Solved Sirefef.y removal

K

kwspony

Posts: 122   +1
The laptop I have has the sirefef.y virus. attached it the frst.txt file.
 

Attachments

  • FRST.txt
    169.6 KB · Views: 4
I have run Malwarebytes and superantispyware. both removed other issues. I downloaded and installed MS security essentials and it tells me about the sirefef virus. laptop is rebooting every minute.
 
Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running tools or applying updates other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

=====================================================

Please observe forum rules.
All logs have to be pasted not attached.
 
I may be ok now. After running multiple scans including the TDSSkiller and doing a repair on the OS it seems to be gone. It still isn't installing one MS update but I am working on that .
 
Just to let you know that ZeroAccess rootkit doesn't give up that easy but the decision is yours.
 
Thanks Broni. Tonight when I get home I will be back on it. I will paste the contents of that text file and start your process.
 
Scan result of Farbar Recovery Scan Tool Version: 17-06-2012 01
Ran by SYSTEM at 17-06-2012 10:17:17
Running from E:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001
========================== Registry (Whitelisted) =============
HKLM\...\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe [3179288 2010-01-06] (Dell Inc.)
HKLM\...\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-06-17] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [1890088 2010-03-17] (Synaptics Incorporated)
HKLM\...\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [5712896 2010-02-02] (Dell Inc.)
HKLM\...\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe [167704 2012-01-10] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [392984 2012-01-10] (Intel Corporation)
HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe [417560 2012-01-10] (Intel Corporation)
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1271168 2012-03-26] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-06-08] (Intel Corporation)
HKLM-x32\...\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 [409744 2009-06-24] (Creative Technology Ltd)
HKLM-x32\...\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [1675160 2011-11-22] (McAfee, Inc.)
HKLM-x32\...\Run: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter [206064 2009-05-21] (SupportSoft, Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2010-11-29] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2011-11-02] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421736 2011-12-08] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2012-01-18] (Sun Microsystems, Inc.)
HKU\tpot\...\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [4786048 2012-06-11] (SUPERAntiSpyware.com)
HKLM-x32\...\Runonce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [x]
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Default\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\tpot\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
==================== Services (Whitelisted) ======
2 !SASCORE; "C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE" [140672 2011-08-11] (SUPERAntiSpyware.com)
2 McMPFSvc; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [249936 2011-01-27] (McAfee, Inc.)
2 mcmscsvc; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [249936 2011-01-27] (McAfee, Inc.)
2 McNaiAnn; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [249936 2011-01-27] (McAfee, Inc.)
2 McNASvc; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [249936 2011-01-27] (McAfee, Inc.)
3 McODS; "C:\Program Files\mcafee\VirusScan\mcods.exe" [501768 2011-03-17] (McAfee, Inc.)
4 McOobeSv; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [249936 2011-01-27] (McAfee, Inc.)
2 McProxy; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [249936 2011-01-27] (McAfee, Inc.)
2 McShield; "C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe" [199272 2011-10-18] (McAfee, Inc.)
2 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" [208536 2011-10-18] (McAfee, Inc.)
2 mfevtp; "C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe" [161168 2011-10-18] (McAfee, Inc.)
2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [12600 2012-03-26] (Microsoft Corporation)
2 UNS; "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe" [2320920 2010-03-03] (Intel Corporation)
========================== Drivers (Whitelisted) =============
3 BcmVWL; C:\Windows\System32\DRIVERS\bcmvwl64.sys [20984 2010-02-02] (Broadcom Corporation)
3 cfwids; C:\Windows\System32\Drivers\cfwids.sys [65264 2011-10-15] (McAfee, Inc.)
3 mfeapfk; C:\Windows\System32\Drivers\mfeapfk.sys [160280 2011-10-15] (McAfee, Inc.)
3 mfeavfk; C:\Windows\System32\Drivers\mfeavfk.sys [229528 2011-10-15] (McAfee, Inc.)
3 mfefirek; C:\Windows\System32\Drivers\mfefirek.sys [481768 2011-10-15] (McAfee, Inc.)
0 mfehidk; C:\Windows\System32\Drivers\mfehidk.sys [647080 2011-10-15] (McAfee, Inc.)
1 mfenlfk; C:\Windows\System32\Drivers\mfenlfk.sys [75808 2011-10-15] (McAfee, Inc.)
3 mferkdet; C:\Windows\System32\Drivers\mferkdet.sys [100912 2011-10-15] (McAfee, Inc.)
0 mfewfpk; C:\Windows\System32\Drivers\mfewfpk.sys [284648 2011-10-15] (McAfee, Inc.)
1 SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
1 SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
3 mfeavfk01; [x]
========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============
2012-06-17 09:50 - 2012-06-17 09:51 - 00130762 ____A C:\TDSSKiller.2.7.40.0_17.06.2012_09.50.44_log.txt
2012-06-17 07:58 - 2012-01-31 05:44 - 00279656 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2012-06-17 07:56 - 2012-06-17 07:56 - 00744030 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2012-06-17 07:56 - 2012-06-17 07:56 - 00001945 ____A C:\Windows\epplauncher.mif
2012-06-17 07:56 - 2012-06-17 07:56 - 00000000 ____D C:\Program Files\Microsoft Security Client
2012-06-17 07:56 - 2012-06-17 07:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2012-06-17 07:45 - 2012-06-17 07:45 - 00000000 ____D C:\Windows\CheckSur
2012-06-17 07:32 - 2012-06-17 07:44 - 357148272 ____A C:\Users\tpot\Downloads\Windows6.1-KB947821-v22-x64.msu
2012-06-17 07:24 - 2012-06-17 09:52 - 00000280 ____A C:\Windows\setupact.log
2012-06-17 07:24 - 2012-06-17 07:24 - 00000000 ____A C:\Windows\setuperr.log
2012-06-16 21:00 - 2012-05-04 04:00 - 00366592 ____A (Microsoft Corporation) C:\Windows\System32\qdvd.dll
2012-06-16 21:00 - 2012-05-04 02:59 - 00514560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2012-06-16 20:53 - 2012-06-16 20:53 - 00000000 ____D C:\Users\All Users\Intel
2012-06-16 20:53 - 2012-06-16 20:53 - 00000000 ____D C:\Users\All Users\Application Data\Intel
2012-06-16 19:37 - 2012-06-03 23:28 - 58957832 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-06-16 19:20 - 2012-06-16 19:20 - 00000000 ____D C:\Windows\System32\SPReview
2012-06-16 19:18 - 2012-06-16 19:18 - 00000000 ____D C:\Windows\System32\EventProviders
2012-06-16 19:16 - 2012-02-29 23:46 - 00023408 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys
2012-06-16 19:16 - 2012-02-29 23:38 - 00220672 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-06-16 19:16 - 2012-02-29 23:33 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2012-06-16 19:16 - 2012-02-29 23:28 - 00005120 ____A (Microsoft Corporation) C:\Windows\System32\wmi.dll
2012-06-16 19:16 - 2012-02-29 22:37 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2012-06-16 19:16 - 2012-02-29 22:33 - 00159232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2012-06-16 19:16 - 2012-02-29 22:29 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2012-06-16 19:12 - 2012-05-17 19:47 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-06-16 19:12 - 2012-05-17 19:16 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-06-16 19:12 - 2012-05-17 19:06 - 02311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-06-16 19:12 - 2012-05-17 18:59 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-06-16 19:12 - 2012-05-17 18:59 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-06-16 19:12 - 2012-05-17 18:58 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-06-16 19:12 - 2012-05-17 18:58 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-06-16 19:12 - 2012-05-17 18:56 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-06-16 19:12 - 2012-05-17 18:55 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-06-16 19:12 - 2012-05-17 18:55 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-06-16 19:12 - 2012-05-17 18:54 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-06-16 19:12 - 2012-05-17 18:51 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-06-16 19:12 - 2012-05-17 18:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-06-16 19:12 - 2012-05-17 18:47 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-06-16 19:12 - 2012-05-17 16:11 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-06-16 19:12 - 2012-05-17 15:48 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-06-16 19:12 - 2012-05-17 15:45 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-06-16 19:12 - 2012-05-17 15:36 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-06-16 19:12 - 2012-05-17 15:35 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-06-16 19:12 - 2012-05-17 15:35 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-06-16 19:12 - 2012-05-17 15:33 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-06-16 19:12 - 2012-05-17 15:31 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-06-16 19:12 - 2012-05-17 15:29 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-06-16 19:12 - 2012-05-17 15:29 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-06-16 19:12 - 2012-05-17 15:27 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-06-16 19:12 - 2012-05-17 15:25 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-06-16 19:12 - 2012-05-17 15:24 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-06-16 19:12 - 2012-05-17 15:20 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-06-16 19:07 - 2010-11-20 06:33 - 00299392 ____A (Microsoft Corporation) C:\Windows\System32\mcupdate_GenuineIntel.dll
2012-06-16 19:07 - 2010-11-20 06:33 - 00273792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys
2012-06-16 19:07 - 2010-11-20 06:27 - 14633472 ____A (Microsoft Corporation) C:\Windows\System32\wmp.dll
2012-06-16 19:07 - 2010-11-20 06:27 - 03860992 ____A (Microsoft Corporation) C:\Windows\System32\UIRibbon.dll
2012-06-16 19:07 - 2010-11-20 06:27 - 03715584 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2012-06-16 19:07 - 2010-11-20 06:27 - 03650560 ____A (Microsoft Corporation) C:\Windows\System32\MSVidCtl.dll
2012-06-16 19:07 - 2010-11-20 06:27 - 03008000 ____A (Microsoft Corporation) C:\Windows\System32\xpsservices.dll
2012-06-16 19:07 - 2010-11-20 06:27 - 02086912 ____A (Microsoft Corporation) C:\Windows\System32\ole32.dll
2012-06-16 19:07 - 2010-11-20 06:27 - 01881088 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2012-06-16 19:07 - 2010-11-20 06:27 - 01753088 ____A (Microsoft Corporation) C:\Windows\System32\vssapi.dll
2012-06-16 19:07 - 2010-11-20 06:27 - 01743360 ____A (Microsoft Corporation) C:\Windows\System32\sysmain.dll
2012-06-16 19:07 - 2010-11-20 06:27 - 01646080 ____A (Microsoft Corporation) C:\Windows\System32\wevtsvc.dll
2012-06-16 19:07 - 2010-11-20 06:27 - 01556992 ____A (Microsoft Corporation) C:\Windows\System32\RacEngn.dll
2012-06-16 19:07 - 2010-11-20 06:27 - 01326080 ____A (Microsoft Corporation) C:\Windows\System32\NaturalLanguage6.dll
2012-06-16 19:07 - 2010-11-20 06:27 - 01219584 ____A (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2012-06-16 19:07 - 2010-11-20 06:27 - 01197056 ____A (Microsoft Corporation) C:\Windows\System32\taskschd.dll
2012-06-16 19:07 - 2010-11-20 06:27 - 01110016 ____A (Microsoft Corporation) C:\Windows\System32\schedsvc.dll
2012-06-16 19:07 - 2010-11-20 06:27 - 00488448 ____A (Microsoft Corporation) C:\Windows\System32\secproc.dll
2012-06-16 19:07 - 2010-11-20 06:27 - 00485888 ____A (Microsoft Corporation) C:\Windows\System32\secproc_isv.dll
2012-06-16 19:07 - 2010-11-20 06:27 - 00263168 ____A (Microsoft Corporation) C:\Windows\System32\spwizui.dll
2012-06-16 19:07 - 2010-11-20 06:27 - 00012288 ____A (Microsoft Corporation) C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
2012-06-16 19:07 - 2010-11-20 06:26 - 04120064 ____A (Microsoft Corporation) C:\Windows\System32\mf.dll
2012-06-16 19:07 - 2010-11-20 06:26 - 03205120 ____A (Microsoft Corporation) C:\Windows\System32\mmcndmgr.dll
2012-06-16 19:07 - 2010-11-20 06:26 - 01866240 ____A (Microsoft Corporation) C:\Windows\System32\ExplorerFrame.dll
2012-06-16 19:07 - 2010-11-20 06:26 - 01838080 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2012-06-16 19:07 - 2010-11-20 06:26 - 01340416 ____A (Microsoft Corporation) C:\Windows\System32\diagperf.dll
2012-06-16 19:07 - 2010-11-20 06:25 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\RMActivate_isv.exe
2012-06-16 19:07 - 2010-11-20 06:25 - 00359424 ____A (Microsoft Corporation) C:\Windows\System32\RMActivate.exe
2012-06-16 19:07 - 2010-11-20 05:21 - 00423936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2012-06-16 19:07 - 2010-11-20 05:20 - 00428032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2012-06-16 19:07 - 2010-11-20 05:19 - 03215872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2012-06-16 19:07 - 2010-11-20 05:19 - 03207680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2012-06-16 19:07 - 2010-11-20 05:19 - 00954752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc40.dll
2012-06-16 19:07 - 2010-11-20 05:19 - 00954288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc40u.dll
2012-06-16 19:07 - 2010-11-20 05:18 - 01334272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2012-06-16 19:07 - 2010-11-20 05:18 - 01171456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2012-06-16 19:07 - 2010-11-20 05:17 - 00327168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2012-06-16 19:07 - 2010-11-20 05:17 - 00322048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2012-06-16 19:07 - 2010-11-20 04:07 - 00059392 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\TsUsbFlt.sys
2012-06-16 19:07 - 2010-11-04 18:58 - 01130824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2012-06-16 19:07 - 2010-11-04 18:58 - 00297808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mscoree.dll
2012-06-16 19:07 - 2010-11-04 18:57 - 01942856 ____A (Microsoft Corporation) C:\Windows\System32\dfshim.dll
2012-06-16 19:07 - 2010-11-04 18:57 - 00444752 ____A (Microsoft Corporation) C:\Windows\System32\mscoree.dll
2012-06-16 19:07 - 2010-11-04 18:57 - 00048976 ____A (Microsoft Corporation) C:\Windows\System32\netfxperf.dll
2012-06-16 19:06 - 2010-11-20 06:39 - 05066752 ____A (Microsoft Corporation) C:\Windows\System32\AuthFWSnapin.dll
2012-06-16 19:06 - 2010-11-20 06:34 - 00295808 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\volsnap.sys
2012-06-16 19:06 - 2010-11-20 06:34 - 00215936 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\vhdmp.sys
2012-06-16 19:06 - 2010-11-20 06:33 - 00982912 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2012-06-16 19:06 - 2010-11-20 06:33 - 00951680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2012-06-16 19:06 - 2010-11-20 06:33 - 00376192 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2012-06-16 19:06 - 2010-11-20 06:33 - 00366976 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msrpc.sys
2012-06-16 19:06 - 2010-11-20 06:29 - 00345600 ____A (Microsoft Corporation) C:\Windows\System32\fveapi.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 03027968 ____A (Microsoft Corporation) C:\Windows\System32\WMVCORE.DLL
2012-06-16 19:06 - 2010-11-20 06:27 - 02652160 ____A (Microsoft Corporation) C:\Windows\System32\netshell.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 02543616 ____A (Microsoft Corporation) C:\Windows\System32\wpdshext.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 02420736 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 02055680 ____A (Microsoft Corporation) C:\Windows\System32\Query.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 02018304 ____A (Microsoft Corporation) C:\Windows\System32\WsmSvc.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 02004480 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 01900544 ____A (Microsoft Corporation) C:\Windows\System32\setupapi.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 01888256 ____A (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL
2012-06-16 19:06 - 2010-11-20 06:27 - 01808384 ____A (Microsoft Corporation) C:\Windows\System32\pnidui.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 01509888 ____A (Microsoft Corporation) C:\Windows\System32\msdtctm.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 01441280 ____A (Microsoft Corporation) C:\Windows\System32\wlanpref.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 01281024 ____A (Microsoft Corporation) C:\Windows\System32\werconcpl.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 01243136 ____A (Microsoft Corporation) C:\Windows\System32\WMNetMgr.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 01212416 ____A (Microsoft Corporation) C:\Windows\System32\propsys.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 01190400 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 01158656 ____A (Microsoft Corporation) C:\Windows\System32\webservices.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 01098240 ____A (Microsoft Corporation) C:\Windows\System32\Vault.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 01008128 ____A (Microsoft Corporation) C:\Windows\System32\user32.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 00933888 ____A (Microsoft Corporation) C:\Windows\System32\sqlsrv32.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 00867840 ____A (Microsoft Corporation) C:\Windows\System32\SearchFolder.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 00849920 ____A (Microsoft Corporation) C:\Windows\System32\qmgr.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 00800256 ____A (Microsoft Corporation) C:\Windows\System32\usp10.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 00758784 ____A (Microsoft Corporation) C:\Windows\System32\samsrv.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 00758272 ____A (Microsoft Corporation) C:\Windows\System32\PortableDeviceApi.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 00750080 ____A (Microsoft Corporation) C:\Windows\System32\TSWorkspace.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 00720896 ____A (Microsoft Corporation) C:\Windows\System32\odbc32.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 00695808 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 00695808 ____A (Microsoft Corporation) C:\Windows\System32\netlogon.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 00680960 ____A (Microsoft Corporation) C:\Windows\System32\termsrv.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 00582656 ____A (Microsoft Corporation) C:\Windows\System32\sxs.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 00577536 ____A (Microsoft Corporation) C:\Windows\System32\WSDApi.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 00519680 ____A (Microsoft Corporation) C:\Windows\System32\netcfgx.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 00512000 ____A (Microsoft Corporation) C:\Windows\System32\rpcss.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 00481280 ____A (Microsoft Corporation) C:\Windows\System32\wmpps.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 00476160 ____A (Microsoft Corporation) C:\Windows\System32\QAGENTRT.DLL
2012-06-16 19:06 - 2010-11-20 06:27 - 00473600 ____A (Microsoft Corporation) C:\Windows\System32\taskcomp.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 00457216 ____A (Microsoft Corporation) C:\Windows\System32\msdrm.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 00448512 ____A (Microsoft Corporation) C:\Windows\System32\shlwapi.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 00444416 ____A (Microsoft Corporation) C:\Windows\System32\winhttp.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 00326144 ____A (Microsoft Corporation) C:\Windows\System32\mswsock.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 00312832 ____A (Microsoft Corporation) C:\Windows\System32\Wldap32.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 00312320 ____A (Microsoft Corporation) C:\Windows\System32\msv1_0.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 00303616 ____A (Microsoft Corporation) C:\Windows\System32\nlasvc.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 00299520 ____A (Microsoft Corporation) C:\Windows\System32\tsmf.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 00297984 ____A (Microsoft Corporation) C:\Windows\System32\ws2_32.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 00266240 ____A (Microsoft Corporation) C:\Windows\System32\QAGENT.DLL
2012-06-16 19:06 - 2010-11-20 06:27 - 00263168 ____A (Microsoft Corporation) C:\Windows\System32\vpnike.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 00258560 ____A (Microsoft Corporation) C:\Windows\System32\WebClnt.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\winsta.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 00210944 ____A (Microsoft Corporation) C:\Windows\System32\ncsi.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 00183808 ____A (Microsoft Corporation) C:\Windows\System32\prncache.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 00146944 ____A (Microsoft Corporation) C:\Windows\System32\scavengeui.dll
2012-06-16 19:06 - 2010-11-20 06:27 - 00121856 ____A (Microsoft Corporation) C:\Windows\System32\SessEnv.dll
2012-06-16 19:06 - 2010-11-20 06:26 - 03391488 ____A (Microsoft Corporation) C:\Windows\System32\dbgeng.dll
2012-06-16 19:06 - 2010-11-20 06:26 - 02067456 ____A (Microsoft Corporation) C:\Windows\System32\d3d9.dll
2012-06-16 19:06 - 2010-11-20 06:26 - 01632256 ____A (Microsoft Corporation) C:\Windows\System32\dwmcore.dll
2012-06-16 19:06 - 2010-11-20 06:26 - 01244160 ____A (Microsoft Corporation) C:\Windows\System32\imapi2fs.dll
2012-06-16 19:06 - 2010-11-20 06:26 - 01009152 ____A (Microsoft Corporation) C:\Windows\System32\mcmde.dll
2012-06-16 19:06 - 2010-11-20 06:26 - 00955904 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll
2012-06-16 19:06 - 2010-11-20 06:26 - 00853504 ____A (Microsoft Corporation) C:\Windows\System32\IKEEXT.DLL
2012-06-16 19:06 - 2010-11-20 06:26 - 00828416 ____A (Microsoft Corporation) C:\Windows\System32\MPSSVC.dll
2012-06-16 19:06 - 2010-11-20 06:26 - 00787968 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2012-06-16 19:06 - 2010-11-20 06:26 - 00777728 ____A (Microsoft Corporation) C:\Windows\System32\gpsvc.dll
2012-06-16 19:06 - 2010-11-20 06:26 - 00658944 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2012-06-16 19:06 - 2010-11-20 06:26 - 00584192 ____A (Microsoft Corporation) C:\Windows\System32\ipsmsnap.dll
2012-06-16 19:06 - 2010-11-20 06:26 - 00403968 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2012-06-16 19:06 - 2010-11-20 06:26 - 00381440 ____A (Microsoft Corporation) C:\Windows\System32\mfds.dll
2012-06-16 19:06 - 2010-11-20 06:26 - 00317952 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcore.dll
2012-06-16 19:06 - 2010-11-20 06:26 - 00295936 ____A (Microsoft Corporation) C:\Windows\System32\framedynos.dll
2012-06-16 19:06 - 2010-11-20 06:26 - 00281600 ____A (Microsoft) C:\Windows\System32\DShowRdpFilter.dll
2012-06-16 19:06 - 2010-11-20 06:26 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\hgprint.dll
2012-06-16 19:06 - 2010-11-20 06:26 - 00084992 ____A (Microsoft Corporation) C:\Windows\System32\dot3api.dll
2012-06-16 19:06 - 2010-11-20 06:25 - 03957760 ____A (Microsoft Corporation) C:\Windows\System32\WinSAT.exe
2012-06-16 19:06 - 2010-11-20 06:25 - 01975296 ____A (Microsoft Corporation) C:\Windows\System32\CertEnroll.dll
2012-06-16 19:06 - 2010-11-20 06:25 - 01927680 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2012-06-16 19:06 - 2010-11-20 06:25 - 01796096 ____A (Microsoft Corporation) C:\Windows\System32\certmgr.dll
2012-06-16 19:06 - 2010-11-20 06:25 - 01600512 ____A (Microsoft Corporation) C:\Windows\System32\VSSVC.exe
2012-06-16 19:06 - 2010-11-20 06:25 - 01504256 ____A (Microsoft Corporation) C:\Windows\System32\wbengine.exe
2012-06-16 19:06 - 2010-11-20 06:25 - 01116672 ____A (Microsoft Corporation) C:\Windows\System32\mstsc.exe
2012-06-16 19:06 - 2010-11-20 06:25 - 00958464 ____A (Microsoft Corporation) C:\Windows\System32\actxprxy.dll
2012-06-16 19:06 - 2010-11-20 06:25 - 00897536 ____A (Microsoft Corporation) C:\Windows\System32\azroles.dll
2012-06-16 19:06 - 2010-11-20 06:25 - 00705024 ____A (Microsoft Corporation) C:\Windows\System32\BFE.DLL
2012-06-16 19:06 - 2010-11-20 06:25 - 00679424 ____A (Microsoft Corporation) C:\Windows\System32\audiosrv.dll
2012-06-16 19:06 - 2010-11-20 06:25 - 00598016 ____A (Microsoft Corporation) C:\Windows\System32\spinstall.exe
2012-06-16 19:06 - 2010-11-20 06:25 - 00594432 ____A (Microsoft Corporation) C:\Windows\System32\comdlg32.dll
2012-06-16 19:06 - 2010-11-20 06:25 - 00559104 ____A (Microsoft Corporation) C:\Windows\System32\spoolsv.exe
2012-06-16 19:06 - 2010-11-20 06:25 - 00464384 ____A (Microsoft Corporation) C:\Windows\System32\taskeng.exe
2012-06-16 19:06 - 2010-11-20 06:25 - 00390656 ____A (Microsoft Corporation) C:\Windows\System32\winlogon.exe
2012-06-16 19:06 - 2010-11-20 06:25 - 00342016 ____A (Microsoft Corporation) C:\Windows\System32\apphelp.dll
2012-06-16 19:06 - 2010-11-20 06:25 - 00301568 ____A (Microsoft Corporation) C:\Windows\System32\spreview.exe
2012-06-16 19:06 - 2010-11-20 06:25 - 00285696 ____A (Microsoft Corporation) C:\Windows\System32\schtasks.exe
2012-06-16 19:06 - 2010-11-20 06:24 - 00653312 ____A (Microsoft Corporation) C:\Windows\System32\lpksetup.exe
2012-06-16 19:06 - 2010-11-20 06:24 - 00345088 ____A (Microsoft Corporation) C:\Windows\System32\cmd.exe
2012-06-16 19:06 - 2010-11-20 06:24 - 00343040 ____A (Microsoft Corporation) C:\Windows\System32\lsm.exe
2012-06-16 19:06 - 2010-11-20 06:24 - 00272896 ____A (Microsoft Corporation) C:\Windows\System32\mcbuilder.exe
2012-06-16 19:06 - 2010-11-20 05:32 - 05066752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AuthFWSnapin.dll
2012-06-16 19:06 - 2010-11-20 05:21 - 11410432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2012-06-16 19:06 - 2010-11-20 05:21 - 01667584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2012-06-16 19:06 - 2010-11-20 05:21 - 01619456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2012-06-16 19:06 - 2010-11-20 05:21 - 01363456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2012-06-16 19:06 - 2010-11-20 05:21 - 01175040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2012-06-16 19:06 - 2010-11-20 05:21 - 01128448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2012-06-16 19:06 - 2010-11-20 05:21 - 01115136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RacEngn.dll
2012-06-16 19:06 - 2010-11-20 05:21 - 01010688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2012-06-16 19:06 - 2010-11-20 05:21 - 00646144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2012-06-16 19:06 - 2010-11-20 05:21 - 00626176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2012-06-16 19:06 - 2010-11-20 05:21 - 00597504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2012-06-16 19:06 - 2010-11-20 05:21 - 00505856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2012-06-16 19:06 - 2010-11-20 05:21 - 00381440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2012-06-16 19:06 - 2010-11-20 05:21 - 00351232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2012-06-16 19:06 - 2010-11-20 05:21 - 00350208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shlwapi.dll
2012-06-16 19:06 - 2010-11-20 05:21 - 00270848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2012-06-16 19:06 - 2010-11-20 05:21 - 00206848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\upnp.dll
2012-06-16 19:06 - 2010-11-20 05:21 - 00113664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2012-06-16 19:06 - 2010-11-20 05:21 - 00081920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2012-06-16 19:06 - 2010-11-20 05:20 - 01414144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2012-06-16 19:06 - 2010-11-20 05:20 - 00573440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbc32.dll
2012-06-16 19:06 - 2010-11-20 05:20 - 00563712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2012-06-16 19:06 - 2010-11-20 05:20 - 00547840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceApi.dll
2012-06-16 19:06 - 2010-11-20 05:20 - 00406528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2012-06-16 19:06 - 2010-11-20 05:19 - 02291712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2012-06-16 19:06 - 2010-11-20 05:19 - 02151936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll
2012-06-16 19:06 - 2010-11-20 05:19 - 01493504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2012-06-16 19:06 - 2010-11-20 05:19 - 01390080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2012-06-16 19:06 - 2010-11-20 05:19 - 00732160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imapi2fs.dll
2012-06-16 19:06 - 2010-11-20 05:19 - 00341504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2012-06-16 19:06 - 2010-11-20 05:19 - 00257024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2012-06-16 19:06 - 2010-11-20 05:18 - 02522624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2012-06-16 19:06 - 2010-11-20 05:18 - 01828352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2012-06-16 19:06 - 2010-11-20 05:18 - 01792000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2012-06-16 19:06 - 2010-11-20 05:18 - 01555456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certmgr.dll
2012-06-16 19:06 - 2010-11-20 05:18 - 01371136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2012-06-16 19:06 - 2010-11-20 05:18 - 00640512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2012-06-16 19:06 - 2010-11-20 05:18 - 00522752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2012-06-16 19:06 - 2010-11-20 05:18 - 00342016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2012-06-16 19:06 - 2010-11-20 05:18 - 00295936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2012-06-16 19:06 - 2010-11-20 05:18 - 00252928 ____A (Microsoft) C:\Windows\SysWOW64\DShowRdpFilter.dll
2012-06-16 19:06 - 2010-11-20 05:18 - 00091136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dot3api.dll
2012-06-16 19:06 - 2010-11-20 05:17 - 01049600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2012-06-16 19:06 - 2010-11-20 05:17 - 00220672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe
2012-06-16 19:06 - 2010-11-20 04:05 - 00274944 ____A (Microsoft Corporation) C:\Windows\System32\rdpdd.dll
2012-06-16 19:06 - 2010-11-20 02:25 - 00753664 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\http.sys
2012-06-16 19:06 - 2010-11-20 02:23 - 00261632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netbt.sys
2012-06-16 19:06 - 2010-11-20 02:21 - 00119296 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdx.sys
2012-06-16 19:06 - 2010-11-19 20:52 - 00419880 ____A C:\Windows\SysWOW64\locale.nls
2012-06-16 19:06 - 2010-11-19 20:52 - 00419880 ____A C:\Windows\System32\locale.nls
2012-06-16 19:06 - 2010-11-04 19:20 - 00347904 ____A C:\Windows\System32\systemsf.ebd
2012-06-16 19:06 - 2010-11-04 18:58 - 00049488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netfxperf.dll
2012-06-16 19:06 - 2010-11-04 18:53 - 00320352 ____A (Microsoft Corporation) C:\Windows\System32\PresentationHost.exe
2012-06-16 19:06 - 2010-11-04 18:53 - 00295264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHost.exe
2012-06-16 19:06 - 2010-11-04 18:53 - 00109928 ____A (Microsoft Corporation) C:\Windows\System32\PresentationHostProxy.dll
2012-06-16 19:06 - 2010-11-04 18:53 - 00099176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHostProxy.dll
2012-06-16 19:06 - 2009-07-13 18:16 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tcpmonui.dll
2012-06-16 19:05 - 2010-11-20 06:44 - 01077248 ____A (Microsoft Corporation) C:\Windows\System32\Narrator.exe
2012-06-16 19:05 - 2010-11-20 06:34 - 00071552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\volmgr.sys
2012-06-16 19:05 - 2010-11-20 06:33 - 00289664 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fltMgr.sys
2012-06-16 19:05 - 2010-11-20 06:33 - 00263040 ____A (Microsoft Corporation) C:\Windows\System32\hal.dll
2012-06-16 19:05 - 2010-11-20 06:33 - 00184704 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\pci.sys
2012-06-16 19:05 - 2010-11-20 06:33 - 00140672 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msdsm.sys
2012-06-16 19:05 - 2010-11-20 06:33 - 00103808 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\sbp2port.sys
2012-06-16 19:05 - 2010-11-20 06:33 - 00078720 ____A (Hewlett-Packard Company) C:\Windows\System32\Drivers\HpSAMD.sys
2012-06-16 19:05 - 2010-11-20 06:33 - 00063360 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\termdd.sys
2012-06-16 19:05 - 2010-11-20 06:33 - 00031104 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msahci.sys
2012-06-16 19:05 - 2010-11-20 06:32 - 00334208 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\acpi.sys
2012-06-16 19:05 - 2010-11-20 06:32 - 00179072 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Classpnp.sys
2012-06-16 19:05 - 2010-11-20 06:32 - 00112000 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2012-06-16 19:05 - 2010-11-20 06:28 - 00780008 ____A (Microsoft Corporation) C:\Windows\System32\ci.dll
2012-06-16 19:05 - 2010-11-20 06:28 - 00298104 ____A (Microsoft Corporation) C:\Windows\System32\bcryptprimitives.dll
2012-06-16 19:05 - 2010-11-20 06:28 - 00223248 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2012-06-16 19:05 - 2010-11-20 06:28 - 00166784 ____A (Microsoft Corporation) C:\Windows\System32\basecsp.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 02851840 ____A (Microsoft Corporation) C:\Windows\System32\themeui.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 02621952 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 02262528 ____A (Microsoft Corporation) C:\Windows\System32\SyncCenter.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 02250752 ____A (Microsoft Corporation) C:\Windows\System32\SensorsCpl.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 02193920 ____A (Microsoft Corporation) C:\Windows\System32\themecpl.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 02072576 ____A (Microsoft Corporation) C:\Windows\System32\WMPEncEn.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 01689600 ____A (Microsoft Corporation) C:\Windows\System32\netcenter.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 01389056 ____A (Microsoft Corporation) C:\Windows\System32\pla.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 01363968 ____A (Microsoft Corporation) C:\Windows\System32\wdc.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 01160192 ____A (Microsoft Corporation) C:\Windows\System32\MSMPEG2ENC.DLL
2012-06-16 19:05 - 2010-11-20 06:27 - 01120768 ____A (Microsoft Corporation) C:\Windows\System32\sdengin2.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 01082880 ____A (Microsoft Corporation) C:\Windows\System32\sppobjs.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 01050624 ____A (Microsoft Corporation) C:\Windows\System32\printui.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 01024512 ____A (Microsoft Corporation) C:\Windows\System32\wmpmde.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00799744 ____A (Microsoft Corporation) C:\Windows\System32\msftedit.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00691200 ____A (Microsoft Corporation) C:\Windows\System32\VAN.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00658432 ____A (Microsoft Corporation) C:\Windows\System32\PerfCenterCPL.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00633344 ____A (Microsoft Corporation) C:\Windows\System32\riched20.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00625664 ____A (Microsoft Corporation) C:\Windows\System32\mscms.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00605696 ____A (Microsoft Corporation) C:\Windows\System32\wmpeffects.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00580096 ____A (Microsoft Corporation) C:\Windows\System32\wiaservc.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00571904 ____A (Microsoft Corporation) C:\Windows\System32\mspbda.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00552960 ____A (Microsoft Corporation) C:\Windows\System32\msdri.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00501248 ____A (Microsoft Corporation) C:\Windows\System32\WinSATAPI.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00486400 ____A (Microsoft Corporation) C:\Windows\System32\powercpl.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00483840 ____A (Microsoft Corporation) C:\Windows\System32\StructuredQuery.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00475136 ____A (Microsoft Corporation) C:\Windows\System32\wlangpui.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00462336 ____A (Microsoft Corporation) C:\Windows\System32\wiadefui.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00455168 ____A (Microsoft Corporation) C:\Windows\System32\nshipsec.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00429568 ____A (Microsoft Corporation) C:\Windows\System32\puiobj.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00424448 ____A (Microsoft Corporation) C:\Windows\System32\rastls.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00418816 ____A (Microsoft Corporation) C:\Windows\System32\sppwinob.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00409600 ____A (Microsoft Corporation) C:\Windows\System32\photowiz.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00406016 ____A (Microsoft Corporation) C:\Windows\System32\scesrv.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00372736 ____A (Microsoft Corporation) C:\Windows\System32\mtxclu.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00370688 ____A (Microsoft Corporation) C:\Windows\System32\shsvcs.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00367104 ____A (Microsoft Corporation) C:\Windows\System32\wcncsvc.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00357888 ____A (Microsoft Corporation) C:\Windows\System32\sharemediacpl.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00344064 ____A (Microsoft Corporation) C:\Windows\System32\rasmans.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\srchadmin.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00324096 ____A (Microsoft Corporation) C:\Windows\System32\netdiagfx.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00316928 ____A (Microsoft Corporation) C:\Windows\System32\tapisrv.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00303616 ____A (Microsoft Corporation) C:\Windows\System32\scansetting.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00264192 ____A (Microsoft Corporation) C:\Windows\System32\upnp.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00257024 ____A (Microsoft Corporation) C:\Windows\System32\stobject.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00253440 ____A (Microsoft Corporation) C:\Windows\System32\tcpipcfg.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00244224 ____A (Microsoft Corporation) C:\Windows\System32\spp.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00236032 ____A (Microsoft Corporation) C:\Windows\System32\srvsvc.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00235520 ____A (Microsoft Corporation) C:\Windows\System32\onex.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00232960 ____A (Microsoft Corporation) C:\Windows\System32\scecli.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00232448 ____A (Microsoft Corporation) C:\Windows\System32\sppcomapi.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00229888 ____A (Microsoft Corporation) C:\Windows\System32\XpsRasterService.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00223232 ____A (Microsoft Corporation) C:\Windows\System32\QSHVHOST.DLL
2012-06-16 19:05 - 2010-11-20 06:27 - 00215552 ____A (Microsoft Corporation) C:\Windows\System32\netiohlp.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00188928 ____A (Microsoft Corporation) C:\Windows\System32\netjoin.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00187904 ____A (Microsoft Corporation) C:\Windows\System32\rpchttp.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00165376 ____A (Microsoft Corporation) C:\Windows\System32\netid.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00161792 ____A (Microsoft Corporation) C:\Windows\System32\ocsetapi.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00148992 ____A (Microsoft Corporation) C:\Windows\System32\t2embed.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00130048 ____A (Microsoft Corporation) C:\Windows\System32\shsetup.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00118784 ____A (Microsoft Corporation) C:\Windows\System32\wkssvc.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00117248 ____A (Microsoft Corporation) C:\Windows\System32\wpdbusenum.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00112640 ____A (Microsoft Corporation) C:\Windows\System32\thumbcache.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00109056 ____A (Microsoft Corporation) C:\Windows\System32\userenv.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00107520 ____A (Microsoft Corporation) C:\Windows\System32\QUTIL.DLL
2012-06-16 19:05 - 2010-11-20 06:27 - 00095232 ____A (Microsoft Corporation) C:\Windows\System32\regapi.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00092672 ____A (Microsoft Corporation) C:\Windows\System32\TabSvc.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00090112 ____A (Microsoft Corporation) C:\Windows\System32\nci.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00078848 ____A (Microsoft Corporation) C:\Windows\System32\WUDFSvc.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00070656 ____A (Microsoft Corporation) C:\Windows\System32\nlaapi.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00067584 ____A (Microsoft Corporation) C:\Windows\System32\samcli.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00065536 ____A (Microsoft Corporation) C:\Windows\System32\RpcRtRemote.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00063488 ____A (Microsoft Corporation) C:\Windows\System32\wscapi.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00046592 ____A (Microsoft Corporation) C:\Windows\System32\msasn1.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00040960 ____A (Microsoft Corporation) C:\Windows\System32\TsUsbGDCoInstaller.dll
2012-06-16 19:05 - 2010-11-20 06:27 - 00038912 ____A (Microsoft Corporation) C:\Windows\System32\vpnikeapi.dll
2012-06-16 19:05 - 2010-11-20 06:26 - 02746880 ____A (Microsoft Corporation) C:\Windows\System32\gameux.dll
2012-06-16 19:05 - 2010-11-20 06:26 - 01457664 ____A (Microsoft Corporation) C:\Windows\System32\DxpTaskSync.dll
2012-06-16 19:05 - 2010-11-20 06:26 - 00934912 ____A (Microsoft Corporation) C:\Windows\System32\FirewallControlPanel.dll
2012-06-16 19:05 - 2010-11-20 06:26 - 00675328 ____A (Microsoft Corporation) C:\Windows\System32\DXPTaskRingtone.dll
2012-06-16 19:05 - 2010-11-20 06:26 - 00630272 ____A (Microsoft Corporation) C:\Windows\System32\evr.dll
2012-06-16 19:05 - 2010-11-20 06:26 - 00569344 ____A (Microsoft Corporation) C:\Windows\System32\iphlpsvc.dll
2012-06-16 19:05 - 2010-11-20 06:26 - 00551936 ____A (Microsoft Corporation) C:\Windows\System32\localsec.dll
2012-06-16 19:05 - 2010-11-20 06:26 - 00503296 ____A (Microsoft Corporation) C:\Windows\System32\imapi2.dll
2012-06-16 19:05 - 2010-11-20 06:26 - 00501248 ____A (Microsoft Corporation) C:\Windows\System32\IPSECSVC.DLL
2012-06-16 19:05 - 2010-11-20 06:26 - 00459776 ____A (Microsoft Corporation) C:\Windows\System32\DXP.dll
2012-06-16 19:05 - 2010-11-20 06:26 - 00355328 ____A (Microsoft Corporation) C:\Windows\System32\Faultrep.dll
2012-06-16 19:05 - 2010-11-20 06:26 - 00348160 ____A (Microsoft Corporation) C:\Windows\System32\eapp3hst.dll
2012-06-16 19:05 - 2010-11-20 06:26 - 00332288 ____A (Microsoft Corporation) C:\Windows\System32\hgcpl.dll
2012-06-16 19:05 - 2010-11-20 06:26 - 00303616 ____A (Microsoft Corporation) C:\Windows\System32\eapphost.dll
2012-06-16 19:05 - 2010-11-20 06:26 - 00279040 ____A (Microsoft Corporation) C:\Windows\System32\framedyn.dll
2012-06-16 19:05 - 2010-11-20 06:26 - 00257024 ____A (Microsoft Corporation) C:\Windows\System32\mfreadwrite.dll
2012-06-16 19:05 - 2010-11-20 06:26 - 00239616 ____A (Microsoft Corporation) C:\Windows\System32\dskquoui.dll
2012-06-16 19:05 - 2010-11-20 06:26 - 00232448 ____A (Microsoft Corporation) C:\Windows\System32\ListSvc.dll
2012-06-16 19:05 - 2010-11-20 06:26 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\mprapi.dll
2012-06-16 19:05 - 2010-11-20 06:26 - 00217088 ____A (Microsoft Corporation) C:\Windows\System32\iasrad.dll
2012-06-16 19:05 - 2010-11-20 06:26 - 00186880 ____A (Microsoft Corporation) C:\Windows\System32\logoncli.dll
2012-06-16 19:05 - 2010-11-20 06:26 - 00171520 ____A (Microsoft Corporation) C:\Windows\System32\fde.dll
2012-06-16 19:05 - 2010-11-20 06:26 - 00166912 ____A (Microsoft Corporation) C:\Windows\System32\inetpp.dll
2012-06-16 19:05 - 2010-11-20 06:26 - 00145920 ____A (Microsoft Corporation) C:\Windows\System32\IPHLPAPI.DLL
2012-06-16 19:05 - 2010-11-20 06:26 - 00128512 ____A (Microsoft Corporation) C:\Windows\System32\dwmredir.dll
2012-06-16 19:05 - 2010-11-20 06:26 - 00118272 ____A (Microsoft Corporation) C:\Windows\System32\dnscmmc.dll
2012-06-16 19:05 - 2010-11-20 06:26 - 00116224 ____A (Windows (R) Codename Longhorn DDK provider) C:\Windows\System32\fms.dll
2012-06-16 19:05 - 2010-11-20 06:26 - 00100864 ____A (Microsoft Corporation) C:\Windows\System32\iasacct.dll
2012-06-16 19:05 - 2010-11-20 06:26 - 00100864 ____A (Microsoft Corporation) C:\Windows\System32\davclnt.dll
2012-06-16 19:05 - 2010-11-20 06:26 - 00072192 ____A (Microsoft Corporation) C:\Windows\System32\fdeploy.dll
2012-06-16 19:05 - 2010-11-20 06:26 - 00050176 ____A (Microsoft Corporation) C:\Windows\System32\lsmproxy.dll
2012-06-16 19:05 - 2010-11-20 06:26 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\mimefilt.dll
2012-06-16 19:05 - 2010-11-20 06:25 - 00726528 ____A (Microsoft Corporation) C:\Windows\System32\AuxiliaryDisplayCpl.dll
2012-06-16 19:05 - 2010-11-20 06:25 - 00633856 ____A (Microsoft Corporation) C:\Windows\System32\comctl32.dll
2012-06-16 19:05 - 2010-11-20 06:25 - 00533504 ____A (Microsoft Corporation) C:\Windows\System32\vds.exe
2012-06-16 19:05 - 2010-11-20 06:25 - 00504320 ____A (Microsoft Corporation) C:\Windows\System32\biocpl.dll
2012-06-16 19:05 - 2010-11-20 06:25 - 00412160 ____A (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2012-06-16 19:05 - 2010-11-20 06:25 - 00405504 ____A (Microsoft Corporation) C:\Windows\System32\wisptis.exe
2012-06-16 19:05 - 2010-11-20 06:25 - 00314368 ____A (Microsoft Corporation) C:\Windows\System32\clusapi.dll
2012-06-16 19:05 - 2010-11-20 06:25 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\wusa.exe
2012-06-16 19:05 - 2010-11-20 06:25 - 00296448 ____A (Microsoft Corporation) C:\Windows\System32\AudioSes.dll
2012-06-16 19:05 - 2010-11-20 06:25 - 00273920 ____A (Microsoft Corporation) C:\Windows\System32\SndVol.exe
2012-06-16 19:05 - 2010-11-20 06:25 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\credui.dll
2012-06-16 19:05 - 2010-11-20 06:25 - 00186368 ____A (Microsoft Corporation) C:\Windows\System32\ocsetup.exe
 
2012-06-16 19:05 - 2010-11-20 06:25 - 00158720 ____A (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2012-06-16 19:05 - 2010-11-20 06:25 - 00139264 ____A (Microsoft Corporation) C:\Windows\System32\cabview.dll
2012-06-16 19:05 - 2010-11-20 06:25 - 00128000 ____A (Microsoft) C:\Windows\System32\Robocopy.exe
2012-06-16 19:05 - 2010-11-20 06:25 - 00088576 ____A (Microsoft Corporation) C:\Windows\System32\setupcl.exe
2012-06-16 19:05 - 2010-11-20 06:25 - 00069120 ____A (Microsoft Corporation) C:\Windows\System32\taskhost.exe
2012-06-16 19:05 - 2010-11-20 06:25 - 00067072 ____A (Microsoft Corporation) C:\Windows\splwow64.exe
2012-06-16 19:05 - 2010-11-20 06:24 - 00850944 ____A (Microsoft Corporation) C:\Windows\System32\mmsys.cpl
2012-06-16 19:05 - 2010-11-20 06:24 - 00793088 ____A (Microsoft Corporation) C:\Windows\System32\autoconv.exe
2012-06-16 19:05 - 2010-11-20 06:24 - 00777728 ____A (Microsoft Corporation) C:\Windows\System32\autochk.exe
2012-06-16 19:05 - 2010-11-20 06:24 - 00763904 ____A (Microsoft Corporation) C:\Windows\System32\autofmt.exe
2012-06-16 19:05 - 2010-11-20 06:24 - 00726528 ____A (Microsoft Corporation) C:\Windows\System32\appwiz.cpl
2012-06-16 19:05 - 2010-11-20 06:24 - 00689152 ____A (Microsoft Corporation) C:\Windows\System32\FXSSVC.exe
2012-06-16 19:05 - 2010-11-20 06:24 - 00684032 ____A (Microsoft Corporation) C:\Windows\System32\TabletPC.cpl
2012-06-16 19:05 - 2010-11-20 06:24 - 00477696 ____A (Microsoft Corporation) C:\Windows\System32\PhotoScreensaver.scr
2012-06-16 19:05 - 2010-11-20 06:24 - 00442368 ____A (Microsoft Corporation) C:\Windows\System32\winspool.drv
2012-06-16 19:05 - 2010-11-20 06:24 - 00378880 ____A (Microsoft Corporation) C:\Windows\System32\msinfo32.exe
2012-06-16 19:05 - 2010-11-20 06:24 - 00359936 ____A (Microsoft Corporation) C:\Windows\System32\eudcedit.exe
2012-06-16 19:05 - 2010-11-20 06:24 - 00300032 ____A (Microsoft Corporation) C:\Windows\System32\msconfig.exe
2012-06-16 19:05 - 2010-11-20 06:24 - 00217088 ____A (Microsoft Corporation) C:\Windows\System32\wdmaud.drv
2012-06-16 19:05 - 2010-11-20 06:24 - 00126464 ____A (Microsoft Corporation) C:\Windows\System32\audiodg.exe
2012-06-16 19:05 - 2010-11-20 06:24 - 00122880 ____A (Microsoft Corporation) C:\Windows\System32\aitagent.exe
2012-06-16 19:05 - 2010-11-20 05:55 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
2012-06-16 19:05 - 2010-11-20 05:51 - 00424448 ____A (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2012-06-16 19:05 - 2010-11-20 05:23 - 00144768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2012-06-16 19:05 - 2010-11-20 05:21 - 02983424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll
2012-06-16 19:05 - 2010-11-20 05:21 - 02755072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2012-06-16 19:05 - 2010-11-20 05:21 - 02311168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2012-06-16 19:05 - 2010-11-20 05:21 - 02146304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SyncCenter.dll
2012-06-16 19:05 - 2010-11-20 05:21 - 01712640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xpsservices.dll
2012-06-16 19:05 - 2010-11-20 05:21 - 01624064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPEncEn.dll
2012-06-16 19:05 - 2010-11-20 05:21 - 00782336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2012-06-16 19:05 - 2010-11-20 05:21 - 00778240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sqlsrv32.dll
2012-06-16 19:05 - 2010-11-20 05:21 - 00560128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2012-06-16 19:05 - 2010-11-20 05:21 - 00492032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2012-06-16 19:05 - 2010-11-20 05:21 - 00458752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2012-06-16 19:05 - 2010-11-20 05:21 - 00411648 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlangpui.dll
2012-06-16 19:05 - 2010-11-20 05:21 - 00380416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sxs.dll
2012-06-16 19:05 - 2010-11-20 05:21 - 00352256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmpeffects.dll
2012-06-16 19:05 - 2010-11-20 05:21 - 00335872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WinSATAPI.dll
2012-06-16 19:05 - 2010-11-20 05:21 - 00328192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shsvcs.dll
2012-06-16 19:05 - 2010-11-20 05:21 - 00305152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2012-06-16 19:05 - 2010-11-20 05:21 - 00301568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\srchadmin.dll
2012-06-16 19:05 - 2010-11-20 05:21 - 00269824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2012-06-16 19:05 - 2010-11-20 05:21 - 00246272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\scansetting.dll
2012-06-16 19:05 - 2010-11-20 05:21 - 00228352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2012-06-16 19:05 - 2010-11-20 05:21 - 00206848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2012-06-16 19:05 - 2010-11-20 05:21 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2012-06-16 19:05 - 2010-11-20 05:21 - 00194048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2012-06-16 19:05 - 2010-11-20 05:21 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\spp.dll
2012-06-16 19:05 - 2010-11-20 05:21 - 00156672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2012-06-16 19:05 - 2010-11-20 05:21 - 00139264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2012-06-16 19:05 - 2010-11-20 05:21 - 00134656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2012-06-16 19:05 - 2010-11-20 05:21 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2012-06-16 19:05 - 2010-11-20 05:21 - 00082944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2012-06-16 19:05 - 2010-11-20 05:21 - 00072192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\regapi.dll
2012-06-16 19:05 - 2010-11-20 05:21 - 00051712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2012-06-16 19:05 - 2010-11-20 05:21 - 00051200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\samcli.dll
2012-06-16 19:05 - 2010-11-20 05:20 - 02504192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMVCORE.DLL
2012-06-16 19:05 - 2010-11-20 05:20 - 02494464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netshell.dll
2012-06-16 19:05 - 2010-11-20 05:20 - 01750528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pnidui.dll
2012-06-16 19:05 - 2010-11-20 05:20 - 01508864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pla.dll
2012-06-16 19:05 - 2010-11-20 05:20 - 00988160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2012-06-16 19:05 - 2010-11-20 05:20 - 00932352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
2012-06-16 19:05 - 2010-11-20 05:20 - 00801280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\NaturalLanguage6.dll
2012-06-16 19:05 - 2010-11-20 05:20 - 00225792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netdiagfx.dll
2012-06-16 19:05 - 2010-11-20 05:20 - 00199168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\onex.dll
2012-06-16 19:05 - 2010-11-20 05:20 - 00167936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\QSHVHOST.DLL
2012-06-16 19:05 - 2010-11-20 05:20 - 00166400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netiohlp.dll
2012-06-16 19:05 - 2010-11-20 05:20 - 00152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2012-06-16 19:05 - 2010-11-20 05:20 - 00116736 ____A (Microsoft Corporation) C:\Windows\SysWOW64\prncache.dll
2012-06-16 19:05 - 2010-11-20 05:19 - 02576384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2012-06-16 19:05 - 2010-11-20 05:19 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2012-06-16 19:05 - 2010-11-20 05:19 - 00830464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2012-06-16 19:05 - 2010-11-20 05:19 - 00488448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2012-06-16 19:05 - 2010-11-20 05:19 - 00400896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ipsmsnap.dll
2012-06-16 19:05 - 2010-11-20 05:19 - 00392192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imapi2.dll
2012-06-16 19:05 - 2010-11-20 05:19 - 00296448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2012-06-16 19:05 - 2010-11-20 05:19 - 00232448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2012-06-16 19:05 - 2010-11-20 05:19 - 00213504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll
2012-06-16 19:05 - 2010-11-20 05:19 - 00206336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\framedynos.dll
2012-06-16 19:05 - 2010-11-20 05:19 - 00196608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2012-06-16 19:05 - 2010-11-20 05:19 - 00167936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msutb.dll
2012-06-16 19:05 - 2010-11-20 05:19 - 00124416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fde.dll
2012-06-16 19:05 - 2010-11-20 05:19 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IPHLPAPI.DLL
2012-06-16 19:05 - 2010-11-20 05:19 - 00066560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\hbaapi.dll
2012-06-16 19:05 - 2010-11-20 05:19 - 00042496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mimefilt.dll
2012-06-16 19:05 - 2010-11-20 05:19 - 00034304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msasn1.dll
2012-06-16 19:05 - 2010-11-20 05:18 - 00854016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2012-06-16 19:05 - 2010-11-20 05:18 - 00762880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\azroles.dll
2012-06-16 19:05 - 2010-11-20 05:18 - 00630784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DXPTaskRingtone.dll
2012-06-16 19:05 - 2010-11-20 05:18 - 00530432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2012-06-16 19:05 - 2010-11-20 05:18 - 00508416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2012-06-16 19:05 - 2010-11-20 05:18 - 00485888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2012-06-16 19:05 - 2010-11-20 05:18 - 00254464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2012-06-16 19:05 - 2010-11-20 05:18 - 00195584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2012-06-16 19:05 - 2010-11-20 05:18 - 00168960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2012-06-16 19:05 - 2010-11-20 05:18 - 00131584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2012-06-16 19:05 - 2010-11-20 05:18 - 00080384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2012-06-16 19:05 - 2010-11-20 05:17 - 00303104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe
2012-06-16 19:05 - 2010-11-20 05:17 - 00302592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
2012-06-16 19:05 - 2010-11-20 05:17 - 00192000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2012-06-16 19:05 - 2010-11-20 05:17 - 00179712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2012-06-16 19:05 - 2010-11-20 05:17 - 00142336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\net1.exe
2012-06-16 19:05 - 2010-11-20 05:17 - 00028672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\proquota.exe
2012-06-16 19:05 - 2010-11-20 05:16 - 00776192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2012-06-16 19:05 - 2010-11-20 05:16 - 00679424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\autoconv.exe
2012-06-16 19:05 - 2010-11-20 05:16 - 00668160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2012-06-16 19:05 - 2010-11-20 05:16 - 00658944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\autofmt.exe
2012-06-16 19:05 - 2010-11-20 05:16 - 00320000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2012-06-16 19:05 - 2010-11-20 05:08 - 00833024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2012-06-16 19:05 - 2010-11-20 05:08 - 00311296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2012-06-16 19:05 - 2010-11-20 04:04 - 00248832 ____A (Microsoft Corporation) C:\Windows\System32\wksprt.exe
2012-06-16 19:05 - 2010-11-20 03:52 - 00164352 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndiswan.sys
2012-06-16 19:05 - 2010-11-20 03:52 - 00129536 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rasl2tp.sys
2012-06-16 19:05 - 2010-11-20 03:52 - 00111104 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\raspptp.sys
2012-06-16 19:05 - 2010-11-20 03:52 - 00082944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ipfltdrv.sys
2012-06-16 19:05 - 2010-11-20 03:44 - 00229888 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\1394ohci.sys
2012-06-16 19:05 - 2010-11-20 03:33 - 00243712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ks.sys
2012-06-16 19:05 - 2010-11-20 02:27 - 00309248 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys
2012-06-16 19:05 - 2010-11-20 02:26 - 00328192 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\udfs.sys
2012-06-16 19:05 - 2010-11-20 02:26 - 00140800 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxdav.sys
2012-06-16 19:04 - 2010-11-20 06:44 - 00133632 ____A (Microsoft Corporation) C:\Windows\System32\NAPHLPR.DLL
2012-06-16 19:04 - 2010-11-20 06:34 - 00363392 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\volmgrx.sys
2012-06-16 19:04 - 2010-11-20 06:33 - 00213888 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdyboost.sys
2012-06-16 19:04 - 2010-11-20 06:33 - 00171392 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\scsiport.sys
2012-06-16 19:04 - 2010-11-20 06:33 - 00155008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mpio.sys
2012-06-16 19:04 - 2010-11-20 06:33 - 00094592 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mountmgr.sys
2012-06-16 19:04 - 2010-11-20 06:33 - 00014720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hwpolicy.sys
2012-06-16 19:04 - 2010-11-20 06:32 - 02217856 ____A (Microsoft Corporation) C:\Windows\System32\bootres.dll
2012-06-16 19:04 - 2010-11-20 06:32 - 00155520 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ataport.sys
2012-06-16 19:04 - 2010-11-20 06:27 - 02146816 ____A (Microsoft Corporation) C:\Windows\System32\networkmap.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 01672704 ____A (Microsoft Corporation) C:\Windows\System32\networkexplorer.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00898560 ____A (Microsoft Corporation) C:\Windows\System32\OobeFldr.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00812032 ____A (Microsoft Corporation) C:\Windows\System32\wpccpl.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00781312 ____A (Microsoft Corporation) C:\Windows\System32\wmdrmsdk.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00769536 ____A (Microsoft Corporation) C:\Windows\System32\sud.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\sdcpl.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00641024 ____A (Microsoft Corporation) C:\Windows\System32\msscp.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00625664 ____A (Microsoft Corporation) C:\Windows\System32\usercpl.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00624128 ____A (Microsoft Corporation) C:\Windows\System32\qedit.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00611840 ____A (Microsoft Corporation) C:\Windows\System32\wpd_ci.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00503296 ____A (Microsoft Corporation) C:\Windows\System32\srcore.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00451072 ____A (Microsoft Corporation) C:\Windows\System32\shwebsvc.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00446976 ____A (Microsoft Corporation) C:\Windows\System32\sqlcese30.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00445952 ____A (Microsoft Corporation) C:\Windows\System32\spwizeng.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00421888 ____A (Microsoft Corporation) C:\Windows\System32\termmgr.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00419840 ____A (Microsoft Corporation) C:\Windows\System32\systemcpl.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00416256 ____A (Microsoft Corporation) C:\Windows\System32\prnfldr.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00414720 ____A (Microsoft Corporation) C:\Windows\System32\wlanmsm.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00414208 ____A (Microsoft Corporation) C:\Windows\System32\wlanui.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00403968 ____A (Microsoft Corporation) C:\Windows\System32\untfs.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00366080 ____A (Microsoft Corporation) C:\Windows\System32\zipfldr.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00344576 ____A (Microsoft Corporation) C:\Windows\System32\ntprint.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00335360 ____A (Microsoft Corporation) C:\Windows\System32\msieftp.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00313856 ____A (Microsoft Corporation) C:\Windows\System32\ReAgent.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00300032 ____A (Microsoft Corporation) C:\Windows\System32\pdh.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\srrstr.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00268288 ____A (Microsoft Corporation) C:\Windows\System32\MSAC3ENC.DLL
2012-06-16 19:04 - 2010-11-20 06:27 - 00255488 ____A (Microsoft Corporation) C:\Windows\System32\wavemsp.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00243712 ____A (Microsoft Corporation) C:\Windows\System32\taskbarcpl.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00225280 ____A (Microsoft Corporation) C:\Windows\System32\SndVolSSO.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00223232 ____A (Microsoft Corporation) C:\Windows\System32\wmpsrcwp.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00222720 ____A (Microsoft Corporation) C:\Windows\System32\wwanconn.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00221696 ____A (Microsoft Corporation) C:\Windows\System32\OnLineIDCpl.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00211456 ____A (Microsoft Corporation) C:\Windows\System32\rasppp.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00207360 ____A (Microsoft Corporation) C:\Windows\System32\sysclass.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00200192 ____A (Microsoft Corporation) C:\Windows\System32\syncui.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00196608 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00193024 ____A (Microsoft Corporation) C:\Windows\System32\netplwiz.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00189952 ____A (Microsoft Corporation) C:\Windows\System32\SmartcardCredentialProvider.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00187904 ____A (Microsoft Corporation) C:\Windows\System32\provsvc.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00185856 ____A (Microsoft Corporation) C:\Windows\System32\vdsutil.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00172544 ____A (Microsoft Corporation) C:\Windows\System32\twext.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00170496 ____A (Microsoft Corporation) C:\Windows\System32\sdrsvc.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00156160 ____A (Microsoft Corporation) C:\Windows\System32\prntvpt.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00154624 ____A (Microsoft Corporation) C:\Windows\System32\uxlib.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00153088 ____A (Microsoft Corporation) C:\Windows\System32\remotepg.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00146944 ____A (Microsoft Corporation) C:\Windows\System32\recovery.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00129536 ____A (Microsoft Corporation) C:\Windows\System32\ntlanman.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00128000 ____A (Microsoft Corporation) C:\Windows\System32\srvcli.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00115200 ____A (Microsoft Corporation) C:\Windows\System32\WPDShServiceObj.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00102400 ____A (Microsoft Corporation) C:\Windows\System32\sppnp.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00086016 ____A (Microsoft Corporation) C:\Windows\System32\TSpkg.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00084480 ____A (Microsoft Corporation) C:\Windows\System32\UserAccountControlSettings.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00071680 ____A (Microsoft Corporation) C:\Windows\System32\wkscli.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00068096 ____A (Microsoft Corporation) C:\Windows\System32\rdpd3d.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00066048 ____A (Microsoft Corporation) C:\Windows\System32\ncryptui.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\rtutils.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00044032 ____A (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00038912 ____A (Microsoft Corporation) C:\Windows\System32\msvidc32.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00024064 ____A (Microsoft Corporation) C:\Windows\System32\sisbkup.dll
2012-06-16 19:04 - 2010-11-20 06:27 - 00015360 ____A (Microsoft Corporation) C:\Windows\System32\slwga.dll
2012-06-16 19:04 - 2010-11-20 06:26 - 01202176 ____A (Microsoft Corporation) C:\Windows\System32\DiagCpl.dll
2012-06-16 19:04 - 2010-11-20 06:26 - 01066496 ____A (Microsoft Corporation) C:\Windows\System32\Display.dll
2012-06-16 19:04 - 2010-11-20 06:26 - 00861184 ____A (Microsoft Corporation) C:\Windows\System32\fontext.dll
2012-06-16 19:04 - 2010-11-20 06:26 - 00701440 ____A (Microsoft Corporation) C:\Windows\System32\dsuiext.dll
2012-06-16 19:04 - 2010-11-20 06:26 - 00508928 ____A (Microsoft Corporation) C:\Windows\System32\DeviceCenter.dll
2012-06-16 19:04 - 2010-11-20 06:26 - 00495104 ____A (Microsoft Corporation) C:\Windows\System32\drmmgrtn.dll
2012-06-16 19:04 - 2010-11-20 06:26 - 00345600 ____A (Microsoft Corporation) C:\Windows\System32\MediaMetadataHandler.dll
2012-06-16 19:04 - 2010-11-20 06:26 - 00304128 ____A (Microsoft Corporation) C:\Windows\System32\efscore.dll
2012-06-16 19:04 - 2010-11-20 06:26 - 00282624 ____A (Microsoft Corporation) C:\Windows\System32\iTVData.dll
2012-06-16 19:04 - 2010-11-20 06:26 - 00281088 ____A (Microsoft Corporation) C:\Windows\System32\iprtrmgr.dll
2012-06-16 19:04 - 2010-11-20 06:26 - 00279552 ____A (Microsoft Corporation) C:\Windows\System32\dxdiagn.dll
2012-06-16 19:04 - 2010-11-20 06:26 - 00252416 ____A (Microsoft Corporation) C:\Windows\System32\dot3svc.dll
2012-06-16 19:04 - 2010-11-20 06:26 - 00240640 ____A (Microsoft Corporation) C:\Windows\System32\MFPlay.dll
2012-06-16 19:04 - 2010-11-20 06:26 - 00233984 ____A (Microsoft Corporation) C:\Windows\System32\defaultlocationcpl.dll
2012-06-16 19:04 - 2010-11-20 06:26 - 00225280 ____A (Microsoft Corporation) C:\Windows\System32\DevicePairingFolder.dll
2012-06-16 19:04 - 2010-11-20 06:26 - 00211456 ____A (Microsoft Corporation) C:\Windows\System32\mprddm.dll
2012-06-16 19:04 - 2010-11-20 06:26 - 00162816 ____A (Microsoft Corporation) C:\Windows\System32\dps.dll
2012-06-16 19:04 - 2010-11-20 06:26 - 00078848 ____A (Microsoft Corporation) C:\Windows\System32\hbaapi.dll
2012-06-16 19:04 - 2010-11-20 06:26 - 00069120 ____A (Microsoft Corporation) C:\Windows\System32\dot3cfg.dll
2012-06-16 19:04 - 2010-11-20 06:26 - 00054272 ____A (Microsoft Corporation) C:\Windows\System32\iyuv_32.dll
2012-06-16 19:04 - 2010-11-20 06:26 - 00045056 ____A (Microsoft Corporation) C:\Windows\System32\httpapi.dll
2012-06-16 19:04 - 2010-11-20 06:25 - 03745792 ____A (Microsoft Corporation) C:\Windows\System32\accessibilitycpl.dll
2012-06-16 19:04 - 2010-11-20 06:25 - 03524608 ____A (Microsoft Corporation) C:\Windows\System32\sppsvc.exe
2012-06-16 19:04 - 2010-11-20 06:25 - 01264640 ____A (Microsoft Corporation) C:\Windows\System32\sdclt.exe
2012-06-16 19:04 - 2010-11-20 06:25 - 01133568 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll
2012-06-16 19:04 - 2010-11-20 06:25 - 01065984 ____A (Microsoft Corporation) C:\Windows\System32\cryptui.dll
2012-06-16 19:04 - 2010-11-20 06:25 - 00780800 ____A (Microsoft Corporation) C:\Windows\System32\ActionCenter.dll
2012-06-16 19:04 - 2010-11-20 06:25 - 00749568 ____A (Microsoft Corporation) C:\Windows\System32\batmeter.dll
2012-06-16 19:04 - 2010-11-20 06:25 - 00549888 ____A (Microsoft Corporation) C:\Windows\System32\ActionCenterCPL.dll
2012-06-16 19:04 - 2010-11-20 06:25 - 00472064 ____A (Microsoft Corporation) C:\Windows\System32\azroleui.dll
2012-06-16 19:04 - 2010-11-20 06:25 - 00460800 ____A (Microsoft Corporation) C:\Windows\System32\certcli.dll
2012-06-16 19:04 - 2010-11-20 06:25 - 00349696 ____A (Microsoft Corporation) C:\Windows\System32\slui.exe
2012-06-16 19:04 - 2010-11-20 06:25 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\rstrui.exe
2012-06-16 19:04 - 2010-11-20 06:25 - 00279040 ____A (Microsoft Corporation) C:\Windows\System32\sethc.exe
2012-06-16 19:04 - 2010-11-20 06:25 - 00257024 ____A (Microsoft Corporation) C:\Windows\System32\taskmgr.exe
2012-06-16 19:04 - 2010-11-20 06:25 - 00238080 ____A (Microsoft Corporation) C:\Windows\System32\recdisc.exe
2012-06-16 19:04 - 2010-11-20 06:25 - 00168448 ____A (Microsoft Corporation) C:\Windows\System32\bcdsrv.dll
2012-06-16 19:04 - 2010-11-20 06:25 - 00155136 ____A (Microsoft Corporation) C:\Windows\System32\autoplay.dll
2012-06-16 19:04 - 2010-11-20 06:25 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\AuxiliaryDisplayServices.dll
2012-06-16 19:04 - 2010-11-20 06:25 - 00114688 ____A (Microsoft Corporation) C:\Windows\System32\AxInstSv.dll
2012-06-16 19:04 - 2010-11-20 06:25 - 00109568 ____A (Microsoft Corporation) C:\Windows\System32\nslookup.exe
2012-06-16 19:04 - 2010-11-20 06:25 - 00095232 ____A (Microsoft Corporation) C:\Windows\System32\cca.dll
2012-06-16 19:04 - 2010-11-20 06:25 - 00094720 ____A (Microsoft Corporation) C:\Windows\System32\cabinet.dll
2012-06-16 19:04 - 2010-11-20 06:25 - 00084992 ____A (Microsoft Corporation) C:\Windows\System32\asycfilt.dll
2012-06-16 19:04 - 2010-11-20 06:25 - 00080384 ____A (Microsoft Corporation) C:\Windows\System32\certprop.dll
2012-06-16 19:04 - 2010-11-20 06:25 - 00070656 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2012-06-16 19:04 - 2010-11-20 06:25 - 00058368 ____A (Microsoft Corporation) C:\Windows\System32\tzutil.exe
2012-06-16 19:04 - 2010-11-20 06:25 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\acppage.dll
2012-06-16 19:04 - 2010-11-20 06:25 - 00031744 ____A (Microsoft Corporation) C:\Windows\System32\proquota.exe
2012-06-16 19:04 - 2010-11-20 06:25 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\userinit.exe
2012-06-16 19:04 - 2010-11-20 06:25 - 00022016 ____A (Microsoft Corporation) C:\Windows\System32\credssp.dll
2012-06-16 19:04 - 2010-11-20 06:24 - 00957440 ____A (Microsoft Corporation) C:\Windows\System32\mblctr.exe
2012-06-16 19:04 - 2010-11-20 06:24 - 00721408 ____A (Microsoft Corporation) C:\Windows\System32\bthprops.cpl
2012-06-16 19:04 - 2010-11-20 06:24 - 00606208 ____A (Microsoft Corporation) C:\Windows\System32\dfrgui.exe
2012-06-16 19:04 - 2010-11-20 06:24 - 00474112 ____A (Microsoft Corporation) C:\Windows\System32\sysmon.ocx
2012-06-16 19:04 - 2010-11-20 06:24 - 00373248 ____A (Microsoft Corporation) C:\Windows\System32\intl.cpl
2012-06-16 19:04 - 2010-11-20 06:24 - 00352768 ____A (Microsoft Corporation) C:\Windows\System32\sysdm.cpl
2012-06-16 19:04 - 2010-11-20 06:24 - 00346112 ____A (Microsoft Corporation) C:\Windows\System32\bcdedit.exe
2012-06-16 19:04 - 2010-11-20 06:24 - 00333824 ____A (Microsoft Corporation) C:\Windows\System32\ssText3d.scr
2012-06-16 19:04 - 2010-11-20 06:24 - 00321536 ____A (Microsoft Corporation) C:\Windows\System32\unimdm.tsp
2012-06-16 19:04 - 2010-11-20 06:24 - 00250880 ____A (Microsoft Corporation) C:\Windows\System32\ksproxy.ax
 
2012-06-16 19:04 - 2010-11-20 06:24 - 00196096 ____A (Microsoft Corporation) C:\Windows\System32\VBICodec.ax
2012-06-16 19:04 - 2010-11-20 06:24 - 00175616 ____A (Microsoft Corporation) C:\Windows\System32\bcdboot.exe
2012-06-16 19:04 - 2010-11-20 06:24 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\powercfg.cpl
2012-06-16 19:04 - 2010-11-20 06:24 - 00128000 ____A (Microsoft Corporation) C:\Windows\System32\msiexec.exe
2012-06-16 19:04 - 2010-11-20 06:24 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\kstvtune.ax
2012-06-16 19:04 - 2010-11-20 06:24 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\WSTPager.ax
2012-06-16 19:04 - 2010-11-20 06:24 - 00091648 ____A (Microsoft Corporation) C:\Windows\System32\isoburn.exe
2012-06-16 19:04 - 2010-11-20 06:24 - 00066048 ____A (Microsoft Corporation) C:\Windows\System32\ksxbar.ax
2012-06-16 19:04 - 2010-11-20 05:36 - 00107008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\NAPHLPR.DLL
2012-06-16 19:04 - 2010-11-20 05:21 - 02202624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SensorsCpl.dll
2012-06-16 19:04 - 2010-11-20 05:21 - 02157568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
2012-06-16 19:04 - 2010-11-20 05:21 - 01326592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanpref.dll
2012-06-16 19:04 - 2010-11-20 05:21 - 01227776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2012-06-16 19:04 - 2010-11-20 05:21 - 01003008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMNetMgr.dll
2012-06-16 19:04 - 2010-11-20 05:21 - 00933376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Vault.dll
2012-06-16 19:04 - 2010-11-20 05:21 - 00755200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sud.dll
2012-06-16 19:04 - 2010-11-20 05:21 - 00738816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2012-06-16 19:04 - 2010-11-20 05:21 - 00638976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2012-06-16 19:04 - 2010-11-20 05:21 - 00600064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2012-06-16 19:04 - 2010-11-20 05:21 - 00473600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\riched20.dll
2012-06-16 19:04 - 2010-11-20 05:21 - 00428544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shwebsvc.dll
2012-06-16 19:04 - 2010-11-20 05:21 - 00416768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wiadefui.dll
2012-06-16 19:04 - 2010-11-20 05:21 - 00410624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\systemcpl.dll
2012-06-16 19:04 - 2010-11-20 05:21 - 00410112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanui.dll
2012-06-16 19:04 - 2010-11-20 05:21 - 00372224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2012-06-16 19:04 - 2010-11-20 05:21 - 00363520 ____A (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2012-06-16 19:04 - 2010-11-20 05:21 - 00352768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\termmgr.dll
2012-06-16 19:04 - 2010-11-20 05:21 - 00352768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\spwizeng.dll
2012-06-16 19:04 - 2010-11-20 05:21 - 00346624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2012-06-16 19:04 - 2010-11-20 05:21 - 00327680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2012-06-16 19:04 - 2010-11-20 05:21 - 00307712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2012-06-16 19:04 - 2010-11-20 05:21 - 00276992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
2012-06-16 19:04 - 2010-11-20 05:21 - 00242176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tapisrv.dll
2012-06-16 19:04 - 2010-11-20 05:21 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SndVolSSO.dll
2012-06-16 19:04 - 2010-11-20 05:21 - 00193536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sppcomapi.dll
2012-06-16 19:04 - 2010-11-20 05:21 - 00182272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmpsrcwp.dll
2012-06-16 19:04 - 2010-11-20 05:21 - 00181760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tcpipcfg.dll
2012-06-16 19:04 - 2010-11-20 05:21 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rasppp.dll
2012-06-16 19:04 - 2010-11-20 05:21 - 00175616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\scecli.dll
2012-06-16 19:04 - 2010-11-20 05:21 - 00159232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\syncui.dll
2012-06-16 19:04 - 2010-11-20 05:21 - 00152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2012-06-16 19:04 - 2010-11-20 05:21 - 00135168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2012-06-16 19:04 - 2010-11-20 05:21 - 00111104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shsetup.dll
2012-06-16 19:04 - 2010-11-20 05:21 - 00046080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RpcRtRemote.dll
2012-06-16 19:04 - 2010-11-20 05:21 - 00037376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rtutils.dll
2012-06-16 19:04 - 2010-11-20 05:21 - 00019456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sisbkup.dll
2012-06-16 19:04 - 2010-11-20 05:20 - 02130944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\networkmap.dll
2012-06-16 19:04 - 2010-11-20 05:20 - 01644032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netcenter.dll
2012-06-16 19:04 - 2010-11-20 05:20 - 00859648 ____A (Microsoft Corporation) C:\Windows\SysWOW64\OobeFldr.dll
2012-06-16 19:04 - 2010-11-20 05:20 - 00656384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2012-06-16 19:04 - 2010-11-20 05:20 - 00600576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PerfCenterCPL.dll
2012-06-16 19:04 - 2010-11-20 05:20 - 00509440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2012-06-16 19:04 - 2010-11-20 05:20 - 00441856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\powercpl.dll
2012-06-16 19:04 - 2010-11-20 05:20 - 00395264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\prnfldr.dll
2012-06-16 19:04 - 2010-11-20 05:20 - 00346112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nshipsec.dll
2012-06-16 19:04 - 2010-11-20 05:20 - 00324608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2012-06-16 19:04 - 2010-11-20 05:20 - 00297472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2012-06-16 19:04 - 2010-11-20 05:20 - 00295424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
2012-06-16 19:04 - 2010-11-20 05:20 - 00218112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\OnLineIDCpl.dll
2012-06-16 19:04 - 2010-11-20 05:20 - 00175616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2012-06-16 19:04 - 2010-11-20 05:20 - 00171520 ____A (Microsoft Corporation) C:\Windows\SysWOW64\QAGENT.DLL
2012-06-16 19:04 - 2010-11-20 05:20 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netjoin.dll
2012-06-16 19:04 - 2010-11-20 05:20 - 00120320 ____A (Microsoft Corporation) C:\Windows\SysWOW64\prntvpt.dll
2012-06-16 19:04 - 2010-11-20 05:20 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netid.dll
2012-06-16 19:04 - 2010-11-20 05:20 - 00078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nci.dll
2012-06-16 19:04 - 2010-11-20 05:20 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntlanman.dll
2012-06-16 19:04 - 2010-11-20 05:20 - 00052224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2012-06-16 19:04 - 2010-11-20 05:19 - 00856576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\FirewallControlPanel.dll
2012-06-16 19:04 - 2010-11-20 05:19 - 00828928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fontext.dll
2012-06-16 19:04 - 2010-11-20 05:19 - 00481792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2012-06-16 19:04 - 2010-11-20 05:19 - 00429056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\localsec.dll
2012-06-16 19:04 - 2010-11-20 05:19 - 00337408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2012-06-16 19:04 - 2010-11-20 05:19 - 00320512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mtxclu.dll
2012-06-16 19:04 - 2010-11-20 05:19 - 00320512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2012-06-16 19:04 - 2010-11-20 05:19 - 00312832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll
2012-06-16 19:04 - 2010-11-20 05:19 - 00301568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2012-06-16 19:04 - 2010-11-20 05:19 - 00271360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll
2012-06-16 19:04 - 2010-11-20 05:19 - 00268800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll
2012-06-16 19:04 - 2010-11-20 05:19 - 00266752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MediaMetadataHandler.dll
2012-06-16 19:04 - 2010-11-20 05:19 - 00226304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSAC3ENC.DLL
2012-06-16 19:04 - 2010-11-20 05:19 - 00216576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2012-06-16 19:04 - 2010-11-20 05:19 - 00202752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\framedyn.dll
2012-06-16 19:04 - 2010-11-20 05:19 - 00172032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iasrad.dll
2012-06-16 19:04 - 2010-11-20 05:19 - 00148992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ifsutil.dll
2012-06-16 19:04 - 2010-11-20 05:19 - 00127488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\logoncli.dll
2012-06-16 19:04 - 2010-11-20 05:19 - 00101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\migisol.dll
2012-06-16 19:04 - 2010-11-20 05:19 - 00093696 ____A (Windows (R) Codename Longhorn DDK provider) C:\Windows\SysWOW64\fms.dll
2012-06-16 19:04 - 2010-11-20 05:19 - 00078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iasacct.dll
2012-06-16 19:04 - 2010-11-20 05:19 - 00059904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fdeploy.dll
2012-06-16 19:04 - 2010-11-20 05:19 - 00034816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\httpapi.dll
2012-06-16 19:04 - 2010-11-20 05:18 - 03727872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\accessibilitycpl.dll
2012-06-16 19:04 - 2010-11-20 05:18 - 01400320 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DxpTaskSync.dll
2012-06-16 19:04 - 2010-11-20 05:18 - 01040384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2012-06-16 19:04 - 2010-11-20 05:18 - 01003520 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2012-06-16 19:04 - 2010-11-20 05:18 - 00805376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2012-06-16 19:04 - 2010-11-20 05:18 - 00744448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
2012-06-16 19:04 - 2010-11-20 05:18 - 00743424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2012-06-16 19:04 - 2010-11-20 05:18 - 00740864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\batmeter.dll
2012-06-16 19:04 - 2010-11-20 05:18 - 00665600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AuxiliaryDisplayCpl.dll
2012-06-16 19:04 - 2010-11-20 05:18 - 00537600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenterCPL.dll
2012-06-16 19:04 - 2010-11-20 05:18 - 00484864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DeviceCenter.dll
2012-06-16 19:04 - 2010-11-20 05:18 - 00314368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\azroleui.dll
2012-06-16 19:04 - 2010-11-20 05:18 - 00309760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2012-06-16 19:04 - 2010-11-20 05:18 - 00222208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2012-06-16 19:04 - 2010-11-20 05:18 - 00220672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\defaultlocationcpl.dll
2012-06-16 19:04 - 2010-11-20 05:18 - 00205312 ____A (Microsoft Corporation) C:\Windows\SysWOW64\efscore.dll
2012-06-16 19:04 - 2010-11-20 05:18 - 00202752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\activeds.dll
2012-06-16 19:04 - 2010-11-20 05:18 - 00196608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dskquoui.dll
2012-06-16 19:04 - 2010-11-20 05:18 - 00186880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\adsldp.dll
2012-06-16 19:04 - 2010-11-20 05:18 - 00146944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\autoplay.dll
2012-06-16 19:04 - 2010-11-20 05:18 - 00132608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cabview.dll
2012-06-16 19:04 - 2010-11-20 05:18 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnscmmc.dll
2012-06-16 19:04 - 2010-11-20 05:18 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dot3cfg.dll
2012-06-16 19:04 - 2010-11-20 05:18 - 00067584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2012-06-16 19:04 - 2010-11-20 05:18 - 00017408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2012-06-16 19:04 - 2010-11-20 05:17 - 00314880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2012-06-16 19:04 - 2010-11-20 05:17 - 00314368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe
2012-06-16 19:04 - 2010-11-20 05:17 - 00288256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\eudcedit.exe
2012-06-16 19:04 - 2010-11-20 05:17 - 00270336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sethc.exe
2012-06-16 19:04 - 2010-11-20 05:17 - 00227328 ____A (Microsoft Corporation) C:\Windows\SysWOW64\taskmgr.exe
2012-06-16 19:04 - 2010-11-20 05:17 - 00098816 ____A (Microsoft) C:\Windows\SysWOW64\Robocopy.exe
2012-06-16 19:04 - 2010-11-20 05:17 - 00066048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\w32tm.exe
2012-06-16 19:04 - 2010-11-20 05:17 - 00042496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ftp.exe
2012-06-16 19:04 - 2010-11-20 05:17 - 00026624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\userinit.exe
2012-06-16 19:04 - 2010-11-20 05:16 - 00905216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mmsys.cpl
2012-06-16 19:04 - 2010-11-20 05:16 - 00692736 ____A (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl
2012-06-16 19:04 - 2010-11-20 05:16 - 00649216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
2012-06-16 19:04 - 2010-11-20 05:16 - 00516096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\main.cpl
2012-06-16 19:04 - 2010-11-20 05:16 - 00413696 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr
2012-06-16 19:04 - 2010-11-20 05:16 - 00389632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2012-06-16 19:04 - 2010-11-20 05:16 - 00345088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2012-06-16 19:04 - 2010-11-20 05:16 - 00326656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sysdm.cpl
2012-06-16 19:04 - 2010-11-20 05:16 - 00193536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2012-06-16 19:04 - 2010-11-20 05:16 - 00172032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wdmaud.drv
2012-06-16 19:04 - 2010-11-20 05:16 - 00068608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WSTPager.ax
2012-06-16 19:04 - 2010-11-20 04:04 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tssecsrv.sys
2012-06-16 19:04 - 2010-11-20 03:52 - 00088576 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\wanarp.sys
2012-06-16 19:04 - 2010-11-20 03:52 - 00057856 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndproxy.sys
2012-06-16 19:04 - 2010-11-20 03:44 - 00184960 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbvideo.sys
2012-06-16 19:04 - 2010-11-20 03:43 - 00076800 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2012-06-16 19:04 - 2010-11-20 03:43 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\winusb.sys
2012-06-16 19:04 - 2010-11-04 19:11 - 00433512 ____A (Microsoft Corporation) C:\Windows\System32\MCEWMDRMNDBootstrap.dll
2012-06-16 19:04 - 2010-11-04 19:11 - 00312168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MCEWMDRMNDBootstrap.dll
2012-06-16 19:04 - 2010-11-04 18:58 - 00155472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2012-06-16 19:04 - 2010-11-04 18:58 - 00080720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2012-06-16 19:04 - 2010-11-04 18:57 - 00154960 ____A (Microsoft Corporation) C:\Windows\System32\mscorier.dll
2012-06-16 19:03 - 2010-11-20 06:44 - 00050176 ____A (Microsoft Corporation) C:\Windows\System32\NAPCRYPT.DLL
2012-06-16 19:03 - 2010-11-20 06:27 - 01911808 ____A (Microsoft Corporation) C:\Windows\System32\OpcServices.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 01232896 ____A (Microsoft Corporation) C:\Windows\System32\WMADMOD.DLL
2012-06-16 19:03 - 2010-11-20 06:27 - 01080320 ____A (Microsoft Corporation) C:\Windows\System32\onexui.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00978944 ____A (Microsoft Corporation) C:\Windows\System32\WMSPDMOD.DLL
2012-06-16 19:03 - 2010-11-20 06:27 - 00681472 ____A (Microsoft Corporation) C:\Windows\System32\WUDFx.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00666112 ____A (Microsoft Corporation) C:\Windows\System32\WMVSDECD.DLL
2012-06-16 19:03 - 2010-11-20 06:27 - 00636416 ____A (Microsoft Corporation) C:\Windows\System32\wmdrmdev.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00594432 ____A (Microsoft Corporation) C:\Windows\System32\wvc.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00527872 ____A (Microsoft Corporation) C:\Windows\System32\wmdrmnet.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00435712 ____A (Microsoft Corporation) C:\Windows\System32\PortableDeviceStatus.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00431104 ____A (Microsoft Corporation) C:\Windows\System32\WPDSp.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00392192 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00358400 ____A (Microsoft Corporation) C:\Windows\System32\wmpdxm.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00337920 ____A (Microsoft Corporation) C:\Windows\System32\raschap.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00325632 ____A (Microsoft Corporation) C:\Windows\System32\msnetobj.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00254464 ____A (Microsoft Corporation) C:\Windows\System32\qasf.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00250880 ____A (Microsoft Corporation) C:\Windows\System32\qdv.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00238080 ____A (Microsoft Corporation) C:\Windows\System32\mstask.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00224256 ____A (Microsoft Corporation) C:\Windows\System32\PortableDeviceSyncProvider.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00222208 ____A (Microsoft Corporation) C:\Windows\System32\rdpencom.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00217600 ____A (Microsoft Corporation) C:\Windows\System32\WinSCard.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\wpdwcn.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00190976 ____A (Microsoft Corporation) C:\Windows\System32\vdsbas.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00182784 ____A (Microsoft Corporation) C:\Windows\System32\WUDFPlatform.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00181248 ____A (Microsoft Corporation) C:\Windows\System32\qcap.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00178688 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00145920 ____A (Microsoft Corporation) C:\Windows\System32\sppc.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00143360 ____A (Microsoft Corporation) C:\Windows\System32\mydocs.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00135168 ____A (Microsoft Corporation) C:\Windows\System32\shacct.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00132608 ____A (Microsoft Corporation) C:\Windows\System32\wmpshell.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00124928 ____A (Microsoft Corporation) C:\Windows\System32\wiavideo.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00124416 ____A (Microsoft Corporation) C:\Windows\System32\QSVRMGMT.DLL
2012-06-16 19:03 - 2010-11-20 06:27 - 00121856 ____A (Microsoft Corporation) C:\Windows\System32\secproc_ssp_isv.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00121856 ____A (Microsoft Corporation) C:\Windows\System32\secproc_ssp.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00079872 ____A (Microsoft Corporation) C:\Windows\System32\QCLIPROV.DLL
2012-06-16 19:03 - 2010-11-20 06:27 - 00078848 ____A (Microsoft Corporation) C:\Windows\System32\spbcd.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00073728 ____A (Microsoft Corporation) C:\Windows\System32\tlscsp.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\unimdmat.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00072704 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00068096 ____A (Microsoft Corporation) C:\Windows\System32\vfwwdm32.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\wsnmp32.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00061952 ____A (Microsoft Corporation) C:\Windows\System32\WavDest.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00061952 ____A (Microsoft Corporation) C:\Windows\System32\vss_ps.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00059904 ____A (Microsoft Corporation) C:\Windows\System32\umb.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\odbcconf.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00048128 ____A (Microsoft Corporation) C:\Windows\System32\PrintIsolationProxy.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00044544 ____A (Microsoft Corporation) C:\Windows\System32\WUDFCoinstaller.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00037376 ____A (Microsoft Corporation) C:\Windows\System32\shimgvw.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00036352 ____A (Microsoft Corporation) C:\Windows\System32\wdiasqmmodule.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00035840 ____A (Microsoft Corporation) C:\Windows\System32\msdmo.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\seclogon.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00029184 ____A (Microsoft Corporation) C:\Windows\System32\netutils.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00025600 ____A (Microsoft Corporation) C:\Windows\System32\msyuv.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00024064 ____A (Microsoft Corporation) C:\Windows\System32\schedcli.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00018944 ____A (Microsoft Corporation) C:\Windows\System32\spopk.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00017408 ____A (Microsoft Corporation) C:\Windows\System32\syssetup.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00016896 ____A (Microsoft Corporation) C:\Windows\System32\muifontsetup.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\msrle32.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00015360 ____A (Microsoft Corporation) C:\Windows\System32\nrpsrv.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00014848 ____A (Microsoft Corporation) C:\Windows\System32\tsbyuv.dll
2012-06-16 19:03 - 2010-11-20 06:27 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\sscore.dll
2012-06-16 19:03 - 2010-11-20 06:26 - 01087488 ____A (Microsoft Corporation) C:\Windows\System32\dbghelp.dll
2012-06-16 19:03 - 2010-11-20 06:26 - 00623104 ____A (Microsoft Corporation) C:\Windows\System32\FXSAPI.dll
2012-06-16 19:03 - 2010-11-20 06:26 - 00573952 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2012-06-16 19:03 - 2010-11-20 06:26 - 00434688 ____A (Microsoft Corporation) C:\Windows\System32\FXSTIFF.dll
2012-06-16 19:03 - 2010-11-20 06:26 - 00313344 ____A (Microsoft Corporation) C:\Windows\System32\dot3ui.dll
2012-06-16 19:03 - 2010-11-20 06:26 - 00206848 ____A (Microsoft Corporation) C:\Windows\System32\mfps.dll
2012-06-16 19:03 - 2010-11-20 06:26 - 00198656 ____A (Microsoft Corporation) C:\Windows\System32\iasrecst.dll
2012-06-16 19:03 - 2010-11-20 06:26 - 00194048 ____A (Microsoft Corporation) C:\Windows\System32\itircl.dll
2012-06-16 19:03 - 2010-11-20 06:26 - 00180736 ____A (Microsoft Corporation) C:\Windows\System32\ifsutil.dll
2012-06-16 19:03 - 2010-11-20 06:26 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\EhStorAPI.dll
2012-06-16 19:03 - 2010-11-20 06:26 - 00121344 ____A (Microsoft Corporation) C:\Windows\System32\fphc.dll
2012-06-16 19:03 - 2010-11-20 06:26 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\eappgnui.dll
2012-06-16 19:03 - 2010-11-20 06:26 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\dot3msm.dll
2012-06-16 19:03 - 2010-11-20 06:26 - 00091648 ____A (Microsoft Corporation) C:\Windows\System32\mapistub.dll
2012-06-16 19:03 - 2010-11-20 06:26 - 00091648 ____A (Microsoft Corporation) C:\Windows\System32\mapi32.dll
2012-06-16 19:03 - 2010-11-20 06:26 - 00090624 ____A (Microsoft Corporation) C:\Windows\System32\KMSVC.DLL
2012-06-16 19:03 - 2010-11-20 06:26 - 00084992 ____A (Microsoft Corporation) C:\Windows\System32\Mcx2Svc.dll
2012-06-16 19:03 - 2010-11-20 06:26 - 00074240 ____A (Microsoft Corporation) C:\Windows\System32\fdProxy.dll
2012-06-16 19:03 - 2010-11-20 06:26 - 00065536 ____A (Microsoft Corporation) C:\Windows\System32\inetmib1.dll
2012-06-16 19:03 - 2010-11-20 06:26 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\luainstall.dll
2012-06-16 19:03 - 2010-11-20 06:26 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\FXSMON.dll
2012-06-16 19:03 - 2010-11-20 06:26 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\mciqtz32.dll
2012-06-16 19:03 - 2010-11-20 06:26 - 00037376 ____A (Microsoft Corporation) C:\Windows\System32\iscsium.dll
2012-06-16 19:03 - 2010-11-20 06:26 - 00027136 ____A (Microsoft Corporation) C:\Windows\System32\HotStartUserAgent.dll
2012-06-16 19:03 - 2010-11-20 06:26 - 00025600 ____A (Microsoft Corporation) C:\Windows\System32\elsTrans.dll
2012-06-16 19:03 - 2010-11-20 06:25 - 00840192 ____A (Microsoft Corporation) C:\Windows\System32\blackbox.dll
2012-06-16 19:03 - 2010-11-20 06:25 - 00395776 ____A (Microsoft Corporation) C:\Windows\System32\nltest.exe
2012-06-16 19:03 - 2010-11-20 06:25 - 00306688 ____A (Microsoft Corporation) C:\Windows\System32\RMActivate_ssp.exe
2012-06-16 19:03 - 2010-11-20 06:25 - 00305152 ____A (Microsoft Corporation) C:\Windows\System32\RMActivate_ssp_isv.exe
2012-06-16 19:03 - 2010-11-20 06:25 - 00294912 ____A (Microsoft Corporation) C:\Windows\System32\WindowsAnytimeUpgradeResults.exe
2012-06-16 19:03 - 2010-11-20 06:25 - 00293888 ____A (Microsoft Corporation) C:\Windows\System32\wsqmcons.exe
2012-06-16 19:03 - 2010-11-20 06:25 - 00226816 ____A (Microsoft Corporation) C:\Windows\System32\WUDFHost.exe
2012-06-16 19:03 - 2010-11-20 06:25 - 00213504 ____A (Microsoft Corporation) C:\Windows\System32\ActionQueue.dll
2012-06-16 19:03 - 2010-11-20 06:25 - 00172544 ____A (Microsoft Corporation) C:\Windows\System32\perfmon.exe
2012-06-16 19:03 - 2010-11-20 06:25 - 00152064 ____A (Microsoft Corporation) C:\Windows\System32\net1.exe
2012-06-16 19:03 - 2010-11-20 06:25 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll
2012-06-16 19:03 - 2010-11-20 06:25 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\amstream.dll
2012-06-16 19:03 - 2010-11-20 06:25 - 00078848 ____A (Microsoft Corporation) C:\Windows\System32\tabcal.exe
2012-06-16 19:03 - 2010-11-20 06:25 - 00071680 ____A (Microsoft Corporation) C:\Windows\System32\CertPolEng.dll
2012-06-16 19:03 - 2010-11-20 06:25 - 00063488 ____A (Microsoft Corporation) C:\Windows\System32\takeown.exe
2012-06-16 19:03 - 2010-11-20 06:25 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\PnPUnattend.exe
2012-06-16 19:03 - 2010-11-20 06:25 - 00058880 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll
2012-06-16 19:03 - 2010-11-20 06:25 - 00056832 ____A (Microsoft Corporation) C:\Windows\System32\runonce.exe
2012-06-16 19:03 - 2010-11-20 06:25 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\repair-bde.exe
2012-06-16 19:03 - 2010-11-20 06:25 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\MultiDigiMon.exe
2012-06-16 19:03 - 2010-11-20 06:25 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-16 19:03 - 2010-11-20 06:25 - 00046080 ____A (Microsoft Corporation) C:\Windows\System32\cscapi.dll
2012-06-16 19:03 - 2010-11-20 06:25 - 00043008 ____A (Microsoft Corporation) C:\Windows\System32\relog.exe
2012-06-16 19:03 - 2010-11-20 06:25 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-06-16 19:03 - 2010-11-20 06:25 - 00031744 ____A (Microsoft Corporation) C:\Windows\System32\AzSqlExt.dll
2012-06-16 19:03 - 2010-11-20 06:25 - 00026112 ____A (Microsoft Corporation) C:\Windows\System32\WerFaultSecure.exe
2012-06-16 19:03 - 2010-11-20 06:25 - 00014848 ____A (Microsoft Corporation) C:\Windows\System32\BWUnpairElevated.dll
2012-06-16 19:03 - 2010-11-20 06:25 - 00008192 ____A (Microsoft Corporation) C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
2012-06-16 19:03 - 2010-11-20 06:24 - 00899584 ____A (Microsoft Corporation) C:\Windows\System32\Bubbles.scr
2012-06-16 19:03 - 2010-11-20 06:24 - 00497664 ____A (Microsoft Corporation) C:\Windows\System32\main.cpl
2012-06-16 19:03 - 2010-11-20 06:24 - 00363520 ____A (Microsoft Corporation) C:\Windows\System32\diskraid.exe
2012-06-16 19:03 - 2010-11-20 06:24 - 00242688 ____A (Microsoft Corporation) C:\Windows\System32\Mystify.scr
2012-06-16 19:03 - 2010-11-20 06:24 - 00241664 ____A (Microsoft Corporation) C:\Windows\System32\Ribbons.scr
2012-06-16 19:03 - 2010-11-20 06:24 - 00232448 ____A (Microsoft Corporation) C:\Windows\System32\bitsadmin.exe
2012-06-16 19:03 - 2010-11-20 06:24 - 00166400 ____A (Microsoft Corporation) C:\Windows\System32\diskpart.exe
2012-06-16 19:03 - 2010-11-20 06:24 - 00152064 ____A (Microsoft Corporation) C:\Windows\System32\iscsicli.exe
2012-06-16 19:03 - 2010-11-20 06:24 - 00146944 ____A (Microsoft Corporation) C:\Windows\System32\MdSched.exe
2012-06-16 19:03 - 2010-11-20 06:24 - 00133120 ____A (Microsoft Corporation) C:\Windows\System32\Kswdmcap.ax
2012-06-16 19:03 - 2010-11-20 06:24 - 00130048 ____A (Microsoft Corporation) C:\Windows\System32\desk.cpl
2012-06-16 19:03 - 2010-11-20 06:24 - 00104448 ____A (Microsoft Corporation) C:\Windows\System32\logman.exe
2012-06-16 19:03 - 2010-11-20 06:24 - 00102400 ____A (Microsoft Corporation) C:\Windows\System32\mobsync.exe
2012-06-16 19:03 - 2010-11-20 06:24 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\cmstp.exe
2012-06-16 19:03 - 2010-11-20 06:24 - 00079872 ____A (Microsoft Corporation) C:\Windows\System32\manage-bde.exe
2012-06-16 19:03 - 2010-11-20 06:24 - 00071168 ____A (Microsoft Corporation) C:\Windows\System32\findstr.exe
2012-06-16 19:03 - 2010-11-20 06:24 - 00071168 ____A (Microsoft Corporation) C:\Windows\bfsvc.exe
2012-06-16 19:03 - 2010-11-20 06:24 - 00061440 ____A (Microsoft Corporation) C:\Windows\System32\djoin.exe
2012-06-16 19:03 - 2010-11-20 06:24 - 00057856 ____A (Microsoft Corporation) C:\Windows\System32\g711codc.ax
2012-06-16 19:03 - 2010-11-20 06:24 - 00048128 ____A (Microsoft Corporation) C:\Windows\System32\ftp.exe
2012-06-16 19:03 - 2010-11-20 06:24 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\vbisurf.ax
2012-06-16 19:03 - 2010-11-20 06:24 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\choice.exe
2012-06-16 19:03 - 2010-11-20 06:24 - 00017920 ____A (Microsoft Corporation) C:\Windows\System32\fixmapi.exe
2012-06-16 19:03 - 2010-11-20 06:15 - 01164800 ____A (Microsoft Corporation) C:\Windows\System32\UIRibbonRes.dll
2012-06-16 19:03 - 2010-11-20 06:13 - 00147456 ____A (Microsoft Corporation) C:\Windows\System32\RDPENCDD.dll
2012-06-16 19:03 - 2010-11-20 06:02 - 01148416 ____A (Microsoft Corporation) C:\Windows\System32\IMJP10.IME
2012-06-16 19:03 - 2010-11-20 05:36 - 00046080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\NAPCRYPT.DLL
2012-06-16 19:03 - 2010-11-20 05:21 - 00902656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2012-06-16 19:03 - 2010-11-20 05:21 - 00739328 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2012-06-16 19:03 - 2010-11-20 05:21 - 00616960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00541184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2012-06-16 19:03 - 2010-11-20 05:21 - 00507392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmdev.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00444928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00436736 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmnet.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00428032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00406528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00350720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WPDSp.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00318976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\raschap.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00318464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00309760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sqlcese30.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00299520 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmpdxm.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00247808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00222208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wavemsp.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00198144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wpdwcn.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00186368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00179712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00164352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00160256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vdsbas.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00146944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\remotepg.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00146432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\twext.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00144384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmpps.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00118784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\uxlib.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00115712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00109568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wiavideo.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00108032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00105984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WPDShServiceObj.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00105472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmpshell.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00100864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sppinst.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00090112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\srvcli.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00087552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00085504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00085504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00080896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\QUTIL.DLL
2012-06-16 19:03 - 2010-11-20 05:21 - 00078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UserAccountControlSettings.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00071168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00069632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tlscsp.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00069632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\spbcd.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00059392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\unimdmat.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00056832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vfwwdm32.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00052224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpd3d.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00051712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wsnmp32.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00051200 ____A (Twain Working Group) C:\Windows\twain_32.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00047104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wkscli.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00040448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wtsapi32.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00036864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00035840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shimgvw.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\utildll.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vpnikeapi.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00021504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdprefdrvapi.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00019968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\spopk.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00014848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\syssetup.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll
2012-06-16 19:03 - 2010-11-20 05:21 - 00012288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tsbyuv.dll
2012-06-16 19:03 - 2010-11-20 05:20 - 01661440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\networkexplorer.dll
2012-06-16 19:03 - 2010-11-20 05:20 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2012-06-16 19:03 - 2010-11-20 05:20 - 01111552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\onexui.dll
2012-06-16 19:03 - 2010-11-20 05:20 - 00427520 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceStatus.dll
 
2012-06-16 19:03 - 2010-11-20 05:20 - 00283136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qdv.dll
2012-06-16 19:03 - 2010-11-20 05:20 - 00236544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2012-06-16 19:03 - 2010-11-20 05:20 - 00206848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2012-06-16 19:03 - 2010-11-20 05:20 - 00190976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qcap.dll
2012-06-16 19:03 - 2010-11-20 05:20 - 00183296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceSyncProvider.dll
2012-06-16 19:03 - 2010-11-20 05:20 - 00174592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ocsetapi.dll
2012-06-16 19:03 - 2010-11-20 05:20 - 00165376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\provsvc.dll
2012-06-16 19:03 - 2010-11-20 05:20 - 00136192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mydocs.dll
2012-06-16 19:03 - 2010-11-20 05:20 - 00121344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2012-06-16 19:03 - 2010-11-20 05:20 - 00099328 ____A (Microsoft Corporation) C:\Windows\SysWOW64\QSVRMGMT.DLL
2012-06-16 19:03 - 2010-11-20 05:20 - 00090112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2012-06-16 19:03 - 2010-11-20 05:20 - 00077824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\olethk32.dll
2012-06-16 19:03 - 2010-11-20 05:20 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\QCLIPROV.DLL
2012-06-16 19:03 - 2010-11-20 05:20 - 00060928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncryptui.dll
2012-06-16 19:03 - 2010-11-20 05:20 - 00056832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2012-06-16 19:03 - 2010-11-20 05:20 - 00046592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pdhui.dll
2012-06-16 19:03 - 2010-11-20 05:20 - 00040960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
2012-06-16 19:03 - 2010-11-20 05:20 - 00022528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netutils.dll
2012-06-16 19:03 - 2010-11-20 05:19 - 00592384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2012-06-16 19:03 - 2010-11-20 05:19 - 00504320 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2012-06-16 19:03 - 2010-11-20 05:19 - 00265216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2012-06-16 19:03 - 2010-11-20 05:19 - 00219648 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iTVData.dll
2012-06-16 19:03 - 2010-11-20 05:19 - 00209920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstask.dll
2012-06-16 19:03 - 2010-11-20 05:19 - 00202240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2012-06-16 19:03 - 2010-11-20 05:19 - 00176128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2012-06-16 19:03 - 2010-11-20 05:19 - 00176128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MFPlay.dll
2012-06-16 19:03 - 2010-11-20 05:19 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mprapi.dll
2012-06-16 19:03 - 2010-11-20 05:19 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2012-06-16 19:03 - 2010-11-20 05:19 - 00122880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iasrecst.dll
2012-06-16 19:03 - 2010-11-20 05:19 - 00120320 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvfw32.dll
2012-06-16 19:03 - 2010-11-20 05:19 - 00098304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fphc.dll
2012-06-16 19:03 - 2010-11-20 05:19 - 00084480 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mciavi32.dll
2012-06-16 19:03 - 2010-11-20 05:19 - 00082944 ____A (Radius Inc.) C:\Windows\SysWOW64\iccvid.dll
2012-06-16 19:03 - 2010-11-20 05:19 - 00076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2012-06-16 19:03 - 2010-11-20 05:19 - 00076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2012-06-16 19:03 - 2010-11-20 05:19 - 00052736 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetmib1.dll
2012-06-16 19:03 - 2010-11-20 05:19 - 00050176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iyuv_32.dll
2012-06-16 19:03 - 2010-11-20 05:19 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\luainstall.dll
2012-06-16 19:03 - 2010-11-20 05:19 - 00036352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mciqtz32.dll
2012-06-16 19:03 - 2010-11-20 05:19 - 00031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvidc32.dll
2012-06-16 19:03 - 2010-11-20 05:19 - 00030720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msdmo.dll
2012-06-16 19:03 - 2010-11-20 05:19 - 00028672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iscsium.dll
2012-06-16 19:03 - 2010-11-20 05:19 - 00022528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msyuv.dll
2012-06-16 19:03 - 2010-11-20 05:19 - 00021504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\lsmproxy.dll
2012-06-16 19:03 - 2010-11-20 05:19 - 00013312 ____A (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
2012-06-16 19:03 - 2010-11-20 05:19 - 00013312 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrle32.dll
2012-06-16 19:03 - 2010-11-20 05:18 - 00685056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dsuiext.dll
2012-06-16 19:03 - 2010-11-20 05:18 - 00489984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2012-06-16 19:03 - 2010-11-20 05:18 - 00402944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2012-06-16 19:03 - 2010-11-20 05:18 - 00333824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dot3ui.dll
2012-06-16 19:03 - 2010-11-20 05:18 - 00243712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\audiodev.dll
2012-06-16 19:03 - 2010-11-20 05:18 - 00242176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2012-06-16 19:03 - 2010-11-20 05:18 - 00230912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2012-06-16 19:03 - 2010-11-20 05:18 - 00211456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairingFolder.dll
2012-06-16 19:03 - 2010-11-20 05:18 - 00210432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxdiagn.dll
2012-06-16 19:03 - 2010-11-20 05:18 - 00128512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\EhStorAPI.dll
2012-06-16 19:03 - 2010-11-20 05:18 - 00115200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dot3msm.dll
2012-06-16 19:03 - 2010-11-20 05:18 - 00094208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2012-06-16 19:03 - 2010-11-20 05:18 - 00091648 ____A (Microsoft Corporation) C:\Windows\SysWOW64\avifil32.dll
2012-06-16 19:03 - 2010-11-20 05:18 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cabinet.dll
2012-06-16 19:03 - 2010-11-20 05:18 - 00070656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\amstream.dll
2012-06-16 19:03 - 2010-11-20 05:18 - 00066560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cca.dll
2012-06-16 19:03 - 2010-11-20 05:18 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\CertPolEng.dll
2012-06-16 19:03 - 2010-11-20 05:18 - 00045568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\acppage.dll
2012-06-16 19:03 - 2010-11-20 05:18 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2012-06-16 19:03 - 2010-11-20 05:18 - 00034816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cscapi.dll
2012-06-16 19:03 - 2010-11-20 05:18 - 00028160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AzSqlExt.dll
2012-06-16 19:03 - 2010-11-20 05:17 - 00586752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dfrgui.exe
2012-06-16 19:03 - 2010-11-20 05:17 - 00327680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wimserv.exe
2012-06-16 19:03 - 2010-11-20 05:17 - 00280064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2012-06-16 19:03 - 2010-11-20 05:17 - 00278016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2012-06-16 19:03 - 2010-11-20 05:17 - 00276480 ____A (Microsoft Corporation) C:\Windows\SysWOW64\diskraid.exe
2012-06-16 19:03 - 2010-11-20 05:17 - 00197632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ocsetup.exe
2012-06-16 19:03 - 2010-11-20 05:17 - 00157184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\perfmon.exe
2012-06-16 19:03 - 2010-11-20 05:17 - 00144896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iscsicli.exe
2012-06-16 19:03 - 2010-11-20 05:17 - 00133632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\diskpart.exe
2012-06-16 19:03 - 2010-11-20 05:17 - 00113152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setupugc.exe
2012-06-16 19:03 - 2010-11-20 05:17 - 00101376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mobsync.exe
2012-06-16 19:03 - 2010-11-20 05:17 - 00098304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nslookup.exe
2012-06-16 19:03 - 2010-11-20 05:17 - 00095232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\logagent.exe
2012-06-16 19:03 - 2010-11-20 05:17 - 00086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\isoburn.exe
2012-06-16 19:03 - 2010-11-20 05:17 - 00084992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cmstp.exe
2012-06-16 19:03 - 2010-11-20 05:17 - 00082944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2012-06-16 19:03 - 2010-11-20 05:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2012-06-16 19:03 - 2010-11-20 05:17 - 00070656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MuiUnattend.exe
2012-06-16 19:03 - 2010-11-20 05:17 - 00062976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\findstr.exe
2012-06-16 19:03 - 2010-11-20 05:17 - 00051200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\takeown.exe
2012-06-16 19:03 - 2010-11-20 05:17 - 00050688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\runonce.exe
2012-06-16 19:03 - 2010-11-20 05:17 - 00047616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzutil.exe
2012-06-16 19:03 - 2010-11-20 05:17 - 00037888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2012-06-16 19:03 - 2010-11-20 05:17 - 00034304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\unlodctr.exe
2012-06-16 19:03 - 2010-11-20 05:17 - 00033792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2012-06-16 19:03 - 2010-11-20 05:17 - 00028672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2012-06-16 19:03 - 2010-11-20 05:17 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netiougc.exe
2012-06-16 19:03 - 2010-11-20 05:17 - 00024064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2012-06-16 19:03 - 2010-11-20 05:17 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe
2012-06-16 19:03 - 2010-11-20 05:16 - 00878592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Bubbles.scr
2012-06-16 19:03 - 2010-11-20 05:16 - 00293888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ssText3d.scr
2012-06-16 19:03 - 2010-11-20 05:16 - 00281088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp
2012-06-16 19:03 - 2010-11-20 05:16 - 00221184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Mystify.scr
2012-06-16 19:03 - 2010-11-20 05:16 - 00220672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Ribbons.scr
2012-06-16 19:03 - 2010-11-20 05:16 - 00186368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\bitsadmin.exe
2012-06-16 19:03 - 2010-11-20 05:16 - 00153600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\VBICodec.ax
2012-06-16 19:03 - 2010-11-20 05:16 - 00142336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2012-06-16 19:03 - 2010-11-20 05:16 - 00128000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\desk.cpl
2012-06-16 19:03 - 2010-11-20 05:16 - 00107008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Kswdmcap.ax
2012-06-16 19:03 - 2010-11-20 05:16 - 00084480 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kstvtune.ax
2012-06-16 19:03 - 2010-11-20 05:16 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ksxbar.ax
2012-06-16 19:03 - 2010-11-20 05:16 - 00045568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\g711codc.ax
2012-06-16 19:03 - 2010-11-20 05:16 - 00033792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbisurf.ax
2012-06-16 19:03 - 2010-11-20 05:08 - 00663040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2012-06-16 19:03 - 2010-11-20 05:07 - 01164800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2012-06-16 19:03 - 2010-11-20 05:00 - 01027584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2012-06-16 19:03 - 2010-11-20 03:52 - 00131584 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\pacer.sys
2012-06-16 19:03 - 2010-11-20 03:51 - 00125440 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tunnel.sys
2012-06-16 19:03 - 2010-11-20 03:51 - 00045056 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpipreg.sys
2012-06-16 19:03 - 2010-11-20 03:50 - 00056832 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndisuio.sys
2012-06-16 19:03 - 2010-11-20 03:49 - 00146432 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rmcast.sys
2012-06-16 19:03 - 2010-11-20 03:44 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\umbus.sys
2012-06-16 19:03 - 2010-11-20 02:49 - 00258048 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2012-06-16 19:03 - 2010-11-20 02:26 - 00102400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2012-06-16 19:03 - 2010-11-09 18:48 - 00010429 ____A C:\Windows\System32\ScavengeSpace.xml
2012-06-16 19:02 - 2010-11-20 06:27 - 00072192 ____A (Microsoft Corporation) C:\Windows\System32\napdsnap.dll
2012-06-16 19:02 - 2010-11-20 06:27 - 00047104 ____A (Microsoft Corporation) C:\Windows\System32\wshbth.dll
2012-06-16 19:02 - 2010-11-20 06:27 - 00037376 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-16 19:02 - 2010-11-20 06:27 - 00033280 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-16 19:02 - 2010-11-20 06:27 - 00028160 ____A (Microsoft Corporation) C:\Windows\System32\shgina.dll
2012-06-16 19:02 - 2010-11-20 06:27 - 00026112 ____A (Microsoft Corporation) C:\Windows\System32\wsdchngr.dll
2012-06-16 19:02 - 2010-11-20 06:27 - 00023040 ____A (Microsoft Corporation) C:\Windows\System32\rdprefdrvapi.dll
2012-06-16 19:02 - 2010-11-20 06:27 - 00021504 ____A (Microsoft Corporation) C:\Windows\System32\TRAPI.dll
2012-06-16 19:02 - 2010-11-20 06:27 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\wshirda.dll
2012-06-16 19:02 - 2010-11-20 06:27 - 00011264 ____A (Microsoft Corporation) C:\Windows\System32\shunimpl.dll
2012-06-16 19:02 - 2010-11-20 06:27 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\riched32.dll
2012-06-16 19:02 - 2010-11-20 06:27 - 00010240 ____A (Microsoft Corporation) C:\Windows\System32\rdpcfgex.dll
2012-06-16 19:02 - 2010-11-20 06:27 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\spwmp.dll
2012-06-16 19:02 - 2010-11-20 06:27 - 00005120 ____A (Microsoft Corporation) C:\Windows\System32\msdxm.ocx
2012-06-16 19:02 - 2010-11-20 06:27 - 00005120 ____A (Microsoft Corporation) C:\Windows\System32\dxmasf.dll
2012-06-16 19:02 - 2010-11-20 06:26 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\dsauth.dll
2012-06-16 19:02 - 2010-11-20 06:25 - 00030208 ____A (Microsoft Corporation) C:\Windows\System32\cscdll.dll
2012-06-16 19:02 - 2010-11-20 06:25 - 00024576 ____A (Microsoft Corporation) C:\Windows\System32\bitsperf.dll
2012-06-16 19:02 - 2010-11-20 06:25 - 00014336 ____A (Microsoft Corporation) C:\Windows\System32\browseui.dll
2012-06-16 19:02 - 2010-11-20 06:25 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\C_ISCII.DLL
2012-06-16 19:02 - 2010-11-20 06:24 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\LogonUI.exe
2012-06-16 19:02 - 2010-11-20 06:24 - 00018432 ____A (Microsoft Corporation) C:\Windows\System32\FXSUNATD.exe
2012-06-16 19:02 - 2010-11-20 06:16 - 12625920 ____A (Microsoft Corporation) C:\Windows\System32\wmploc.DLL
2012-06-16 19:02 - 2010-11-20 06:14 - 00007680 ____A (Microsoft Corporation) C:\Windows\System32\spwizres.dll
2012-06-16 19:02 - 2010-11-20 06:13 - 00069120 ____A (Microsoft Corporation) C:\Windows\System32\nlsbres.dll
2012-06-16 19:02 - 2010-11-20 06:12 - 00035328 ____A (Microsoft Corporation) C:\Windows\System32\pifmgr.dll
2012-06-16 19:02 - 2010-11-20 06:02 - 00457216 ____A (Microsoft Corporation) C:\Windows\System32\imkr80.ime
2012-06-16 19:02 - 2010-11-20 06:02 - 00008192 ____A (Microsoft Corporation) C:\Windows\System32\KBDTUQ.DLL
2012-06-16 19:02 - 2010-11-20 06:02 - 00008192 ____A (Microsoft Corporation) C:\Windows\System32\KBDTUF.DLL
2012-06-16 19:02 - 2010-11-20 06:02 - 00008192 ____A (Microsoft Corporation) C:\Windows\System32\KBDSG.DLL
2012-06-16 19:02 - 2010-11-20 06:02 - 00008192 ____A (Microsoft Corporation) C:\Windows\System32\kbdlk41a.dll
2012-06-16 19:02 - 2010-11-20 06:02 - 00008192 ____A (Microsoft Corporation) C:\Windows\System32\KBDGKL.DLL
2012-06-16 19:02 - 2010-11-20 06:02 - 00008192 ____A (Microsoft Corporation) C:\Windows\System32\KBDCZ1.DLL
2012-06-16 19:02 - 2010-11-20 06:02 - 00007680 ____A (Microsoft Corporation) C:\Windows\System32\KBDSF.DLL
2012-06-16 19:02 - 2010-11-20 06:02 - 00007680 ____A (Microsoft Corporation) C:\Windows\System32\KBDPO.DLL
2012-06-16 19:02 - 2010-11-20 06:02 - 00007680 ____A (Microsoft Corporation) C:\Windows\System32\KBDNEPR.DLL
2012-06-16 19:02 - 2010-11-20 06:02 - 00007680 ____A (Microsoft Corporation) C:\Windows\System32\KBDINTAM.DLL
2012-06-16 19:02 - 2010-11-20 06:02 - 00007680 ____A (Microsoft Corporation) C:\Windows\System32\KBDINBEN.DLL
2012-06-16 19:02 - 2010-11-20 06:02 - 00007680 ____A (Microsoft Corporation) C:\Windows\System32\KBDGR1.DLL
2012-06-16 19:02 - 2010-11-20 06:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDUS.DLL
2012-06-16 19:02 - 2010-11-20 06:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDUGHR1.DLL
2012-06-16 19:02 - 2010-11-20 06:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDTURME.DLL
2012-06-16 19:02 - 2010-11-20 06:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDTAJIK.DLL
2012-06-16 19:02 - 2010-11-20 06:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDMON.DLL
2012-06-16 19:02 - 2010-11-20 06:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDMAORI.DLL
2012-06-16 19:02 - 2010-11-20 06:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDLT1.DLL
2012-06-16 19:02 - 2010-11-20 06:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDINTEL.DLL
2012-06-16 19:02 - 2010-11-20 06:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDINORI.DLL
2012-06-16 19:02 - 2010-11-20 06:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDINMAR.DLL
2012-06-16 19:02 - 2010-11-20 06:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDINKAN.DLL
2012-06-16 19:02 - 2010-11-20 06:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDINHIN.DLL
2012-06-16 19:02 - 2010-11-20 06:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDBULG.DLL
2012-06-16 19:02 - 2010-11-20 06:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDBLR.DLL
2012-06-16 19:02 - 2010-11-20 06:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDBASH.DLL
2012-06-16 19:02 - 2010-11-20 06:02 - 00006656 ____A (Microsoft Corporation) C:\Windows\System32\KBDGEO.DLL
2012-06-16 19:02 - 2010-11-20 05:58 - 00003072 ____A (Microsoft Corporation) C:\Windows\System32\dpnaddr.dll
2012-06-16 19:02 - 2010-11-20 05:54 - 00052736 ____A (Microsoft Corporation) C:\Windows\System32\BlbEvents.dll
2012-06-16 19:02 - 2010-11-20 05:51 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-ums-l1-1-0.dll
2012-06-16 19:02 - 2010-11-20 05:21 - 00036352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wshbth.dll
2012-06-16 19:02 - 2010-11-20 05:21 - 00027648 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2012-06-16 19:02 - 2010-11-20 05:21 - 00021504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wsdchngr.dll
2012-06-16 19:02 - 2010-11-20 05:21 - 00021504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\TRAPI.dll
2012-06-16 19:02 - 2010-11-20 05:21 - 00020992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shgina.dll
2012-06-16 19:02 - 2010-11-20 05:21 - 00017408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schedcli.dll
2012-06-16 19:02 - 2010-11-20 05:21 - 00011264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wshirda.dll
2012-06-16 19:02 - 2010-11-20 05:21 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shunimpl.dll
2012-06-16 19:02 - 2010-11-20 05:21 - 00009728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2012-06-16 19:02 - 2010-11-20 05:21 - 00008704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\riched32.dll
2012-06-16 19:02 - 2010-11-20 05:21 - 00004096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2012-06-16 19:02 - 2010-11-20 05:21 - 00004096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2012-06-16 19:02 - 2010-11-20 05:20 - 00068096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\napdsnap.dll
2012-06-16 19:02 - 2010-11-20 05:20 - 00017408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\perfts.dll
2012-06-16 19:02 - 2010-11-20 05:20 - 00008192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2012-06-16 19:02 - 2010-11-20 05:18 - 00030208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dsauth.dll
2012-06-16 19:02 - 2010-11-20 05:18 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cscdll.dll
2012-06-16 19:02 - 2010-11-20 05:18 - 00022528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elsTrans.dll
2012-06-16 19:02 - 2010-11-20 05:18 - 00019456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\bitsperf.dll
2012-06-16 19:02 - 2010-11-20 05:18 - 00011264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\C_ISCII.DLL
2012-06-16 19:02 - 2010-11-20 05:18 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\browseui.dll
2012-06-16 19:02 - 2010-11-20 05:08 - 12625408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2012-06-16 19:02 - 2010-11-20 05:08 - 00119808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imm32.dll
2012-06-16 19:02 - 2010-11-20 05:08 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDTUQ.DLL
2012-06-16 19:02 - 2010-11-20 05:08 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDTUF.DLL
2012-06-16 19:02 - 2010-11-20 05:08 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDSG.DLL
2012-06-16 19:02 - 2010-11-20 05:08 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kbdlk41a.dll
2012-06-16 19:02 - 2010-11-20 05:08 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDGR1.DLL
2012-06-16 19:02 - 2010-11-20 05:08 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDGKL.DLL
2012-06-16 19:02 - 2010-11-20 05:08 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDCZ1.DLL
2012-06-16 19:02 - 2010-11-20 05:08 - 00007168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDSF.DLL
2012-06-16 19:02 - 2010-11-20 05:08 - 00007168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDPO.DLL
2012-06-16 19:02 - 2010-11-20 05:08 - 00007168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDNEPR.DLL
2012-06-16 19:02 - 2010-11-20 05:08 - 00007168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDINTAM.DLL
2012-06-16 19:02 - 2010-11-20 05:08 - 00007168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDINORI.DLL
2012-06-16 19:02 - 2010-11-20 05:08 - 00007168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDINMAR.DLL
2012-06-16 19:02 - 2010-11-20 05:08 - 00007168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDINKAN.DLL
2012-06-16 19:02 - 2010-11-20 05:08 - 00007168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDINHIN.DLL
2012-06-16 19:02 - 2010-11-20 05:08 - 00007168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDINBEN.DLL
2012-06-16 19:02 - 2010-11-20 05:08 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDUS.DLL
2012-06-16 19:02 - 2010-11-20 05:08 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDUGHR1.DLL
2012-06-16 19:02 - 2010-11-20 05:08 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDTURME.DLL
2012-06-16 19:02 - 2010-11-20 05:08 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAJIK.DLL
2012-06-16 19:02 - 2010-11-20 05:08 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDMON.DLL
2012-06-16 19:02 - 2010-11-20 05:08 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDMAORI.DLL
2012-06-16 19:02 - 2010-11-20 05:08 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDLT1.DLL
2012-06-16 19:02 - 2010-11-20 05:08 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDINTEL.DLL
2012-06-16 19:02 - 2010-11-20 05:08 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDGEO.DLL
2012-06-16 19:02 - 2010-11-20 05:08 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDBULG.DLL
2012-06-16 19:02 - 2010-11-20 05:08 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDBLR.DLL
2012-06-16 19:02 - 2010-11-20 05:08 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2012-06-16 19:02 - 2010-11-20 05:07 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\spwizres.dll
2012-06-16 19:02 - 2010-11-20 05:06 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2012-06-16 19:02 - 2010-11-20 05:05 - 00035328 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pifmgr.dll
2012-06-16 19:02 - 2010-11-20 05:00 - 00430080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2012-06-16 19:02 - 2010-11-20 04:57 - 00002560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnaddr.dll
2012-06-16 19:02 - 2010-11-20 04:37 - 00031744 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbrpm.sys
2012-06-16 19:02 - 2010-11-20 03:44 - 00350208 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\HdAudio.sys
2012-06-16 19:02 - 2010-11-20 03:44 - 00032896 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBCAMD2.sys
2012-06-16 19:02 - 2010-11-20 03:43 - 00172544 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFRd.sys
2012-06-16 19:02 - 2010-11-20 03:43 - 00122368 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hdaudbus.sys
2012-06-16 19:02 - 2010-11-20 03:43 - 00030208 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys
2012-06-16 19:02 - 2010-11-20 03:42 - 00112128 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFPf.sys
2012-06-16 19:02 - 2010-11-20 03:34 - 00014336 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\sffp_sd.sys
2012-06-16 19:02 - 2010-11-20 03:33 - 00038912 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\CompositeBus.sys
2012-06-16 19:02 - 2010-11-20 03:33 - 00033280 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\kbdhid.sys
2012-06-16 19:02 - 2010-11-20 03:14 - 00061440 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\appid.sys
2012-06-16 19:02 - 2010-11-20 03:09 - 00029696 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\scfilter.sys
2012-06-16 19:02 - 2010-11-20 03:04 - 00078848 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\IPMIDrv.sys
2012-06-16 19:02 - 2010-11-20 02:30 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\acpipmi.sys
2012-06-16 19:02 - 2010-11-20 02:22 - 00026624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdi.sys
2012-06-16 19:02 - 2010-11-20 02:19 - 00147456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cdrom.sys
2012-06-16 19:02 - 2010-11-04 19:20 - 00105559 ____A C:\Windows\SysWOW64\RacRules.xml
2012-06-16 19:02 - 2010-11-04 19:20 - 00105559 ____A C:\Windows\System32\RacRules.xml
2012-06-16 19:01 - 2010-11-20 05:21 - 00189952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wdscore.dll
2012-06-16 19:01 - 2010-11-20 05:21 - 00189952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sqmapi.dll
2012-06-16 19:01 - 2010-11-20 05:17 - 00209920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PkgMgr.exe
2012-06-16 19:01 - 2009-06-10 14:39 - 00001041 ____A C:\Windows\SysWOW64\tcpbidi.xml
2012-06-16 19:00 - 2010-11-20 05:21 - 00363008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wbemcomn.dll
2012-06-16 19:00 - 2010-11-20 05:18 - 00323072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\drvstore.dll
2012-06-16 19:00 - 2010-11-20 05:18 - 00257024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpx.dll
2012-06-16 18:57 - 2010-11-20 06:27 - 00933376 ____A (Microsoft Corporation) C:\Windows\System32\SmiEngine.dll
2012-06-16 18:57 - 2010-11-20 06:27 - 00529408 ____A (Microsoft Corporation) C:\Windows\System32\wbemcomn.dll
2012-06-16 18:57 - 2010-11-20 06:27 - 00524288 ____A (Microsoft Corporation) C:\Windows\System32\wmicmiplugin.dll
2012-06-16 18:57 - 2010-11-20 06:27 - 00244736 ____A (Microsoft Corporation) C:\Windows\System32\sqmapi.dll
2012-06-16 18:56 - 2010-11-20 06:25 - 00199168 ____A (Microsoft Corporation) C:\Windows\System32\PkgMgr.exe
2012-06-16 18:55 - 2010-11-20 06:26 - 00422912 ____A (Microsoft Corporation) C:\Windows\System32\drvstore.dll
2012-06-16 18:55 - 2010-11-20 06:26 - 00399872 ____A (Microsoft Corporation) C:\Windows\System32\dpx.dll
2012-06-16 18:51 - 2012-04-07 05:31 - 03216384 ____A (Microsoft Corporation) C:\Windows\System32\msi.dll
2012-06-16 18:51 - 2012-04-07 04:26 - 02342400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2012-06-16 18:50 - 2012-05-04 04:06 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-06-16 18:50 - 2012-05-04 03:03 - 03968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-06-16 18:50 - 2012-05-04 03:03 - 03913072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-06-16 18:42 - 2012-05-14 18:32 - 03146752 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-06-16 18:41 - 2012-04-30 22:40 - 00209920 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2012-06-16 18:41 - 2012-04-23 22:37 - 01462272 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-06-16 18:41 - 2012-04-23 22:37 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-06-16 18:41 - 2012-04-23 22:37 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-06-16 18:41 - 2012-04-23 21:36 - 01158656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2012-06-16 18:41 - 2012-04-23 21:36 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2012-06-16 18:41 - 2012-04-23 21:36 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2012-06-16 18:41 - 2012-03-02 23:35 - 01544704 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2012-06-16 18:41 - 2012-03-02 22:31 - 01077248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2012-06-16 18:41 - 2010-11-20 06:27 - 00033792 ____A (Microsoft Corporation) C:\Windows\System32\profprov.dll
2012-06-16 18:40 - 2012-04-27 20:55 - 00210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-06-16 18:40 - 2012-03-30 04:35 - 01918320 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2012-06-16 18:40 - 2012-03-17 00:58 - 00075120 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2012-06-16 18:34 - 2012-06-16 18:33 - 00476936 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\npdeployJava1.dll
2012-06-16 18:34 - 2012-06-16 18:33 - 00157448 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaws.exe
2012-06-16 18:34 - 2012-06-16 18:33 - 00149256 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaw.exe
2012-06-16 18:34 - 2012-06-16 18:33 - 00149256 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\java.exe
2012-06-16 18:33 - 2012-06-16 18:33 - 00000000 ____D C:\Program Files (x86)\Java
2012-06-16 15:11 - 2012-06-16 15:11 - 00000000 __SHD C:\Windows\System32\%APPDATA%
2012-06-16 14:50 - 2012-06-16 14:50 - 00001111 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-06-16 14:50 - 2012-06-16 14:50 - 00001111 ____A C:\Users\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2012-06-16 14:50 - 2012-06-16 14:50 - 00000000 ____D C:\Users\tpot\Application Data\Malwarebytes
2012-06-16 14:50 - 2012-06-16 14:50 - 00000000 ____D C:\Users\tpot\AppData\Roaming\Malwarebytes
2012-06-16 14:50 - 2012-06-16 14:50 - 00000000 ____D C:\Users\All Users\Malwarebytes
2012-06-16 14:50 - 2012-06-16 14:50 - 00000000 ____D C:\Users\All Users\Application Data\Malwarebytes
2012-06-16 14:50 - 2012-06-16 14:50 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-06-16 14:50 - 2012-04-04 15:56 - 00024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-06-16 14:30 - 2012-06-16 14:30 - 00002214 ____A C:\Users\Public\Desktop\Google Earth.lnk
2012-06-16 14:30 - 2012-06-16 14:30 - 00002214 ____A C:\Users\All Users\Desktop\Google Earth.lnk
2012-06-16 14:30 - 2012-06-16 14:30 - 00000000 ____D C:\Temp
2012-06-16 14:15 - 2012-06-17 05:38 - 00001854 ____A C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2012-06-16 14:15 - 2012-06-17 05:38 - 00001854 ____A C:\Users\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
2012-06-16 14:15 - 2012-06-16 14:15 - 00000000 ____D C:\Users\tpot\Application Data\SUPERAntiSpyware.com
2012-06-16 14:15 - 2012-06-16 14:15 - 00000000 ____D C:\Users\tpot\AppData\Roaming\SUPERAntiSpyware.com
2012-06-16 14:15 - 2012-06-16 14:15 - 00000000 ____D C:\Users\All Users\SUPERAntiSpyware.com
2012-06-16 14:15 - 2012-06-16 14:15 - 00000000 ____D C:\Users\All Users\Application Data\SUPERAntiSpyware.com
2012-06-16 14:15 - 2012-06-16 14:15 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2012-06-16 14:10 - 2012-06-16 14:10 - 00000000 ____D C:\TDSSKiller_Quarantine
2012-06-16 14:08 - 2012-06-16 14:11 - 00132680 ____A C:\TDSSKiller.2.7.40.0_16.06.2012_14.08.44_log.txt
2012-06-16 13:52 - 2012-06-17 09:50 - 00947420 ____A C:\Windows\ntbtlog.txt
2012-06-16 13:52 - 2012-06-17 05:52 - 00000000 ____D C:\Windows\Minidump
2012-05-25 18:48 - 2012-05-25 18:48 - 00000000 ____D C:\Users\tpot\Local Settings\ElevatedDiagnostics
2012-05-25 18:48 - 2012-05-25 18:48 - 00000000 ____D C:\Users\tpot\Local Settings\Application Data\ElevatedDiagnostics
2012-05-25 18:48 - 2012-05-25 18:48 - 00000000 ____D C:\Users\tpot\AppData\Local\ElevatedDiagnostics
 
============ 3 Months Modified Files and Folders =============
2012-06-17 10:17 - 2012-06-17 10:17 - 00000000 ____D C:\FRST
2012-06-17 09:54 - 2012-02-01 07:49 - 00000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-06-17 09:53 - 2012-02-01 07:49 - 00000890 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-06-17 09:52 - 2012-06-17 07:24 - 00000280 ____A C:\Windows\setupact.log
2012-06-17 09:52 - 2010-12-25 15:35 - 4083871744 __ASH C:\pagefile.sys
2012-06-17 09:52 - 2010-11-01 12:32 - 3062902784 __ASH C:\hiberfil.sys
2012-06-17 09:52 - 2009-07-13 22:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-06-17 09:51 - 2012-06-17 09:50 - 00130762 ____A C:\TDSSKiller.2.7.40.0_17.06.2012_09.50.44_log.txt
2012-06-17 09:50 - 2012-06-16 13:52 - 00947420 ____A C:\Windows\ntbtlog.txt
2012-06-17 07:59 - 2010-11-01 12:38 - 02089059 ____A C:\Windows\WindowsUpdate.log
2012-06-17 07:59 - 2010-10-02 04:04 - 00000000 __SHD C:\System Volume Information
2012-06-17 07:56 - 2012-06-17 07:56 - 00744030 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2012-06-17 07:56 - 2012-06-17 07:56 - 00001945 ____A C:\Windows\epplauncher.mif
2012-06-17 07:56 - 2012-06-17 07:56 - 00000000 ____D C:\Program Files\Microsoft Security Client
2012-06-17 07:56 - 2012-06-17 07:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2012-06-17 07:56 - 2009-07-13 20:20 - 00000000 ___RD C:\Program Files (x86)
2012-06-17 07:56 - 2009-07-13 20:20 - 00000000 ___RD C:\Program Files
2012-06-17 07:56 - 2009-07-13 20:20 - 00000000 ____D C:\Windows
2012-06-17 07:45 - 2012-06-17 07:45 - 00000000 ____D C:\Windows\CheckSur
2012-06-17 07:44 - 2012-06-17 07:32 - 357148272 ____A C:\Users\tpot\Downloads\Windows6.1-KB947821-v22-x64.msu
2012-06-17 07:36 - 2009-07-13 21:45 - 00013872 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-06-17 07:36 - 2009-07-13 21:45 - 00013872 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-06-17 07:31 - 2009-07-13 22:13 - 00726444 ____A C:\Windows\System32\PerfStringBackup.INI
2012-06-17 07:24 - 2012-06-17 07:24 - 00000000 ____A C:\Windows\setuperr.log
2012-06-17 07:24 - 2010-12-25 23:43 - 00016938 ____A C:\Windows\PFRO.log
2012-06-17 05:52 - 2012-06-16 13:52 - 00000000 ____D C:\Windows\Minidump
2012-06-17 05:38 - 2012-06-16 14:15 - 00001854 ____A C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2012-06-17 05:38 - 2012-06-16 14:15 - 00001854 ____A C:\Users\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
2012-06-17 03:20 - 2009-07-13 21:45 - 00274320 ____A C:\Windows\System32\FNTCACHE.DAT
2012-06-16 21:33 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\rescache
2012-06-16 20:53 - 2012-06-16 20:53 - 00000000 ____D C:\Users\All Users\Intel
2012-06-16 20:53 - 2012-06-16 20:53 - 00000000 ____D C:\Users\All Users\Application Data\Intel
2012-06-16 20:53 - 2010-12-25 15:45 - 00000402 __ASH C:\Users\tpot\My Documents\desktop.ini
2012-06-16 20:53 - 2009-07-13 20:20 - 00000000 ___HD C:\ProgramData
2012-06-16 20:03 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\System32\config\TxR
2012-06-16 20:02 - 2010-11-01 15:30 - 00000000 ____D C:\Program Files\Windows Journal
2012-06-16 20:02 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2012-06-16 20:02 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files\Windows Portable Devices
2012-06-16 20:02 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2012-06-16 20:02 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files\Windows Defender
2012-06-16 20:02 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files\DVD Maker
2012-06-16 20:02 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2012-06-16 20:02 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2012-06-16 20:02 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2012-06-16 20:02 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\sppui
2012-06-16 20:02 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\Setup
2012-06-16 20:02 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\oobe
2012-06-16 20:02 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2012-06-16 20:02 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\manifeststore
2012-06-16 20:02 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\es-ES
2012-06-16 20:02 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2012-06-16 20:02 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\da-DK
2012-06-16 20:02 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\cs-CZ
2012-06-16 20:02 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2012-06-16 20:02 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\servicing
2012-06-16 20:02 - 2009-07-13 20:20 - 00000000 ____D C:\Program Files\Common Files\System
2012-06-16 20:01 - 2009-07-13 20:20 - 00000000 ___AD C:\Windows\System32\oobe
2012-06-16 20:01 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\System32\sppui
2012-06-16 20:01 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\System32\Setup
2012-06-16 20:01 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\System32\migwiz
2012-06-16 20:01 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\System32\manifeststore
2012-06-16 20:01 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\System32\es-ES
2012-06-16 20:01 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\System32\Dism
2012-06-16 20:01 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\System32\da-DK
2012-06-16 20:01 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\System32\cs-CZ
2012-06-16 20:01 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\System32\AdvancedInstallers
2012-06-16 19:57 - 2009-07-13 19:36 - 00175616 ____A (Microsoft Corporation) C:\Windows\System32\msclmd.dll
2012-06-16 19:57 - 2009-07-13 19:36 - 00152576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2012-06-16 19:47 - 2010-11-01 13:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2012-06-16 19:37 - 2010-11-01 13:14 - 00000000 ____D C:\Program Files (x86)\Intel
2012-06-16 19:20 - 2012-06-16 19:20 - 00000000 ____D C:\Windows\System32\SPReview
2012-06-16 19:18 - 2012-06-16 19:18 - 00000000 ____D C:\Windows\System32\EventProviders
2012-06-16 18:33 - 2012-06-16 18:34 - 00476936 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\npdeployJava1.dll
2012-06-16 18:33 - 2012-06-16 18:34 - 00157448 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaws.exe
2012-06-16 18:33 - 2012-06-16 18:34 - 00149256 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaw.exe
2012-06-16 18:33 - 2012-06-16 18:34 - 00149256 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\java.exe
2012-06-16 18:33 - 2012-06-16 18:33 - 00000000 ____D C:\Program Files (x86)\Java
2012-06-16 18:33 - 2011-12-30 21:34 - 00472840 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\deployJava1.dll
2012-06-16 18:31 - 2012-02-11 14:45 - 00000000 ____D C:\Users\All Users\Yahoo!
2012-06-16 18:31 - 2012-02-11 14:45 - 00000000 ____D C:\Users\All Users\Application Data\Yahoo!
2012-06-16 18:31 - 2012-02-11 14:45 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2012-06-16 18:24 - 2012-01-01 12:25 - 00000000 ____D C:\Users\tpot\Tracing
2012-06-16 15:11 - 2012-06-16 15:11 - 00000000 __SHD C:\Windows\System32\%APPDATA%
2012-06-16 14:50 - 2012-06-16 14:50 - 00001111 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-06-16 14:50 - 2012-06-16 14:50 - 00001111 ____A C:\Users\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2012-06-16 14:50 - 2012-06-16 14:50 - 00000000 ____D C:\Users\tpot\Application Data\Malwarebytes
2012-06-16 14:50 - 2012-06-16 14:50 - 00000000 ____D C:\Users\tpot\AppData\Roaming\Malwarebytes
2012-06-16 14:50 - 2012-06-16 14:50 - 00000000 ____D C:\Users\All Users\Malwarebytes
2012-06-16 14:50 - 2012-06-16 14:50 - 00000000 ____D C:\Users\All Users\Application Data\Malwarebytes
2012-06-16 14:50 - 2012-06-16 14:50 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-06-16 14:30 - 2012-06-16 14:30 - 00002214 ____A C:\Users\Public\Desktop\Google Earth.lnk
2012-06-16 14:30 - 2012-06-16 14:30 - 00002214 ____A C:\Users\All Users\Desktop\Google Earth.lnk
2012-06-16 14:30 - 2012-06-16 14:30 - 00000000 ____D C:\Temp
2012-06-16 14:30 - 2012-02-01 07:49 - 00000000 ____D C:\Program Files (x86)\Google
2012-06-16 14:30 - 2010-11-01 13:41 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2012-06-16 14:28 - 2012-02-01 07:52 - 00002342 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2012-06-16 14:28 - 2012-02-01 07:52 - 00002342 ____A C:\Users\All Users\Desktop\Google Chrome.lnk
2012-06-16 14:15 - 2012-06-16 14:15 - 00000000 ____D C:\Users\tpot\Application Data\SUPERAntiSpyware.com
2012-06-16 14:15 - 2012-06-16 14:15 - 00000000 ____D C:\Users\tpot\AppData\Roaming\SUPERAntiSpyware.com
2012-06-16 14:15 - 2012-06-16 14:15 - 00000000 ____D C:\Users\All Users\SUPERAntiSpyware.com
2012-06-16 14:15 - 2012-06-16 14:15 - 00000000 ____D C:\Users\All Users\Application Data\SUPERAntiSpyware.com
2012-06-16 14:15 - 2012-06-16 14:15 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2012-06-16 14:14 - 2010-12-25 15:44 - 00000000 ____D C:\Users\tpot\Local Settings\SoftThinks
2012-06-16 14:14 - 2010-12-25 15:44 - 00000000 ____D C:\Users\tpot\Local Settings\Application Data\SoftThinks
2012-06-16 14:14 - 2010-12-25 15:44 - 00000000 ____D C:\Users\tpot\AppData\Local\SoftThinks
2012-06-16 14:11 - 2012-06-16 14:08 - 00132680 ____A C:\TDSSKiller.2.7.40.0_16.06.2012_14.08.44_log.txt
2012-06-16 14:11 - 2009-04-28 09:27 - 00000000 __SHD C:\Boot
2012-06-16 14:10 - 2012-06-16 14:10 - 00000000 ____D C:\TDSSKiller_Quarantine
2012-06-16 13:43 - 2010-12-25 15:43 - 00000000 ____D C:\users\tpot
2012-06-16 11:33 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\System32\sysprep
2012-06-16 11:32 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\registration
2012-06-03 23:28 - 2012-06-16 19:37 - 58957832 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-05-25 18:48 - 2012-05-25 18:48 - 00000000 ____D C:\Users\tpot\Local Settings\ElevatedDiagnostics
2012-05-25 18:48 - 2012-05-25 18:48 - 00000000 ____D C:\Users\tpot\Local Settings\Application Data\ElevatedDiagnostics
2012-05-25 18:48 - 2012-05-25 18:48 - 00000000 ____D C:\Users\tpot\AppData\Local\ElevatedDiagnostics
2012-05-17 19:47 - 2012-06-16 19:12 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-05-17 19:16 - 2012-06-16 19:12 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-05-17 19:06 - 2012-06-16 19:12 - 02311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-05-17 18:59 - 2012-06-16 19:12 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-05-17 18:59 - 2012-06-16 19:12 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-05-17 18:58 - 2012-06-16 19:12 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-05-17 18:58 - 2012-06-16 19:12 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-05-17 18:56 - 2012-06-16 19:12 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-05-17 18:55 - 2012-06-16 19:12 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-05-17 18:55 - 2012-06-16 19:12 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-05-17 18:54 - 2012-06-16 19:12 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-05-17 18:51 - 2012-06-16 19:12 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-05-17 18:51 - 2012-06-16 19:12 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-05-17 18:47 - 2012-06-16 19:12 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-05-17 16:11 - 2012-06-16 19:12 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-05-17 15:48 - 2012-06-16 19:12 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-05-17 15:45 - 2012-06-16 19:12 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-05-17 15:36 - 2012-06-16 19:12 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-05-17 15:35 - 2012-06-16 19:12 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-05-17 15:35 - 2012-06-16 19:12 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-05-17 15:33 - 2012-06-16 19:12 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-05-17 15:31 - 2012-06-16 19:12 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-05-17 15:29 - 2012-06-16 19:12 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-05-17 15:29 - 2012-06-16 19:12 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-05-17 15:27 - 2012-06-16 19:12 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-05-17 15:25 - 2012-06-16 19:12 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-05-17 15:24 - 2012-06-16 19:12 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-05-17 15:20 - 2012-06-16 19:12 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-05-14 18:32 - 2012-06-16 18:42 - 03146752 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-05-04 04:06 - 2012-06-16 18:50 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-05-04 04:00 - 2012-06-16 21:00 - 00366592 ____A (Microsoft Corporation) C:\Windows\System32\qdvd.dll
2012-05-04 03:03 - 2012-06-16 18:50 - 03968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-05-04 03:03 - 2012-06-16 18:50 - 03913072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-05-04 02:59 - 2012-06-16 21:00 - 00514560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2012-04-30 22:40 - 2012-06-16 18:41 - 00209920 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2012-04-27 20:55 - 2012-06-16 18:40 - 00210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-04-23 22:37 - 2012-06-16 18:41 - 01462272 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-04-23 22:37 - 2012-06-16 18:41 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-04-23 22:37 - 2012-06-16 18:41 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-04-23 21:36 - 2012-06-16 18:41 - 01158656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2012-04-23 21:36 - 2012-06-16 18:41 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2012-04-23 21:36 - 2012-06-16 18:41 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2012-04-07 05:31 - 2012-06-16 18:51 - 03216384 ____A (Microsoft Corporation) C:\Windows\System32\msi.dll
2012-04-07 04:26 - 2012-06-16 18:51 - 02342400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2012-04-04 15:56 - 2012-06-16 14:50 - 00024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-04-04 12:36 - 2012-04-04 12:36 - 00000000 ____D C:\Windows\Sun
2012-03-30 04:35 - 2012-06-16 18:40 - 01918320 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2012-03-29 18:56 - 2012-03-29 18:56 - 00001194 ____A C:\Users\tpot\Desktop\120321-162338.jpg.lnk
2012-03-29 18:54 - 2012-03-29 18:54 - 00001194 ____A C:\Users\tpot\Desktop\120329-183938.jpg.lnk
2012-03-28 23:11 - 2012-03-28 23:11 - 00000000 ____D C:\Users\tpot\Local Settings\Application Data\Adobe
2012-03-28 23:11 - 2012-03-28 23:11 - 00000000 ____D C:\Users\tpot\Local Settings\Adobe
2012-03-28 23:11 - 2012-03-28 23:11 - 00000000 ____D C:\Users\tpot\AppData\Local\Adobe
2012-03-28 23:10 - 2010-12-25 15:47 - 00000000 ____D C:\Users\tpot\Application Data\Adobe
2012-03-28 23:10 - 2010-12-25 15:47 - 00000000 ____D C:\Users\tpot\AppData\Roaming\Adobe
2012-03-20 20:44 - 2012-03-20 20:44 - 00203888 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\MpFilter.sys
2012-03-20 20:44 - 2012-03-20 20:44 - 00098688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\NisDrvWFP.sys
2012-03-20 07:39 - 2012-03-20 07:38 - 03732825 ____A C:\Users\tpot\Downloads\MGK (feat. Waka Flocka) - Wild Boy (lyrics).mp3
2012-03-20 07:38 - 2012-03-20 07:38 - 03732825 ____A C:\Users\tpot\Downloads\MGK (feat. Waka Flocka) - Wild Boy (lyrics) (1).mp3
ZeroAccess:
C:\Windows\Installer\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}
C:\Windows\Installer\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\@
C:\Windows\Installer\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\L
C:\Windows\Installer\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\n
C:\Windows\Installer\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\U
C:\Windows\Installer\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\U\00000001.@
C:\Windows\Installer\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\U\80000000.@
C:\Windows\Installer\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\U\800000cb.@
========================= Known DLLs (Whitelisted) ============

========================= Bamital & volsnap Check ============
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe 014A9CB92514E27C0107614DF764BC06 ZeroAccess <==== ATTENTION!.
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
========================= Memory info ======================
Percentage of memory in use: 16%
Total physical RAM: 3894.68 MB
Available physical RAM: 3245.21 MB
Total Pagefile: 3892.83 MB
Available Pagefile: 3238.51 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB
======================= Partitions =========================
1 Drive c: (OS) (Fixed) (Total:451.01 GB) (Free:417.54 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
2 Drive d: (Recovery) (Fixed) (Total:14.65 GB) (Free:8.07 GB) NTFS
3 Drive e: () (Removable) (Total:7.63 GB) (Free:7.62 GB) FAT32
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 465 GB 0 B
Disk 1 Online 7830 MB 0 B
Partitions of Disk 0:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 OEM 100 MB 1024 KB
Partition 2 Primary 14 GB 101 MB
Partition 3 Primary 451 GB 14 GB
======================================================================================================
Disk: 0
Partition 1
Type : DE
Hidden: Yes
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 DELLUTILITY FAT Partition 100 MB Healthy Hidden
======================================================================================================
Disk: 0
Partition 2
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 D Recovery NTFS Partition 14 GB Healthy
======================================================================================================
Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C OS NTFS Partition 451 GB Healthy
======================================================================================================
Partitions of Disk 1:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 7829 MB 1024 KB
======================================================================================================
Disk: 1
Partition 1
Type : 0B
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E FAT32 Removable 7829 MB Healthy
======================================================================================================
==========================================================
Last Boot: 2012-06-16 21:25
======================= End Of Log ======================
 
In Vista or Windows 7: Boot to System Recovery Options and run FRST.
In Windows XP: Please boot to BartPe and run FRST.
Type the following in the edit box after "Search:".

services.exe

Click Search button and post the log (Search.txt) it makes to your reply.
 
search.txt

Farbar Recovery Scan Tool Version: 17-06-2012 01
Ran by tpot at 2012-06-19 17:37:38
Running from C:\
================== Search: "services" ===================
C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services
[2009-07-13 13:40] - [2009-06-10 14:00] - 0017463 ____A () D9E1A01B480D961B7CF0509D597A92D6
C:\Windows\System32\drivers\etc\services
[2009-07-13 19:34] - [2009-06-10 14:00] - 0017463 ____A () D9E1A01B480D961B7CF0509D597A92D6
====== End Of Search ======
 
Download attached fixlist.txt file and save it to the very same USB flash drive you've been using. Plug the drive back in.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

On Vista or Windows 7: Now please enter System Recovery Options.
On Windows XP: Now please boot into the UBCD.
Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.
 

Attachments

  • fixlist.txt
    308 bytes · Views: 2
fixlog

Fix result of Farbar Recovery Tool (FRST written by Farbar) Version: 17-06-2012 01
Ran by tpot at 2012-06-19 19:06:08 Run:1
Running from C:\
ATTENTION: THE TOOL IS NOT RUN FROM RECOVERY ENVIRONMENT AND WILL NOT FUNCTION PROPERLY.
==============================================
HKEY_LOCAL_MACHINE\System\ControlSet00\Control\Session Manager\SubSystems\\Windows Failed to set value.
C:\Windows\System32\consrv.dll not found.
C:\Windows\Installer\{3b99f81f-31d5-dbab-1bcf-87d0107a285a} moved successfully.
C:\Windows\System32\drivers\etc\services moved successfully.
C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services copied successfully to C:\Windows\System32\drivers\etc\services
==== End of Fixlog ====
 
how bout this?

Fix result of Farbar Recovery Tool (FRST written by Farbar) Version: 17-06-2012 01
Ran by SYSTEM at 2012-06-19 19:15:16 Run:2
Running from F:\
==============================================
HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Session Manager\SubSystems\\Windows Value was restored successfully .
C:\Windows\System32\consrv.dll not found.
C:\Windows\Installer\{3b99f81f-31d5-dbab-1bcf-87d0107a285a} not found.
C:\Windows\System32\drivers\etc\services moved successfully.
C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services copied successfully to C:\Windows\System32\drivers\etc\services
==== End of Fixlog ====
 
See if you can boot normally.

If so....

Please download ComboFix from Here, Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  • Never rename Combofix unless instructed.
  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
  • Close any open browsers.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
  • Double click on combofix.exe & follow the prompts.

  • NOTE1. If Combofix asks you to install Recovery Console, please allow it.
    NOTE 2. If Combofix asks you to update the program, always do so.
  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt"
**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try one of the following:

1. Run Combofix from Safe Mode.

2. Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.
There are 4 different versions. If one of them won't run then download and try to run the other one.
Vista and Win7 users need to right click Rkill and choose Run as Administrator
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

* Rkill.com
* Rkill.scr
* Rkill.exe
  • Double-click on the Rkill icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.
Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

If normal mode still doesn't work, run BOTH tools from safe mode.

In case #2, please post BOTH logs, rKill and Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
 
ComboFix 12-06-20.02 - tpot 06/20/2012 17:21:42.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3895.2476 [GMT -7:00]
Running from: c:\users\tpot\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-05-21 to 2012-06-21 )))))))))))))))))))))))))))))))
.
.
2012-06-21 00:02 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-21 00:02 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-21 00:02 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-21 00:02 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-21 00:02 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-21 00:02 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-21 00:02 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-21 00:02 . 2012-06-02 22:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-21 00:02 . 2012-06-02 22:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-20 00:35 . 2012-06-20 00:36 -------- d-----w- C:\FRST
2012-06-18 03:13 . 2012-05-09 01:34 32600 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2012-06-18 03:13 . 2012-06-18 03:13 -------- d-----w- c:\users\tpot\AppData\Roaming\IObit
2012-06-18 03:13 . 2010-11-27 01:02 17720 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2012-06-18 03:13 . 2012-06-18 03:13 -------- d-----w- c:\program files (x86)\IObit
2012-06-17 20:02 . 2012-06-17 20:02 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-06-17 20:01 . 2012-06-17 20:01 -------- d-----w- c:\program files (x86)\Oracle
2012-06-17 18:14 . 2012-06-17 18:14 -------- d-----w- C:\Emergency
2012-06-17 17:42 . 2012-06-17 17:42 -------- d-----w- c:\users\tpot\AppData\Roaming\GetRightToGo
2012-06-17 14:58 . 2012-01-31 12:44 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-06-17 14:45 . 2012-06-17 14:45 -------- d-----w- c:\windows\CheckSur
2012-06-17 04:00 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-06-17 04:00 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-06-17 03:53 . 2012-06-17 03:53 -------- d-----w- c:\programdata\Intel
2012-06-17 02:20 . 2012-06-17 02:20 -------- d-----w- c:\windows\system32\SPReview
2012-06-17 02:18 . 2012-06-17 02:18 -------- d-----w- c:\windows\system32\EventProviders
2012-06-17 02:16 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-06-17 02:16 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-06-17 02:16 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-06-17 02:16 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2012-06-17 02:16 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-06-17 02:16 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-06-17 02:16 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-06-17 02:07 . 2010-11-05 01:57 48976 ----a-w- c:\windows\system32\netfxperf.dll
2012-06-17 02:06 . 2010-11-20 13:25 4583424 ----a-w- c:\program files\Windows NT\Accessories\wordpad.exe
2012-06-17 02:05 . 2010-11-20 13:27 109056 ----a-w- c:\windows\system32\userenv.dll
2012-06-17 02:04 . 2010-11-20 13:27 611840 ----a-w- c:\windows\system32\wpd_ci.dll
2012-06-17 02:03 . 2010-11-20 13:27 217600 ----a-w- c:\windows\system32\WinSCard.dll
2012-06-17 02:02 . 2010-11-20 13:27 21504 ----a-w- c:\windows\system32\TRAPI.dll
2012-06-17 02:01 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\sqmapi.dll
2012-06-17 02:01 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\wdscore.dll
2012-06-17 02:01 . 2010-11-20 12:17 209920 ----a-w- c:\windows\SysWow64\PkgMgr.exe
2012-06-17 02:00 . 2010-11-20 12:18 323072 ----a-w- c:\windows\SysWow64\drvstore.dll
2012-06-17 02:00 . 2010-11-20 12:18 257024 ----a-w- c:\windows\SysWow64\dpx.dll
2012-06-17 02:00 . 2010-11-20 12:21 189952 ----a-w- c:\program files (x86)\Windows Portable Devices\sqmapi.dll
2012-06-17 02:00 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll
2012-06-17 02:00 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll
2012-06-17 01:57 . 2010-11-20 13:27 524288 ----a-w- c:\windows\system32\wmicmiplugin.dll
2012-06-17 01:57 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2012-06-17 01:57 . 2010-11-20 13:27 1225216 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2012-06-17 01:57 . 2010-11-20 13:27 244736 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll
2012-06-17 01:57 . 2010-11-20 13:27 244736 ----a-w- c:\windows\system32\sqmapi.dll
2012-06-17 01:57 . 2010-11-20 13:27 933376 ----a-w- c:\windows\system32\SmiEngine.dll
2012-06-17 01:56 . 2010-11-20 13:25 199168 ----a-w- c:\windows\system32\PkgMgr.exe
2012-06-17 01:55 . 2010-11-20 13:26 422912 ----a-w- c:\windows\system32\drvstore.dll
2012-06-17 01:55 . 2010-11-20 13:26 399872 ----a-w- c:\windows\system32\dpx.dll
2012-06-17 01:51 . 2012-04-07 12:31 3216384 ----a-w- c:\windows\system32\msi.dll
2012-06-17 01:51 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\SysWow64\msi.dll
2012-06-17 01:50 . 2012-05-04 11:06 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-06-17 01:50 . 2012-05-04 10:03 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-06-17 01:50 . 2012-05-04 10:03 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-06-17 01:42 . 2012-05-15 01:32 3146752 ----a-w- c:\windows\system32\win32k.sys
2012-06-17 01:41 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll
2012-06-17 01:41 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-06-17 01:41 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-06-17 01:41 . 2010-11-20 13:27 33792 ----a-w- c:\windows\system32\profprov.dll
2012-06-17 01:41 . 2012-04-24 05:37 1462272 ----a-w- c:\windows\system32\crypt32.dll
2012-06-17 01:41 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-06-17 01:41 . 2012-04-24 05:37 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-06-17 01:41 . 2012-04-24 05:37 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-06-17 01:41 . 2012-04-24 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-06-17 01:41 . 2012-04-24 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-06-17 01:40 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-06-17 01:40 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-06-17 01:40 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-17 01:38 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-06-17 01:38 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-06-17 01:38 . 2010-11-20 13:24 2164224 ----a-w- c:\program files\Windows Journal\Journal.exe
2012-06-17 01:38 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-06-17 01:38 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2012-06-17 01:38 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2012-06-17 01:34 . 2012-05-05 02:29 772504 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-06-17 01:33 . 2012-06-18 03:43 -------- d-----w- c:\program files (x86)\Java
2012-06-16 22:11 . 2012-06-16 22:11 -------- d-sh--w- c:\windows\system32\%APPDATA%
2012-06-16 21:50 . 2012-06-16 21:50 -------- d-----w- c:\users\tpot\AppData\Roaming\Malwarebytes
2012-06-16 21:50 . 2012-06-16 21:50 -------- d-----w- c:\programdata\Malwarebytes
2012-06-16 21:30 . 2012-06-16 21:30 -------- d-----w- C:\Temp
2012-06-16 21:15 . 2012-06-16 21:15 -------- d-----w- c:\users\tpot\AppData\Roaming\SUPERAntiSpyware.com
2012-05-26 01:48 . 2012-05-26 01:48 -------- d-----w- c:\users\tpot\AppData\Local\ElevatedDiagnostics
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-17 02:57 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-06-17 02:57 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-05-05 02:29 . 2011-12-31 04:34 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{c1b8770b-7d91-c494-31e0-e62db08b9414}"= "c:\program files (x86)\Bucksbee Loyalty Plugin - W3i\Helper.dll" [2012-02-11 361984]
.
[HKEY_CLASSES_ROOT\clsid\{c1b8770b-7d91-c494-31e0-e62db08b9414}]
[HKEY_CLASSES_ROOT\FreeCauseURLSearchHook.FCToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{4461AAA2-16D5-BEB4-A120-6B92E5EA1B87}]
[HKEY_CLASSES_ROOT\FreeCauseURLSearchHook.FCToolbarURLSearchHook]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{626A9BF6-A6F4-18F4-159B-52A7A586C40B}]
2012-02-02 16:07 13632 ----a-w- c:\program files (x86)\Bucksbee Loyalty Plugin - W3i\BucksBee Loyalty Plugin.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-06-08 284696]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]
"DellSupportCenter"="c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-12-08 421736]
.
c:\users\tpot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-12-15 1324384]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-12-29 1082656]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-12-15 1324384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
R4 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-01 136176]
R4 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-01 136176]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-06-08 13336]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
S3 BcmVWL;Broadcom Virtual Wireless;c:\windows\system32\DRIVERS\bcmvwl64.sys [x]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-06-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-01 14:49]
.
2012-06-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-01 14:49]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2010-01-06 3179288]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-06-18 487424]
"Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2010-02-03 5712896]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-11 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-11 392984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-11 417560]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://us.yhs4.search.yahoo.com/web/partner?&hspart=w3i&hsimp=yhs-syctransfer&type=type=W3i_SP,204,0_0,StartPage,20120206,16898,0,8,0
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-RunOnce-c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe - c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Yahoo! Toolbar - c:\progra~2\Yahoo!\Common\UNYT_W~1.EXE
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
c:\program files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
.
**************************************************************************
.
Completion time: 2012-06-20 17:33:58 - machine was rebooted
ComboFix-quarantined-files.txt 2012-06-21 00:33
.
Pre-Run: 451,012,677,632 bytes free
Post-Run: 452,393,910,272 bytes free
.
- - End Of File - - B60CD2E21F8C341E5327318573D78AB1
 
Looks good :)

Any current issues?

Download OTL to your Desktop.

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Scan All Users checkbox.
  • Under the Custom Scan box paste this in:


netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\tasks\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /I " " /c
dir /b "%systemroot%\*.exe" | find /I " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\LastSuccessTime /rs
/md5start
/md5stop


  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
 
You must log in or register to reply here.

Similar threads

B
Help with PUBG Mobile Pc
Replies
0
Views
421
basitdogar
B
E
I have been taken over by a software called Astanda using XML to Log everything and roaming to an SQL server.
Replies
0
Views
467
eriksnyman1
E
M
Virus warning popup
Replies
1
Views
532
Mark Fuller
M

Latest posts

Back