Technologies CZ, s.r.o. )
    DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
    DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys (Apple, Inc.)
    DRV:64bit: - (MSHUSBVideo) -- C:\Windows\SysNative\Drivers\nx6000.sys (Microsoft Corporation)
    DRV:64bit: - (NPF) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.)
    DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys (Realtek )
    DRV:64bit: - (SCDEmu) -- C:\Windows\SysNative\drivers\scdemu.sys (PowerISO Computing, Inc.)
    DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)
    DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\Drivers\PxHlpa64.sys (Sonic Solutions)
    DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
    DRV:64bit: - (hamachi) -- C:\Windows\SysNative\DRIVERS\hamachi.sys (LogMeIn, Inc.)
    DRV:64bit: - (netr28x) -- C:\Windows\SysNative\DRIVERS\netr28x.sys (Ralink Technology, Corp.)
    DRV:64bit: - (Arctosa) -- C:\Windows\SysNative\drivers\Arctosa.sys (Razer USA Ltd.)
    DRV:64bit: - (msloop) -- C:\Windows\SysNative\DRIVERS\loop.sys (Microsoft Corporation)
    DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\DRIVERS\ASACPI.sys ()
    DRV:64bit: - (ialm) -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys (Intel Corporation)
    DRV - (Gun) -- C:\Game\SoftnyxGame\GunboundIS\Gun64.sys ()
    DRV - (ASInsHelp) -- C:\Windows\SysWOW64\drivers\AsInsHelp64.sys ()
    DRV - (StarOpen) -- C:\Windows\SysWow64\drivers\StarOpen.sys ()
    DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

    IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.startup.homepage: "www.yahoo.com"
    FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
    FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24


    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_233.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
    FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Eugene\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Eugene\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/01/31 16:13:26 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Fiddler2\FiddlerHook [2011/11/21 23:40:17 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/03/24 22:05:58 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/04/07 20:15:42 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{6c4b3bf5-26fe-4373-8571-4e39446b7fd0}: C:\Program Files (x86)\getdislike\getdislike
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{5804B2D4-7B75-11E1-826D-B8AC6F996F26}: C:\Users\Eugene\AppData\Local\{5804B2D4-7B75-11E1-826D-B8AC6F996F26}\ [2012/03/31 17:05:56 | 000,000,000 | ---D | M]

    [2010/12/01 04:32:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eugene\AppData\Roaming\Mozilla\Extensions
    [2012/01/06 16:38:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eugene\AppData\Roaming\Mozilla\Firefox\Profiles\tryg8wpz.default\extensions
    [2011/11/09 17:57:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
    [2011/08/22 16:33:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{6c4b3bf5-26fe-4373-8571-4e39446b7fd0}
    [2012/03/31 17:05:56 | 000,000,000 | ---D | M] (Translate This!) -- C:\USERS\EUGENE\APPDATA\LOCAL\{5804B2D4-7B75-11E1-826D-B8AC6F996F26}
    () (No name found) -- C:\USERS\EUGENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TRYG8WPZ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
    [2010/12/04 04:03:35 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
    [2012/03/24 22:05:58 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
    [2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
    [2012/03/24 22:05:55 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
    [2012/03/24 22:05:55 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

    ========== Chrome ==========

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:eek:riginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
    CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Users\Eugene\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Eugene\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Eugene\AppData\Local\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
    CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Eugene\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll
    CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Eugene\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll
    CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
    CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
    CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
    CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
    CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
    CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
    CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
    CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
    CHR - plugin: Google Update (Enabled) = C:\Users\Eugene\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
    CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
    CHR - Extension: Entanglement = C:\Users\Eugene\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\
    CHR - Extension: Adblock Plus (Beta) = C:\Users\Eugene\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
    CHR - Extension: AVG Safe Search = C:\Users\Eugene\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\
    CHR - Extension: Poppit = C:\Users\Eugene\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\

    O1 HOSTS File: ([2012/04/18 17:41:45 | 000,000,698 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
    O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
    O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {724D43A0-0D85-11D4-9908-00400523E39A} - No CLSID value found.
    O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
    O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
    O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
    O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
    O4 - HKCU..\Run: [F.lux] C:\Users\Eugene\Local Settings\Apps\F.lux\flux.exe ()
    O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
    O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O9:64bit: - Extra Button: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Program Files (x86)\Fiddler2\Fiddler.exe (Eric Lawrence)
    O9:64bit: - Extra 'Tools' menuitem : Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Program Files (x86)\Fiddler2\Fiddler.exe (Eric Lawrence)
    O9 - Extra Button: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Program Files (x86)\Fiddler2\Fiddler.exe (Eric Lawrence)
    O9 - Extra 'Tools' menuitem : Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Program Files (x86)\Fiddler2\Fiddler.exe (Eric Lawrence)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6BEFA00E-8A4C-4393-BA36-E7F11AC1A886}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8FB02647-45FD-4B43-B5F5-5B9831FA5700}: DhcpNameServer = 192.168.1.1
    O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
    O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
    O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
    O24 - Desktop WallPaper: C:\Users\Eugene\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
    O24 - Desktop BackupWallPaper: C:\Users\Eugene\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *)
    O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2012/04/19 15:52:12 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Eugene\Desktop\OTL.exe
    [2012/04/18 17:39:21 | 000,000,000 | ---D | C] -- C:\Users\Eugene\Desktop\HostsXpert
    [2012/04/17 23:07:22 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
    [2012/04/17 23:07:22 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
    [2012/04/17 23:07:21 | 002,311,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
    [2012/04/17 23:07:21 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
    [2012/04/17 23:07:20 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
    [2012/04/17 23:07:20 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
    [2012/04/17 23:07:20 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
    [2012/04/17 23:07:20 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
    [2012/04/17 23:07:20 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
    [2012/04/17 23:07:19 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
    [2012/04/17 23:07:19 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
    [2012/04/17 18:30:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2012/04/17 18:30:53 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
    [2012/04/17 18:30:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    [2012/04/16 23:32:05 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
    [2012/04/16 23:32:05 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
    [2012/04/16 23:32:05 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
    [2012/04/16 23:32:05 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
    [2012/04/16 23:32:05 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
    [2012/04/16 23:32:04 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
    [2012/04/16 23:32:04 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
    [2012/04/16 23:32:04 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
    [2012/04/16 23:32:04 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
    [2012/04/16 23:32:04 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
    [2012/04/16 23:32:04 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
    [2012/04/16 23:32:04 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
    [2012/04/16 23:32:04 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
    [2012/04/16 23:32:03 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
    [2012/04/16 23:32:03 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
    [2012/04/16 23:32:03 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
    [2012/04/16 23:32:03 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
    [2012/04/16 23:32:02 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
    [2012/04/16 23:32:02 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
    [2012/04/16 23:32:02 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
    [2012/04/16 23:32:02 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
    [2012/04/16 23:32:02 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
    [2012/04/16 23:32:02 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\advpack.dll
    [2012/04/16 23:32:02 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
    [2012/04/16 23:32:02 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
    [2012/04/16 23:32:01 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
    [2012/04/16 23:32:01 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
    [2012/04/16 23:32:01 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
    [2012/04/16 23:32:00 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
    [2012/04/16 23:32:00 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
    [2012/04/16 23:32:00 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
    [2012/04/16 23:32:00 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
    [2012/04/16 23:32:00 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
    [2012/04/16 23:32:00 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
    [2012/04/16 23:32:00 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
    [2012/04/16 23:31:59 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
    [2012/04/16 23:31:59 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
    [2012/04/16 23:31:59 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advpack.dll
    [2012/04/16 23:31:59 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
    [2012/04/16 23:31:59 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
    [2012/04/16 23:31:59 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
    [2012/04/16 23:31:59 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
    [2012/04/16 23:31:59 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
    [2012/04/16 23:31:59 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
    [2012/04/16 23:31:59 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
    [2012/04/16 23:31:58 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
    [2012/04/16 23:31:58 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
    [2012/04/16 23:31:58 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
    [2012/04/16 23:31:58 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
    [2012/04/16 23:31:58 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
    [2012/04/16 23:31:58 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
    [2012/04/16 23:31:58 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
    [2012/04/16 23:31:58 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
    [2012/04/16 23:31:58 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
    [2012/04/16 23:31:58 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
    [2012/04/16 23:31:58 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
    [2012/04/16 23:31:57 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
    [2012/04/16 23:31:57 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
    [2012/04/16 23:31:57 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
    [2012/04/16 23:31:57 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
    [2012/04/16 23:31:57 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
    [2012/04/16 23:31:57 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
    [2012/04/16 23:31:57 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
    [2012/04/16 20:36:20 | 000,000,000 | ---D | C] -- C:\Windows\temp
    [2012/04/16 20:36:20 | 000,000,000 | ---D | C] -- C:\Users\Eugene\AppData\Local\temp
    [2012/04/16 20:29:22 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
    [2012/04/16 19:46:01 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
    [2012/04/16 19:46:01 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
    [2012/04/16 19:46:01 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
    [2012/04/16 19:45:56 | 000,000,000 | ---D | C] -- C:\ComboFix
    [2012/04/16 19:45:52 | 000,000,000 | ---D | C] -- C:\Qoobox
    [2012/04/16 19:44:32 | 004,465,601 | R--- | C] (Swearware) -- C:\Users\Eugene\Desktop\ComboFix.exe
    [2012/04/16 18:32:48 | 002,002,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
    [2012/04/16 18:32:48 | 001,555,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
    [2012/04/16 18:32:48 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
    [2012/04/16 18:32:47 | 000,834,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
    [2012/04/16 18:32:47 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
    [2012/04/16 18:32:46 | 001,653,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
    [2012/04/16 18:32:46 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
    [2012/04/16 18:19:28 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
    [2012/04/16 18:19:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Portable Devices
    [2012/04/16 18:12:05 | 000,449,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
    [2012/04/16 18:12:05 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
    [2012/04/16 18:12:03 | 001,209,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
    [2012/04/16 18:12:03 | 000,792,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
    [2012/04/16 18:12:03 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
    [2012/04/16 18:12:03 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PhotoMetadataHandler.dll
    [2012/04/16 18:12:03 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxdiag.exe
    [2012/04/16 18:12:03 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PhotoMetadataHandler.dll
    [2012/04/16 18:12:03 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxdiagn.dll
    [2012/04/16 18:12:03 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxdiag.exe
    [2012/04/16 18:12:03 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
    [2012/04/16 18:12:03 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxdiagn.dll
    [2012/04/16 18:11:11 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BthMtpContextHandler.dll
    [2012/04/16 18:11:11 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDShextAutoplay.exe
    [2012/04/16 18:11:11 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WPDShextAutoplay.exe
    [2012/04/16 18:11:09 | 002,727,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpdshext.dll
    [2012/04/16 18:11:09 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpd_ci.dll
    [2012/04/16 18:11:09 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceApi.dll
    [2012/04/16 18:11:09 | 000,433,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDSp.dll
    [2012/04/16 18:11:09 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WPDSp.dll
    [2012/04/16 18:11:09 | 000,295,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WpdMtp.dll
    [2012/04/16 18:11:09 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceWMDRM.dll
    [2012/04/16 18:11:09 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceTypes.dll
    [2012/04/16 18:11:09 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceWMDRM.dll
    [2012/04/16 18:11:09 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceClassExtension.dll
    [2012/04/16 18:11:09 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDShServiceObj.dll
    [2012/04/16 18:11:09 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceClassExtension.dll
    [2012/04/16 18:11:09 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceConnectApi.dll
    [2012/04/16 18:11:09 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WpdMtpUS.dll
    [2012/04/16 18:11:09 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceConnectApi.dll
    [2012/04/16 18:11:09 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WpdUsb.sys
    [2012/04/16 18:11:09 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WpdConns.dll
    [2012/04/16 17:41:08 | 004,699,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
    [2012/04/16 17:40:47 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
    [2012/04/16 17:40:47 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
    [2012/04/16 17:40:46 | 003,815,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbon.dll
    [2012/04/16 17:40:46 | 003,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbon.dll
    [2012/04/16 17:40:46 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbonRes.dll
    [2012/04/16 17:40:46 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbonRes.dll
    [2012/04/16 17:40:37 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
    [2012/04/16 17:40:37 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
    [2012/04/16 17:40:37 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
    [2012/04/16 17:23:12 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll
    [2012/04/16 17:23:10 | 003,068,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xpsservices.dll
    [2012/04/16 17:23:10 | 001,257,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MFH264Dec.dll
    [2012/04/16 17:23:10 | 000,979,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFH264Dec.dll
    [2012/04/16 17:23:10 | 000,566,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
    [2012/04/16 17:23:10 | 000,287,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
    [2012/04/16 17:23:10 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
    [2012/04/16 17:23:09 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xpsservices.dll
    [2012/04/16 17:23:09 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OpcServices.dll
    [2012/04/16 17:23:09 | 001,268,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
    [2012/04/16 17:23:09 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OpcServices.dll
    [2012/04/16 17:23:09 | 000,625,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
    [2012/04/16 17:23:09 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MFHEAACdec.dll
    [2012/04/16 17:23:09 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
    [2012/04/16 17:23:08 | 003,548,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
    [2012/04/16 17:23:08 | 001,032,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printfilterpipelinesvc.exe
    [2012/04/16 17:23:08 | 000,377,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfmp4src.dll
    [2012/04/16 17:23:08 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winspool.drv
    [2012/04/16 17:23:08 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFHEAACdec.dll
    [2012/04/16 17:23:08 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
    [2012/04/16 17:23:08 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfmp4src.dll
    [2012/04/16 17:23:08 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
    [2012/04/16 17:23:07 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
    [2012/04/16 17:23:07 | 001,204,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
    [2012/04/16 17:23:07 | 000,748,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\stobject.dll
    [2012/04/16 17:23:07 | 000,278,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfplat.dll
    [2012/04/16 17:23:07 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfplat.dll
    [2012/04/16 17:23:07 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
    [2012/04/16 17:23:07 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printfilterpipelineprxy.dll
    [2012/04/16 17:23:06 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfps.dll
    [2012/04/16 17:23:06 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfpmp.exe
    [2012/04/16 17:22:18 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
    [2012/04/16 17:22:17 | 000,479,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
    [2012/04/16 17:21:53 | 000,735,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAutomationCore.dll
    [2012/04/16 17:21:53 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAutomationCore.dll
    [2012/04/16 17:21:53 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oleaccrc.dll
    [2012/04/16 17:21:53 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaccrc.dll
    [2012/04/16 17:21:52 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
    [2012/04/16 17:21:52 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
    [2012/04/16 17:21:36 | 001,570,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
    [2012/04/16 17:21:36 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
    [2012/04/16 17:21:36 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
    [2012/04/16 17:21:36 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
    [2012/04/16 17:21:33 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
    [2012/04/16 17:21:29 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
    [2012/04/16 17:21:19 | 001,585,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
    [2012/04/16 17:21:15 | 000,451,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
    [2012/04/16 17:20:56 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
    [2012/04/16 17:20:55 | 000,211,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winmm.dll
    [2012/04/16 17:20:55 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcicda.dll
    [2012/04/16 17:20:55 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mciwave.dll
    [2012/04/16 17:20:55 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mciseq.dll
    [2012/04/16 17:20:55 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciseq.dll
    [2012/04/16 17:20:53 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msshsq.dll
    [2012/04/16 17:20:52 | 000,559,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
    [2012/04/16 17:20:52 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
    [2012/04/16 17:20:51 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
    [2012/04/16 17:20:48 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
    [2012/04/16 17:20:46 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
    [2012/04/16 17:20:46 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
    [2012/04/16 17:20:26 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
    [2012/04/16 17:20:26 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
    [2012/04/16 17:20:26 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
    [2012/04/16 17:20:26 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
    [2012/04/16 17:20:26 | 000,100,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Mpeg2Data.ax
    [2012/04/16 17:20:26 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSDvbNP.ax
    [2012/04/16 17:20:26 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mpeg2Data.ax
    [2012/04/16 17:20:26 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDvbNP.ax
    [2012/04/16 17:09:09 | 000,708,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpencom.dll
    [2012/04/16 17:09:09 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpencom.dll
    [2012/04/16 16:36:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\vi-VN
    [2012/04/16 16:36:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\eu-ES
    [2012/04/16 16:36:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\eu-ES
    [2012/04/16 16:36:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ca-ES
    [2012/04/16 16:36:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ca-ES
    [2012/04/16 16:36:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\vi-VN
    [2012/04/16 16:29:44 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
    [2012/04/16 16:18:30 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\compcln.exe
    [2012/04/16 16:18:11 | 000,946,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavenge.dll
    [2012/04/16 16:17:43 | 003,341,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netshell.dll
    [2012/04/16 16:17:43 | 002,247,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkexplorer.dll
    [2012/04/16 16:17:42 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NlsLexicons0007.dll
    [2012/04/16 16:17:42 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NlsLexicons0007.dll
    [2012/04/16 16:17:42 | 003,235,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkmap.dll
    [2012/04/16 16:17:42 | 003,174,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netshell.dll
    [2012/04/16 16:17:42 | 003,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\networkmap.dll
    [2012/04/16 16:17:42 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NlsLexicons0009.dll
    [2012/04/16 16:17:42 | 000,469,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\newdev.dll
    [2012/04/16 16:17:42 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\newdev.dll
    [2012/04/16 16:17:42 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nlhtml.dll
    [2012/04/16 16:17:42 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nlhtml.dll
    [2012/04/16 16:17:42 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nslookup.exe
    [2012/04/16 16:17:42 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\newdev.exe
    [2012/04/16 16:17:42 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\newdev.exe
    [2012/04/16 16:17:42 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkitemfactory.dll
    [2012/04/16 16:17:41 | 000,856,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mswdat10.dll
    [2012/04/16 16:17:41 | 000,618,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mswstr10.dll
    [2012/04/16 16:17:41 | 000,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxbde40.dll
    [2012/04/16 16:17:41 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mtxclu.dll
    [2012/04/16 16:17:41 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mtxclu.dll
    [2012/04/16 16:17:40 | 000,717,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netlogon.dll
    [2012/04/16 16:17:40 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcp60.dll
    [2012/04/16 16:17:40 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp60.dll
    [2012/04/16 16:17:40 | 000,347,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
    [2012/04/16 16:17:40 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msutb.dll
    [2012/04/16 16:17:40 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msutb.dll
    [2012/04/16 16:17:39 | 002,420,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcenter.dll
    [2012/04/16 16:17:39 | 002,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcenter.dll
    [2012/04/16 16:17:39 | 001,444,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PerfCenterCPL.dll
    [2012/04/16 16:17:39 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PerfCenterCPL.dll
    [2012/04/16 16:17:39 | 001,098,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NetProjW.dll
    [2012/04/16 16:17:39 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
    [2012/04/16 16:17:39 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcaui.dll
    [2012/04/16 16:17:39 | 000,589,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncryptui.dll
    [2012/04/16 16:17:39 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pcaui.dll
    [2012/04/16 16:17:39 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncryptui.dll
    [2012/04/16 16:17:39 | 000,307,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pdh.dll
    [2012/04/16 16:17:39 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
    [2012/04/16 16:17:39 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pdh.dll
    [2012/04/16 16:17:39 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netplwiz.dll
    [2012/04/16 16:17:39 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netplwiz.dll
    [2012/04/16 16:17:39 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mydocs.dll
    [2012/04/16 16:17:39 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\phon.ime
    [2012/04/16 16:17:39 | 000,049,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pciidex.sys
    [2012/04/16 16:17:39 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perfdisk.dll
    [2012/04/16 16:17:39 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfdisk.dll
    [2012/04/16 16:17:39 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NcdProp.dll
    [2012/04/16 16:17:39 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NcdProp.dll
    [2012/04/16 16:17:38 | 002,024,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pnidui.dll
    [2012/04/16 16:17:38 | 001,823,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pnidui.dll
    [2012/04/16 16:17:38 | 000,840,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PhotoScreensaver.scr
    [2012/04/16 16:17:38 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PhotoScreensaver.scr
    [2012/04/16 16:17:38 | 000,691,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pnpui.dll
    [2012/04/16 16:17:38 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pnpsetup.dll
    [2012/04/16 16:17:38 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pnpsetup.dll
    [2012/04/16 16:17:38 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PkgMgr.exe
    [2012/04/16 16:17:38 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PNPXAssoc.dll
    [2012/04/16 16:17:38 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PnPUnattend.exe
    [2012/04/16 16:17:38 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PnPutil.exe
    [2012/04/16 16:17:36 | 001,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pidgenx.dll
    [2012/04/16 16:17:36 | 001,093,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pidgenx.dll
    [2012/04/16 16:17:36 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\photowiz.dll
    [2012/04/16 16:17:36 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\photowiz.dll
    [2012/04/16 16:17:36 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
    [2012/04/16 16:17:36 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pintlgnt.ime
    [2012/04/16 16:17:36 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbcconf.dll
    [2012/04/16 16:17:36 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcconf.dll
    [2012/04/16 16:17:36 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ocsetup.exe
    [2012/04/16 16:17:36 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ocsetup.exe
    [2012/04/16 16:17:34 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntprint.dll
    [2012/04/16 16:17:34 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntprint.dll
    [2012/04/16 16:17:34 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntmarta.dll
    [2012/04/16 16:17:33 | 002,438,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oobefldr.dll
    [2012/04/16 16:17:33 | 002,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oobefldr.dll
    [2012/04/16 16:17:33 | 000,401,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\P2PGraph.dll
    [2012/04/16 16:17:33 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\P2PGraph.dll
    [2012/04/16 16:17:33 | 000,212,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\osk.exe
    [2012/04/16 16:17:33 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\offfilt.dll
    [2012/04/16 16:17:33 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\osk.exe
    [2012/04/16 16:17:32 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\offfilt.dll
    [2012/04/16 16:17:32 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
    [2012/04/16 16:17:30 | 001,740,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\onex.dll
    [2012/04/16 16:17:29 | 001,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\onex.dll
    [2012/04/16 16:17:29 | 001,040,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctf.dll
    [2012/04/16 16:17:29 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleprn.dll
    [2012/04/16 16:17:29 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctfui.dll
    [2012/04/16 16:17:29 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oleprn.dll
    [2012/04/16 16:17:29 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msctfui.dll
    [2012/04/16 16:17:29 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msctfp.dll
    [2012/04/16 16:17:29 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsCtfMonitor.dll
    [2012/04/16 16:17:28 | 001,499,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdtctm.dll
    [2012/04/16 16:17:28 | 000,727,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdtcprx.dll
    [2012/04/16 16:17:28 | 000,560,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdtcprx.dll
    [2012/04/16 16:17:28 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msexch40.dll
    [2012/04/16 16:17:28 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msexcl40.dll
    [2012/04/16 16:17:28 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctfp.dll
    [2012/04/16 16:17:28 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsCtfMonitor.dll
    [2012/04/16 16:17:25 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msimsg.dll
    [2012/04/16 16:17:24 | 000,735,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msftedit.dll
    [2012/04/16 16:17:24 | 000,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msftedit.dll
    [2012/04/16 16:17:24 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
    [2012/04/16 16:17:24 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msimsg.dll
    [2012/04/16 16:17:23 | 003,108,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
    [2012/04/16 16:17:23 | 000,503,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll
    [2012/04/16 16:17:23 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSAC3ENC.DLL
    [2012/04/16 16:17:22 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscms.dll
    [2012/04/16 16:17:21 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSAC3ENC.DLL
    [2012/04/16 16:17:21 | 000,155,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscorier.dll
    [2012/04/16 16:17:21 | 000,154,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscorier.dll
    [2012/04/16 16:17:21 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscories.dll
    [2012/04/16 16:17:21 | 000,073,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscories.dll
    [2012/04/16 16:17:20 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mspaint.exe
    [2012/04/16 16:17:20 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mspbde40.dll
    [2012/04/16 16:17:20 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscandui.dll
    [2012/04/16 16:17:20 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscandui.dll
    [2012/04/16 16:17:20 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
    [2012/04/16 16:17:20 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
    [2012/04/16 16:17:20 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
    [2012/04/16 16:17:20 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscb.dll
    [2012/04/16 16:17:20 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscb.dll
    [2012/04/16 16:17:19 | 000,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrepl40.dll
    [2012/04/16 16:17:19 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscp.dll
    [2012/04/16 16:17:19 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrd3x40.dll
    [2012/04/16 16:17:19 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrd2x40.dll
    [2012/04/16 16:17:19 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjtes40.dll
    [2012/04/16 16:17:19 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msltus40.dll
    [2012/04/16 16:17:19 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjter40.dll
    [2012/04/16 16:17:19 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
    [2012/04/16 16:17:18 | 001,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjet40.dll
    [2012/04/16 16:17:18 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPEG2VDEC.DLL
    [2012/04/16 16:17:18 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjint40.dll
    [2012/04/16 16:17:18 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msisip.dll
    [2012/04/16 16:17:17 | 000,796,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
    [2012/04/16 16:17:17 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSMPEG2VDEC.DLL
    [2012/04/16 16:17:17 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
    [2012/04/16 16:17:17 | 000,644,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSMPEG2ENC.DLL
    [2012/04/16 16:17:17 | 000,506,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPEG2ENC.DLL
    [2012/04/16 16:17:17 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstext40.dll
    [2012/04/16 16:17:17 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstask.dll
    [2012/04/16 16:17:17 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msnetobj.dll
    [2012/04/16 16:17:17 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msnetobj.dll
    [2012/04/16 16:17:17 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstlsapi.dll
    [2012/04/16 16:17:17 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstlsapi.dll
    [2012/04/16 16:17:16 | 002,280,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
    [2012/04/16 16:17:16 | 000,501,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
    [2012/04/16 16:17:16 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscp.dll
    [2012/04/16 16:17:16 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssitlb.dll
    [2012/04/16 16:17:16 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssitlb.dll
    [2012/04/16 16:17:16 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msshooks.dll
    [2012/04/16 16:17:16 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msshooks.dll
    [2012/04/16 16:17:15 | 001,480,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
    [2012/04/16 16:17:15 | 000,488,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msinfo32.exe
    [2012/04/16 16:17:15 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msinfo32.exe
    [2012/04/16 16:17:15 | 000,351,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
    [2012/04/16 16:17:15 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
    [2012/04/16 16:17:15 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msstrc.dll
     
  12. gimmextra

    gimmextra Thread Starter

    Joined:
    Apr 4, 2012
    Messages:
    54
    [2012/04/16 16:17:15 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msstrc.dll
    [2012/04/16 16:17:15 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msimtf.dll
    [2012/04/16 16:17:15 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssprxy.dll
    [2012/04/16 16:17:15 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msisip.dll
    [2012/04/16 16:17:14 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
    [2012/04/16 16:17:14 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrobj.dll
    [2012/04/16 16:17:14 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
    [2012/04/16 16:17:14 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scksp.dll
    [2012/04/16 16:17:14 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrobj.dll
    [2012/04/16 16:17:14 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
    [2012/04/16 16:17:14 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scksp.dll
    [2012/04/16 16:17:13 | 000,499,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdohlp.dll
    [2012/04/16 16:17:13 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sdohlp.dll
    [2012/04/16 16:17:13 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
    [2012/04/16 16:17:11 | 000,619,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
    [2012/04/16 16:17:11 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\puiapi.dll
    [2012/04/16 16:17:11 | 000,055,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PSHED.DLL
    [2012/04/16 16:17:10 | 002,028,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Query.dll
    [2012/04/16 16:17:10 | 001,244,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RacEngn.dll
    [2012/04/16 16:17:10 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RacEngn.dll
    [2012/04/16 16:17:10 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
    [2012/04/16 16:17:10 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasapi32.dll
    [2012/04/16 16:17:10 | 000,295,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\raschap.dll
    [2012/04/16 16:17:10 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\raschap.dll
    [2012/04/16 16:17:10 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quick.ime
    [2012/04/16 16:17:10 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qintlgnt.ime
    [2012/04/16 16:17:10 | 000,123,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
    [2012/04/16 16:17:10 | 000,102,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
    [2012/04/16 16:17:10 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasdiag.dll
    [2012/04/16 16:17:10 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasdiag.dll
    [2012/04/16 16:17:10 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasdial.exe
    [2012/04/16 16:17:10 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasdial.exe
    [2012/04/16 16:17:09 | 000,980,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printui.dll
    [2012/04/16 16:17:09 | 000,923,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\propsys.dll
    [2012/04/16 16:17:09 | 000,898,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powercpl.dll
    [2012/04/16 16:17:09 | 000,869,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\printui.dll
    [2012/04/16 16:17:09 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powercpl.dll
    [2012/04/16 16:17:09 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prnntfy.dll
    [2012/04/16 16:17:09 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
    [2012/04/16 16:17:09 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powrprof.dll
    [2012/04/16 16:17:08 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prnntfy.dll
    [2012/04/16 16:17:08 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\propdefs.dll
    [2012/04/16 16:17:08 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\propdefs.dll
    [2012/04/16 16:17:07 | 001,165,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationNative_v0300.dll
    [2012/04/16 16:17:07 | 000,779,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationNative_v0300.dll
    [2012/04/16 16:17:07 | 000,671,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samsrv.dll
    [2012/04/16 16:17:07 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\riched20.dll
    [2012/04/16 16:17:07 | 000,302,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scansetting.dll
    [2012/04/16 16:17:07 | 000,289,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rsaenh.dll
    [2012/04/16 16:17:07 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scansetting.dll
    [2012/04/16 16:17:07 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationSettings.exe
    [2012/04/16 16:17:07 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
    [2012/04/16 16:17:07 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys
    [2012/04/16 16:17:07 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
    [2012/04/16 16:17:07 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rshx32.dll
    [2012/04/16 16:17:07 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
    [2012/04/16 16:17:06 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scesrv.dll
    [2012/04/16 16:17:06 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
    [2012/04/16 16:17:06 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scesrv.dll
    [2012/04/16 16:17:06 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scecli.dll
    [2012/04/16 16:17:06 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scecli.dll
    [2012/04/16 16:17:06 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samlib.dll
    [2012/04/16 16:17:06 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtffilt.dll
    [2012/04/16 16:17:06 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtffilt.dll
    [2012/04/16 16:17:05 | 000,911,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasdlg.dll
    [2012/04/16 16:17:05 | 000,825,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasdlg.dll
    [2012/04/16 16:17:05 | 000,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasgcw.dll
    [2012/04/16 16:17:05 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RelMon.dll
    [2012/04/16 16:17:05 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasplap.dll
    [2012/04/16 16:17:05 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasplap.dll
    [2012/04/16 16:17:05 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RelMon.dll
    [2012/04/16 16:17:05 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasppp.dll
    [2012/04/16 16:17:05 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasppp.dll
    [2012/04/16 16:17:05 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasmontr.dll
    [2012/04/16 16:17:05 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasmontr.dll
    [2012/04/16 16:17:05 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rastapi.dll
    [2012/04/16 16:17:05 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastapi.dll
    [2012/04/16 16:17:04 | 002,484,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dbgeng.dll
    [2012/04/16 16:17:04 | 001,185,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmv2clt.dll
    [2012/04/16 16:17:04 | 000,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmv2clt.dll
    [2012/04/16 16:17:04 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpapimig.exe
    [2012/04/16 16:17:04 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dsound.dll
    [2012/04/16 16:17:04 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpapimig.exe
    [2012/04/16 16:17:04 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmmgrtn.dll
    [2012/04/16 16:17:04 | 000,315,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvstore.dll
    [2012/04/16 16:17:04 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diskraid.exe
    [2012/04/16 16:17:04 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmmgrtn.dll
    [2012/04/16 16:17:04 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvstore.dll
    [2012/04/16 16:17:04 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dskquoui.dll
    [2012/04/16 16:17:04 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\diskraid.exe
    [2012/04/16 16:17:04 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
    [2012/04/16 16:17:04 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dsprop.dll
    [2012/04/16 16:17:04 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diskpart.exe
    [2012/04/16 16:17:04 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dsprop.dll
    [2012/04/16 16:17:04 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\diskpart.exe
    [2012/04/16 16:17:04 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
    [2012/04/16 16:17:04 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dmsynth.dll
    [2012/04/16 16:17:04 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dmusic.dll
    [2012/04/16 16:17:04 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3msm.dll
    [2012/04/16 16:17:04 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\regapi.dll
    [2012/04/16 16:17:04 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3msm.dll
    [2012/04/16 16:17:04 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\reg.exe
    [2012/04/16 16:17:04 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\regapi.dll
    [2012/04/16 16:17:04 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3cfg.dll
    [2012/04/16 16:17:04 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\reg.exe
    [2012/04/16 16:17:04 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvinst.exe
    [2012/04/16 16:17:04 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dimsroam.dll
    [2012/04/16 16:17:04 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rekeywiz.exe
    [2012/04/16 16:17:04 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3cfg.dll
    [2012/04/16 16:17:04 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rekeywiz.exe
    [2012/04/16 16:17:04 | 000,029,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Dumpata.sys
    [2012/04/16 16:17:04 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
    [2012/04/16 16:17:03 | 003,079,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
    [2012/04/16 16:17:03 | 002,926,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
    [2012/04/16 16:17:03 | 001,930,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d9.dll
    [2012/04/16 16:17:03 | 001,856,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dbgeng.dll
    [2012/04/16 16:17:03 | 001,584,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diagperf.dll
    [2012/04/16 16:17:03 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devmgr.dll
    [2012/04/16 16:17:03 | 000,483,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairing.dll
    [2012/04/16 16:17:03 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairing.dll
    [2012/04/16 16:17:03 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devmgr.dll
    [2012/04/16 16:17:03 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Faultrep.dll
    [2012/04/16 16:17:03 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fundisc.dll
    [2012/04/16 16:17:03 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontext.dll
    [2012/04/16 16:17:03 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
    [2012/04/16 16:17:03 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
    [2012/04/16 16:17:03 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Faultrep.dll
    [2012/04/16 16:17:03 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontext.dll
    [2012/04/16 16:17:03 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
    [2012/04/16 16:17:03 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdBth.dll
    [2012/04/16 16:17:03 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdBth.dll
    [2012/04/16 16:17:03 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdSSDP.dll
    [2012/04/16 16:17:03 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
    [2012/04/16 16:17:03 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairingWizard.exe
    [2012/04/16 16:17:03 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdSSDP.dll
    [2012/04/16 16:17:03 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdProxy.dll
    [2012/04/16 16:17:03 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairingWizard.exe
    [2012/04/16 16:17:03 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dimsroam.dll
    [2012/04/16 16:17:03 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\findstr.exe
    [2012/04/16 16:17:03 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairingProxy.dll
    [2012/04/16 16:17:03 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairingProxy.dll
    [2012/04/16 16:17:03 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdeploy.dll
    [2012/04/16 16:17:03 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\deskadp.dll
    [2012/04/16 16:17:03 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dataclen.dll
    [2012/04/16 16:17:03 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\deskmon.dll
    [2012/04/16 16:17:03 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dataclen.dll
    [2012/04/16 16:17:03 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\f3ahvoas.dll
    [2012/04/16 16:17:03 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\findstr.exe
    [2012/04/16 16:17:03 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DeviceEject.exe
    [2012/04/16 16:17:03 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fc.exe
    [2012/04/16 16:17:03 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
    [2012/04/16 16:17:03 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fc.exe
    [2012/04/16 16:17:03 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdBthProxy.dll
    [2012/04/16 16:17:03 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdBthProxy.dll
    [2012/04/16 16:17:03 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\f3ahvoas.dll
    [2012/04/16 16:17:02 | 002,506,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
    [2012/04/16 16:17:02 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FunctionDiscoveryFolder.dll
    [2012/04/16 16:17:02 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FunctionDiscoveryFolder.dll
    [2012/04/16 16:17:02 | 001,459,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
    [2012/04/16 16:17:02 | 000,647,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\evr.dll
    [2012/04/16 16:17:02 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\evr.dll
    [2012/04/16 16:17:02 | 000,291,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eapp3hst.dll
    [2012/04/16 16:17:02 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eudcedit.exe
    [2012/04/16 16:17:02 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eapphost.dll
    [2012/04/16 16:17:02 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eappcfg.dll
    [2012/04/16 16:17:02 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eudcedit.exe
    [2012/04/16 16:17:02 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eapp3hst.dll
    [2012/04/16 16:17:02 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eapphost.dll
    [2012/04/16 16:17:02 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eappcfg.dll
    [2012/04/16 16:17:02 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EhStorAPI.dll
    [2012/04/16 16:17:02 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EhStorShell.dll
    [2012/04/16 16:17:02 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eappgnui.dll
    [2012/04/16 16:17:02 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxg.sys
    [2012/04/16 16:17:02 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwm.exe
    [2012/04/16 16:17:02 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eappgnui.dll
    [2012/04/16 16:17:02 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdWCN.dll
    [2012/04/16 16:17:02 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdWSD.dll
    [2012/04/16 16:17:02 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\feclient.dll
    [2012/04/16 16:17:02 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdWSD.dll
    [2012/04/16 16:17:02 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\feclient.dll
    [2012/04/16 16:17:02 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftp.exe
    [2012/04/16 16:17:02 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EhStorPwdMgr.dll
    [2012/04/16 16:17:02 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftp.exe
    [2012/04/16 16:17:02 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EhStorPwdMgr.dll
    [2012/04/16 16:17:01 | 001,418,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayCpl.dll
    [2012/04/16 16:17:01 | 000,616,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\blackbox.dll
    [2012/04/16 16:17:01 | 000,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\blackbox.dll
    [2012/04/16 16:17:01 | 000,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autoplay.dll
    [2012/04/16 16:17:01 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcrypt.dll
    [2012/04/16 16:17:01 | 000,153,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\basecsp.dll
    [2012/04/16 16:17:01 | 000,130,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\basecsp.dll
    [2012/04/16 16:17:01 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bitsigd.dll
    [2012/04/16 16:16:56 | 001,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AuxiliaryDisplayCpl.dll
    [2012/04/16 16:16:56 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autoconv.exe
    [2012/04/16 16:16:56 | 000,722,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autofmt.exe
    [2012/04/16 16:16:56 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autoplay.dll
    [2012/04/16 16:16:56 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autoconv.exe
    [2012/04/16 16:16:56 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autofmt.exe
    [2012/04/16 16:16:55 | 001,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\brcpl.dll
    [2012/04/16 16:16:55 | 001,321,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appwiz.cpl
    [2012/04/16 16:16:55 | 000,894,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\azroles.dll
    [2012/04/16 16:16:55 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\azroles.dll
    [2012/04/16 16:16:55 | 000,668,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthprops.cpl
    [2012/04/16 16:16:55 | 000,640,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bthprops.cpl
    [2012/04/16 16:16:55 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayDriverLib.dll
    [2012/04/16 16:16:55 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayServices.dll
    [2012/04/16 16:16:55 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\btpanui.dll
    [2012/04/16 16:16:55 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthci.dll
    [2012/04/16 16:16:55 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthudtask.exe
    [2012/04/16 16:16:55 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bthudtask.exe
    [2012/04/16 16:16:54 | 001,122,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appwiz.cpl
    [2012/04/16 16:16:53 | 002,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apds.dll
    [2012/04/16 16:16:53 | 001,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
    [2012/04/16 16:16:53 | 001,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apds.dll
    [2012/04/16 16:16:53 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll
    [2012/04/16 16:16:53 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AUDIOKSE.dll
    [2012/04/16 16:16:53 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apphelp.dll
    [2012/04/16 16:16:53 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
    [2012/04/16 16:16:53 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authz.dll
    [2012/04/16 16:16:53 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\audiodg.exe
    [2012/04/16 16:16:52 | 002,272,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
    [2012/04/16 16:16:52 | 000,734,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autochk.exe
    [2012/04/16 16:16:52 | 000,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autochk.exe
    [2012/04/16 16:16:51 | 000,549,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comdlg32.dll
    [2012/04/16 16:16:51 | 000,123,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys
    [2012/04/16 16:16:51 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmmon32.exe
    [2012/04/16 16:16:51 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmmon32.exe
    [2012/04/16 16:16:50 | 000,521,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmdial32.dll
    [2012/04/16 16:16:50 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmdial32.dll
    [2012/04/16 16:16:49 | 001,691,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\connect.dll
    [2012/04/16 16:16:49 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\connect.dll
    [2012/04/16 16:16:49 | 001,259,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
    [2012/04/16 16:16:49 | 001,035,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptui.dll
    [2012/04/16 16:16:49 | 000,971,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptui.dll
    [2012/04/16 16:16:49 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comuid.dll
    [2012/04/16 16:16:49 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conime.exe
    [2012/04/16 16:16:49 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\conime.exe
    [2012/04/16 16:16:49 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscapi.dll
    [2012/04/16 16:16:49 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscdll.dll
    [2012/04/16 16:16:48 | 001,686,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comsvcs.dll
    [2012/04/16 16:16:48 | 001,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certmgr.dll
    [2012/04/16 16:16:48 | 001,209,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comsvcs.dll
    [2012/04/16 16:16:48 | 000,918,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comuid.dll
    [2012/04/16 16:16:48 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
    [2012/04/16 16:16:48 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\console.dll
    [2012/04/16 16:16:48 | 000,039,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys
    [2012/04/16 16:16:46 | 001,748,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certmgr.dll
    [2012/04/16 16:16:46 | 001,658,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll
    [2012/04/16 16:16:46 | 001,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
    [2012/04/16 16:16:46 | 000,810,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnrollUI.dll
    [2012/04/16 16:16:46 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnrollUI.dll
    [2012/04/16 16:16:46 | 000,447,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
    [2012/04/16 16:16:46 | 000,323,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
    [2012/04/16 16:16:46 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certreq.exe
    [2012/04/16 16:16:46 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certreq.exe
    [2012/04/16 16:16:46 | 000,164,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys
    [2012/04/16 16:16:46 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cintlgnt.ime
    [2012/04/16 16:16:46 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cipher.exe
    [2012/04/16 16:16:46 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cipher.exe
    [2012/04/16 16:16:46 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cbsra.exe
    [2012/04/16 16:16:45 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\chtbrkr.dll
    [2012/04/16 16:16:45 | 006,100,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\chtbrkr.dll
    [2012/04/16 16:16:45 | 000,380,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ci.dll
    [2012/04/16 16:16:45 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\chajei.ime
    [2012/04/16 16:16:45 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CHxReadingStringIME.dll
    [2012/04/16 16:16:45 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CHxReadingStringIME.dll
    [2012/04/16 16:16:43 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
    [2012/04/16 16:16:42 | 001,676,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\chsbrkr.dll
    [2012/04/16 16:16:42 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\chsbrkr.dll
    [2012/04/16 16:16:42 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
    [2012/04/16 16:16:40 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\korwbrkr.dll
    [2012/04/16 16:16:40 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Kswdmcap.ax
    [2012/04/16 16:16:39 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\korwbrkr.dll
    [2012/04/16 16:16:39 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logagent.exe
    [2012/04/16 16:16:39 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logman.exe
    [2012/04/16 16:16:39 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logman.exe
    [2012/04/16 16:16:38 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Magnify.exe
    [2012/04/16 16:16:38 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Magnify.exe
    [2012/04/16 16:16:38 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\InkEd.dll
    [2012/04/16 16:16:38 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\input.dll
    [2012/04/16 16:16:38 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\InkEd.dll
    [2012/04/16 16:16:38 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\input.dll
    [2012/04/16 16:16:38 | 000,171,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\infocardapi.dll
    [2012/04/16 16:16:38 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetpp.dll
    [2012/04/16 16:16:38 | 000,099,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardapi.dll
    [2012/04/16 16:16:38 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logagent.exe
    [2012/04/16 16:16:38 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Kswdmcap.ax
    [2012/04/16 16:16:38 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\l2nacp.dll
    [2012/04/16 16:16:38 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\l2nacp.dll
    [2012/04/16 16:16:38 | 000,046,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\infocardcpl.cpl
    [2012/04/16 16:16:38 | 000,035,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardcpl.cpl
    [2012/04/16 16:16:38 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetppui.dll
    [2012/04/16 16:16:37 | 000,620,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ipsmsnap.dll
    [2012/04/16 16:16:37 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ipsmsnap.dll
    [2012/04/16 16:16:37 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iscsilog.dll
    [2012/04/16 16:16:32 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ipconfig.exe
    [2012/04/16 16:16:31 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ipsecsnp.dll
    [2012/04/16 16:16:30 | 000,935,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ipsecsnp.dll
    [2012/04/16 16:16:30 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IPHLPAPI.DLL
    [2012/04/16 16:16:29 | 002,715,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmc.exe
    [2012/04/16 16:16:29 | 002,570,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\milcore.dll
    [2012/04/16 16:16:29 | 002,012,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\milcore.dll
    [2012/04/16 16:16:29 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmc.exe
    [2012/04/16 16:16:29 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mprapi.dll
    [2012/04/16 16:16:29 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mprapi.dll
    [2012/04/16 16:16:29 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mimefilt.dll
    [2012/04/16 16:16:29 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mimefilt.dll
    [2012/04/16 16:16:28 | 003,263,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmcndmgr.dll
    [2012/04/16 16:16:28 | 002,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmcndmgr.dll
    [2012/04/16 16:16:28 | 001,102,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmsys.cpl
    [2012/04/16 16:16:28 | 001,060,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmsys.cpl
    [2012/04/16 16:16:28 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\modemui.dll
    [2012/04/16 16:16:28 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\modemui.dll
    [2012/04/16 16:16:28 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MMDevAPI.dll
    [2012/04/16 16:16:28 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpr.dll
    [2012/04/16 16:16:28 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmci.dll
    [2012/04/16 16:16:28 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmcico.dll
    [2012/04/16 16:16:21 | 000,223,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcupdate_GenuineIntel.dll
    [2012/04/16 16:16:20 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcmde.dll
    [2012/04/16 16:16:19 | 000,967,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mblctr.exe
    [2012/04/16 16:16:19 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MediaMetadataHandler.dll
    [2012/04/16 16:16:16 | 000,403,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MediaMetadataHandler.dll
    [2012/04/16 16:16:15 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mdminst.dll
    [2012/04/16 16:16:07 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
    [2012/04/16 16:16:06 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hdwwiz.exe
    [2012/04/16 16:16:06 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hdwwiz.exe
    [2012/04/16 16:16:05 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hbaapi.dll
    [2012/04/16 16:16:05 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hbaapi.dll
    [2012/04/16 16:16:00 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpapi.dll
    [2012/04/16 16:15:54 | 001,019,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10.IME
    [2012/04/16 16:15:54 | 001,013,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpedit.dll
    [2012/04/16 16:15:54 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpedit.dll
    [2012/04/16 16:15:54 | 000,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10.IME
    [2012/04/16 16:15:54 | 000,779,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
    [2012/04/16 16:15:54 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
    [2012/04/16 16:15:54 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
    [2012/04/16 16:15:54 | 000,166,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
    [2012/04/16 16:15:54 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpresult.exe
    [2012/04/16 16:15:54 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FwRemoteSvr.dll
    [2012/04/16 16:15:54 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FwRemoteSvr.dll
    [2012/04/16 16:15:54 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpupdate.exe
    [2012/04/16 16:15:53 | 001,381,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardagt.exe
    [2012/04/16 16:15:53 | 001,146,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi2fs.dll
    [2012/04/16 16:15:53 | 000,922,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10K.DLL
    [2012/04/16 16:15:53 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10K.DLL
    [2012/04/16 16:15:53 | 000,677,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2fs.dll
    [2012/04/16 16:15:53 | 000,619,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardagt.exe
    [2012/04/16 16:15:53 | 000,506,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi2.dll
    [2012/04/16 16:15:53 | 000,437,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imkr80.ime
    [2012/04/16 16:15:53 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imkr80.ime
    [2012/04/16 16:15:53 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2.dll
    [2012/04/16 16:15:53 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imm32.dll
    [2012/04/16 16:15:53 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi.dll
    [2012/04/16 16:15:53 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi.dll
    [2012/04/16 16:15:53 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ifmon.dll
    [2012/04/16 16:15:53 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ifmon.dll
    [2012/04/16 16:15:53 | 000,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardres.dll
    [2012/04/16 16:15:53 | 000,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardres.dll
    [2012/04/16 16:15:52 | 001,279,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usercpl.dll
    [2012/04/16 16:15:52 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\usercpl.dll
    [2012/04/16 16:15:52 | 000,820,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\user32.dll
    [2012/04/16 16:15:52 | 000,785,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Utilman.exe
    [2012/04/16 16:15:52 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Utilman.exe
    [2012/04/16 16:15:52 | 000,571,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsdyn.dll
    [2012/04/16 16:15:52 | 000,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vdsdyn.dll
    [2012/04/16 16:15:52 | 000,372,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\untfs.dll
    [2012/04/16 16:15:52 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uDWM.dll
    [2012/04/16 16:15:52 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\untfs.dll
    [2012/04/16 16:15:52 | 000,320,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\unimdm.tsp
    [2012/04/16 16:15:52 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdscore.dll
    [2012/04/16 16:15:52 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unimdm.tsp
    [2012/04/16 16:15:52 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
    [2012/04/16 16:15:52 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsutil.dll
    [2012/04/16 16:15:52 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\userenv.dll
    [2012/04/16 16:15:52 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vdsutil.dll
    [2012/04/16 16:15:52 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ulib.dll
    [2012/04/16 16:15:52 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ulib.dll
    [2012/04/16 16:15:52 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSTheme.exe
    [2012/04/16 16:15:52 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\watchdog.sys
    [2012/04/16 16:15:52 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TSTheme.exe
    [2012/04/16 16:15:52 | 000,035,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TsWpfWrp.exe
    [2012/04/16 16:15:52 | 000,034,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsWpfWrp.exe
    [2012/04/16 16:15:52 | 000,032,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBCAMD2.sys
    [2012/04/16 16:15:52 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\version.dll
    [2012/04/16 16:15:52 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
    [2012/04/16 16:15:52 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vdmdbg.dll
    [2012/04/16 16:15:51 | 001,681,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wcnwiz.dll
    [2012/04/16 16:15:51 | 001,533,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wcnwiz.dll
    [2012/04/16 16:15:51 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vssapi.dll
    [2012/04/16 16:15:51 | 001,234,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdc.dll
    [2012/04/16 16:15:51 | 001,085,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wcnwiz2.dll
    [2012/04/16 16:15:51 | 001,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdc.dll
    [2012/04/16 16:15:51 | 000,968,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wcnwiz2.dll
    [2012/04/16 16:15:51 | 000,238,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WcnNetsh.dll
    [2012/04/16 16:15:51 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdscore.dll
    [2012/04/16 16:15:51 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WcnNetsh.dll
    [2012/04/16 16:15:51 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vss_ps.dll
    [2012/04/16 16:15:50 | 002,575,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SyncCenter.dll
    [2012/04/16 16:15:50 | 002,205,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SyncCenter.dll
    [2012/04/16 16:15:50 | 001,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sud.dll
    [2012/04/16 16:15:50 | 001,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sud.dll
    [2012/04/16 16:15:50 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysclass.dll
    [2012/04/16 16:15:50 | 000,068,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\stream.sys
    [2012/04/16 16:15:49 | 002,204,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
    [2012/04/16 16:15:49 | 001,576,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
    [2012/04/16 16:15:49 | 001,301,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themecpl.dll
    [2012/04/16 16:15:49 | 001,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\themecpl.dll
    [2012/04/16 16:15:49 | 000,995,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\systemcpl.dll
    [2012/04/16 16:15:49 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\systemcpl.dll
    [2012/04/16 16:15:49 | 000,688,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themeui.dll
    [2012/04/16 16:15:49 | 000,615,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\themeui.dll
    [2012/04/16 16:15:49 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysmon.ocx
    [2012/04/16 16:15:49 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sysmon.ocx
    [2012/04/16 16:15:49 | 000,317,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\thawbrkr.dll
    [2012/04/16 16:15:49 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\thawbrkr.dll
    [2012/04/16 16:15:49 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tintlgnt.ime
    [2012/04/16 16:15:48 | 002,043,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPEncEn.dll
    [2012/04/16 16:15:48 | 001,738,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscui.cpl
    [2012/04/16 16:15:48 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscui.cpl
    [2012/04/16 16:15:48 | 001,642,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPEncEn.dll
    [2012/04/16 16:15:48 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WscEapPr.dll
    [2012/04/16 16:15:48 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpeffects.dll
    [2012/04/16 16:15:48 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WscEapPr.dll
    [2012/04/16 16:15:48 | 000,264,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ws2_32.dll
    [2012/04/16 16:15:48 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tcpipcfg.dll
    [2012/04/16 16:15:48 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscntfy.dll
    [2012/04/16 16:15:48 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscntfy.dll
    [2012/04/16 16:15:48 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpdwcn.dll
    [2012/04/16 16:15:48 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSDMon.dll
    [2012/04/16 16:15:48 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpdwcn.dll
    [2012/04/16 16:15:48 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSDMon.dll
    [2012/04/16 16:15:48 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tcpipcfg.dll
    [2012/04/16 16:15:48 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tcpmon.dll
    [2012/04/16 16:15:48 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
    [2012/04/16 16:15:48 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
    [2012/04/16 16:15:48 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tcpmon.dll
    [2012/04/16 16:15:48 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshext.dll
    [2012/04/16 16:15:48 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshext.dll
    [2012/04/16 16:15:48 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsnmp32.dll
    [2012/04/16 16:15:48 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsnmp32.dll
    [2012/04/16 16:15:48 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
    [2012/04/16 16:15:48 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
    [2012/04/16 16:15:48 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdi.sys
    [2012/04/16 16:15:48 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsdchngr.dll
    [2012/04/16 16:15:48 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsepno.dll
    [2012/04/16 16:15:48 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsdchngr.dll
    [2012/04/16 16:15:48 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscisvif.dll
    [2012/04/16 16:15:48 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscisvif.dll
    [2012/04/16 16:15:47 | 001,891,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVENCOD.DLL
    [2012/04/16 16:15:47 | 001,882,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpccpl.dll
    [2012/04/16 16:15:47 | 001,702,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
    [2012/04/16 16:15:47 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
    [2012/04/16 16:15:47 | 001,543,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVSDECD.DLL
    [2012/04/16 16:15:47 | 001,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVSDECD.DLL
    [2012/04/16 16:15:47 | 001,245,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMNetMgr.dll
    [2012/04/16 16:15:47 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMNetMgr.dll
    [2012/04/16 16:15:47 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpcao.dll
    [2012/04/16 16:15:47 | 000,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVXENCD.DLL
    [2012/04/16 16:15:47 | 000,622,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVXENCD.DLL
    [2012/04/16 16:15:47 | 000,557,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpeffects.dll
    [2012/04/16 16:15:47 | 000,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpcao.dll
    [2012/04/16 16:15:47 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpps.dll
    [2012/04/16 16:15:47 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
    [2012/04/16 16:15:47 | 000,234,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
    [2012/04/16 16:15:47 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpps.dll
    [2012/04/16 16:15:47 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
    [2012/04/16 16:15:46 | 002,680,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\accessibilitycpl.dll
    [2012/04/16 16:15:46 | 002,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\accessibilitycpl.dll
    [2012/04/16 16:15:46 | 001,575,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVENCOD.DLL
    [2012/04/16 16:15:46 | 000,387,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\zipfldr.dll
    [2012/04/16 16:15:46 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wusa.exe
    [2012/04/16 16:15:46 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wusa.exe
    [2012/04/16 16:15:46 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmlfilter.dll
    [2012/04/16 16:15:46 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xmlfilter.dll
    [2012/04/16 16:15:45 | 001,673,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsAnytimeUpgradeCPL.dll
    [2012/04/16 16:15:45 | 001,065,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
    [2012/04/16 16:15:45 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
    [2012/04/16 16:15:45 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
    [2012/04/16 16:15:45 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adsldpc.dll
    [2012/04/16 16:15:45 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adsldpc.dll
    [2012/04/16 16:15:45 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adsmsext.dll
    [2012/04/16 16:15:45 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adsmsext.dll
    [2012/04/16 16:15:44 | 001,394,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wercon.exe
    [2012/04/16 16:15:44 | 001,114,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WerFaultSecure.exe
    [2012/04/16 16:15:44 | 001,110,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll
    [2012/04/16 16:15:44 | 000,946,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMADMOD.DLL
    [2012/04/16 16:15:44 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
    [2012/04/16 16:15:44 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WerFaultSecure.exe
    [2012/04/16 16:15:44 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMADMOD.DLL
    [2012/04/16 16:15:44 | 000,688,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmsdk.dll
    [2012/04/16 16:15:44 | 000,669,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wiaaut.dll
    [2012/04/16 16:15:44 | 000,660,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
    [2012/04/16 16:15:44 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wiaaut.dll
    [2012/04/16 16:15:44 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmdev.dll
    [2012/04/16 16:15:44 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmsdk.dll
    [2012/04/16 16:15:44 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
    [2012/04/16 16:15:44 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmnet.dll
    [2012/04/16 16:15:44 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmdev.dll
    [2012/04/16 16:15:44 | 000,394,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wevtapi.dll
    [2012/04/16 16:15:44 | 000,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmnet.dll
    [2012/04/16 16:15:44 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wldap32.dll
    [2012/04/16 16:15:44 | 000,260,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WerFault.exe
    [2012/04/16 16:15:44 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wevtapi.dll
    [2012/04/16 16:15:44 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wevtutil.exe
    [2012/04/16 16:15:44 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WerFault.exe
    [2012/04/16 16:15:44 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wevtutil.exe
    [2012/04/16 16:15:44 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlgpclnt.dll
    [2012/04/16 16:15:44 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlgpclnt.dll
    [2012/04/16 16:15:44 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\whealogr.dll
    [2012/04/16 16:15:44 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\whealogr.dll
    [2012/04/16 16:15:43 | 003,894,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSAT.exe
    [2012/04/16 16:15:43 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanpref.dll
    [2012/04/16 16:15:43 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanpref.dll
    [2012/04/16 16:15:43 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
    [2012/04/16 16:15:43 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlangpui.dll
    [2012/04/16 16:15:43 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanui.dll
    [2012/04/16 16:15:43 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanui.dll
    [2012/04/16 16:15:43 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSCard.dll
    [2012/04/16 16:15:42 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlangpui.dll
    [2012/04/16 16:15:42 | 000,287,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wisptis.exe
    [2012/04/16 16:14:54 | 000,936,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmiEngine.dll
    [2012/04/16 16:14:54 | 000,582,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SLCommDlg.dll
    [2012/04/16 16:14:54 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLUI.exe
    [2012/04/16 16:14:54 | 000,238,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sperror.dll
    [2012/04/16 16:14:54 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SndVol.exe
    [2012/04/16 16:14:54 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sperror.dll
    [2012/04/16 16:14:54 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLLUA.exe
    [2012/04/16 16:14:54 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SndVolSSO.dll
    [2012/04/16 16:14:54 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SndVol.exe
    [2012/04/16 16:14:54 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
    [2012/04/16 16:14:54 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\softkbd.dll
    [2012/04/16 16:14:54 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
    [2012/04/16 16:14:54 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\softkbd.dll
    [2012/04/16 16:14:54 | 000,116,736 | ---- | C] (Microsoft) -- C:\Windows\SysNative\SMBHelperClass.dll
    [2012/04/16 16:14:54 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwmi.dll
    [2012/04/16 16:14:54 | 000,083,456 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\SMBHelperClass.dll
    [2012/04/16 16:14:54 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
    [2012/04/16 16:14:54 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwmi.dll
    [2012/04/16 16:14:54 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spcmsg.dll
    [2012/04/16 16:14:54 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spcmsg.dll
    [2012/04/16 16:14:54 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
    [2012/04/16 16:14:53 | 001,925,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setupapi.dll
    [2012/04/16 16:14:53 | 001,081,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SLCExt.dll
    [2012/04/16 16:14:53 | 000,810,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slcc.dll
    [2012/04/16 16:14:53 | 000,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slcc.dll
    [2012/04/16 16:14:53 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sethc.exe
    [2012/04/16 16:14:53 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLCExt.dll
    [2012/04/16 16:14:53 | 000,631,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLCommDlg.dll
    [2012/04/16 16:14:53 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sethc.exe
    [2012/04/16 16:14:53 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shwebsvc.dll
    [2012/04/16 16:14:53 | 000,384,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\services.exe
    [2012/04/16 16:14:53 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLC.dll
    [2012/04/16 16:14:53 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shsetup.dll
    [2012/04/16 16:14:53 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shsetup.dll
    [2012/04/16 16:14:53 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sendmail.dll
    [2012/04/16 16:14:53 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slcinst.dll
    [2012/04/16 16:14:53 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slcinst.dll
    [2012/04/16 16:14:47 | 000,164,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Storport.sys
    [2012/04/16 16:14:47 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spreview.exe
    [2012/04/16 16:14:47 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Storprop.dll
    [2012/04/16 16:14:47 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Storprop.dll
    [2012/04/16 16:14:35 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spsys.sys
    [2012/04/16 16:14:35 | 000,581,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sqlsrv32.dll
    [2012/04/16 16:14:35 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sqlsrv32.dll
    [2012/04/16 16:14:35 | 000,474,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
    [2012/04/16 16:14:35 | 000,435,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spinstall.exe
    [2012/04/16 16:14:35 | 000,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srchadmin.dll
    [2012/04/16 16:14:35 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\srchadmin.dll
    [2012/04/16 16:14:35 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spinstall.exe
    [2012/04/16 16:14:35 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spoolss.dll
    [2012/04/16 16:14:35 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spp.dll
    [2012/04/16 16:14:35 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwizui.dll
    [2012/04/16 16:14:35 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwizui.dll
    [2012/04/16 16:14:35 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spoolss.dll
    [2012/04/16 16:14:35 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spreview.exe
    [2012/04/16 16:14:35 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwinsat.dll
    [2012/04/16 16:14:35 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwinsat.dll
    [2012/04/16 15:58:50 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
    [2012/04/07 15:29:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AC Tool
    [2012/04/06 11:15:06 | 008,741,536 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
    [2012/04/06 10:57:29 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
    [2012/04/05 15:32:17 | 000,000,000 | ---D | C] -- C:\Users\Eugene\Documents\DarKGunZ
    [2012/04/04 15:41:52 | 000,000,000 | -H-D | C] -- C:\Users\Eugene\AppData\Roaming\ijjigame
    [2012/04/04 15:39:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\REACTOR
    [2012/04/04 14:59:21 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
    [2012/04/04 10:01:20 | 000,000,000 | ---D | C] -- C:\Config.Msi
    [2012/04/02 23:37:43 | 000,000,000 | ---D | C] -- C:\Users\Eugene\AppData\Local\PackageAware
    [2012/04/02 20:42:42 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
    [2012/04/02 19:48:48 | 000,057,976 | R--- | C] (GFI Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
    [2012/04/02 19:02:17 | 000,000,000 | ---D | C] -- C:\Users\Eugene\AppData\Roaming\Malwarebytes
    [2012/04/02 19:02:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2012/04/01 19:43:34 | 000,000,000 | ---D | C] -- C:\Users\Eugene\Documents\mari0-win
    [2012/03/31 17:21:32 | 000,000,000 | ---D | C] -- C:\Users\Eugene\Documents\Pinball
    [2012/03/31 17:05:56 | 000,000,000 | ---D | C] -- C:\Users\Eugene\AppData\Local\{5804B2D4-7B75-11E1-826D-B8AC6F996F26}
    [2012/03/31 16:50:42 | 000,000,000 | ---D | C] -- C:\Users\Eugene\AppData\Local\TrinityEntertainmentNetwo
    [2012/03/29 22:15:36 | 000,000,000 | ---D | C] -- C:\Users\Eugene\Documents\My Cheat Tables
    [2012/03/29 16:59:36 | 000,023,376 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\SZIO5.dll
    [2012/03/29 16:59:24 | 000,546,640 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\SZComp5.dll
    [2012/03/29 16:59:18 | 000,481,104 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\SZBase5.dll
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2012/04/19 15:52:13 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Eugene\Desktop\OTL.exe
    [2012/04/19 15:33:29 | 095,582,017 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
    [2012/04/19 15:33:20 | 000,707,392 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2012/04/19 15:33:20 | 000,607,168 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2012/04/19 15:33:20 | 000,104,808 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2012/04/19 15:27:45 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2012/04/19 15:27:44 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2012/04/19 15:27:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2012/04/19 15:27:18 | 542,177,882 | ---- | M] () -- C:\Windows\MEMORY.DMP
    [2012/04/18 22:17:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2913236317-814230174-4002188810-1000UA.job
    [2012/04/18 22:15:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2012/04/18 18:29:10 | 000,095,232 | ---- | M] () -- C:\Users\Eugene\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2012/04/18 17:41:45 | 000,000,698 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
    [2012/04/17 18:21:58 | 000,000,981 | ---- | M] () -- C:\Users\Eugene\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
    [2012/04/16 23:32:16 | 000,008,798 | ---- | M] () -- C:\Windows\SysWow64\icrav03.rat
    [2012/04/16 23:32:16 | 000,008,798 | ---- | M] () -- C:\Windows\SysNative\icrav03.rat
    [2012/04/16 23:32:16 | 000,001,988 | ---- | M] () -- C:\Windows\SysWow64\ticrf.rat
    [2012/04/16 23:32:16 | 000,001,988 | ---- | M] () -- C:\Windows\SysNative\ticrf.rat
    [2012/04/16 23:32:05 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
    [2012/04/16 23:32:05 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
    [2012/04/16 23:32:05 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
    [2012/04/16 23:32:05 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
    [2012/04/16 23:32:05 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
    [2012/04/16 23:32:04 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
    [2012/04/16 23:32:04 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
    [2012/04/16 23:32:04 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
    [2012/04/16 23:32:04 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
    [2012/04/16 23:32:04 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
    [2012/04/16 23:32:04 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
    [2012/04/16 23:32:04 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
    [2012/04/16 23:32:04 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
    [2012/04/16 23:32:04 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
    [2012/04/16 23:32:03 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
    [2012/04/16 23:32:03 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
    [2012/04/16 23:32:03 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
    [2012/04/16 23:32:03 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
    [2012/04/16 23:32:02 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
    [2012/04/16 23:32:02 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
    [2012/04/16 23:32:02 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
    [2012/04/16 23:32:02 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
    [2012/04/16 23:32:02 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
    [2012/04/16 23:32:02 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\advpack.dll
    [2012/04/16 23:32:02 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
    [2012/04/16 23:32:02 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
    [2012/04/16 23:32:01 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
    [2012/04/16 23:32:01 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
    [2012/04/16 23:32:01 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
    [2012/04/16 23:32:00 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
    [2012/04/16 23:32:00 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
    [2012/04/16 23:32:00 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
    [2012/04/16 23:32:00 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
    [2012/04/16 23:32:00 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
    [2012/04/16 23:32:00 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
    [2012/04/16 23:32:00 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
    [2012/04/16 23:31:59 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
    [2012/04/16 23:31:59 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
    [2012/04/16 23:31:59 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\advpack.dll
    [2012/04/16 23:31:59 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
    [2012/04/16 23:31:59 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
    [2012/04/16 23:31:59 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
    [2012/04/16 23:31:59 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
    [2012/04/16 23:31:59 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
    [2012/04/16 23:31:59 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
    [2012/04/16 23:31:59 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
    [2012/04/16 23:31:58 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
    [2012/04/16 23:31:58 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
    [2012/04/16 23:31:58 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
    [2012/04/16 23:31:58 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
    [2012/04/16 23:31:58 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
    [2012/04/16 23:31:58 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
    [2012/04/16 23:31:58 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
    [2012/04/16 23:31:58 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
    [2012/04/16 23:31:58 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
    [2012/04/16 23:31:58 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
    [2012/04/16 23:31:58 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
    [2012/04/16 23:31:58 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
    [2012/04/16 23:31:57 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
    [2012/04/16 23:31:57 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
    [2012/04/16 23:31:57 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
    [2012/04/16 23:31:57 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
    [2012/04/16 23:31:57 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
    [2012/04/16 23:31:57 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
    [2012/04/16 23:31:57 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
    [2012/04/16 19:44:36 | 004,465,601 | R--- | M] (Swearware) -- C:\Users\Eugene\Desktop\ComboFix.exe
    [2012/04/16 18:22:38 | 004,965,160 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2012/04/16 18:19:16 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
    [2012/04/16 18:19:00 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_07_00.Wdf
    [2012/04/15 19:04:31 | 000,000,088 | ---- | M] () -- C:\Windows\GunzLauncher.INI
    [2012/04/15 11:17:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2913236317-814230174-4002188810-1000Core.job
    [2012/04/14 00:15:10 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
    [2012/04/14 00:15:10 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    [2012/04/14 00:15:06 | 008,741,536 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
    [2012/04/12 18:21:37 | 000,559,120 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
    [2012/04/06 17:04:36 | 000,000,167 | ---- | M] () -- C:\Windows\w32demo8.ini
    [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
    [2012/03/29 16:59:36 | 000,023,376 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\SZIO5.dll
    [2012/03/29 16:59:24 | 000,546,640 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\SZComp5.dll
    [2012/03/29 16:59:18 | 000,481,104 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\SZBase5.dll
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2012/04/16 23:32:04 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
    [2012/04/16 23:31:58 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
    [2012/04/16 19:46:01 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
    [2012/04/16 19:46:01 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
    [2012/04/16 19:46:01 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
    [2012/04/16 19:46:01 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
    [2012/04/16 19:46:01 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
    [2012/04/16 18:19:16 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
    [2012/04/16 18:19:00 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_07_00.Wdf
    [2012/04/16 16:17:29 | 000,395,723 | ---- | C] () -- C:\Windows\SysNative\onex.tmf
    [2012/04/16 16:17:18 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
    [2012/04/16 16:17:10 | 000,009,212 | ---- | C] () -- C:\Windows\SysWow64\RacUR.xml
    [2012/04/16 16:17:10 | 000,009,212 | ---- | C] () -- C:\Windows\SysNative\RacUR.xml
    [2012/04/16 16:17:04 | 000,471,992 | ---- | C] () -- C:\Windows\SysNative\dot3.tmf
    [2012/04/16 16:17:02 | 000,700,507 | ---- | C] () -- C:\Windows\SysNative\eaphost.tmf
    [2012/04/16 16:17:02 | 000,121,856 | ---- | C] () -- C:\Windows\SysNative\EhStorAuthn.dll
    [2012/04/16 16:17:02 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
    [2012/04/16 16:15:50 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
    [2012/04/16 16:15:50 | 000,107,612 | ---- | C] () -- C:\Windows\SysNative\StructuredQuerySchema.bin
    [2012/04/16 16:15:49 | 000,262,552 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
    [2012/04/16 16:15:44 | 000,207,968 | ---- | C] () -- C:\Windows\SysNative\WFP.TMF
    [2012/04/16 16:14:54 | 000,092,918 | ---- | C] () -- C:\Windows\SysWow64\slmgr.vbs
    [2012/04/16 16:14:54 | 000,092,918 | ---- | C] () -- C:\Windows\SysNative\slmgr.vbs
    [2012/04/16 16:14:54 | 000,009,239 | ---- | C] () -- C:\Windows\SysWow64\spcinstrumentation.man
    [2012/04/16 16:14:54 | 000,009,239 | ---- | C] () -- C:\Windows\SysNative\spcinstrumentation.man
    [2012/04/06 17:03:25 | 000,000,167 | ---- | C] () -- C:\Windows\w32demo8.ini
    [2012/04/06 10:57:31 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2012/03/10 17:47:15 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
    [2011/08/19 21:14:19 | 000,230,752 | ---- | C] () -- C:\Windows\patchw32.dll
    [2011/08/19 21:14:19 | 000,118,176 | ---- | C] () -- C:\Windows\patchw.dll
    [2011/07/14 16:58:00 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
    [2011/07/14 16:44:31 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
    [2011/07/02 20:20:02 | 000,298,016 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
    [2011/07/02 20:19:35 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
    [2011/05/20 22:35:28 | 000,304,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
    [2011/05/18 18:43:05 | 000,727,744 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2011/01/28 19:21:32 | 000,000,048 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
    [2010/12/22 16:14:25 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
    [2010/12/04 17:47:45 | 000,095,232 | ---- | C] () -- C:\Users\Eugene\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/12/04 00:43:52 | 000,000,088 | ---- | C] () -- C:\Windows\GunzLauncher.INI
    [2010/12/02 22:00:08 | 000,000,000 | ---- | C] () -- C:\Users\Eugene\AppData\Roaming\wklnhst.dat
    [2010/06/25 13:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll

    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 1260 bytes -> C:\ProgramData\Microsoft:rNCuldisipU5qso2meGcf0
    @Alternate Data Stream - 1216 bytes -> C:\ProgramData\Microsoft:xEzJjgaEo3zy5lvGlwnuXAJ4WDi
    @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:0D8301CA
    @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:E0229D5D
    @Alternate Data Stream - 1154 bytes -> C:\ProgramData\Microsoft:CZFGVIslforDwzxFsLB9S0xYcn
    @Alternate Data Stream - 1150 bytes -> C:\Program Files\Common Files\Microsoft Shared:fMh3xvMA7iZTqeCT

    < End of report >
     
  13. gimmextra

    gimmextra Thread Starter

    Joined:
    Apr 4, 2012
    Messages:
    54
    [2012/04/16 16:17:15 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msstrc.dll
    [2012/04/16 16:17:15 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msimtf.dll
    [2012/04/16 16:17:15 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssprxy.dll
    [2012/04/16 16:17:15 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msisip.dll
    [2012/04/16 16:17:14 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
    [2012/04/16 16:17:14 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrobj.dll
    [2012/04/16 16:17:14 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
    [2012/04/16 16:17:14 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scksp.dll
    [2012/04/16 16:17:14 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrobj.dll
    [2012/04/16 16:17:14 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
    [2012/04/16 16:17:14 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scksp.dll
    [2012/04/16 16:17:13 | 000,499,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdohlp.dll
    [2012/04/16 16:17:13 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sdohlp.dll
    [2012/04/16 16:17:13 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
    [2012/04/16 16:17:11 | 000,619,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
    [2012/04/16 16:17:11 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\puiapi.dll
    [2012/04/16 16:17:11 | 000,055,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PSHED.DLL
    [2012/04/16 16:17:10 | 002,028,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Query.dll
    [2012/04/16 16:17:10 | 001,244,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RacEngn.dll
    [2012/04/16 16:17:10 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RacEngn.dll
    [2012/04/16 16:17:10 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
    [2012/04/16 16:17:10 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasapi32.dll
    [2012/04/16 16:17:10 | 000,295,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\raschap.dll
    [2012/04/16 16:17:10 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\raschap.dll
    [2012/04/16 16:17:10 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quick.ime
    [2012/04/16 16:17:10 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qintlgnt.ime
    [2012/04/16 16:17:10 | 000,123,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
    [2012/04/16 16:17:10 | 000,102,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
    [2012/04/16 16:17:10 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasdiag.dll
    [2012/04/16 16:17:10 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasdiag.dll
    [2012/04/16 16:17:10 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasdial.exe
    [2012/04/16 16:17:10 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasdial.exe
    [2012/04/16 16:17:09 | 000,980,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printui.dll
    [2012/04/16 16:17:09 | 000,923,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\propsys.dll
    [2012/04/16 16:17:09 | 000,898,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powercpl.dll
    [2012/04/16 16:17:09 | 000,869,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\printui.dll
    [2012/04/16 16:17:09 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powercpl.dll
    [2012/04/16 16:17:09 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prnntfy.dll
    [2012/04/16 16:17:09 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
    [2012/04/16 16:17:09 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powrprof.dll
    [2012/04/16 16:17:08 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prnntfy.dll
    [2012/04/16 16:17:08 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\propdefs.dll
    [2012/04/16 16:17:08 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\propdefs.dll
    [2012/04/16 16:17:07 | 001,165,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationNative_v0300.dll
    [2012/04/16 16:17:07 | 000,779,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationNative_v0300.dll
    [2012/04/16 16:17:07 | 000,671,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samsrv.dll
    [2012/04/16 16:17:07 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\riched20.dll
    [2012/04/16 16:17:07 | 000,302,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scansetting.dll
    [2012/04/16 16:17:07 | 000,289,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rsaenh.dll
    [2012/04/16 16:17:07 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scansetting.dll
    [2012/04/16 16:17:07 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationSettings.exe
    [2012/04/16 16:17:07 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
    [2012/04/16 16:17:07 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys
    [2012/04/16 16:17:07 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
    [2012/04/16 16:17:07 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rshx32.dll
    [2012/04/16 16:17:07 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
    [2012/04/16 16:17:06 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scesrv.dll
    [2012/04/16 16:17:06 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
    [2012/04/16 16:17:06 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scesrv.dll
    [2012/04/16 16:17:06 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scecli.dll
    [2012/04/16 16:17:06 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scecli.dll
    [2012/04/16 16:17:06 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samlib.dll
    [2012/04/16 16:17:06 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtffilt.dll
    [2012/04/16 16:17:06 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtffilt.dll
    [2012/04/16 16:17:05 | 000,911,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasdlg.dll
    [2012/04/16 16:17:05 | 000,825,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasdlg.dll
    [2012/04/16 16:17:05 | 000,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasgcw.dll
    [2012/04/16 16:17:05 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RelMon.dll
    [2012/04/16 16:17:05 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasplap.dll
    [2012/04/16 16:17:05 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasplap.dll
    [2012/04/16 16:17:05 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RelMon.dll
    [2012/04/16 16:17:05 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasppp.dll
    [2012/04/16 16:17:05 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasppp.dll
    [2012/04/16 16:17:05 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasmontr.dll
    [2012/04/16 16:17:05 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasmontr.dll
    [2012/04/16 16:17:05 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rastapi.dll
    [2012/04/16 16:17:05 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastapi.dll
    [2012/04/16 16:17:04 | 002,484,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dbgeng.dll
    [2012/04/16 16:17:04 | 001,185,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmv2clt.dll
    [2012/04/16 16:17:04 | 000,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmv2clt.dll
    [2012/04/16 16:17:04 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpapimig.exe
    [2012/04/16 16:17:04 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dsound.dll
    [2012/04/16 16:17:04 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpapimig.exe
    [2012/04/16 16:17:04 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmmgrtn.dll
    [2012/04/16 16:17:04 | 000,315,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvstore.dll
    [2012/04/16 16:17:04 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diskraid.exe
    [2012/04/16 16:17:04 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmmgrtn.dll
    [2012/04/16 16:17:04 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvstore.dll
    [2012/04/16 16:17:04 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dskquoui.dll
    [2012/04/16 16:17:04 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\diskraid.exe
    [2012/04/16 16:17:04 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
    [2012/04/16 16:17:04 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dsprop.dll
    [2012/04/16 16:17:04 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diskpart.exe
    [2012/04/16 16:17:04 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dsprop.dll
    [2012/04/16 16:17:04 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\diskpart.exe
    [2012/04/16 16:17:04 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
    [2012/04/16 16:17:04 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dmsynth.dll
    [2012/04/16 16:17:04 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dmusic.dll
    [2012/04/16 16:17:04 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3msm.dll
    [2012/04/16 16:17:04 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\regapi.dll
    [2012/04/16 16:17:04 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3msm.dll
    [2012/04/16 16:17:04 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\reg.exe
    [2012/04/16 16:17:04 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\regapi.dll
    [2012/04/16 16:17:04 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3cfg.dll
    [2012/04/16 16:17:04 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\reg.exe
    [2012/04/16 16:17:04 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvinst.exe
    [2012/04/16 16:17:04 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dimsroam.dll
    [2012/04/16 16:17:04 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rekeywiz.exe
    [2012/04/16 16:17:04 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3cfg.dll
    [2012/04/16 16:17:04 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rekeywiz.exe
    [2012/04/16 16:17:04 | 000,029,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Dumpata.sys
    [2012/04/16 16:17:04 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
    [2012/04/16 16:17:03 | 003,079,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
    [2012/04/16 16:17:03 | 002,926,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
    [2012/04/16 16:17:03 | 001,930,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d9.dll
    [2012/04/16 16:17:03 | 001,856,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dbgeng.dll
    [2012/04/16 16:17:03 | 001,584,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diagperf.dll
    [2012/04/16 16:17:03 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devmgr.dll
    [2012/04/16 16:17:03 | 000,483,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairing.dll
    [2012/04/16 16:17:03 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairing.dll
    [2012/04/16 16:17:03 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devmgr.dll
    [2012/04/16 16:17:03 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Faultrep.dll
    [2012/04/16 16:17:03 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fundisc.dll
    [2012/04/16 16:17:03 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontext.dll
    [2012/04/16 16:17:03 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
    [2012/04/16 16:17:03 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
    [2012/04/16 16:17:03 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Faultrep.dll
    [2012/04/16 16:17:03 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontext.dll
    [2012/04/16 16:17:03 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
    [2012/04/16 16:17:03 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdBth.dll
    [2012/04/16 16:17:03 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdBth.dll
    [2012/04/16 16:17:03 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdSSDP.dll
    [2012/04/16 16:17:03 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
    [2012/04/16 16:17:03 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairingWizard.exe
    [2012/04/16 16:17:03 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdSSDP.dll
    [2012/04/16 16:17:03 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdProxy.dll
    [2012/04/16 16:17:03 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairingWizard.exe
    [2012/04/16 16:17:03 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dimsroam.dll
    [2012/04/16 16:17:03 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\findstr.exe
    [2012/04/16 16:17:03 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairingProxy.dll
    [2012/04/16 16:17:03 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairingProxy.dll
    [2012/04/16 16:17:03 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdeploy.dll
    [2012/04/16 16:17:03 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\deskadp.dll
    [2012/04/16 16:17:03 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dataclen.dll
    [2012/04/16 16:17:03 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\deskmon.dll
    [2012/04/16 16:17:03 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dataclen.dll
    [2012/04/16 16:17:03 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\f3ahvoas.dll
    [2012/04/16 16:17:03 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\findstr.exe
    [2012/04/16 16:17:03 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DeviceEject.exe
    [2012/04/16 16:17:03 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fc.exe
    [2012/04/16 16:17:03 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
    [2012/04/16 16:17:03 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fc.exe
    [2012/04/16 16:17:03 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdBthProxy.dll
    [2012/04/16 16:17:03 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdBthProxy.dll
    [2012/04/16 16:17:03 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\f3ahvoas.dll
    [2012/04/16 16:17:02 | 002,506,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
    [2012/04/16 16:17:02 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FunctionDiscoveryFolder.dll
    [2012/04/16 16:17:02 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FunctionDiscoveryFolder.dll
    [2012/04/16 16:17:02 | 001,459,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
    [2012/04/16 16:17:02 | 000,647,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\evr.dll
    [2012/04/16 16:17:02 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\evr.dll
    [2012/04/16 16:17:02 | 000,291,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eapp3hst.dll
    [2012/04/16 16:17:02 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eudcedit.exe
    [2012/04/16 16:17:02 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eapphost.dll
    [2012/04/16 16:17:02 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eappcfg.dll
    [2012/04/16 16:17:02 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eudcedit.exe
    [2012/04/16 16:17:02 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eapp3hst.dll
    [2012/04/16 16:17:02 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eapphost.dll
    [2012/04/16 16:17:02 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eappcfg.dll
    [2012/04/16 16:17:02 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EhStorAPI.dll
    [2012/04/16 16:17:02 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EhStorShell.dll
    [2012/04/16 16:17:02 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eappgnui.dll
    [2012/04/16 16:17:02 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxg.sys
    [2012/04/16 16:17:02 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwm.exe
    [2012/04/16 16:17:02 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eappgnui.dll
    [2012/04/16 16:17:02 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdWCN.dll
    [2012/04/16 16:17:02 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdWSD.dll
    [2012/04/16 16:17:02 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\feclient.dll
    [2012/04/16 16:17:02 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdWSD.dll
    [2012/04/16 16:17:02 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\feclient.dll
    [2012/04/16 16:17:02 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftp.exe
    [2012/04/16 16:17:02 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EhStorPwdMgr.dll
    [2012/04/16 16:17:02 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftp.exe
    [2012/04/16 16:17:02 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EhStorPwdMgr.dll
    [2012/04/16 16:17:01 | 001,418,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayCpl.dll
    [2012/04/16 16:17:01 | 000,616,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\blackbox.dll
    [2012/04/16 16:17:01 | 000,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\blackbox.dll
    [2012/04/16 16:17:01 | 000,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autoplay.dll
    [2012/04/16 16:17:01 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcrypt.dll
    [2012/04/16 16:17:01 | 000,153,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\basecsp.dll
    [2012/04/16 16:17:01 | 000,130,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\basecsp.dll
    [2012/04/16 16:17:01 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bitsigd.dll
    [2012/04/16 16:16:56 | 001,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AuxiliaryDisplayCpl.dll
    [2012/04/16 16:16:56 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autoconv.exe
    [2012/04/16 16:16:56 | 000,722,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autofmt.exe
    [2012/04/16 16:16:56 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autoplay.dll
    [2012/04/16 16:16:56 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autoconv.exe
    [2012/04/16 16:16:56 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autofmt.exe
    [2012/04/16 16:16:55 | 001,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\brcpl.dll
    [2012/04/16 16:16:55 | 001,321,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appwiz.cpl
    [2012/04/16 16:16:55 | 000,894,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\azroles.dll
    [2012/04/16 16:16:55 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\azroles.dll
    [2012/04/16 16:16:55 | 000,668,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthprops.cpl
    [2012/04/16 16:16:55 | 000,640,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bthprops.cpl
    [2012/04/16 16:16:55 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayDriverLib.dll
    [2012/04/16 16:16:55 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayServices.dll
    [2012/04/16 16:16:55 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\btpanui.dll
    [2012/04/16 16:16:55 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthci.dll
    [2012/04/16 16:16:55 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthudtask.exe
    [2012/04/16 16:16:55 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bthudtask.exe
    [2012/04/16 16:16:54 | 001,122,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appwiz.cpl
    [2012/04/16 16:16:53 | 002,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apds.dll
    [2012/04/16 16:16:53 | 001,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
    [2012/04/16 16:16:53 | 001,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apds.dll
    [2012/04/16 16:16:53 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll
    [2012/04/16 16:16:53 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AUDIOKSE.dll
    [2012/04/16 16:16:53 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apphelp.dll
    [2012/04/16 16:16:53 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
    [2012/04/16 16:16:53 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authz.dll
    [2012/04/16 16:16:53 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\audiodg.exe
    [2012/04/16 16:16:52 | 002,272,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
    [2012/04/16 16:16:52 | 000,734,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autochk.exe
    [2012/04/16 16:16:52 | 000,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autochk.exe
    [2012/04/16 16:16:51 | 000,549,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comdlg32.dll
    [2012/04/16 16:16:51 | 000,123,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys
    [2012/04/16 16:16:51 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmmon32.exe
    [2012/04/16 16:16:51 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmmon32.exe
    [2012/04/16 16:16:50 | 000,521,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmdial32.dll
    [2012/04/16 16:16:50 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmdial32.dll
    [2012/04/16 16:16:49 | 001,691,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\connect.dll
    [2012/04/16 16:16:49 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\connect.dll
    [2012/04/16 16:16:49 | 001,259,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
    [2012/04/16 16:16:49 | 001,035,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptui.dll
    [2012/04/16 16:16:49 | 000,971,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptui.dll
    [2012/04/16 16:16:49 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comuid.dll
    [2012/04/16 16:16:49 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conime.exe
    [2012/04/16 16:16:49 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\conime.exe
    [2012/04/16 16:16:49 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscapi.dll
    [2012/04/16 16:16:49 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscdll.dll
    [2012/04/16 16:16:48 | 001,686,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comsvcs.dll
    [2012/04/16 16:16:48 | 001,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certmgr.dll
    [2012/04/16 16:16:48 | 001,209,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comsvcs.dll
    [2012/04/16 16:16:48 | 000,918,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comuid.dll
    [2012/04/16 16:16:48 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
    [2012/04/16 16:16:48 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\console.dll
    [2012/04/16 16:16:48 | 000,039,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys
    [2012/04/16 16:16:46 | 001,748,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certmgr.dll
    [2012/04/16 16:16:46 | 001,658,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll
    [2012/04/16 16:16:46 | 001,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
    [2012/04/16 16:16:46 | 000,810,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnrollUI.dll
    [2012/04/16 16:16:46 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnrollUI.dll
    [2012/04/16 16:16:46 | 000,447,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
    [2012/04/16 16:16:46 | 000,323,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
    [2012/04/16 16:16:46 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certreq.exe
    [2012/04/16 16:16:46 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certreq.exe
    [2012/04/16 16:16:46 | 000,164,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys
    [2012/04/16 16:16:46 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cintlgnt.ime
    [2012/04/16 16:16:46 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cipher.exe
    [2012/04/16 16:16:46 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cipher.exe
    [2012/04/16 16:16:46 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cbsra.exe
    [2012/04/16 16:16:45 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\chtbrkr.dll
    [2012/04/16 16:16:45 | 006,100,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\chtbrkr.dll
    [2012/04/16 16:16:45 | 000,380,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ci.dll
    [2012/04/16 16:16:45 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\chajei.ime
    [2012/04/16 16:16:45 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CHxReadingStringIME.dll
    [2012/04/16 16:16:45 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CHxReadingStringIME.dll
     
  14. gimmextra

    gimmextra Thread Starter

    Joined:
    Apr 4, 2012
    Messages:
    54
    [2012/04/16 16:16:43 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
    [2012/04/16 16:16:42 | 001,676,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\chsbrkr.dll
    [2012/04/16 16:16:42 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\chsbrkr.dll
    [2012/04/16 16:16:42 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
    [2012/04/16 16:16:40 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\korwbrkr.dll
    [2012/04/16 16:16:40 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Kswdmcap.ax
    [2012/04/16 16:16:39 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\korwbrkr.dll
    [2012/04/16 16:16:39 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logagent.exe
    [2012/04/16 16:16:39 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logman.exe
    [2012/04/16 16:16:39 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logman.exe
    [2012/04/16 16:16:38 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Magnify.exe
    [2012/04/16 16:16:38 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Magnify.exe
    [2012/04/16 16:16:38 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\InkEd.dll
    [2012/04/16 16:16:38 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\input.dll
    [2012/04/16 16:16:38 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\InkEd.dll
    [2012/04/16 16:16:38 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\input.dll
    [2012/04/16 16:16:38 | 000,171,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\infocardapi.dll
    [2012/04/16 16:16:38 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetpp.dll
    [2012/04/16 16:16:38 | 000,099,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardapi.dll
    [2012/04/16 16:16:38 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logagent.exe
    [2012/04/16 16:16:38 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Kswdmcap.ax
    [2012/04/16 16:16:38 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\l2nacp.dll
    [2012/04/16 16:16:38 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\l2nacp.dll
    [2012/04/16 16:16:38 | 000,046,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\infocardcpl.cpl
    [2012/04/16 16:16:38 | 000,035,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardcpl.cpl
    [2012/04/16 16:16:38 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetppui.dll
    [2012/04/16 16:16:37 | 000,620,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ipsmsnap.dll
    [2012/04/16 16:16:37 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ipsmsnap.dll
    [2012/04/16 16:16:37 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iscsilog.dll
    [2012/04/16 16:16:32 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ipconfig.exe
    [2012/04/16 16:16:31 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ipsecsnp.dll
    [2012/04/16 16:16:30 | 000,935,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ipsecsnp.dll
    [2012/04/16 16:16:30 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IPHLPAPI.DLL
    [2012/04/16 16:16:29 | 002,715,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmc.exe
    [2012/04/16 16:16:29 | 002,570,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\milcore.dll
    [2012/04/16 16:16:29 | 002,012,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\milcore.dll
    [2012/04/16 16:16:29 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmc.exe
    [2012/04/16 16:16:29 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mprapi.dll
    [2012/04/16 16:16:29 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mprapi.dll
    [2012/04/16 16:16:29 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mimefilt.dll
    [2012/04/16 16:16:29 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mimefilt.dll
    [2012/04/16 16:16:28 | 003,263,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmcndmgr.dll
    [2012/04/16 16:16:28 | 002,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmcndmgr.dll
    [2012/04/16 16:16:28 | 001,102,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmsys.cpl
    [2012/04/16 16:16:28 | 001,060,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmsys.cpl
    [2012/04/16 16:16:28 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\modemui.dll
    [2012/04/16 16:16:28 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\modemui.dll
    [2012/04/16 16:16:28 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MMDevAPI.dll
    [2012/04/16 16:16:28 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpr.dll
    [2012/04/16 16:16:28 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmci.dll
    [2012/04/16 16:16:28 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmcico.dll
    [2012/04/16 16:16:21 | 000,223,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcupdate_GenuineIntel.dll
    [2012/04/16 16:16:20 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcmde.dll
    [2012/04/16 16:16:19 | 000,967,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mblctr.exe
    [2012/04/16 16:16:19 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MediaMetadataHandler.dll
    [2012/04/16 16:16:16 | 000,403,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MediaMetadataHandler.dll
    [2012/04/16 16:16:15 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mdminst.dll
    [2012/04/16 16:16:07 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
    [2012/04/16 16:16:06 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hdwwiz.exe
    [2012/04/16 16:16:06 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hdwwiz.exe
    [2012/04/16 16:16:05 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hbaapi.dll
    [2012/04/16 16:16:05 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hbaapi.dll
    [2012/04/16 16:16:00 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpapi.dll
    [2012/04/16 16:15:54 | 001,019,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10.IME
    [2012/04/16 16:15:54 | 001,013,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpedit.dll
    [2012/04/16 16:15:54 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpedit.dll
    [2012/04/16 16:15:54 | 000,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10.IME
    [2012/04/16 16:15:54 | 000,779,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
    [2012/04/16 16:15:54 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
    [2012/04/16 16:15:54 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
    [2012/04/16 16:15:54 | 000,166,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
    [2012/04/16 16:15:54 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpresult.exe
    [2012/04/16 16:15:54 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FwRemoteSvr.dll
    [2012/04/16 16:15:54 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FwRemoteSvr.dll
    [2012/04/16 16:15:54 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpupdate.exe
    [2012/04/16 16:15:53 | 001,381,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardagt.exe
    [2012/04/16 16:15:53 | 001,146,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi2fs.dll
    [2012/04/16 16:15:53 | 000,922,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10K.DLL
    [2012/04/16 16:15:53 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10K.DLL
    [2012/04/16 16:15:53 | 000,677,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2fs.dll
    [2012/04/16 16:15:53 | 000,619,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardagt.exe
    [2012/04/16 16:15:53 | 000,506,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi2.dll
    [2012/04/16 16:15:53 | 000,437,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imkr80.ime
    [2012/04/16 16:15:53 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imkr80.ime
    [2012/04/16 16:15:53 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2.dll
    [2012/04/16 16:15:53 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imm32.dll
    [2012/04/16 16:15:53 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi.dll
    [2012/04/16 16:15:53 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi.dll
    [2012/04/16 16:15:53 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ifmon.dll
    [2012/04/16 16:15:53 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ifmon.dll
    [2012/04/16 16:15:53 | 000,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardres.dll
    [2012/04/16 16:15:53 | 000,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardres.dll
    [2012/04/16 16:15:52 | 001,279,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usercpl.dll
    [2012/04/16 16:15:52 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\usercpl.dll
    [2012/04/16 16:15:52 | 000,820,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\user32.dll
    [2012/04/16 16:15:52 | 000,785,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Utilman.exe
    [2012/04/16 16:15:52 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Utilman.exe
    [2012/04/16 16:15:52 | 000,571,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsdyn.dll
    [2012/04/16 16:15:52 | 000,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vdsdyn.dll
    [2012/04/16 16:15:52 | 000,372,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\untfs.dll
    [2012/04/16 16:15:52 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uDWM.dll
    [2012/04/16 16:15:52 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\untfs.dll
    [2012/04/16 16:15:52 | 000,320,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\unimdm.tsp
    [2012/04/16 16:15:52 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdscore.dll
    [2012/04/16 16:15:52 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unimdm.tsp
    [2012/04/16 16:15:52 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
    [2012/04/16 16:15:52 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsutil.dll
    [2012/04/16 16:15:52 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\userenv.dll
    [2012/04/16 16:15:52 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vdsutil.dll
    [2012/04/16 16:15:52 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ulib.dll
    [2012/04/16 16:15:52 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ulib.dll
    [2012/04/16 16:15:52 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSTheme.exe
    [2012/04/16 16:15:52 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\watchdog.sys
    [2012/04/16 16:15:52 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TSTheme.exe
    [2012/04/16 16:15:52 | 000,035,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TsWpfWrp.exe
    [2012/04/16 16:15:52 | 000,034,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsWpfWrp.exe
    [2012/04/16 16:15:52 | 000,032,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBCAMD2.sys
    [2012/04/16 16:15:52 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\version.dll
    [2012/04/16 16:15:52 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
    [2012/04/16 16:15:52 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vdmdbg.dll
    [2012/04/16 16:15:51 | 001,681,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wcnwiz.dll
    [2012/04/16 16:15:51 | 001,533,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wcnwiz.dll
    [2012/04/16 16:15:51 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vssapi.dll
    [2012/04/16 16:15:51 | 001,234,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdc.dll
    [2012/04/16 16:15:51 | 001,085,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wcnwiz2.dll
    [2012/04/16 16:15:51 | 001,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdc.dll
    [2012/04/16 16:15:51 | 000,968,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wcnwiz2.dll
    [2012/04/16 16:15:51 | 000,238,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WcnNetsh.dll
    [2012/04/16 16:15:51 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdscore.dll
    [2012/04/16 16:15:51 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WcnNetsh.dll
    [2012/04/16 16:15:51 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vss_ps.dll
    [2012/04/16 16:15:50 | 002,575,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SyncCenter.dll
    [2012/04/16 16:15:50 | 002,205,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SyncCenter.dll
    [2012/04/16 16:15:50 | 001,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sud.dll
    [2012/04/16 16:15:50 | 001,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sud.dll
    [2012/04/16 16:15:50 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysclass.dll
    [2012/04/16 16:15:50 | 000,068,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\stream.sys
    [2012/04/16 16:15:49 | 002,204,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
    [2012/04/16 16:15:49 | 001,576,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
    [2012/04/16 16:15:49 | 001,301,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themecpl.dll
    [2012/04/16 16:15:49 | 001,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\themecpl.dll
    [2012/04/16 16:15:49 | 000,995,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\systemcpl.dll
    [2012/04/16 16:15:49 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\systemcpl.dll
    [2012/04/16 16:15:49 | 000,688,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themeui.dll
    [2012/04/16 16:15:49 | 000,615,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\themeui.dll
    [2012/04/16 16:15:49 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysmon.ocx
    [2012/04/16 16:15:49 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sysmon.ocx
    [2012/04/16 16:15:49 | 000,317,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\thawbrkr.dll
    [2012/04/16 16:15:49 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\thawbrkr.dll
    [2012/04/16 16:15:49 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tintlgnt.ime
    [2012/04/16 16:15:48 | 002,043,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPEncEn.dll
    [2012/04/16 16:15:48 | 001,738,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscui.cpl
    [2012/04/16 16:15:48 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscui.cpl
    [2012/04/16 16:15:48 | 001,642,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPEncEn.dll
    [2012/04/16 16:15:48 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WscEapPr.dll
    [2012/04/16 16:15:48 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpeffects.dll
    [2012/04/16 16:15:48 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WscEapPr.dll
    [2012/04/16 16:15:48 | 000,264,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ws2_32.dll
    [2012/04/16 16:15:48 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tcpipcfg.dll
    [2012/04/16 16:15:48 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscntfy.dll
    [2012/04/16 16:15:48 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscntfy.dll
    [2012/04/16 16:15:48 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpdwcn.dll
    [2012/04/16 16:15:48 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSDMon.dll
    [2012/04/16 16:15:48 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpdwcn.dll
    [2012/04/16 16:15:48 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSDMon.dll
    [2012/04/16 16:15:48 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tcpipcfg.dll
    [2012/04/16 16:15:48 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tcpmon.dll
    [2012/04/16 16:15:48 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
    [2012/04/16 16:15:48 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
    [2012/04/16 16:15:48 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tcpmon.dll
    [2012/04/16 16:15:48 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshext.dll
    [2012/04/16 16:15:48 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshext.dll
    [2012/04/16 16:15:48 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsnmp32.dll
    [2012/04/16 16:15:48 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsnmp32.dll
    [2012/04/16 16:15:48 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
    [2012/04/16 16:15:48 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
    [2012/04/16 16:15:48 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdi.sys
    [2012/04/16 16:15:48 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsdchngr.dll
    [2012/04/16 16:15:48 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsepno.dll
    [2012/04/16 16:15:48 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsdchngr.dll
    [2012/04/16 16:15:48 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscisvif.dll
    [2012/04/16 16:15:48 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscisvif.dll
    [2012/04/16 16:15:47 | 001,891,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVENCOD.DLL
    [2012/04/16 16:15:47 | 001,882,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpccpl.dll
    [2012/04/16 16:15:47 | 001,702,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
    [2012/04/16 16:15:47 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
    [2012/04/16 16:15:47 | 001,543,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVSDECD.DLL
    [2012/04/16 16:15:47 | 001,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVSDECD.DLL
    [2012/04/16 16:15:47 | 001,245,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMNetMgr.dll
    [2012/04/16 16:15:47 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMNetMgr.dll
    [2012/04/16 16:15:47 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpcao.dll
    [2012/04/16 16:15:47 | 000,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVXENCD.DLL
    [2012/04/16 16:15:47 | 000,622,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVXENCD.DLL
    [2012/04/16 16:15:47 | 000,557,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpeffects.dll
    [2012/04/16 16:15:47 | 000,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpcao.dll
    [2012/04/16 16:15:47 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpps.dll
    [2012/04/16 16:15:47 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
    [2012/04/16 16:15:47 | 000,234,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
    [2012/04/16 16:15:47 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpps.dll
    [2012/04/16 16:15:47 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
    [2012/04/16 16:15:46 | 002,680,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\accessibilitycpl.dll
    [2012/04/16 16:15:46 | 002,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\accessibilitycpl.dll
    [2012/04/16 16:15:46 | 001,575,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVENCOD.DLL
    [2012/04/16 16:15:46 | 000,387,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\zipfldr.dll
    [2012/04/16 16:15:46 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wusa.exe
    [2012/04/16 16:15:46 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wusa.exe
    [2012/04/16 16:15:46 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmlfilter.dll
    [2012/04/16 16:15:46 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xmlfilter.dll
    [2012/04/16 16:15:45 | 001,673,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsAnytimeUpgradeCPL.dll
    [2012/04/16 16:15:45 | 001,065,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
    [2012/04/16 16:15:45 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
    [2012/04/16 16:15:45 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
    [2012/04/16 16:15:45 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adsldpc.dll
    [2012/04/16 16:15:45 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adsldpc.dll
    [2012/04/16 16:15:45 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adsmsext.dll
    [2012/04/16 16:15:45 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adsmsext.dll
    [2012/04/16 16:15:44 | 001,394,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wercon.exe
    [2012/04/16 16:15:44 | 001,114,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WerFaultSecure.exe
    [2012/04/16 16:15:44 | 001,110,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll
    [2012/04/16 16:15:44 | 000,946,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMADMOD.DLL
    [2012/04/16 16:15:44 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
    [2012/04/16 16:15:44 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WerFaultSecure.exe
    [2012/04/16 16:15:44 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMADMOD.DLL
    [2012/04/16 16:15:44 | 000,688,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmsdk.dll
    [2012/04/16 16:15:44 | 000,669,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wiaaut.dll
    [2012/04/16 16:15:44 | 000,660,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
    [2012/04/16 16:15:44 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wiaaut.dll
    [2012/04/16 16:15:44 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmdev.dll
    [2012/04/16 16:15:44 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmsdk.dll
    [2012/04/16 16:15:44 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
    [2012/04/16 16:15:44 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmnet.dll
    [2012/04/16 16:15:44 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmdev.dll
    [2012/04/16 16:15:44 | 000,394,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wevtapi.dll
    [2012/04/16 16:15:44 | 000,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmnet.dll
    [2012/04/16 16:15:44 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wldap32.dll
    [2012/04/16 16:15:44 | 000,260,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WerFault.exe
    [2012/04/16 16:15:44 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wevtapi.dll
    [2012/04/16 16:15:44 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wevtutil.exe
    [2012/04/16 16:15:44 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WerFault.exe
    [2012/04/16 16:15:44 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wevtutil.exe
    [2012/04/16 16:15:44 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlgpclnt.dll
    [2012/04/16 16:15:44 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlgpclnt.dll
    [2012/04/16 16:15:44 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\whealogr.dll
    [2012/04/16 16:15:44 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\whealogr.dll
    [2012/04/16 16:15:43 | 003,894,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSAT.exe
    [2012/04/16 16:15:43 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanpref.dll
    [2012/04/16 16:15:43 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanpref.dll
    [2012/04/16 16:15:43 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
    [2012/04/16 16:15:43 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlangpui.dll
    [2012/04/16 16:15:43 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanui.dll
    [2012/04/16 16:15:43 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanui.dll
    [2012/04/16 16:15:43 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSCard.dll
    [2012/04/16 16:15:42 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlangpui.dll
    [2012/04/16 16:15:42 | 000,287,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wisptis.exe
    [2012/04/16 16:14:54 | 000,936,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmiEngine.dll
    [2012/04/16 16:14:54 | 000,582,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SLCommDlg.dll
    [2012/04/16 16:14:54 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLUI.exe
    [2012/04/16 16:14:54 | 000,238,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sperror.dll
    [2012/04/16 16:14:54 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SndVol.exe
    [2012/04/16 16:14:54 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sperror.dll
    [2012/04/16 16:14:54 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLLUA.exe
    [2012/04/16 16:14:54 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SndVolSSO.dll
    [2012/04/16 16:14:54 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SndVol.exe
    [2012/04/16 16:14:54 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
    [2012/04/16 16:14:54 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\softkbd.dll
    [2012/04/16 16:14:54 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
    [2012/04/16 16:14:54 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\softkbd.dll
    [2012/04/16 16:14:54 | 000,116,736 | ---- | C] (Microsoft) -- C:\Windows\SysNative\SMBHelperClass.dll
    [2012/04/16 16:14:54 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwmi.dll
    [2012/04/16 16:14:54 | 000,083,456 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\SMBHelperClass.dll
    [2012/04/16 16:14:54 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
    [2012/04/16 16:14:54 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwmi.dll
    [2012/04/16 16:14:54 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spcmsg.dll
    [2012/04/16 16:14:54 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spcmsg.dll
    [2012/04/16 16:14:54 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
    [2012/04/16 16:14:53 | 001,925,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setupapi.dll
    [2012/04/16 16:14:53 | 001,081,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SLCExt.dll
    [2012/04/16 16:14:53 | 000,810,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slcc.dll
    [2012/04/16 16:14:53 | 000,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slcc.dll
    [2012/04/16 16:14:53 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sethc.exe
    [2012/04/16 16:14:53 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLCExt.dll
    [2012/04/16 16:14:53 | 000,631,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLCommDlg.dll
    [2012/04/16 16:14:53 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sethc.exe
    [2012/04/16 16:14:53 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shwebsvc.dll
    [2012/04/16 16:14:53 | 000,384,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\services.exe
    [2012/04/16 16:14:53 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLC.dll
    [2012/04/16 16:14:53 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shsetup.dll
    [2012/04/16 16:14:53 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shsetup.dll
    [2012/04/16 16:14:53 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sendmail.dll
    [2012/04/16 16:14:53 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slcinst.dll
    [2012/04/16 16:14:53 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slcinst.dll
    [2012/04/16 16:14:47 | 000,164,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Storport.sys
    [2012/04/16 16:14:47 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spreview.exe
    [2012/04/16 16:14:47 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Storprop.dll
    [2012/04/16 16:14:47 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Storprop.dll
    [2012/04/16 16:14:35 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spsys.sys
    [2012/04/16 16:14:35 | 000,581,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sqlsrv32.dll
    [2012/04/16 16:14:35 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sqlsrv32.dll
    [2012/04/16 16:14:35 | 000,474,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
    [2012/04/16 16:14:35 | 000,435,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spinstall.exe
    [2012/04/16 16:14:35 | 000,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srchadmin.dll
    [2012/04/16 16:14:35 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\srchadmin.dll
    [2012/04/16 16:14:35 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spinstall.exe
    [2012/04/16 16:14:35 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spoolss.dll
    [2012/04/16 16:14:35 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spp.dll
    [2012/04/16 16:14:35 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwizui.dll
    [2012/04/16 16:14:35 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwizui.dll
    [2012/04/16 16:14:35 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spoolss.dll
    [2012/04/16 16:14:35 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spreview.exe
    [2012/04/16 16:14:35 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwinsat.dll
    [2012/04/16 16:14:35 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwinsat.dll
    [2012/04/16 15:58:50 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
    [2012/04/07 15:29:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AC Tool
    [2012/04/06 11:15:06 | 008,741,536 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
    [2012/04/06 10:57:29 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
    [2012/04/05 15:32:17 | 000,000,000 | ---D | C] -- C:\Users\Eugene\Documents\DarKGunZ
    [2012/04/04 15:41:52 | 000,000,000 | -H-D | C] -- C:\Users\Eugene\AppData\Roaming\ijjigame
    [2012/04/04 15:39:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\REACTOR
    [2012/04/04 14:59:21 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
    [2012/04/04 10:01:20 | 000,000,000 | ---D | C] -- C:\Config.Msi
    [2012/04/02 23:37:43 | 000,000,000 | ---D | C] -- C:\Users\Eugene\AppData\Local\PackageAware
    [2012/04/02 20:42:42 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
    [2012/04/02 19:48:48 | 000,057,976 | R--- | C] (GFI Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
    [2012/04/02 19:02:17 | 000,000,000 | ---D | C] -- C:\Users\Eugene\AppData\Roaming\Malwarebytes
    [2012/04/02 19:02:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2012/04/01 19:43:34 | 000,000,000 | ---D | C] -- C:\Users\Eugene\Documents\mari0-win
    [2012/03/31 17:21:32 | 000,000,000 | ---D | C] -- C:\Users\Eugene\Documents\Pinball
    [2012/03/31 17:05:56 | 000,000,000 | ---D | C] -- C:\Users\Eugene\AppData\Local\{5804B2D4-7B75-11E1-826D-B8AC6F996F26}
    [2012/03/31 16:50:42 | 000,000,000 | ---D | C] -- C:\Users\Eugene\AppData\Local\TrinityEntertainmentNetwo
    [2012/03/29 22:15:36 | 000,000,000 | ---D | C] -- C:\Users\Eugene\Documents\My Cheat Tables
    [2012/03/29 16:59:36 | 000,023,376 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\SZIO5.dll
    [2012/03/29 16:59:24 | 000,546,640 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\SZComp5.dll
    [2012/03/29 16:59:18 | 000,481,104 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\SZBase5.dll
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2012/04/19 15:52:13 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Eugene\Desktop\OTL.exe
    [2012/04/19 15:33:29 | 095,582,017 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
    [2012/04/19 15:33:20 | 000,707,392 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2012/04/19 15:33:20 | 000,607,168 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2012/04/19 15:33:20 | 000,104,808 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2012/04/19 15:27:45 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2012/04/19 15:27:44 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2012/04/19 15:27:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2012/04/19 15:27:18 | 542,177,882 | ---- | M] () -- C:\Windows\MEMORY.DMP
    [2012/04/18 22:17:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2913236317-814230174-4002188810-1000UA.job
    [2012/04/18 22:15:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2012/04/18 18:29:10 | 000,095,232 | ---- | M] () -- C:\Users\Eugene\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2012/04/18 17:41:45 | 000,000,698 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
    [2012/04/17 18:21:58 | 000,000,981 | ---- | M] () -- C:\Users\Eugene\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
    [2012/04/16 23:32:16 | 000,008,798 | ---- | M] () -- C:\Windows\SysWow64\icrav03.rat
    [2012/04/16 23:32:16 | 000,008,798 | ---- | M] () -- C:\Windows\SysNative\icrav03.rat
    [2012/04/16 23:32:16 | 000,001,988 | ---- | M] () -- C:\Windows\SysWow64\ticrf.rat
    [2012/04/16 23:32:16 | 000,001,988 | ---- | M] () -- C:\Windows\SysNative\ticrf.rat
    [2012/04/16 23:32:05 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
    [2012/04/16 23:32:05 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
    [2012/04/16 23:32:05 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
    [2012/04/16 23:32:05 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
    [2012/04/16 23:32:05 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
    [2012/04/16 23:32:04 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
    [2012/04/16 23:32:04 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
    [2012/04/16 23:32:04 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
    [2012/04/16 23:32:04 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
    [2012/04/16 23:32:04 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
    [2012/04/16 23:32:04 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
    [2012/04/16 23:32:04 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
    [2012/04/16 23:32:04 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
    [2012/04/16 23:32:04 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
    [2012/04/16 23:32:03 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
    [2012/04/16 23:32:03 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
    [2012/04/16 23:32:03 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
    [2012/04/16 23:32:03 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
    [2012/04/16 23:32:02 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
    [2012/04/16 23:32:02 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
    [2012/04/16 23:32:02 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
    [2012/04/16 23:32:02 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
    [2012/04/16 23:32:02 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
    [2012/04/16 23:32:02 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\advpack.dll
    [2012/04/16 23:32:02 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
    [2012/04/16 23:32:02 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
    [2012/04/16 23:32:01 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
    [2012/04/16 23:32:01 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
    [2012/04/16 23:32:01 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
    [2012/04/16 23:32:00 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
    [2012/04/16 23:32:00 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
    [2012/04/16 23:32:00 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
    [2012/04/16 23:32:00 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
    [2012/04/16 23:32:00 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
    [2012/04/16 23:32:00 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
    [2012/04/16 23:32:00 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
    [2012/04/16 23:31:59 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
    [2012/04/16 23:31:59 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
    [2012/04/16 23:31:59 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\advpack.dll
    [2012/04/16 23:31:59 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
    [2012/04/16 23:31:59 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
    [2012/04/16 23:31:59 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
    [2012/04/16 23:31:59 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
    [2012/04/16 23:31:59 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
    [2012/04/16 23:31:59 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
    [2012/04/16 23:31:59 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
    [2012/04/16 23:31:58 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
    [2012/04/16 23:31:58 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
    [2012/04/16 23:31:58 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
    [2012/04/16 23:31:58 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
    [2012/04/16 23:31:58 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
    [2012/04/16 23:31:58 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
    [2012/04/16 23:31:58 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
    [2012/04/16 23:31:58 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
    [2012/04/16 23:31:58 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
    [2012/04/16 23:31:58 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
    [2012/04/16 23:31:58 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
    [2012/04/16 23:31:58 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
    [2012/04/16 23:31:57 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
    [2012/04/16 23:31:57 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
    [2012/04/16 23:31:57 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
    [2012/04/16 23:31:57 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
    [2012/04/16 23:31:57 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
    [2012/04/16 23:31:57 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
    [2012/04/16 23:31:57 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
    [2012/04/16 19:44:36 | 004,465,601 | R--- | M] (Swearware) -- C:\Users\Eugene\Desktop\ComboFix.exe
    [2012/04/16 18:22:38 | 004,965,160 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2012/04/16 18:19:16 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
    [2012/04/16 18:19:00 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_07_00.Wdf
    [2012/04/15 19:04:31 | 000,000,088 | ---- | M] () -- C:\Windows\GunzLauncher.INI
    [2012/04/15 11:17:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2913236317-814230174-4002188810-1000Core.job
    [2012/04/14 00:15:10 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
    [2012/04/14 00:15:10 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    [2012/04/14 00:15:06 | 008,741,536 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
    [2012/04/12 18:21:37 | 000,559,120 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
    [2012/04/06 17:04:36 | 000,000,167 | ---- | M] () -- C:\Windows\w32demo8.ini
    [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
    [2012/03/29 16:59:36 | 000,023,376 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\SZIO5.dll
    [2012/03/29 16:59:24 | 000,546,640 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\SZComp5.dll
    [2012/03/29 16:59:18 | 000,481,104 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\SZBase5.dll
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2012/04/16 23:32:04 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
    [2012/04/16 23:31:58 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
    [2012/04/16 19:46:01 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
    [2012/04/16 19:46:01 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
    [2012/04/16 19:46:01 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
    [2012/04/16 19:46:01 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
    [2012/04/16 19:46:01 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
    [2012/04/16 18:19:16 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
    [2012/04/16 18:19:00 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_07_00.Wdf
    [2012/04/16 16:17:29 | 000,395,723 | ---- | C] () -- C:\Windows\SysNative\onex.tmf
    [2012/04/16 16:17:18 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
    [2012/04/16 16:17:10 | 000,009,212 | ---- | C] () -- C:\Windows\SysWow64\RacUR.xml
    [2012/04/16 16:17:10 | 000,009,212 | ---- | C] () -- C:\Windows\SysNative\RacUR.xml
    [2012/04/16 16:17:04 | 000,471,992 | ---- | C] () -- C:\Windows\SysNative\dot3.tmf
    [2012/04/16 16:17:02 | 000,700,507 | ---- | C] () -- C:\Windows\SysNative\eaphost.tmf
    [2012/04/16 16:17:02 | 000,121,856 | ---- | C] () -- C:\Windows\SysNative\EhStorAuthn.dll
    [2012/04/16 16:17:02 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
    [2012/04/16 16:15:50 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
    [2012/04/16 16:15:50 | 000,107,612 | ---- | C] () -- C:\Windows\SysNative\StructuredQuerySchema.bin
    [2012/04/16 16:15:49 | 000,262,552 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
    [2012/04/16 16:15:44 | 000,207,968 | ---- | C] () -- C:\Windows\SysNative\WFP.TMF
    [2012/04/16 16:14:54 | 000,092,918 | ---- | C] () -- C:\Windows\SysWow64\slmgr.vbs
    [2012/04/16 16:14:54 | 000,092,918 | ---- | C] () -- C:\Windows\SysNative\slmgr.vbs
    [2012/04/16 16:14:54 | 000,009,239 | ---- | C] () -- C:\Windows\SysWow64\spcinstrumentation.man
    [2012/04/16 16:14:54 | 000,009,239 | ---- | C] () -- C:\Windows\SysNative\spcinstrumentation.man
    [2012/04/06 17:03:25 | 000,000,167 | ---- | C] () -- C:\Windows\w32demo8.ini
    [2012/04/06 10:57:31 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2012/03/10 17:47:15 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
    [2011/08/19 21:14:19 | 000,230,752 | ---- | C] () -- C:\Windows\patchw32.dll
    [2011/08/19 21:14:19 | 000,118,176 | ---- | C] () -- C:\Windows\patchw.dll
    [2011/07/14 16:58:00 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
    [2011/07/14 16:44:31 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
    [2011/07/02 20:20:02 | 000,298,016 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
    [2011/07/02 20:19:35 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
    [2011/05/20 22:35:28 | 000,304,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
    [2011/05/18 18:43:05 | 000,727,744 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2011/01/28 19:21:32 | 000,000,048 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
    [2010/12/22 16:14:25 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
    [2010/12/04 17:47:45 | 000,095,232 | ---- | C] () -- C:\Users\Eugene\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/12/04 00:43:52 | 000,000,088 | ---- | C] () -- C:\Windows\GunzLauncher.INI
    [2010/12/02 22:00:08 | 000,000,000 | ---- | C] () -- C:\Users\Eugene\AppData\Roaming\wklnhst.dat
    [2010/06/25 13:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll

    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 1260 bytes -> C:\ProgramData\Microsoft:rNCuldisipU5qso2meGcf0
    @Alternate Data Stream - 1216 bytes -> C:\ProgramData\Microsoft:xEzJjgaEo3zy5lvGlwnuXAJ4WDi
    @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:0D8301CA
    @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:E0229D5D
    @Alternate Data Stream - 1154 bytes -> C:\ProgramData\Microsoft:CZFGVIslforDwzxFsLB9S0xYcn
    @Alternate Data Stream - 1150 bytes -> C:\Program Files\Common Files\Microsoft Shared:fMh3xvMA7iZTqeCT

    < End of report >
     
  15. gimmextra

    gimmextra Thread Starter

    Joined:
    Apr 4, 2012
    Messages:
    54
    OTL Extras logfile created on: 4/19/2012 3:56:06 PM - Run 1
    OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\Eugene\Desktop
    64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    8.00 Gb Total Physical Memory | 6.46 Gb Available Physical Memory | 80.75% Memory free
    16.19 Gb Paging File | 14.32 Gb Available in Paging File | 88.42% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 279.46 Gb Total Space | 156.44 Gb Free Space | 55.98% Space Free | Partition Type: NTFS
    Drive D: | 409.17 Gb Total Space | 194.61 Gb Free Space | 47.56% Space Free | Partition Type: NTFS

    Computer Name: EUGENE-PC | User Name: Eugene | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y &amp;&amp; icacls "%1" /grant administrators:F /t (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y &amp;&amp; icacls "%1" /grant administrators:F /t (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
    "FirewallDisableNotify" = 0
    "AntiVirusDisableNotify" = 0
    "UpdatesDisableNotify" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0
    "VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
    "VistaSp2" = EC 2D 3D C6 11 1C CD 01 [binary data]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2913236317-814230174-4002188810-1000]
    "EnableNotifications" = 0
    "EnableNotificationsRef" = 2

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirewallDisableNotify" = 0
    "AntiVirusDisableNotify" = 0
    "UpdatesDisableNotify" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "oobe_av" = 1

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    ========== Firewall Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{13FC7034-584B-4266-BDF5-01DB2FA2A9C9}" = lport=443 | protocol=6 | dir=in | name=oovoo tcp port 443 |
    "{248426B2-B7B1-4954-BA6A-B902C51BB13F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{27981AD2-4636-4DD8-85BB-683E73E58ACD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{3C1832FA-401D-4AB8-AB5E-51E672D558C4}" = lport=37678 | protocol=17 | dir=in | name=oovoo udp port 37678 |
    "{3F3ED277-5171-434E-A1D9-8A798981EA78}" = lport=49225 | protocol=6 | dir=in | name=akamai netsession interface |
    "{43F98B2D-A68E-4215-B9BF-FE7CA9594015}" = lport=50000 | protocol=17 | dir=in | name=iha_messagecenter |
    "{461CDD58-6615-493B-848E-302ED049BEEB}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{5D0AD399-8075-4161-8F68-DB1E4B777169}" = lport=37674 | protocol=6 | dir=in | name=oovoo tcp port 37674 |
    "{5EB65983-82C8-4942-9A89-A1A1A9D0FF39}" = lport=37674 | protocol=17 | dir=in | name=oovoo udp port 37674 |
    "{65E4213F-2433-4FDC-A7E0-ECC77532A42E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{74A951E6-0AB6-4F3A-8C39-233864DD0B96}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{88EA5163-4A43-4184-92E5-36017C9F409B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{992DD45B-C04A-4F7B-B86B-8EB540AE8785}" = lport=37678 | protocol=6 | dir=in | name=oovoo tcp port 37678 |
    "{A829AA59-C133-4437-8FCE-DD9D78EE9EDC}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{B009D779-46EB-4483-AA97-0F73EF43C298}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{BCFABCDE-FBEE-4B9C-9499-51137E155549}" = lport=37685 | protocol=17 | dir=in | name=oovoo udp port 37685 |
    "{CEB85F35-7ECF-4873-BE9B-EF560D490C59}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
    "{D3E8FB58-22D5-4DCA-A125-DAF3CB8B1EC5}" = lport=37675 | protocol=17 | dir=in | name=oovoo udp port 37675 |
    "{DE4F3786-98F3-4C32-AD67-A3C208A655D4}" = lport=443 | protocol=17 | dir=in | name=oovoo udp port 443 |
    "{EFC0ED61-B70F-42ED-A912-F80C58D17A06}" = lport=10243 | protocol=6 | dir=in | app=system |
    "{F9E6B389-403F-463B-BCD6-9A4FB20B2727}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{003697FF-3949-42F2-A2DC-847DB16CD023}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{00C35DB9-45D2-4CAD-B9B5-CD26CCE8BCD5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\srcds.exe |
    "{019790FA-1155-4005-A3DB-EC264494B89D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
    "{031884EA-B851-4D36-B4E0-8EACFB498CCD}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
    "{042D3AEA-A68A-4947-A2C9-8730F8584845}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
    "{05AF38F1-75D9-4863-801A-967A19F4F471}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
    "{06B1436E-C91A-466A-B126-C1F183778B16}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
    "{07F60D67-82FA-4564-ADC7-A4DB68549F37}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
    "{084D5D06-7DC2-42B3-86D6-CC37B2B5548E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{0AE2946D-DB58-40C5-BF32-09AF017C1C6F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{0DB905D1-38C4-48AD-A41B-437899DD2CB3}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
    "{10F85AE3-6347-4C1D-AE78-BD485CEDB6B1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\gimmextra\counter-strike source\hl2.exe |
    "{13BD9A1E-DCB4-4940-9A54-83E64446F6AC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\swarm.exe |
    "{1522AFEB-7F50-4457-9557-9253B9425E2D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
    "{182C5741-BEBE-4DB6-8677-D0D144D40B19}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
    "{18CE66EE-9CDD-4F60-9027-9986D28CF511}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
    "{19A3BB19-9393-4F9A-B798-9E3BEDB4BF2C}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
    "{19FB0918-E23F-4A93-9CBC-0EEA2CEB9FAC}" = dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe |
    "{1A15916C-8B45-4C61-8DF1-6941AB7DD41F}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
    "{1C17980E-70EF-4056-9D3E-C502C04D726F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
    "{215A8B49-5B96-44B3-91BB-ACEFBD91C5D8}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{237C66AE-DA65-46F1-8510-7520FC5B434E}" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
    "{25188AA8-2D35-4CCE-A0F1-0860CE453B2E}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
    "{27B1A87E-9E8D-4F54-ACD9-02EAD5114B7D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{2DC123DE-4ECF-4481-BF6E-49ED8D45EC4A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
    "{2E4B9D30-6D20-46C3-90BE-4CDF90126C80}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{2F0FE9A7-1DA8-4BEA-B5FA-2748D540B991}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
    "{2F3A47FF-A0DC-471E-B74E-0E8D876866A0}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{349AE0F9-1E33-4FC9-9A52-109819D64D36}" = protocol=17 | dir=in | app=c:\program files (x86)\gamersfirst\apb reloaded\binaries\apb.exe |
    "{3D2A2ACB-7D66-4683-84CD-AE29DB862101}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
    "{3EAAB06E-639F-479A-8B06-F63AC06A5136}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
    "{40537960-D1F2-4715-B401-85BADB3A7FF7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforeverlauncher.exe |
    "{42633C2E-B332-4366-A1A5-388794DEF7B8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforever.exe |
    "{4307E5CA-847C-40BE-9682-905350BF80C4}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
    "{43548D14-C4C1-42CB-B9FA-088E0F47FBBC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{4408E204-83B9-40BD-829E-08E32F9F2341}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
    "{45589214-EBAF-4EC7-9100-D7994648470A}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
    "{475F1B2E-A759-4EF6-A3CA-ECE2D643261B}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
    "{4765BA2F-9646-4999-8A73-2201AEF394BF}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
    "{48A70F28-4CCD-45F5-9F81-14C47A32D9D6}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
    "{4C572896-17A3-4F3F-A58A-3BDDE50B18E0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{59CFC4AC-6CEA-4190-B82B-1E538E454785}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
    "{5CA13398-768B-489D-B843-192D7472B069}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
    "{5CF2DD80-EDC8-4D50-8954-6DC5187319F9}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{5E5CBD80-288E-4EE6-9724-72F922B17C5D}" = protocol=6 | dir=in | app=c:\program files (x86)\gamersfirst\apb reloaded\binaries\apb.exe |
    "{5FBCCD69-E8C5-48C6-8DAD-6487425DDBB5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\gimmextra\zombie panic! source\hl2.exe |
    "{617BC079-60AC-4603-836F-0FC98482D83A}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
    "{65E1B92C-304B-4EF5-809D-0E0635BC96AF}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
    "{68C96856-E65B-4FFB-AF90-428954C14ABF}" = protocol=17 | dir=in | app=c:\nexon\vindictus\en-us\nmservice.exe |
    "{70C3C1BC-6633-42B6-B76C-92727D610276}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
    "{711C2DF1-7D49-4861-BB33-64C92A34901A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\gimmextra\zombie panic! source\hl2.exe |
    "{716C41D5-807F-464D-B420-542A3AC4F1E9}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
    "{7273C90C-4D2E-4D24-8ECC-CF9DF7148F06}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
    "{7397DB90-F579-44B8-BBD7-1CF16EC03B2D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{73CB9883-FAF4-4796-AF69-42027FEA6C55}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
    "{7947269A-455E-4B4B-BAB1-F1233100AECB}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{7A40AA3D-D6BF-48A0-BC03-2139CC898D4F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\gimmextra\garrysmod\hl2.exe |
    "{7F50F1F0-54BC-4EE3-9ABA-B91089103341}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
    "{7FCBC463-0230-47A8-BA97-381AFEFC66E4}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
    "{8BBA8948-FF46-4A81-A8F9-9EC916FB1C82}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
    "{8C324C94-69F4-45F9-BB9F-C05E2DE0E13D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
    "{8E76C968-0B70-4155-ACA9-C4D1EDB6A02C}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
    "{93644F3F-F710-446A-A745-D54E27803E09}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{971905EC-AB0D-4C0F-B271-9588E2E606AE}" = protocol=17 | dir=in | app=c:\program files (x86)\gamersfirst\apb reloaded\binaries\vivoxvoiceservice.exe |
    "{9741439D-5933-4A6C-B5C0-BD297CA5ABBF}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
    "{99208263-EEF5-4C97-B2FA-BF4F4DA9A616}" = protocol=6 | dir=in | app=c:\nexon\vindictus\en-us\nmservice.exe |
    "{9DE2B1DA-DFBE-4746-9371-0E47AD8A1356}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{9E37900D-7B10-4D2A-BA4C-79E9782C7E98}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\gimmextra\garrysmod\hl2.exe |
    "{9EB3D6E2-80AF-4087-B81F-B231BACFA7F1}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
    "{A2E2BB52-5EC1-4F15-B7F2-C47BFB38D73C}" = protocol=6 | dir=out | app=system |
    "{A39795C8-8729-4173-A1E2-EEF2823920F3}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{A728D856-42B7-48A8-B898-2EF6CCE2DE39}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
    "{A8C6AE22-193B-484D-B401-3BCD78C90038}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\swarm.exe |
    "{A9DF9328-C8E1-4D6F-9A3B-3AD4B0AED487}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{AA1734BB-0A1C-41D5-8B9F-DAEB0C7707E0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforever.exe |
    "{AB2D1BF4-C6EA-431B-A6D8-540D1B4AD483}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{AC22E5FB-E4F1-457D-9651-A49A414DA28F}" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
    "{BC691363-74D7-4C87-BBDC-0D9F55529AC6}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
    "{BE4182AD-69D3-4EF2-862E-D55FF1299325}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{C08CA6C1-78D6-487F-9F72-70102D3A1460}" = protocol=17 | dir=in | app=c:\program files (x86)\reactor\ijjioptimizer.exe |
    "{C1F1A781-2C38-438F-890E-D2186ABD4BC1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{C532A4A6-8FB0-439B-AA1C-249A91E26564}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
    "{C8245B30-A88C-4E2B-ABAD-B74647A32DAC}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{CD342E36-4F73-4183-AFFB-E694F021E935}" = protocol=6 | dir=in | app=c:\program files (x86)\aim\aim.exe |
    "{CF3A376C-2DDE-41EC-85A2-B750E7D48D93}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
    "{CFBBD44E-7E15-49FF-8768-51C69164AB23}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
    "{D7A75596-0912-4E45-A19E-5F224DC5D67C}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
    "{D8C36CA8-5A6E-43B4-9D8C-15B9D66C88C2}" = protocol=17 | dir=in | app=c:\program files (x86)\aim\aim.exe |
    "{DABACED3-D536-433D-AFD5-4B4E6FA7C49F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
    "{DBB69949-F816-4644-B00B-55777175DFC7}" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
    "{DDFD323E-ED8D-4BF3-A46C-0230BFF8AD8D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforeverlauncher.exe |
    "{E18F0800-9B32-474A-8868-BB8197A275FD}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
    "{E3553F90-8F2B-4B21-8352-C1E5047D0363}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{E4D2D822-F05D-48EA-9ADD-64765C874F11}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{E59413C5-6A5C-4505-82AC-90FCE0366C2C}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
    "{E614B55D-12D9-4481-B829-A6531F65E231}" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
    "{E6531B28-89DC-43C0-8B4A-DEBFC30EFECF}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
    "{E85D692D-69BC-4389-8207-89C7EEBB951E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\gimmextra\counter-strike source\hl2.exe |
    "{EB069979-05D2-4F2B-B92D-623733A0CCFB}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
    "{EDC0AB6B-F62B-4962-8A46-3C116C6237F8}" = protocol=6 | dir=in | app=c:\program files (x86)\reactor\ijjioptimizer.exe |
    "{EEEAA2C4-BEA2-4D14-B235-82DA674F540B}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{F62DA714-B9A8-4588-920E-583E31F16F23}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
    "{F7046D71-6498-48BB-9C98-FB356218BF4A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\srcds.exe |
    "{F7FCD50B-C86D-4A0D-A38F-FA7B0EA170E6}" = protocol=6 | dir=in | app=c:\program files (x86)\gamersfirst\apb reloaded\binaries\vivoxvoiceservice.exe |
    "{FDE38092-8500-49DE-8C2C-1EEDE832A827}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
    "TCP Query User{01A96A8E-392F-40E2-8C15-6796D8D577A4}C:\game\softnyxgame\gunboundis\gunbound.gme" = protocol=6 | dir=in | app=c:\game\softnyxgame\gunboundis\gunbound.gme |
    "TCP Query User{0A27B557-6167-430D-979B-228F1E1D50D3}C:\game\softnyxgame\gunboundis\gunbound.gme" = protocol=6 | dir=in | app=c:\game\softnyxgame\gunboundis\gunbound.gme |
    "TCP Query User{0A401AD1-33B4-4E19-9220-E17516830E2E}F:\techwizard.exe" = protocol=6 | dir=in | app=f:\techwizard.exe |
    "TCP Query User{1192F986-53C3-4E7E-B53E-17D2B383567F}C:\program files (x86)\steam\steamapps\common\alien swarm\swarm.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\swarm.exe |
    "TCP Query User{1B2E661B-8DE6-498E-940A-1BD3B56258FC}C:\users\eugene\appdata\local\temp\43e4.tmp\kmservice.exe" = protocol=6 | dir=in | app=c:\users\eugene\appdata\local\temp\43e4.tmp\kmservice.exe |
    "TCP Query User{1B7F7879-7455-414C-88D2-2B405E509A32}C:\users\eugene\appdata\local\temp\915f.tmp\kmservice.exe" = protocol=6 | dir=in | app=c:\users\eugene\appdata\local\temp\915f.tmp\kmservice.exe |
    "TCP Query User{335E7E3D-C97D-4225-9445-75AEB3A6A14D}C:\program files (x86)\activision\call of duty - black ops\blackopsmp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - black ops\blackopsmp.exe |
    "TCP Query User{3823E0BE-8234-41BD-BBFF-9249D1D998FC}C:\users\eugene\desktop\darkgunzclient\darkgunz client\gunz.exe" = protocol=6 | dir=in | app=c:\users\eugene\desktop\darkgunzclient\darkgunz client\gunz.exe |
    "TCP Query User{3E8A30AC-F4D8-4B0F-BCC6-323B884FFB05}C:\users\eugene\documents\darkgunz\darkgunz\gunz.exe" = protocol=6 | dir=in | app=c:\users\eugene\documents\darkgunz\darkgunz\gunz.exe |
    "TCP Query User{456B6203-DCDB-4EEA-9A65-6304262A9A78}C:\ijji\english\u_sf\soldierfront.exe" = protocol=6 | dir=in | app=c:\ijji\english\u_sf\soldierfront.exe |
    "TCP Query User{7008FCA9-0B7D-4685-ADB6-AB6A41C6FDC6}C:\program files (x86)\oovoo\oovoo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
    "TCP Query User{70C08156-4305-4DA9-B322-57FE514B5B79}C:\users\eugene\desktop\darkgunz\darkgunz\gunz.exe" = protocol=6 | dir=in | app=c:\users\eugene\desktop\darkgunz\darkgunz\gunz.exe |
    "TCP Query User{72321A14-F38E-49C1-96A6-73B22B545322}C:\nexon\maplestory\arcanems.exe" = protocol=6 | dir=in | app=c:\nexon\maplestory\arcanems.exe |
    "TCP Query User{753B4F5F-F1E0-4B0C-839C-95B26E06F043}C:\program files (x86)\reactor\reactor.exe" = protocol=6 | dir=in | app=c:\program files (x86)\reactor\reactor.exe |
    "TCP Query User{7BBDF8D9-2527-459A-AB29-FFAFD6E70E2A}C:\users\eugene\documents\darkgunz client\gunz.exe" = protocol=6 | dir=in | app=c:\users\eugene\documents\darkgunz client\gunz.exe |
    "TCP Query User{96134036-7EAA-4FF2-B060-9F7492881348}C:\program files (x86)\oovoo\oovoo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
    "TCP Query User{9A15CD72-AE0D-473D-BD1B-DB24429CBF7F}C:\ijji\english\gunz\gunz.exe" = protocol=6 | dir=in | app=c:\ijji\english\gunz\gunz.exe |
    "TCP Query User{B81C7D43-5C5E-4030-ABC6-DDAE6759AB67}C:\program files (x86)\steam\steamapps\gimmextra\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\gimmextra\team fortress 2\hl2.exe |
    "TCP Query User{BDD0A398-3A19-4D3F-8487-1D47CE43DA98}C:\program files (x86)\softnyxgame\gunboundis\gunbound.gme" = protocol=6 | dir=in | app=c:\program files (x86)\softnyxgame\gunboundis\gunbound.gme |
    "TCP Query User{C79313DF-BE00-4F24-BB4B-C5EDC1290AB3}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
    "TCP Query User{C92F6D21-36F1-4205-9A55-E69C9CD0FCAE}C:\program files (x86)\activision\call of duty - black ops\blackops.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - black ops\blackops.exe |
    "TCP Query User{CB06305A-5DFD-42B5-8A0C-84673074C690}C:\program files (x86)\aim\aim.exe" = protocol=6 | dir=in | app=c:\program files (x86)\aim\aim.exe |
    "TCP Query User{DD39724A-788A-4AD2-B039-BF9F1D466A8D}C:\users\eugene\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\eugene\appdata\local\akamai\netsession_win.exe |
    "TCP Query User{DEAAD2DD-C7E7-46BA-8D23-1EC9964E87A3}C:\program files (x86)\valve\portal 2\portal2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\valve\portal 2\portal2.exe |
    "TCP Query User{E902C094-C146-4FF1-94AB-D46DB1CB5AA9}C:\users\eugene\appdata\local\temp\4841.tmp\kmservice.exe" = protocol=6 | dir=in | app=c:\users\eugene\appdata\local\temp\4841.tmp\kmservice.exe |
    "TCP Query User{EEF21D13-7C9E-4FD5-B982-805A450EA411}C:\users\eugene\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\eugene\appdata\local\akamai\netsession_win.exe |
    "UDP Query User{0182A8FA-06DA-45E9-AD70-314DF69191DD}C:\program files (x86)\activision\call of duty - black ops\blackops.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - black ops\blackops.exe |
    "UDP Query User{0B29C932-7921-4C79-A9ED-C729C3BD48EE}C:\users\eugene\desktop\darkgunzclient\darkgunz client\gunz.exe" = protocol=17 | dir=in | app=c:\users\eugene\desktop\darkgunzclient\darkgunz client\gunz.exe |
    "UDP Query User{0FD7A443-F615-4515-B210-BBC54029FB9D}C:\program files (x86)\steam\steamapps\common\alien swarm\swarm.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\swarm.exe |
    "UDP Query User{26E21CEA-0FCC-4724-9351-AAE5D97478CE}C:\users\eugene\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\eugene\appdata\local\akamai\netsession_win.exe |
    "UDP Query User{277CF906-E6BA-4D49-8827-0A6F5B706871}C:\users\eugene\appdata\local\temp\915f.tmp\kmservice.exe" = protocol=17 | dir=in | app=c:\users\eugene\appdata\local\temp\915f.tmp\kmservice.exe |
    "UDP Query User{29F77F14-8794-4CEB-BA27-FF0C718FBC23}C:\users\eugene\appdata\local\temp\43e4.tmp\kmservice.exe" = protocol=17 | dir=in | app=c:\users\eugene\appdata\local\temp\43e4.tmp\kmservice.exe |
    "UDP Query User{2E7C2E94-D4C7-42CE-B857-384345D1D1F6}F:\techwizard.exe" = protocol=17 | dir=in | app=f:\techwizard.exe |
    "UDP Query User{3A654571-2D0A-4CC8-BF15-E36207FAE5F9}C:\program files (x86)\steam\steamapps\gimmextra\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\gimmextra\team fortress 2\hl2.exe |
    "UDP Query User{3ABBCC0B-7353-46FF-AFFF-61E19641FFF6}C:\program files (x86)\aim\aim.exe" = protocol=17 | dir=in | app=c:\program files (x86)\aim\aim.exe |
    "UDP Query User{43C541A2-D55F-42A3-A6C3-BDF946A0094E}C:\users\eugene\desktop\darkgunz\darkgunz\gunz.exe" = protocol=17 | dir=in | app=c:\users\eugene\desktop\darkgunz\darkgunz\gunz.exe |
    "UDP Query User{4707A403-E7B7-4662-9B4F-BD9E46915C04}C:\users\eugene\documents\darkgunz client\gunz.exe" = protocol=17 | dir=in | app=c:\users\eugene\documents\darkgunz client\gunz.exe |
    "UDP Query User{4C23FFBB-0CDB-406B-8544-67587485164C}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
    "UDP Query User{552EA57F-9FAA-4880-9F92-A8DE158C1516}C:\program files (x86)\oovoo\oovoo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
    "UDP Query User{69E5A014-44BC-4796-AD13-5A5B94A42DA3}C:\users\eugene\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\eugene\appdata\local\akamai\netsession_win.exe |
    "UDP Query User{6D02360C-2F10-41F1-9F19-111576DF5FC5}C:\game\softnyxgame\gunboundis\gunbound.gme" = protocol=17 | dir=in | app=c:\game\softnyxgame\gunboundis\gunbound.gme |
    "UDP Query User{77D8DB3C-4978-4482-B936-2B76B15E00A7}C:\program files (x86)\activision\call of duty - black ops\blackopsmp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - black ops\blackopsmp.exe |
    "UDP Query User{8E1CD6E3-308B-423D-976C-D075D8368E85}C:\nexon\maplestory\arcanems.exe" = protocol=17 | dir=in | app=c:\nexon\maplestory\arcanems.exe |
    "UDP Query User{95CDE328-6611-490C-BA87-3A19E47ED560}C:\program files (x86)\valve\portal 2\portal2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\valve\portal 2\portal2.exe |
    "UDP Query User{998AC4BE-7A74-49F8-B8B6-803ABB666EDE}C:\ijji\english\u_sf\soldierfront.exe" = protocol=17 | dir=in | app=c:\ijji\english\u_sf\soldierfront.exe |
    "UDP Query User{A118855E-74B1-4780-B71D-0A83B9CF1501}C:\users\eugene\appdata\local\temp\4841.tmp\kmservice.exe" = protocol=17 | dir=in | app=c:\users\eugene\appdata\local\temp\4841.tmp\kmservice.exe |
    "UDP Query User{A2DE00A0-F209-409E-A113-63F0DA545512}C:\program files (x86)\reactor\reactor.exe" = protocol=17 | dir=in | app=c:\program files (x86)\reactor\reactor.exe |
    "UDP Query User{ADDB901F-FAA8-4005-BD8F-458F930FABFD}C:\program files (x86)\oovoo\oovoo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
    "UDP Query User{BBAF8268-E27F-4ABF-8BD4-64395B37CC2A}C:\ijji\english\gunz\gunz.exe" = protocol=17 | dir=in | app=c:\ijji\english\gunz\gunz.exe |
    "UDP Query User{C43C389D-3F9F-40FF-983E-4730250A80A3}C:\program files (x86)\softnyxgame\gunboundis\gunbound.gme" = protocol=17 | dir=in | app=c:\program files (x86)\softnyxgame\gunboundis\gunbound.gme |
    "UDP Query User{DCE95D62-9746-459C-8EF6-38698A40E4F5}C:\game\softnyxgame\gunboundis\gunbound.gme" = protocol=17 | dir=in | app=c:\game\softnyxgame\gunboundis\gunbound.gme |
    "UDP Query User{F746D308-26FD-44DE-AD01-CFD6D48070C5}C:\users\eugene\documents\darkgunz\darkgunz\gunz.exe" = protocol=17 | dir=in | app=c:\users\eugene\documents\darkgunz\darkgunz\gunz.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
    "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
    "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    "{5CE7E3F5-9803-4F32-AA89-2D8848A80109}" = Microsoft LifeCam
    "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    "{68660049-8D48-427C-9FF7-139D8340CDC0}" = MSVC80_x64
    "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
    "{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
    "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
    "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
    "{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
    "{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
    "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
    "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
    "{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation
    "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 275.33
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 275.33
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.3.5
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.2.23.3
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
    "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{D050583D-5CEC-47B1-88AA-8B328CAA8621}" = AVG 2012
    "{D66F0C3C-24F2-4463-9E2F-4381E5C40A26}" = iTunes
    "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
    "{E51A1789-9C20-43FC-AF13-C7AC29FAF111}" = AVG 2012
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
    "AVG" = AVG 2012
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "WinRAR archiver" = WinRAR archiver

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
    "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
    "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
    "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
    "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
    "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
    "{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
    "{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
    "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
    "{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 24
    "{2D9C81F2-CF30-47F9-860E-58DACF92ABC9}" = Razer Arctosa
    "{342126E1-173C-4585-BFBE-3EBDD20E3E9E}" = Mobipocket Reader 6.2
    "{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4E1D975D-9BF3-43CF-AA30-7186CEE3D9DE}" = STOPzilla
    "{53FA9A9F-3C19-4D43-AD6B-DEF365D469BA}" = Camtasia Studio 7
    "{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate
    "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
    "{80813829-BE27-4799-8BC7-2F75A7B6CB50}" = IHA_MessageCenter
    "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
    "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}" = EPU-4 Engine
    "{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Azurewave Wireless LAN Card
    "{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
    "{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
    "{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
    "{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
    "{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
    "{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
    "{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
    "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
    "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
    "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
    "{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
    "{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
    "{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
    "{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
    "{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
    "{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
    "{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
    "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
    "{96F9B265-1367-4E1A-B8B9-F8530EF3AA62}" = Add or Remove Adobe Premiere Pro CS5
    "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
    "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
    "{AC76BA86-7AD7-1033-7B44-A83000000003}" = Adobe Reader 8.3.1
    "{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
    "{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
    "{C0AA232E-BD1B-40B5-A176-A2BEB67FFAE1}" = Adobe After Effects CS5 Third Party Content
    "{C585E652-0CBC-4276-9FE7-047078677904}" = Blacklight Retribution
    "{CD29B5CA-4727-4114-9AD9-25CCCE6E4014}" = Adobe After Effects CS5 Third Party Royalty Content
    "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
    "{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype&#8482; 5.3
    "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
    "{DA1B174B-4297-467C-9EF8-0AB8D4D5171E}" = Adobe After Effects CS5
    "{DC785DB7-D389-48C3-B146-96FE99BF4E2B}" = Vegas Pro 9.0
    "{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
    "{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo
    "{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
    "AC Tool" = AC Tool
    "Adobe AIR" = Adobe AIR
    "AIM_7" = AIM 7
    "Akamai" = Akamai NetSession Interface Service
    "Audacity_is1" = Audacity 1.2.6
    "BandiMPEG1" = Bandisoft MPEG-1 Decoder
    "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
    "Cheat Engine 6.1_is1" = Cheat Engine 6.1
    "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
    "Digital Editions" = Adobe Digital Editions
    "Fiddler2" = Fiddler2
    "Fraps" = Fraps (remove only)
    "GunboundIS_is1" = GunboundIS
    "LAME for Audacity_is1" = LAME v3.98.3 for Audacity
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
    "MapleStory" = MapleStory
    "Mozilla Firefox 11.0 (x86 en-US)" = Mozilla Firefox 11.0 (x86 en-US)
    "NirSoft BlueScreenView" = NirSoft BlueScreenView
    "Office14.PROPLUS" = Microsoft Office Professional Plus 2010
    "PowerISO" = PowerISO
    "PunkBusterSvc" = PunkBuster Services
    "RocketDock_is1" = RocketDock 1.3.5
    "SpeedFan" = SpeedFan (remove only)
    "Stanza" = Stanza
    "Steam App 11020" = TrackMania Nations Forever
    "Steam App 17500" = Zombie Panic Source
    "Steam App 240" = Counter-Strike: Source
    "Steam App 4000" = Garry's Mod
    "Steam App 440" = Team Fortress 2
    "Steam App 630" = Alien Swarm
    "uTorrent" = µTorrent
    "VLC media player" = VLC media player 1.1.7
    "WinPcapInst" = WinPcap 4.1.2

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Akamai" = Akamai NetSession Interface
    "Flux" = F.lux
    "Google Chrome" = Google Chrome

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 4/9/2012 6:55:24 PM | Computer Name = Eugene-PC | Source = WinMgmt | ID = 10
    Description =

    Error - 4/10/2012 1:26:09 PM | Computer Name = Eugene-PC | Source = WinMgmt | ID = 10
    Description =

    Error - 4/10/2012 4:58:38 PM | Computer Name = Eugene-PC | Source = WinMgmt | ID = 10
    Description =

    Error - 4/11/2012 1:12:33 PM | Computer Name = Eugene-PC | Source = WinMgmt | ID = 10
    Description =

    Error - 4/12/2012 9:59:29 AM | Computer Name = Eugene-PC | Source = WinMgmt | ID = 10
    Description =

    Error - 4/12/2012 10:06:18 AM | Computer Name = Eugene-PC | Source = WinMgmt | ID = 10
    Description =

    Error - 4/12/2012 1:35:14 PM | Computer Name = Eugene-PC | Source = WinMgmt | ID = 10
    Description =

    Error - 4/12/2012 6:52:20 PM | Computer Name = Eugene-PC | Source = Application Hang | ID = 1002
    Description = The program osk.exe version 6.0.6000.16386 stopped interacting with
    Windows and was closed. To see if more information about the problem is available,
    check the problem history in the Problem Reports and Solutions control panel. Process
    ID: 268 Start Time: 01cd18fed5df50c5 Termination Time: 4

    Error - 4/13/2012 10:32:37 AM | Computer Name = Eugene-PC | Source = WinMgmt | ID = 10
    Description =

    Error - 4/13/2012 10:39:41 AM | Computer Name = Eugene-PC | Source = WinMgmt | ID = 10
    Description =

    [ System Events ]
    Error - 4/18/2012 5:04:58 PM | Computer Name = Eugene-PC | Source = Service Control Manager | ID = 7026
    Description =

    Error - 4/18/2012 5:06:51 PM | Computer Name = Eugene-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
    Description =

    Error - 4/19/2012 3:23:53 PM | Computer Name = Eugene-PC | Source = Application Popup | ID = 1060
    Description = \SystemRoot\SysWow64\Drivers\StarOpen.SYS has been blocked from loading
    due to incompatibility with this system. Please contact your software vendor for
    a compatible version of the driver.

    Error - 4/19/2012 3:25:38 PM | Computer Name = Eugene-PC | Source = Service Control Manager | ID = 7000
    Description =

    Error - 4/19/2012 3:25:38 PM | Computer Name = Eugene-PC | Source = Service Control Manager | ID = 7026
    Description =

    Error - 4/19/2012 3:27:13 PM | Computer Name = Eugene-PC | Source = Application Popup | ID = 1060
    Description = \SystemRoot\SysWow64\Drivers\StarOpen.SYS has been blocked from loading
    due to incompatibility with this system. Please contact your software vendor for
    a compatible version of the driver.

    Error - 4/19/2012 3:27:33 PM | Computer Name = Eugene-PC | Source = EventLog | ID = 6008
    Description = The previous system shutdown at 3:25:37 PM on 4/19/2012 was unexpected.

    Error - 4/19/2012 3:28:59 PM | Computer Name = Eugene-PC | Source = Service Control Manager | ID = 7000
    Description =

    Error - 4/19/2012 3:28:59 PM | Computer Name = Eugene-PC | Source = Service Control Manager | ID = 7026
    Description =

    Error - 4/19/2012 3:29:16 PM | Computer Name = Eugene-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
    Description =


    < End of report >
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1047935