[Resolvido!] Micro ruim

[Dreddski 0]

Olá galera como vao vcs??? :lol:

Meu pc ta mto ruim toda hora ta dando umas travadas do nada e as vezes reinicia sozinho e to achando ser virus. Dei uma escaneada com o mcafee que eu vi no google, com aquele malwarebytes, spyware doutor e tudo mais, eles tiram o virus mais eles voltam dinovo e nao sei o que esta acontecendo direito. Peço ajuda a vcs aqui

 

Este é o meu log

 

Obrigado des de ja a todos q puderem me ajudar

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 9:47:37, on 27/08/2009

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18813)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Lexmark 1300 Series\lxdcamon.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\OpenOffice.org 3\program\soffice.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\OpenOffice.org 3\program\soffice.bin

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Windows\system32\msfeedssync.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe

C:\Users\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [lxdcamon] "C:\Program Files\Lexmark 1300 Series\lxdcamon.exe"

O4 - HKLM\..\Run: [LXDCCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXDCtime.dll,_RunDLLEntry@16

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe

O4 - HKUS\S-1-5-18\..\Run: [Exetender] "C:\Program Files\Free Ride Games\GPlayer.exe /runonstartup" (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [Exetender] "C:\Program Files\Free Ride Games\GPlayer.exe /runonstartup" (User 'Default user')

O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O13 - Gopher Prefix:

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/você/bin/AvSniff.cab

O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab

O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: lxdc_device - - C:\Windows\system32\lxdccoms.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

 

--

End of file - 7641 bytes

 

 

Aguardo instruções :joia:

[MGuitar 11]

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 9:47:37, on 27/08/2009

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18813)

Boot mode: Normal

Este log foi feito às nove da manhã. Da próxima vez, gere e poste um log com o horário atual.

 

1ª Etapa

 

Vá em Painel de Controle > Adicionar ou Remover Programas. Encontre e desinstale o AskBarDis.

 

 

2ª Etapa

 

Faça o download do OTS e salve-o no desktop;

 

Dê um duplo clique em OTS.exe para executar a ferramenta;

Marque a opção Scan All Users. Em "File Age" coloque 30 Days;

Em "Additional Scans" marque os itens File - Lop Check e File - Purity Scan;

Clique no botão Run Scan e aguarde o scan da ferramenta;

Vide imagem de configuração (configure como tal):

 

 

Será aberto um log chamado OTS.Txt, que também estará salvo no desktop.

 

Copie e cole este log em sua próxima resposta.

[Dreddski 0]

Olá amigo obrigado pela rapida resposta.

Olha só nao encontrei o painel de controle nao seria control panel?? é q o meu vista é ingles 64 bits o ultimate. Se for ele quando eu clico pra remover o askbardis aparece um erro dizendo q ta sendo usado e tal.

 

Continuo fazendo o procedimento ou paro tenho q remover esse askbardis antes??

 

Obrigado :D

[MGuitar 11]

Olha só nao encontrei o painel de controle nao seria control panel?? é q o meu vista é ingles 64 bits o ultimate. Se for ele quando eu clico pra remover o askbardis aparece um erro dizendo q ta sendo usado e tal.

Se o navegador estiver aberto, feche-o e tente novamente remover o AskBarDis.

 

Continuo fazendo o procedimento ou paro tenho q remover esse askbardis antes??

Dê prosseguimento.

[Dreddski 0]

Olá amigo boa tarde.

Fiz tudo como me orientou fechei o navegador e consegui remover o askbardis mais depois pediu p/ reinicia o pc eh isso msm???

 

Bom aqui ta o que foi gerado do ots

 

Obrigado pela atençao

 

OTS logfile created on: 28/8/2009 14:50:23 - Run 1OTS by OldTimer - Version 3.0.10.3     Folder = C:\Users\Dreddski\DesktopWindows Vista Ultimate Edition Service Pack 2 (Version = 6.0.1906) - Type = NTWorkstationInternet Explorer (Version = 8.0.6001.18813)Locale: 00000422 | Country: Brasil | Language: ENU | Date Format: d/M/yyyy 2.00 Gb Total Physical Memory | 1.08 Gb Available Physical Memory | 53.87% Memory free4.00 Gb Paging File | 3.25 Gb Available in Paging File | 81.26% Paging File freePaging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program FilesDrive C: | 155.83 Gb Total Space | 80.63 Gb Free Space | 51.74% Space Free | Partition Type: NTFSD: Drive not present or media not loadedE: Drive not present or media not loadedDrive F: | 4.13 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFSDrive G: | 97.66 Gb Total Space | 78.21 Gb Free Space | 80.09% Space Free | Partition Type: NTFSH: Drive not present or media not loadedI: Drive not present or media not loadedDrive P: | 32.49 Gb Total Space | 28.19 Gb Free Space | 86.77% Space Free | Partition Type: NTFS Computer Name: DREDDSKICurrent User Name: DreddskiLogged in as Administrator. Current Boot Mode: NormalScan Mode: All usersCompany Name Whitelist: OnSkip Microsoft Files: OffFile Age = 30 Days [Processes - Safe List]aawservice.exe -> C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -> [2009/08/21 08:01:43 | 00,611,664 | ---- | M] (Lavasoft)applemobiledeviceservice.exe -> C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> [2009/06/05 11:48:14 | 00,144,712 | ---- | M] (Apple Inc.)bcmsqlstartupsvc.exe -> C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -> [2009/02/20 09:46:52 | 00,030,312 | ---- | M] (Microsoft Corporation)btwdins.exe -> C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe -> [2008/10/15 08:07:28 | 00,555,560 | ---- | M] (Broadcom Corporation.)ehmsas.exe -> C:\Windows\ehome\ehmsas.exe -> [2008/01/21 10:25:11 | 00,037,376 | ---- | M] (Microsoft Corporation)ehtray.exe -> C:\Windows\ehome\ehtray.exe -> [2008/01/21 10:25:11 | 00,125,952 | ---- | M] (Microsoft Corporation)evteng.exe -> C:\Program Files\Intel\WiFi\bin\EvtEng.exe -> [2008/08/21 08:38:30 | 00,860,160 | ---- | M] (Intel(R) Corporation)explorer.exe -> C:\Windows\Explorer.EXE -> [2009/04/11 14:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation)flashutil10b.exe -> C:\Windows\System32\Macromed\Flash\FlashUtil10b.exe -> [2009/02/03 10:07:18 | 00,240,544 | R--- | M] (Adobe Systems, Inc.)iexplore.exe -> C:\Program Files\Internet Explorer\iexplore.exe -> [2009/08/28 14:49:24 | 00,638,816 | ---- | M] (Microsoft Corporation)iexplore.exe -> C:\Program Files\Internet Explorer\iexplore.exe -> [2009/08/28 14:49:24 | 00,638,816 | ---- | M] (Microsoft Corporation)iexplore.exe -> C:\Program Files\Internet Explorer\IEXPLORE.EXE -> [2009/08/28 14:49:24 | 00,638,816 | ---- | M] (Microsoft Corporation)iexplore.exe -> C:\Program Files\Internet Explorer\iexplore.exe -> [2009/08/28 14:49:24 | 00,638,816 | ---- | M] (Microsoft Corporation)iexplore.exe -> C:\Program Files\Internet Explorer\iexplore.exe -> [2009/08/28 14:49:24 | 00,638,816 | ---- | M] (Microsoft Corporation)iexplore.exe -> C:\Program Files\Internet Explorer\iexplore.exe -> [2009/08/28 14:49:24 | 00,638,816 | ---- | M] (Microsoft Corporation)ipodservice.exe -> C:\Program Files\iPod\bin\iPodService.exe -> [2009/06/05 13:39:14 | 00,541,992 | ---- | M] (Apple Inc.)isbmgr.exe -> C:\Program Files\Sony\ISB Utility\ISBMgr.exe -> [2008/04/04 12:32:48 | 00,317,280 | ---- | M] (Sony Corporation)iviregmgr.exe -> C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -> [2007/01/05 11:48:50 | 00,112,152 | ---- | M] (InterVideo)lanutil.exe -> C:\Program Files\Sony\Network Utility\LANUtil.exe -> [2008/12/05 17:16:42 | 00,270,336 | ---- | M] (Sony Corporation)magic-i visual effects.exe -> C:\Program Files\ArcSoft\Magic-i Visual Effects 2\Magic-i Visual Effects.exe -> [2009/08/25 02:55:52 | 00,389,120 | ---- | M] (ArcSoft, Inc.)mcagent.exe -> c:\Program Files\McAfee.com\Agent\mcagent.exe -> [2009/08/24 17:25:20 | 00,645,328 | ---- | M] (McAfee, Inc.)mcmscsvc.exe -> C:\Program Files\McAfee\MSC\mcmscsvc.exe -> [2009/08/24 17:25:20 | 00,797,864 | ---- | M] (McAfee, Inc.)mcnasvc.exe -> c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -> [2009/08/24 11:31:16 | 02,482,848 | ---- | M] (McAfee, Inc.)mcods.exe -> C:\Program Files\McAfee\VirusScan\mcods.exe -> [2009/08/24 14:21:30 | 00,365,072 | ---- | M] (McAfee, Inc.)mcproxy.exe -> c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -> [2009/08/24 08:06:52 | 00,359,952 | ---- | M] (McAfee, Inc.)mcsacore.exe -> C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -> [2009/06/23 10:46:14 | 00,203,280 | ---- | M] ()mcshield.exe -> C:\Program Files\McAfee\VirusScan\Mcshield.exe -> [2009/08/24 11:05:48 | 00,144,704 | ---- | M] (McAfee, Inc.)mcsysmon.exe -> C:\Program Files\McAfee\VirusScan\mcsysmon.exe -> [2009/08/24 00:03:18 | 00,606,736 | ---- | M] (McAfee, Inc.)mcvsshld.exe -> c:\Program Files\McAfee\VirusScan\mcvsshld.exe -> [2009/08/24 14:21:30 | 00,262,160 | ---- | M] (McAfee, Inc.)mdnsresponder.exe -> C:\Program Files\Bonjour\mDNSResponder.exe -> [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.)mobsync.exe -> C:\Windows\System32\mobsync.exe -> [2008/01/21 10:23:32 | 00,095,744 | ---- | M] (Microsoft Corporation)mpfsrv.exe -> C:\Program Files\McAfee\MPF\MPFSrv.exe -> [2009/08/24 11:42:02 | 00,884,360 | ---- | M] (McAfee, Inc.)msascui.exe -> C:\Program Files\Windows Defender\MSASCui.exe -> [2008/01/21 10:23:32 | 01,008,184 | ---- | M] (Microsoft Corporation)msksrver.exe -> C:\Program Files\McAfee\MSK\MskSrver.exe -> [2009/08/24 09:22:10 | 00,026,640 | ---- | M] (McAfee, Inc.)nsuservice.exe -> C:\Program Files\Sony\Network Utility\NSUService.exe -> [2008/12/05 15:23:56 | 00,303,104 | ---- | M] (Sony Corporation)nvvsvc.exe -> C:\Windows\System32\nvvsvc.exe -> [2008/11/05 08:14:38 | 00,196,608 | ---- | M] (NVIDIA Corporation)ots.exe -> C:\Users\Dreddski\Desktop\OTS.exe -> [2009/08/28 14:47:15 | 00,514,560 | ---- | M] (OldTimer Tools)pctsauxs.exe -> C:\Program Files\Spyware Doctor\pctsAuxs.exe -> [2009/08/23 12:40:56 | 00,348,752 | ---- | M] (PC Tools)pctssvc.exe -> C:\Program Files\Spyware Doctor\pctsSvc.exe -> [2009/08/23 22:55:16 | 01,096,584 | ---- | M] (PC Tools)pctstray.exe -> C:\Program Files\Spyware Doctor\pctsTray.exe -> [2009/08/23 14:41:48 | 01,181,576 | ---- | M] (PC Tools)presentationfontcache.exe -> C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -> [2009/02/19 02:39:20 | 00,043,904 | ---- | M] (Microsoft Corporation)regsrvc.exe -> C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -> [2008/08/21 08:08:02 | 00,466,944 | ---- | M] (Intel(R) Corporation)seaport.exe -> C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -> [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation)sidebar.exe -> C:\Program Files\Windows Sidebar\sidebar.exe -> [2009/04/11 14:28:03 | 01,233,920 | ---- | M] (Microsoft Corporation)sqlbrowser.exe -> C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -> [2008/11/24 22:31:08 | 00,239,968 | ---- | M] (Microsoft Corporation)sqlwriter.exe -> C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -> [2008/11/24 22:31:12 | 00,087,904 | ---- | M] (Microsoft Corporation)syntpenh.exe -> C:\Program Files\Synaptics\SynTP\SynTPEnh.exe -> [2008/08/19 08:08:25 | 01,348,904 | ---- | M] (Synaptics, Inc.)syntphelper.exe -> C:\Program Files\Synaptics\SynTP\SynTPHelper.exe -> [2008/08/19 08:08:25 | 00,103,720 | ---- | M] (Synaptics, Inc.)unsecapp.exe -> C:\Windows\System32\wbem\unsecapp.exe -> [2009/04/11 14:28:08 | 00,037,888 | ---- | M] (Microsoft Corporation)vaioupdt.exe -> C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe -> [2008/08/29 12:21:36 | 00,870,240 | ---- | M] (Sony Corporation)vcfw.exe -> C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -> [2008/09/12 11:28:26 | 00,446,464 | ---- | M] (Sony Corporation)vcmialzmgr.exe -> C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -> [2008/10/02 10:18:48 | 00,369,952 | ---- | M] (Sony Corporation)vesmgr.exe -> C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -> [2008/11/06 10:32:28 | 00,203,624 | ---- | M] (Sony Corporation)vesmgrsub.exe -> C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe -> [2008/11/06 10:32:28 | 00,100,472 | ---- | M] (Sony Corporation)wltuser.exe -> C:\Program Files\Windows Live\Toolbar\wltuser.exe -> [2009/02/06 18:21:00 | 00,224,632 | ---- | M] (Microsoft Corporation)wmiprvse.exe -> C:\Windows\System32\wbem\wmiprvse.exe -> [2009/04/11 14:28:15 | 00,247,296 | ---- | M] (Microsoft Corporation)wmpnetwk.exe -> C:\Program Files\Windows Media Player\wmpnetwk.exe -> [2008/01/21 10:25:33 | 00,896,512 | ---- | M] (Microsoft Corporation)wmpnscfg.exe -> C:\Program Files\Windows Media Player\wmpnscfg.exe -> [2008/01/21 10:25:33 | 00,202,240 | ---- | M] (Microsoft Corporation)wudfhost.exe -> C:\Windows\System32\WUDFHost.exe -> [2008/01/21 10:24:59 | 00,142,336 | ---- | M] (Microsoft Corporation)xaudio.exe -> C:\Windows\System32\DRIVERS\xaudio.exe -> [2008/07/04 08:04:22 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) [Win32 Services - Safe List](ACDaemon) ArcSoft Connect Daemon [Win32_Own | Disabled | Stopped] -> C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -> [2009/08/25 17:02:14 | 00,109,056 | ---- | M] (ArcSoft Inc.)(AdobeActiveFileMonitor7.0) Adobe Active File Monitor V7 [Win32_Own | Disabled | Stopped] -> C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -> [2008/09/17 04:03:18 | 00,169,312 | ---- | M] (Adobe Systems Incorporated)(Apple Mobile Device) Apple Mobile Device [Win32_Own | Auto | Running] -> C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> [2009/06/05 11:48:14 | 00,144,712 | ---- | M] (Apple Inc.)(BcmSqlStartupSvc) Business Contact Manager SQL Server Startup Service [Win32_Own | Auto | Running] -> C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -> [2009/02/20 09:46:52 | 00,030,312 | ---- | M] (Microsoft Corporation)(Bonjour Service) Bonjour Service [Win32_Own | Auto | Running] -> C:\Program Files\Bonjour\mDNSResponder.exe -> [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.)(btwdins) Bluetooth Service [Win32_Own | Auto | Running] -> C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe -> [2008/10/15 08:07:28 | 00,555,560 | ---- | M] (Broadcom Corporation.)(clr_optimization_v2.0.50727_32) Microsoft .NET Framework NGEN v2.0.50727_X86 [Win32_Own | On_Demand | Stopped] -> C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2009/03/30 12:42:14 | 00,066,368 | ---- | M] (Microsoft Corporation)(ehRecvr) Windows Media Center Receiver Service [Win32_Own | On_Demand | Stopped] -> C:\Windows\ehome\ehRecvr.exe -> [2008/01/21 10:25:09 | 00,292,352 | ---- | M] (Microsoft Corporation)(ehSched) Windows Media Center Scheduler Service [Win32_Own | On_Demand | Stopped] -> C:\Windows\ehome\ehsched.exe -> [2006/11/02 20:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation)(ehstart) Windows Media Center Service Launcher [Win32_Shared | Auto | Stopped] -> C:\Windows\ehome\ehstart.dll -> [2006/11/02 20:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation)(Eventlog) Windows Event Log [Win32_Shared | Auto | Running] -> C:\Windows\System32\wevtsvc.dll -> [2009/04/11 14:28:25 | 01,017,856 | ---- | M] (Microsoft Corporation)(EvtEng) Intel® PROSet/Wireless Event Log [Win32_Own | Auto | Running] -> C:\Program Files\Intel\WiFi\bin\EvtEng.exe -> [2008/08/21 08:38:30 | 00,860,160 | ---- | M] (Intel(R) Corporation)(FLEXnet Licensing Service) FLEXnet Licensing Service [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -> [2007/01/13 11:37:56 | 00,651,720 | ---- | M] (Macrovision Europe Ltd.)(FontCache3.0.0.0) Windows Presentation Foundation Font Cache 3.0.0.0 [Win32_Own | On_Demand | Running] -> C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -> [2009/02/19 02:39:20 | 00,043,904 | ---- | M] (Microsoft Corporation)(idsvc) Windows CardSpace [Win32_Shared | Unknown | Stopped] -> C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -> [2009/02/19 02:38:42 | 00,879,448 | ---- | M] (Microsoft Corporation)(iPod Service) iPod Service [Win32_Own | On_Demand | Running] -> C:\Program Files\iPod\bin\iPodService.exe -> [2009/06/05 13:39:14 | 00,541,992 | ---- | M] (Apple Inc.)(IviRegMgr) IviRegMgr [Win32_Own | Auto | Running] -> C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -> [2007/01/05 11:48:50 | 00,112,152 | ---- | M] (InterVideo)(McAfee SiteAdvisor Service) McAfee SiteAdvisor Service [Win32_Own | Auto | Running] -> C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -> [2009/06/23 10:46:14 | 00,203,280 | ---- | M] ()(mcmscsvc) McAfee Services [Win32_Own | Auto | Running] -> C:\Program Files\McAfee\MSC\mcmscsvc.exe -> [2009/08/24 17:25:20 | 00,797,864 | ---- | M] (McAfee, Inc.)(McNASvc) McAfee Network Agent [Win32_Own | Auto | Running] -> c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -> [2009/08/24 11:31:16 | 02,482,848 | ---- | M] (McAfee, Inc.)(McODS) McAfee Scanner [Win32_Own | On_Demand | Running] -> C:\Program Files\McAfee\VirusScan\mcods.exe -> [2009/08/24 14:21:30 | 00,365,072 | ---- | M] (McAfee, Inc.)(McProxy) McAfee Proxy Service [Win32_Own | Auto | Running] -> c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -> [2009/08/24 08:06:52 | 00,359,952 | ---- | M] (McAfee, Inc.)(McShield) McAfee Real-time Scanner [Win32_Own | Unknown | Running] -> C:\Program Files\McAfee\VirusScan\Mcshield.exe -> [2009/08/24 11:05:48 | 00,144,704 | ---- | M] (McAfee, Inc.)(McSysmon) McAfee SystemGuards [Win32_Own | On_Demand | Running] -> C:\Program Files\McAfee\VirusScan\mcsysmon.exe -> [2009/08/24 00:03:18 | 00,606,736 | ---- | M] (McAfee, Inc.)(MpfService) McAfee Personal Firewall Service [Win32_Own | Auto | Running] -> C:\Program Files\McAfee\MPF\MPFSrv.exe -> [2009/08/24 11:42:02 | 00,884,360 | ---- | M] (McAfee, Inc.)(MSCSPTISRV) MSCSPTISRV [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -> [2008/05/20 17:49:04 | 00,053,248 | ---- | M] (Sony Corporation)(MSK80Service) McAfee Anti-Spam Service [Win32_Own | Auto | Running] -> C:\Program Files\McAfee\MSK\MskSrver.exe -> [2009/08/24 09:22:10 | 00,026,640 | ---- | M] (McAfee, Inc.)(MSSQL$MSSMLBIZ) SQL Server (MSSMLBIZ) [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -> [2008/11/24 22:31:10 | 29,263,712 | ---- | M] (Microsoft Corporation)(MSSQLServerADHelper) SQL Server Active Directory Helper [Win32_Own | Disabled | Stopped] -> C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -> [2008/11/24 22:31:08 | 00,045,408 | ---- | M] (Microsoft Corporation)(NetTcpPortSharing) Net.Tcp Port Sharing Service [Win32_Shared | Disabled | Stopped] -> C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -> [2009/02/19 02:38:43 | 00,129,880 | ---- | M] (Microsoft Corporation)(NSUService) NSUService [Win32_Own | Auto | Running] -> C:\Program Files\Sony\Network Utility\NSUService.exe -> [2008/12/05 15:23:56 | 00,303,104 | ---- | M] (Sony Corporation)(nvsvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> C:\Windows\System32\nvvsvc.exe -> [2008/11/05 08:14:38 | 00,196,608 | ---- | M] (NVIDIA Corporation)(odserv) Microsoft Office Diagnostics Service [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -> [2008/11/04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation)(ose) Office Source Engine [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -> [2006/10/27 06:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation)(PACSPTISVR) PACSPTISVR [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -> [2008/05/20 17:29:06 | 00,053,248 | ---- | M] (Sony Corporation)(RegSrvc) Intel® PROSet/Wireless Registry Service [Win32_Own | Auto | Running] -> C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -> [2008/08/21 08:08:02 | 00,466,944 | ---- | M] (Intel(R) Corporation)(sdAuxService) PC Tools Auxiliary Service [Win32_Own | Auto | Running] -> C:\Program Files\Spyware Doctor\pctsAuxs.exe -> [2009/01/07 12:40:56 | 00,348,752 | ---- | M] (PC Tools)(sdCoreService) PC Tools Security Service [Win32_Own | Auto | Running] -> C:\Program Files\Spyware Doctor\pctsSvc.exe -> [2009/06/07 22:55:16 | 01,096,584 | ---- | M] (PC Tools)(SeaPort) SeaPort [Win32_Own | Auto | Running] -> C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -> [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation)(SOHCImp) VAIO Media plus Content Importer [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe -> [2008/10/22 02:52:36 | 00,103,712 | ---- | M] (Sony Corporation)(SOHDms) VAIO Media plus Digital Media Server [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Sony\VAIO Media plus\SOHDms.exe -> [2008/10/22 02:52:38 | 00,353,568 | ---- | M] (Sony Corporation)(SOHDs) VAIO Media plus Device Searcher [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Sony\VAIO Media plus\SOHDs.exe -> [2008/10/22 02:52:38 | 00,062,752 | ---- | M] (Sony Corporation)(SPTISRV) Sony SPTI Service [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -> [2008/05/20 17:51:34 | 00,077,824 | ---- | M] (Sony Corporation)(SQLBrowser) SQL Server Browser [Win32_Own | Auto | Running] -> C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -> [2008/11/24 22:31:08 | 00,239,968 | ---- | M] (Microsoft Corporation)(SQLWriter) SQL Server VSS Writer [Win32_Own | Auto | Running] -> C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -> [2008/11/24 22:31:12 | 00,087,904 | ---- | M] (Microsoft Corporation)(uCamMonitor) CamMonitor [Win32_Own | Auto | Stopped] -> C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -> [2008/09/19 02:59:10 | 00,104,960 | ---- | M] (ArcSoft, Inc.)(VAIO Event Service) VAIO Event Service [Win32_Own | Auto | Running] -> C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -> [2008/11/06 10:32:28 | 00,203,624 | ---- | M] (Sony Corporation)(VCFw) VAIO Content Folder Watcher [Win32_Own | Auto | Running] -> C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -> [2008/09/12 11:28:26 | 00,446,464 | ---- | M] (Sony Corporation)(VcmIAlzMgr) VAIO Content Metadata Intelligent Analyzing Manager [Win32_Own | Auto | Running] -> C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -> [2008/10/02 10:18:48 | 00,369,952 | ---- | M] (Sony Corporation)(VcmXmlIfHelper) VAIO Content Metadata XML Interface [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -> [2008/09/20 02:06:22 | 00,083,232 | ---- | M] (Sony Corporation)(WinDefend) Windows Defender [Win32_Shared | Auto | Running] -> C:\Program Files\Windows Defender\mpsvc.dll -> [2008/01/21 10:23:32 | 00,272,952 | ---- | M] (Microsoft Corporation)(WMPNetworkSvc) Windows Media Player Network Sharing Service [Win32_Own | Auto | Running] -> C:\Program Files\Windows Media Player\wmpnetwk.exe -> [2008/01/21 10:25:33 | 00,896,512 | ---- | M] (Microsoft Corporation)(XAudioService) XAudioService [Win32_Own | Auto | Running] -> C:\Windows\System32\DRIVERS\xaudio.exe -> [2008/07/04 08:04:22 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) [Driver Services - Safe List](adp94xx) adp94xx [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adp94xx.sys -> [2008/01/21 10:23:21 | 00,422,968 | ---- | M] (Adaptec, Inc.)(adpahci) adpahci [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adpahci.sys -> [2008/01/21 10:23:25 | 00,300,600 | ---- | M] (Adaptec, Inc.)(adpu160m) adpu160m [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adpu160m.sys -> [2008/01/21 10:23:26 | 00,101,432 | ---- | M] (Adaptec, Inc.)(adpu320) adpu320 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adpu320.sys -> [2008/01/21 10:23:27 | 00,149,560 | ---- | M] (Adaptec, Inc.)(aic78xx) aic78xx [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\djsvs.sys -> [2006/11/02 17:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.)(aliide) aliide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\aliide.sys -> [2008/01/21 10:23:00 | 00,017,464 | ---- | M] (Acer Laboratories Inc.)(amx) AMixer X WValue [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\x.sys -> [2009/08/11 12:44:12 | 12,412,322 | ---- | M] (WValue)(arc) arc [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\arc.sys -> [2009/08/25 10:23:23 | 00,079,416 | ---- | M] (Adaptec, Inc.)(arcsas) arcsas [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\arcsas.sys -> [2009/08/25 10:23:24 | 00,079,928 | ---- | M] (Adaptec, Inc.)(ArcSoftKsUFilter) ArcSoft Magic-I Visual Effect [Kernel | On_Demand | Running] -> C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys -> [2009/08/25 06:06:40 | 00,017,920 | ---- | M] (ArcSoft, Inc.)(athr) Atheros Extensible Wireless LAN device driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\DRIVERS\athr.sys -> [2008/11/05 08:13:26 | 00,919,552 | ---- | M] (Atheros Communications, Inc.)(BrFiltLo) Brother USB Mass-Storage Lower Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brfiltlo.sys -> [2008/11/02 16:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.)(BrFiltUp) Brother USB Mass-Storage Upper Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brfiltup.sys -> [2008/11/02 16:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.)(Brserid) Brother MFC Serial Port Interface Driver (WDM) [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\brserid.sys -> [2006/11/02 16:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.)(BrSerWdm) Brother WDM Serial driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\brserwdm.sys -> [2006/11/02 16:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.)(BrUsbMdm) Brother MFC USB Fax Only Modem [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\brusbmdm.sys -> [2006/11/02 16:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.)(BrUsbSer) Brother MFC USB Serial WDM Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brusbser.sys -> [2006/11/02 16:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.)(btwaudio) Bluetooth Audio Device Service [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\btwaudio.sys -> [2008/11/05 08:01:28 | 00,084,008 | ---- | M] (Broadcom Corporation.)(btwavdt) Bluetooth AVDT [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\btwavdt.sys -> [2008/11/05 08:01:28 | 00,109,096 | ---- | M] (Broadcom Corporation.)(btwl2cap) Bluetooth L2CAP Service [Kernel | On_Demand | Stopped] -> C:\Windows\System32\DRIVERS\btwl2cap.sys -> [2008/11/05 08:01:10 | 00,029,736 | ---- | M] (Broadcom Corporation.)(btwrchid) btwrchid [Kernel | On_Demand | Stopped] -> C:\Windows\System32\DRIVERS\btwrchid.sys -> [2008/11/05 08:01:29 | 00,018,344 | ---- | M] (Broadcom Corporation.)(cmdide) cmdide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\cmdide.sys -> [2008/01/21 10:23:00 | 00,019,000 | ---- | M] (CMD Technology, Inc.)(DMICall) Sony DMI Call service [Kernel | System | Running] -> C:\Windows\System32\DRIVERS\DMICall.sys -> [2008/11/25 12:46:26 | 00,010,216 | ---- | M] (Sony Corporation)(E1G60) Intel(R) PRO/1000 NDIS 6 Adapter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\DRIVERS\E1G60I32.sys -> [2008/01/21 10:23:24 | 00,118,784 | ---- | M] (Intel Corporation)(elxstor) elxstor [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\elxstor.sys -> [2008/01/21 10:23:22 | 00,342,584 | ---- | M] (Emulex)(GEARAspiWDM) GEAR ASPI Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\DRIVERS\GEARAspiWDM.sys -> [2009/03/19 16:32:48 | 00,023,400 | ---- | M] (GEAR Software Inc.)(HpCISSs) HpCISSs [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\hpcisss.sys -> [2008/01/21 10:23:26 | 00,040,504 | ---- | M] (Hewlett-Packard Company)(HSFHWAZL) HSFHWAZL [Kernel | On_Demand | Stopped] -> C:\Windows\System32\DRIVERS\VSTAZL3.SYS -> [2008/01/21 10:23:22 | 00,200,704 | ---- | M] (Conexant Systems, Inc.)(HSF_DPV) HSF_DPV [Kernel | On_Demand | Running] -> C:\Windows\System32\DRIVERS\HSX_DPV.sys -> [2008/07/04 08:04:20 | 00,985,600 | ---- | M] (Conexant Systems, Inc.)(HSXHWAZL) HSXHWAZL [Kernel | On_Demand | Running] -> C:\Windows\System32\DRIVERS\HSXHWAZL.sys -> [2008/07/04 08:04:19 | 00,209,408 | ---- | M] (Conexant Systems, Inc.)(iaStor) Intel AHCI Controller [Kernel | Boot | Running] -> C:\Windows\system32\DRIVERS\iaStor.sys -> [2008/04/22 08:20:41 | 00,312,344 | ---- | M] (Intel Corporation)(iaStorV) Intel RAID Controller Vista [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iastorv.sys -> [2008/01/21 10:23:23 | 00,235,064 | ---- | M] (Intel Corporation)(iirsp) iirsp [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iirsp.sys -> [2006/11/02 17:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH)(IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\RTKVHDA.sys -> [2008/09/16 20:03:26 | 02,152,088 | ---- | M] (Realtek Semiconductor Corp.)(iteatapi) ITEATAPI_Service_Install [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iteatapi.sys -> [2006/11/02 17:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.)(iteraid) ITERAID_Service_Install [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iteraid.sys -> [2006/11/02 17:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.)(LSI_FC) LSI_FC [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\lsi_fc.sys -> [2008/01/21 10:23:23 | 00,096,312 | ---- | M] (LSI Logic)(LSI_SAS) LSI_SAS [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\lsi_sas.sys -> [2008/01/21 10:23:25 | 00,089,656 | ---- | M] (LSI Logic)(LSI_SCSI) LSI_SCSI [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\lsi_scsi.sys -> [2008/01/21 10:23:23 | 00,096,312 | ---- | M] (LSI Logic)(MDC8021X) AEGIS Protocol (IEEE 802.1x) v2.3.1.9 [Kernel | Auto | Running] -> C:\Windows\System32\DRIVERS\mdc8021x.sys -> [2009/07/12 10:22:38 | 00,015,781 | ---- | M] (Meetinghouse Data Communications)(mdmxsdk) mdmxsdk [Kernel | Auto | Running] -> C:\Windows\System32\DRIVERS\mdmxsdk.sys -> [2008/07/04 08:04:20 | 00,012,672 | ---- | M] (Conexant)(megasas) megasas [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\megasas.sys -> [2008/01/21 10:23:27 | 00,031,288 | ---- | M] (LSI Corporation)(MegaSR) MegaSR [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\megasr.sys -> [2008/01/21 10:23:27 | 00,386,616 | ---- | M] (LSI Corporation, Inc.)(mfeavfk) McAfee Inc. mfeavfk [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\mfeavfk.sys -> [2009/08/24 11:06:28 | 00,079,880 | ---- | M] (McAfee, Inc.)(mfebopk) McAfee Inc. mfebopk [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\mfebopk.sys -> [2009/08/24 11:06:28 | 00,035,272 | ---- | M] (McAfee, Inc.)(mfehidk) McAfee Inc. mfehidk [Kernel | System | Running] -> C:\Windows\System32\drivers\mfehidk.sys -> [2009/08/24 11:06:28 | 00,214,024 | ---- | M] (McAfee, Inc.)(mferkdk) McAfee Inc. mferkdk [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\mferkdk.sys -> [2009/08/24 11:05:54 | 00,034,216 | ---- | M] (McAfee, Inc.)(mfesmfk) McAfee Inc. mfesmfk [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\mfesmfk.sys -> [2009/08/24 11:06:30 | 00,040,552 | ---- | M] (McAfee, Inc.)(MPFP) MPFP [Kernel | System | Running] -> C:\Windows\System32\Drivers\Mpfp.sys -> [2009/08/24 13:08:54 | 00,130,424 | ---- | M] (McAfee, Inc.)(Mraid35x) Mraid35x [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\mraid35x.sys -> [2006/11/02 17:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation)(NETw5v32) Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit [Kernel | On_Demand | Running] -> C:\Windows\System32\DRIVERS\NETw5v32.sys -> [2008/08/29 15:48:46 | 03,664,384 | ---- | M] (Intel Corporation)(nfrd960) nfrd960 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\nfrd960.sys -> [2006/11/02 17:50:19 | 00,045,160 | ---- | M] (IBM Corporation)(ntrigdigi) N-trig HID Tablet Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ntrigdigi.sys -> [2006/11/02 15:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies)(nvlddmkm) nvlddmkm [Kernel | On_Demand | Running] -> C:\Windows\System32\DRIVERS\nvlddmkm.sys -> [2008/11/05 08:14:31 | 07,585,920 | ---- | M] (NVIDIA Corporation)(nvraid) NVIDIA nForce RAID Driver    [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\nvraid.sys -> [2008/01/21 10:23:21 | 00,102,968 | ---- | M] (NVIDIA Corporation)(nvstor) nvstor [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\nvstor.sys -> [2008/01/21 10:23:21 | 00,045,112 | ---- | M] (NVIDIA Corporation)(PCTCore) PCTools KDS [File_System | Boot | Running] -> C:\Windows\system32\drivers\PCTCore.sys -> [2009/08/23 11:18:26 | 00,130,936 | ---- | M] (PC Tools)(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> C:\Windows\System32\Drivers\PxHelp20.sys -> [2008/06/16 19:00:00 | 00,044,944 | ---- | M] (Sonic Solutions)(ql2300) QLogic Fibre Channel Miniport Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ql2300.sys -> [2008/01/21 10:23:24 | 01,122,360 | ---- | M] (QLogic Corporation)(ql40xx) QLogic iSCSI Miniport Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ql40xx.sys -> [2006/11/02 17:50:35 | 00,106,088 | ---- | M] (QLogic Corporation)(regi) regi [Kernel | Auto | Running] -> C:\Windows\System32\drivers\regi.sys -> [2007/04/18 12:09:28 | 00,011,032 | ---- | M] (InterVideo)(rimsptsk) rimsptsk [Kernel | Auto | Running] -> C:\Windows\System32\DRIVERS\rimsptsk.sys -> [2008/10/23 08:02:05 | 00,068,608 | ---- | M] (REDC)(risdptsk) risdptsk [Kernel | Auto | Running] -> C:\Windows\System32\DRIVERS\risdptsk.sys -> [2008/10/23 08:02:26 | 00,046,592 | ---- | M] (REDC)(secdrv) Security Driver [Kernel | Auto | Running] -> C:\Windows\System32\drivers\secdrv.sys -> [2006/11/02 14:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)(SFEP) Sony Firmware Extension Parser [Kernel | On_Demand | Running] -> C:\Windows\System32\DRIVERS\SFEP.sys -> [2008/08/22 08:06:22 | 00,009,344 | ---- | M] (Sony Corporation)(SiSRaid4) SiSRaid4 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sisraid4.sys -> [2008/01/21 10:23:26 | 00,074,808 | ---- | M] (Silicon Integrated Systems)(Symc8xx) Symc8xx [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\symc8xx.sys -> [2006/11/02 17:50:05 | 00,035,944 | ---- | M] (LSI Logic)(Sym_hi) Sym_hi [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sym_hi.sys -> [2006/11/02 17:49:56 | 00,031,848 | ---- | M] (LSI Logic)(Sym_u3) Sym_u3 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sym_u3.sys -> [2006/11/02 17:50:03 | 00,034,920 | ---- | M] (LSI Logic)(SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\DRIVERS\SynTP.sys -> [2008/08/19 08:08:15 | 00,201,264 | ---- | M] (Synaptics, Inc.)(TcUsb) TC USB Kernel Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\Drivers\tcusb.sys -> [2008/10/02 08:22:26 | 00,050,576 | ---- | M] (UPEK Inc.)(uliahci) uliahci [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\uliahci.sys -> [2008/01/21 10:23:20 | 00,238,648 | ---- | M] (ULi Electronics Inc.)(UlSata) UlSata [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ulsata.sys -> [2006/11/02 17:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.)(ulsata2) ulsata2 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ulsata2.sys -> [2008/01/21 10:23:23 | 00,115,816 | ---- | M] (Promise Technology, Inc.)(valstorns) Agragade Valstorns [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\Sadkjuiswush.sys -> [2009/08/09 14:30:08 | 00,097,886 | ---- | M] (Interprise Bits Inc.)(viaide) viaide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\viaide.sys -> [2008/01/21 10:23:00 | 00,020,024 | ---- | M] (VIA Technologies, Inc.)(vsmraid) vsmraid [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\vsmraid.sys -> [2008/01/21 10:23:23 | 00,130,616 | ---- | M] (VIA Technologies Inc.,Ltd)(WimFltr) WimFltr [File_System | On_Demand | Stopped] -> C:\Windows\System32\DRIVERS\wimfltr.sys -> [2008/06/07 08:02:55 | 00,131,000 | ---- | M] (Microsoft Corporation)(winachsf) winachsf [Kernel | On_Demand | Running] -> C:\Windows\System32\DRIVERS\HSX_CNXT.sys -> [2008/07/04 08:04:19 | 00,661,504 | ---- | M] (Conexant Systems, Inc.)(XAudio) XAudio [Kernel | Auto | Running] -> C:\Windows\System32\DRIVERS\xaudio.sys -> [2008/07/04 08:04:22 | 00,008,704 | ---- | M] (Conexant Systems, Inc.)(yukonwlh) NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller [Kernel | On_Demand | Running] -> C:\Windows\System32\DRIVERS\yk60x86.sys -> [2008/06/07 08:15:52 | 00,299,008 | ---- | M] (Marvell) [Registry - Safe List]< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" ->  [binary data] -> HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons -> HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\Windows\System32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk -> HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\.DEFAULT\: Main\\"Start Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\S-1-5-18\: Main\\"Start Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-1697311769-3787404417-859924633-1004\] > -> -> HKEY_USERS\S-1-5-21-1697311769-3787404417-859924633-1004\: Main\\"Local Page" -> C:\Windows\system32\blank.htm -> HKEY_USERS\S-1-5-21-1697311769-3787404417-859924633-1004\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\S-1-5-21-1697311769-3787404417-859924633-1004\: Main\\"Start Page" -> http://www.yahoo.com/ -> HKEY_USERS\S-1-5-21-1697311769-3787404417-859924633-1004\: "ProxyEnable" -> 0 -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\MozillaHKLM\software\mozilla\Firefox\Extensions ->  -> HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45} -> C:\PROGRAM FILES\MCAFEE\SITEADVISOR [C:\PROGRAM FILES\MCAFEE\SITEADVISOR] -> [2009/06/25 12:27:35 | 00,000,000 | ---D | M]HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b} -> C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION [C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\] -> [2009/07/17 18:55:14 | 00,000,000 | ---D | M]< FireFox Extensions [User Folders] > -> < HOSTS File > (27 bytes and 1 lines) -> C:\Windows\System32\drivers\etc\Hosts -> Reset Hosts127.0.0.1       localhost< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {02478D38-C3F9-4efb-9B51-7695ECA05670} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [&Yahoo! Toolbar Helper] -> [2008/07/28 18:47:40 | 00,882,416 | ---- | M] (Yahoo! Inc.){18DF081C-E8AD-4283-A596-FA578C2EBDC3} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Adobe PDF Link Helper] -> [2008/06/12 14:33:16 | 00,075,128 | ---- | M] (Adobe Systems Incorporated){22BF413B-C6D2-4d91-82A9-A0F997BA588C} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on (mastermind)] -> [2009/04/21 14:39:20 | 01,082,880 | ---- | M] (Skype Technologies S.A.){27B4851A-3207-45A2-B947-BE8AFE6163AB} [HKLM] -> c:\Program Files\McAfee\MSK\mskapbho.dll [McAfee Phishing Filter] -> [2009/01/09 09:22:10 | 00,246,800 | ---- | M] (){5C255C8A-E604-49b4-9D64-90988571CECB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} [HKLM] -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [Search Helper] -> [2009/05/19 11:36:18 | 00,137,600 | ---- | M] (Microsoft Corporation){761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [SSVHelper Class] -> [2008/08/25 19:57:19 | 00,509,328 | ---- | M] (Sun Microsystems, Inc.){7DB2D5A0-7241-4E79-B68D-6309F01C5231} [HKLM] -> c:\Program Files\McAfee\VirusScan\scriptsn.dll [scriptproxy] -> [2009/03/25 11:05:56 | 00,062,784 | ---- | M] (McAfee, Inc.){9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [Windows Live Sign-in Helper] -> [2009/02/17 16:11:04 | 00,408,440 | ---- | M] (Microsoft Corporation){B164E929-A1B6-4A06-B104-2CD0E90A88FF} [HKLM] -> c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [McAfee SiteAdvisor BHO] -> [2009/01/29 12:27:02 | 00,145,424 | ---- | M] (){E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} [HKLM] -> C:\Program Files\Windows Live\Toolbar\wltcore.dll [Windows Live Toolbar Helper] -> [2009/02/06 18:17:46 | 01,068,904 | ---- | M] (Microsoft Corporation){FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [SingleInstance Class] -> [2008/07/28 18:47:42 | 00,160,496 | ---- | M] (Yahoo! Inc)< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}" [HKLM] -> c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [McAfee SiteAdvisor Toolbar] -> [2009/01/29 12:27:02 | 00,145,424 | ---- | M] ()"{21FA44EF-376D-4D53-9B0F-8A89D3229068}" [HKLM] -> C:\Program Files\Windows Live\Toolbar\wltcore.dll [&Windows Live Toolbar] -> [2009/02/06 18:17:46 | 01,068,904 | ---- | M] (Microsoft Corporation)"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> [2008/07/28 18:47:40 | 00,882,416 | ---- | M] (Yahoo! Inc.)< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-1697311769-3787404417-859924633-1004\] > -> HKEY_USERS\S-1-5-21-1697311769-3787404417-859924633-1004\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\"{21FA44EF-376D-4D53-9B0F-8A89D3229068}" [HKLM] -> C:\Program Files\Windows Live\Toolbar\wltcore.dll [&Windows Live Toolbar] -> [2009/02/06 18:17:46 | 01,068,904 | ---- | M] (Microsoft Corporation)< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> "%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 13:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/13 19:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation)"C:\Program Files\alsidjdn.exe" -> C:\Program Files\alsidjdn.exe [C:\Program Files\alsidjdn.exe:*:Enabled:asd] -> File not found"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" -> C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe [C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL] -> File not found"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" -> C:\Program Files\Common Files\AOL\ACS\AOLDial.exe [C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL] -> File not found< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Adobe Reader Speed Launcher" -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe ["C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"] -> [2009/03/12 12:22:12 | 00,035,696 | ---- | M] (Adobe Systems Incorporated)"ISBMgr.exe" -> C:\Program Files\Sony\ISB Utility\ISBMgr.exe ["C:\Program Files\Sony\ISB Utility\ISBMgr.exe"] -> [2008/04/04 12:32:48 | 00,317,280 | ---- | M] (Sony Corporation)"ISTray" -> C:\Program Files\Spyware Doctor\pctsTray.exe ["C:\Program Files\Spyware Doctor\pctsTray.exe"] -> [2009/06/12 14:41:48 | 01,181,576 | ---- | M] (PC Tools)"iTunesHelper" -> C:\Program Files\iTunes\iTunesHelper.exe ["C:\Program Files\iTunes\iTunesHelper.exe"] -> [2009/04/02 16:11:02 | 00,342,312 | ---- | M] (Apple Inc.)"lxdcamon.exe" -> C:\Program Files\Lexmark 1300 Series\lxdcamon.exe ["C:\Program Files\Lexmark 1300 Series\lxdcamon.exe"] -> [2009/04/13 03:19:53 | 00,020,480 | ---- | M] ()"LXDCCATS.exe" -> C:\Windows\system32\spool\DRIVERS\W32X86\3\LXDCtime.dll [RUNDLL32.EXE C:\Windows\system32\spool\DRIVERS\W32X86\3\LXDCtime.dll] -> [2009/04/22 01:22:13 | 01,342,689 | ---- | M] ()"mcagent_exe" -> C:\Program Files\McAfee.com\Agent\mcagent.exe ["C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey] -> [2009/03/25 17:25:20 | 00,645,328 | ---- | M] (McAfee, Inc.)"NvCplDaemon" -> C:\Windows\System32\NvCpl.DLL [RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup] -> [2008/11/05 08:13:52 | 13,556,256 | ---- | M] (NVIDIA Corporation)"NvMediaCenter" -> C:\Windows\System32\NvMcTray.DLL [RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit] -> [2008/11/05 08:13:52 | 00,092,704 | ---- | M] (NVIDIA Corporation)"RtHDVCpl" -> C:\Windows\RtHDVCpl.exe [RtHDVCpl.exe] -> [2008/09/16 20:03:31 | 06,266,880 | ---- | M] (Realtek Semiconductor)"Skytel" -> C:\Windows\SkyTel.exe [Skytel.exe] -> [2008/09/16 20:03:38 | 01,826,816 | ---- | M] (Realtek Semiconductor Corp.)"StartCCC" -> C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe -> [2009/01/17 19:54:20 | 00,615,102 | ---- | M] ()"SunJavaUpdateSched" -> C:\Program Files\Java\jre6\bin\jusched.exe ["C:\Program Files\Java\jre6\bin\jusched.exe"] -> [2009/07/25 05:23:12 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.)"SynTPEnh" -> C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [C:\Program Files\Synaptics\SynTP\SynTPEnh.exe] -> [2008/08/19 08:08:25 | 01,348,904 | ---- | M] (Synaptics, Inc.)"Windows Defender" -> C:\Program Files\Windows Defender\MSASCui.exe [%ProgramFiles%\Windows Defender\MSASCui.exe -hide] -> [2008/01/21 10:23:32 | 01,008,184 | ---- | M] (Microsoft Corporation)"WMPNSCFG" -> C:\Program Files\Windows Media Player\WMPNSCFG.exe [C:\Program Files\Windows Media Player\WMPNSCFG.exe] -> [2008/09/19 03:33:39 | 00,202,240 | ---- | M] (Microsoft Corporation)< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "swg" -> C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe ["C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"] -> [2009/05/21 02:23:23 | 12,203,000 | ---- | M] (Google Toolbar)< Run [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "DelayShred" -> c:\Program Files\McAfee\MSHR\ShrCL.exe [c:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P7 /q C:\Users\Dreddski\AppData\Local\MICROS~2\Windows\TEMPOR~1\Content.IE5\DCLO025D\CL0E93~1.SH! C:\Users\Dreddski\AppData\Local\MICROS~2\Windows\TEMPOR~1\Content.IE5\17H22YP9\CL6DBB~1.SH! C:\Users\Dreddski\AppData\Local\MICROS~2\Windows\TEMPOR~1\Content.IE5\MXOXR21N\__ORD_~1.SH! C:\Users\Dreddski\AppData\Local\MICROS~2\Windows\TEMPOR~1\Content.IE5\DCLO025D\CL6DBB~1.SH!] -> [2009/01/09 10:53:12 | 00,113,168 | ---- | M] ()< Run [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Exetender" -> C:\Program Files\Free Ride Games\GPlayer.exe [C:\Program Files\Free Ride Games\GPlayer.exe] -> [2009/08/19 22:08:12 | 41,121,204 | ---- | M] ()"DelayShred" -> c:\Program Files\McAfee\MSHR\ShrCL.exe [c:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P7 /q C:\Users\Dreddski\AppData\Local\MICROS~2\Windows\TEMPOR~1\Content.IE5\DCLO025D\CL0E93~1.SH! C:\Users\Dreddski\AppData\Local\MICROS~2\Windows\TEMPOR~1\Content.IE5\17H22YP9\CL6DBB~1.SH! C:\Users\Dreddski\AppData\Local\MICROS~2\Windows\TEMPOR~1\Content.IE5\MXOXR21N\__ORD_~1.SH! C:\Users\Dreddski\AppData\Local\MICROS~2\Windows\TEMPOR~1\Content.IE5\DCLO025D\CL6DBB~1.SH!] -> [2009/01/09 10:53:12 | 00,113,168 | ---- | M] ()< Run [HKEY_USERS\S-1-5-21-1697311769-3787404417-859924633-1004\] > -> HKEY_USERS\S-1-5-21-1697311769-3787404417-859924633-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "{9B71D88C-C598-4935-C5D1-43AA4DB90836}" -> C:\Users\Dreddski\AppData\Roaming\server.exe [C:\Users\Dreddski\AppData\Roaming\server.exe] -> File not found"ehTray.exe" -> C:\Windows\ehome\ehTray.exe [C:\Windows\ehome\ehTray.exe] -> [2008/01/21 10:25:11 | 00,125,952 | ---- | M] (Microsoft Corporation)"msnmsgr" -> C:\Program Files\Windows Live\Messenger\msnmsgr.exe ["C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background] -> [2009/02/06 18:51:28 | 03,885,408 | ---- | M] (Microsoft Corporation)"NSUFloatingUI" -> C:\Program Files\Sony\Network Utility\LANUtil.exe ["C:\Program Files\Sony\Network Utility\LANUtil.exe"] -> [2008/12/05 17:16:42 | 00,270,336 | ---- | M] (Sony Corporation)"Sidebar" -> C:\Program Files\Windows Sidebar\sidebar.exe [C:\Program Files\Windows Sidebar\sidebar.exe /autoRun] -> [2009/04/11 14:28:03 | 01,233,920 | ---- | M] (Microsoft Corporation)"WindowsWelcomeCenter" -> C:\Windows\System32\oobefldr.dll [rundll32.exe oobefldr.dll,ShowWelcomeCenter] -> [2009/04/11 14:28:23 | 02,153,472 | ---- | M] (Microsoft Corporation)"WMPNSCFG" -> C:\Program Files\Windows Media Player\WMPNSCFG.exe [C:\Program Files\Windows Media Player\WMPNSCFG.exe] -> [2008/01/21 10:25:33 | 00,202,240 | ---- | M] (Microsoft Corporation)< Software Policy Settings [HKEY_USERS\S-1-5-21-1697311769-3787404417-859924633-1004] > -> HKEY_USERS\S-1-5-21-1697311769-3787404417-859924633-1004\SOFTWARE\Policies\Microsoft\Internet Explorer -> < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\"BindDirectlyToPropertySetStorage" ->  [0] -> File not found\\"NoDrives" ->  [0] -> File not found< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\"ConsentPromptBehaviorAdmin" ->  [2] -> File not found\\"ConsentPromptBehaviorUser" ->  [1] -> File not found\\"EnableInstallerDetection" ->  [1] -> File not found\\"EnableLUA" ->  [1] -> File not found\\"EnableSecureUIAPaths" ->  [1] -> File not found\\"EnableVirtualization" ->  [1] -> File not found\\"PromptOnSecureDesktop" ->  [1] -> File not found\\"ValidateAdminCodeSignatures" ->  [0] -> File not found\\"dontdisplaylastusername" ->  [0] -> File not found\\"legalnoticecaption" ->  [] -> File not found\\"legalnoticetext" ->  [] -> File not found\\"scforceoption" ->  [0] -> File not found\\"shutdownwithoutlogon" ->  [1] -> File not found\\"undockwithoutlogon" ->  [1] -> File not found\\"FilterAdministratorToken" ->  [0] -> File not found\\"EnableUIADesktopToggle" ->  [0] -> File not found\\"DisableRegistryTools" ->  [0] -> File not foundHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\UIPI\Clipboard\ExceptionFormats\\"CF_TEXT" ->  [1] -> File not found\UIPI\Clipboard\ExceptionFormats\\"CF_BITMAP" ->  [2] -> File not found\UIPI\Clipboard\ExceptionFormats\\"CF_OEMTEXT" ->  [7] -> File not found\UIPI\Clipboard\ExceptionFormats\\"CF_DIB" ->  [8] -> File not found\UIPI\Clipboard\ExceptionFormats\\"CF_PALETTE" ->  [9] -> File not found\UIPI\Clipboard\ExceptionFormats\\"CF_UNICODETEXT" ->  [13] -> File not found\UIPI\Clipboard\ExceptionFormats\\"CF_DIBV5" ->  [17] -> File not found< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1697311769-3787404417-859924633-1004] > -> HKEY_USERS\S-1-5-21-1697311769-3787404417-859924633-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-21-1697311769-3787404417-859924633-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\"NoDriveTypeAutoRun" ->  [145] -> File not found\\"NoDrives" ->  [0] -> File not found< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1697311769-3787404417-859924633-1004] > -> HKEY_USERS\S-1-5-21-1697311769-3787404417-859924633-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-1697311769-3787404417-859924633-1004\] > -> HKEY_USERS\S-1-5-21-1697311769-3787404417-859924633-1004\Software\Microsoft\Internet Explorer\MenuExt\ -> E&xport to Microsoft Excel -> C:\Program Files\Microsoft Office\Office12\EXCEL.EXE [res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000] -> [2009/05/04 08:40:04 | 18,333,536 | ---- | M] (Microsoft Corporation)Send image to &Bluetooth Device... -> C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm [C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm] -> [2008/03/10 02:34:10 | 00,001,225 | ---- | M] ()Send page to &Bluetooth Device... -> C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm] -> [2008/03/10 02:34:12 | 00,003,741 | ---- | M] ()< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} [HKLM] -> C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll [Menu: Sun Java Console] -> [2008/08/25 19:57:20 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.){219C3416-8CB2-491a-A3C7-D9FCDDC9D600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll [Button: Blog This] -> [2009/02/06 18:07:54 | 00,187,248 | ---- | M] (Microsoft Corporation){219C3416-8CB2-491a-A3C7-D9FCDDC9D600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll [Menu: &Blog This in Windows Live Writer] -> [2009/02/06 18:07:54 | 00,187,248 | ---- | M] (Microsoft Corporation){77BF5300-1474-4EC7-9980-D32B190E9B07}:{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Button: Skype] -> [2009/04/21 14:39:20 | 01,082,880 | ---- | M] (Skype Technologies S.A.){92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL [Button: Research] -> [2009/03/06 04:04:56 | 00,039,464 | ---- | M] (Microsoft Corporation){CCA281CA-C863-46ef-9331-5C8D4460577F}:C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [HKLM] -> C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [Button: @btrez.dll,-4015] -> [2008/03/10 02:34:12 | 00,003,741 | ---- | M] (){CCA281CA-C863-46ef-9331-5C8D4460577F}:C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [HKLM] -> C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [Menu: @btrez.dll,-12650] -> [2008/03/10 02:34:12 | 00,003,741 | ---- | M] ()< Internet Explorer Extensions [HKEY_USERS\S-1-5-21-1697311769-3787404417-859924633-1004\] > -> HKEY_USERS\S-1-5-21-1697311769-3787404417-859924633-1004\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{CCA281CA-C863-46ef-9331-5C8D4460577F}" [HKLM] ->  [@btrez.dll,-4015] -> File not found< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix"" -> http://< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-1697311769-3787404417-859924633-1004\] > -> HKEY_USERS\S-1-5-21-1697311769-3787404417-859924633-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-1697311769-3787404417-859924633-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-1697311769-3787404417-859924633-1004\] > -> HKEY_USERS\S-1-5-21-1697311769-3787404417-859924633-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-1697311769-3787404417-859924633-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {1E54D648-B804-468d-BC78-4AFFED8E262F} [HKLM] -> http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab [System Requirements Lab Class] -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab [Java Plug-in 1.6.0_07] -> {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab [Java Plug-in 1.6.0_07] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab [Java Plug-in 1.6.0_07] -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> DhcpNameServer -> 192.168.8.1 -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {03824BF9-4F53-499E-A8C4-B4A8EF69CB9C}\\DhcpNameServer -> 192.168.1.1   (Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller) -> {35B824FF-7C9E-40DF-8D70-5C743A8BC11C}\\DhcpNameServer -> 192.168.8.1   (Intel(R) WiFi Link 5100 AGN) -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> Explorer.exe -> C:\Windows\explorer.exe -> [2009/04/11 14:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation)*MultiFile Done* -> -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> igfxcui ->  -> File not foundivxxxxxxxx -> File not foundVESWinlogon -> C:\Windows\System32\VESWinlogon.dll -> [2008/11/06 10:32:32 | 00,098,304 | ---- | M] (Sony Corporation)< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> "{AEB6717E-7E19-11d0-97EE-00C04FD91972}" [HKLM] -> Reg Error: Key error. [] -> File not found< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> < Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> "AlternateShell" -> cmd.exe -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->"AutoRun" -> 1 -> "DisplayName" -> CD-ROM Driver -> "ImagePath" ->  [system32\DRIVERS\cdrom.sys] -> File not found< Drives with AutoRun files > ->  -> C:\autoexec.bat [REM Dummy file for NTVDM | ] -> C:\autoexec.bat [ NTFS ] -> [2006/09/19 05:43:36 | 00,000,024 | ---- | M] ()< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->  [Registry - Additional Scans - Safe List]< EventViewer Logs - Last 10 Errors > -> Event Information -> DescriptionApplication [ Error ] 7/7/2009 7:11:37 PM Computer Name = Dreddski | Source = WinMgmt | ID = 10 -> Description = Application [ Error ] 8/7/2009 7:57:32 AM Computer Name = Dreddski | Source = WinMgmt | ID = 10 -> Description = Application [ Error ] 8/7/2009 10:20:23 AM Computer Name = Dreddski | Source = WinMgmt | ID = 10 -> Description = Application [ Error ] 8/7/2009 9:32:45 PM Computer Name = Dreddski | Source = WinMgmt | ID = 10 -> Description = Application [ Error ] 8/7/2009 10:50:06 PM Computer Name = Dreddski | Source = Application Error | ID = 1000 -> Description = Faulting application vp3.exe, version 3.3.1.1, time stamp 0x47e6ca05, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x00000000,  process id 0xa38, application start time 0x01ca0039b83874f6.Application [ Error ] 9/7/2009 2:29:38 AM Computer Name = Dreddski | Source = WinMgmt | ID = 10 -> Description = Application [ Error ] 9/7/2009 4:52:15 AM Computer Name = Dreddski | Source = WinMgmt | ID = 10 -> Description = Application [ Error ] 9/7/2009 7:47:04 AM Computer Name = Dreddski | Source = WinMgmt | ID = 10 -> Description = Application [ Error ] 9/7/2009 12:17:26 PM Computer Name = Dreddski | Source = WinMgmt | ID = 10 -> Description = Application [ Error ] 9/7/2009 10:06:45 PM Computer Name = Dreddski | Source = WinMgmt | ID = 10 -> Description = System [ Error ] 20/5/2009 9:29:41 AM Computer Name = Dreddski | Source = cdrom | ID = 262151 -> Description = The device, \Device\CdRom0, has a bad block.System [ Error ] 20/5/2009 9:29:47 AM Computer Name = Dreddski | Source = cdrom | ID = 262151 -> Description = The device, \Device\CdRom0, has a bad block.System [ Error ] 20/5/2009 9:29:53 AM Computer Name = Dreddski | Source = cdrom | ID = 262151 -> Description = The device, \Device\CdRom0, has a bad block.System [ Error ] 20/5/2009 9:29:59 AM Computer Name = Dreddski | Source = cdrom | ID = 262151 -> Description = The device, \Device\CdRom0, has a bad block.System [ Error ] 20/5/2009 9:30:05 AM Computer Name = Dreddski | Source = cdrom | ID = 262151 -> Description = The device, \Device\CdRom0, has a bad block.System [ Error ] 20/5/2009 9:30:11 AM Computer Name = Dreddski | Source = cdrom | ID = 262151 -> Description = The device, \Device\CdRom0, has a bad block.System [ Error ] 20/5/2009 9:30:17 AM Computer Name = Dreddski | Source = cdrom | ID = 262151 -> Description = The device, \Device\CdRom0, has a bad block.System [ Error ] 20/5/2009 9:30:23 AM Computer Name = Dreddski | Source = cdrom | ID = 262151 -> Description = The device, \Device\CdRom0, has a bad block.System [ Error ] 20/5/2009 9:30:29 AM Computer Name = Dreddski | Source = cdrom | ID = 262151 -> Description = The device, \Device\CdRom0, has a bad block.System [ Error ] 20/5/2009 9:30:35 AM Computer Name = Dreddski | Source = cdrom | ID = 262151 -> Description = The device, \Device\CdRom0, has a bad block. [Files/Folders - Created Within 30 Days]OTS.exe -> C:\Users\Dreddski\Desktop\OTS.exe -> [2009/08/27 17::55 | 00,514,560 | ---- | C] (OldTimer Tools)Golden Axe 2.lnk -> C:\Users\Dreddski\Desktop\Golden Axe 2.lnk -> [2009/07/20 13:15:50 | 00,000,876 | ---- | C] ()Golden Axe 2 on the Gamefabrique.lnk -> C:\Users\Dreddski\Desktop\Golden Axe 2 on the Gamefabrique.lnk -> [2009/07/20 13:15:50 | 00,000,545 | ---- | C] ()Golden Axe 2 -> C:\Program Files\Golden Axe 2 -> [2009/07/20 13:15:49 | 00,000,000 | ---D | C]addon.dat -> C:\Users\Dreddski\AppData\Roaming\addon.dat -> [2009/08/10 14:10:31 | 00,022,040 | -H-- | C] ()Maricar Reyes Hyden Kho Part 2 and 3.rar [mininova].torrent -> C:\Users\Dreddski\Desktop\Maricar Reyes Hyden Kho Part 2 and 3.rar [mininova].torrent -> [2009/07/17 09:43:33 | 00,015,271 | ---- | C] ()erunt_setup.exe -> C:\Users\Dreddski\Desktop\erunt_setup.exe -> [2009/07/17 01:20:42 | 00,791,393 | ---- | C] (Lars Hederer                                                )temp -> C:\Users\Dreddski\AppData\Local\temp -> [2009/07/16 23:17:08 | 00,000,000 | ---D | C]$RECYCLE.BIN -> C:\$RECYCLE.BIN -> [2009/07/16 23:16:15 | 00,000,000 | -HSD | C]PEV.exe -> C:\Windows\PEV.exe -> [2009/07/16 22:58:49 | 00,219,648 | ---- | C] ()SWXCACLS.exe -> C:\Windows\SWXCACLS.exe -> [2009/07/16 22:58:49 | 00,212,480 | ---- | C] (SteelWerX)SWREG.exe -> C:\Windows\SWREG.exe -> [2009/07/16 22:58:49 | 00,161,792 | ---- | C] (SteelWerX)SWSC.exe -> C:\Windows\SWSC.exe -> [2009/07/16 22:58:49 | 00,136,704 | ---- | C] (SteelWerX)sed.exe -> C:\Windows\sed.exe -> [2009/07/16 22:58:49 | 00,098,816 | ---- | C] ()grep.exe -> C:\Windows\grep.exe -> [2009/07/16 22:58:49 | 00,080,412 | ---- | C] ()zip.exe -> C:\Windows\zip.exe -> [2009/07/16 22:58:49 | 00,068,096 | ---- | C] ()NIRCMD.exe -> C:\Windows\NIRCMD.exe -> [2009/07/16 22:58:49 | 00,031,232 | ---- | C] (NirSoft)ERDNT -> C:\Windows\ERDNT -> [2009/07/16 22:58:33 | 00,000,000 | ---D | C]t2embed.dll -> C:\Windows\System32\t2embed.dll -> [2009/07/15 16:37:39 | 00,156,672 | ---- | C] (Microsoft Corporation)fontsub.dll -> C:\Windows\System32\fontsub.dll -> [2009/07/15 16:37:39 | 00,072,704 | ---- | C] (Microsoft Corporation)lpk.dll -> C:\Windows\System32\lpk.dll -> [2009/07/15 16:37:38 | 00,023,552 | ---- | C] (Microsoft Corporation)dciman32.dll -> C:\Windows\System32\dciman32.dll -> [2009/07/15 16:37:38 | 00,010,240 | ---- | C] (Microsoft Corporation)Revo Uninstaller.lnk -> C:\Users\Dreddski\Desktop\Revo Uninstaller.lnk -> [2009/08/12 13:17:43 | 00,001,057 | ---- | C] ()VS Revo Group -> C:\Program Files\VS Revo Group -> [2009/07/12 13:17:42 | 00,000,000 | ---D | C]ASUSW32N50.dll -> C:\Windows\System32\ASUSW32N50.dll -> [2009/07/12 10:22:37 | 00,061,440 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA))ASIW32N50.dll -> C:\Windows\System32\ASIW32N50.dll -> [2009/07/12 10:22:37 | 00,061,440 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA))ASINDIS5.sys -> C:\Windows\System32\ASINDIS5.sys -> [2009/07/12 10:22:37 | 00,016,302 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA))ASNDIS5.sys -> C:\Windows\System32\ASNDIS5.sys -> [2009/07/12 10:22:37 | 00,016,269 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA))ASNDIS3.vxd -> C:\Windows\System32\ASNDIS3.vxd -> [2009/07/12 10:22:37 | 00,015,577 | ---- | C] ()ASINDIS3.vxd -> C:\Windows\System32\ASINDIS3.vxd -> [2009/07/12 10:22:37 | 00,015,577 | ---- | C] ()DSC02698.jpg -> C:\Users\Dreddski\Documents\DSC02698.jpg -> [2009/07/11 23:48:38 | 00,000,000 | ---- | C] ()Msft_User_PCCSWpdDriver_01_05_00.Wdf -> C:\Windows\System32\drivers\Msft_User_PCCSWpdDriver_01_05_00.Wdf -> [2009/07/11 02:06:19 | 00,000,000 | -H-- | C] ()Msft_Kernel_ccdcmb_01007.Wdf -> C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01007.Wdf -> [2009/07/11 02:03:46 | 00,000,000 | -H-- | C] ()PC Suite -> C:\Users\Dreddski\AppData\Roaming\PC Suite -> [2009/07/11 02:03:02 | 00,000,000 | ---D | C]PC Suite -> C:\ProgramData\PC Suite -> [2009/07/11 02:03:02 | 00,000,000 | ---D | C]Nokia -> C:\Users\Dreddski\AppData\Roaming\Nokia -> [2009/07/11 02:03:01 | 00,000,000 | ---D | C]DIFX -> C:\Program Files\DIFX -> [2009/07/11 02:01:47 | 00,000,000 | ---D | C]pccsmcfd.sys -> C:\Windows\System32\drivers\pccsmcfd.sys -> [2009/07/11 02:01:46 | 00,018,816 | ---- | C] (Nokia)nmwcdcls.dll -> C:\Windows\System32\nmwcdcls.dll -> [2009/07/11 01:58:03 | 00,091,136 | ---- | C] (Nokia)Installations -> C:\ProgramData\Installations -> [2009/07/11 01:57:14 | 00,000,000 | ---D | C]Xenocode -> C:\Users\Dreddski\AppData\Local\Xenocode -> [2009/07/11 01:45:38 | 00,000,000 | ---D | C]MSN.lnk -> C:\Users\Dreddski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MSN.lnk -> [2009/07/11 01:45:37 | 00,001,924 | ---- | C] ()MigWiz -> C:\Users\Dreddski\AppData\Local\MigWiz -> [2009/07/08 11:53:54 | 00,000,000 | ---D | C]iTunes.lnk -> C:\Users\Public\Desktop\iTunes.lnk -> [2009/06/26 18:56:51 | 00,001,804 | ---- | C] ()iPod -> C:\Program Files\iPod -> [2009/06/26 18:56:33 | 00,000,000 | ---D | C]iTunes -> C:\Program Files\iTunes -> [2009/06/26 18:56:25 | 00,000,000 | ---D | C]ajuhshdf.exe -> C:\Windows\ajuhshdf.exe -> [2009/08/10 18:22:12 | 00,111,212 | ---- | C]QuickTime Player.lnk -> C:\Users\Public\Desktop\QuickTime Player.lnk -> [2009/06/26 18:53:21 | 00,001,726 | ---- | C] ()QuickTime -> C:\Program Files\QuickTime -> [2009/06/26 18:52:56 | 00,000,000 | ---D | C]pss -> C:\Windows\pss -> [2009/06/22 23:06:09 | 00,000,000 | ---D | C]Malwarebytes' Anti-Malware.lnk -> C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk -> [2009/06/22 09:58:17 | 00,000,818 | ---- | C] ()mbamswissarmy.sys -> C:\Windows\System32\drivers\mbamswissarmy.sys -> [2009/08/22 09:58:15 | 00,038,160 | ---- | C] (Malwarebytes Corporation)mbam.sys -> C:\Windows\System32\drivers\mbam.sys -> [2009/08/22 09:58:13 | 00,019,096 | ---- | C] (Malwarebytes Corporation)Malwarebytes' Anti-Malware -> C:\Program Files\Malwarebytes' Anti-Malware -> [2009/08/22 09:58:13 | 00,000,000 | ---D | C]pctgntdi.sys -> C:\Windows\System32\drivers\pctgntdi.sys -> [2009/08/24 09:16:18 | 00,159,600 | ---- | C] (PC Tools)PCTCore.sys -> C:\Windows\System32\drivers\PCTCore.sys -> [2009/08/24 09:16:12 | 00,130,936 | ---- | C] (PC Tools)PCTAppEvent.sys -> C:\Windows\System32\drivers\PCTAppEvent.sys -> [2009/08/23 09:16:12 | 00,073,840 | ---- | C] (PC Tools)Spyware Doctor.lnk -> C:\Users\Public\Desktop\Spyware Doctor.lnk -> [2009/08/23 09:16:08 | 00,001,759 | ---- | C] ()PC Tools -> C:\Program Files\Common Files\PC Tools -> [2009/08/23 09:16:05 | 00,000,000 | ---D | C]pctplsg.sys -> C:\Windows\System32\drivers\pctplsg.sys -> [2009/08/23 09:16:04 | 00,064,392 | ---- | C] (PC Tools)Spyware Doctor -> C:\Program Files\Spyware Doctor -> [2009/08/23 09:15:56 | 00,000,000 | ---D | C]PC Tools -> C:\Users\Dreddski\AppData\Roaming\PC Tools -> [2009/08/23 09:15:56 | 00,000,000 | ---D | C]PC Tools -> C:\ProgramData\PC Tools -> [2009/08/23 09:15:56 | 00,000,000 | ---D | C]Malwarebytes -> C:\Users\Dreddski\AppData\Roaming\Malwarebytes -> [2009/08/22 21:27:40 | 00,000,000 | ---D | C]Malwarebytes -> C:\ProgramData\Malwarebytes -> [2009/08/22 21:27:34 | 00,000,000 | ---D | C]User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job -> C:\Windows\tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job -> [2009/06/21 21:11:04 | 00,000,428 | -H-- | C] ()TEMP -> C:\ProgramData\TEMP -> [2009/06/21 20:36:43 | 00,000,000 | ---D | C]VP3.lnk -> C:\Users\Public\Desktop\VP3.lnk -> [2009/06/21 20:32:11 | 00,000,972 | ---- | C] ()Celeris -> C:\Program Files\Celeris -> [2009/06/21 20:31:15 | 00,000,000 | ---D | C]eu-ES -> C:\Windows\System32\eu-ES -> [2009/06/20 17:58:25 | 00,000,000 | ---D | C]ca-ES -> C:\Windows\System32\ca-ES -> [2009/06/20 17:58:25 | 00,000,000 | ---D | C]Uckvo.exe -> C:\Windows\System32\Uckvo.exe -> [2009/07/28 19:35:11 | 22,000,972 | ---- | C] ()EventProviders -> C:\Windows\System32\EventProviders -> [2009/06/20 17:30:55 | 00,000,000 | ---D | C]NlsLexicons0007.dll -> C:\Windows\System32\NlsLexicons0007.dll -> [2009/06/20 17:29:38 | 12,240,896 | ---- | C] (Microsoft Corporation)SLsvc.exe -> C:\Windows\System32\SLsvc.exe -> [2009/06/20 17:29:35 | 03,408,896 | ---- | C] (Microsoft Corporation)SLCExt.dll -> C:\Windows\System32\SLCExt.dll -> [2009/06/20 17:29:35 | 01,081,344 | ---- | C] (Microsoft Corporation)FunctionDiscoveryFolder.dll -> C:\Windows\System32\FunctionDiscoveryFolder.dll -> [2009/06/20 17:29:33 | 02,134,528 | ---- | C] (Microsoft Corporation)DevicePairingWizard.exe -> C:\Windows\System32\DevicePairingWizard.exe -> [2009/06/20 17:29:33 | 00,065,536 | ---- | C] (Microsoft Corporation)NlsLexicons0009.dll -> C:\Windows\System32\NlsLexicons0009.dll -> [2009/06/20 17:29:32 | 02,644,480 | ---- | C] (Microsoft Corporation)mssrch.dll -> C:\Windows\System32\mssrch.dll -> [2009/06/20 17:29:30 | 01,480,704 | ---- | C] (Microsoft Corporation)spsys.sys -> C:\Windows\System32\drivers\spsys.sys -> [2009/06/20 17:29:29 | 00,684,032 | ---- | C] (Microsoft Corporation)tquery.dll -> C:\Windows\System32\tquery.dll -> [2009/06/20 17:29:28 | 01,576,960 | ---- | C] (Microsoft Corporation)lsasrv.dll -> C:\Windows\System32\lsasrv.dll -> [2009/06/20 17:29:27 | 01,257,984 | ---- | C] (Microsoft Corporation)PresentationNative_v0300.dll -> C:\Windows\System32\PresentationNative_v0300.dll -> [2009/06/20 17:29:27 | 00,779,136 | ---- | C] (Microsoft Corporation)hdaudbus.sys -> C:\Windows\System32\drivers\hdaudbus.sys -> [2009/06/20 17:29:27 | 00,561,152 | ---- | C] (Microsoft Corporation)scavenge.dll -> C:\Windows\System32\scavenge.dll -> [2009/06/20 17:29:26 | 00,928,768 | ---- | C] (Microsoft Corporation)RMActivate_isv.exe -> C:\Windows\System32\RMActivate_isv.exe -> [2009/06/20 17:29:26 | 00,526,336 | ---- | C] (Microsoft Corporation)RMActivate.exe -> C:\Windows\System32\RMActivate.exe -> [2009/06/20 17:29:26 | 00,518,144 | ---- | C] (Microsoft Corporation)msi.dll -> C:\Windows\System32\msi.dll -> [2009/06/20 17:29:25 | 02,241,536 | ---- | C] (Microsoft Corporation)wlan.tmf -> C:\Windows\System32\wlan.tmf -> [2009/06/20 17:29:24 | 02,499,629 | ---- | C] ()wcnwiz2.dll -> C:\Windows\System32\wcnwiz2.dll -> [2009/06/20 17:29:24 | 00,968,192 | ---- | C] (Microsoft Corporation)imapi2fs.dll -> C:\Windows\System32\imapi2fs.dll -> [2009/06/20 17:29:24 | 00,677,376 | ---- | C] (Microsoft Corporation)bthport.sys -> C:\Windows\System32\drivers\bthport.sys -> [2009/06/20 17:29:24 | 00,507,904 | ---- | C] (Microsoft Corporation)secproc_isv.dll -> C:\Windows\System32\secproc_isv.dll -> [2009/06/20 17:29:24 | 00,476,672 | ---- | C] (Microsoft Corporation)WscEapPr.dll -> C:\Windows\System32\WscEapPr.dll -> [2009/06/20 17:29:24 | 00,291,328 | ---- | C] (Microsoft Corporation)sysmain.dll -> C:\Windows\System32\sysmain.dll -> [2009/06/20 17:29:23 | 00,558,080 | ---- | C] (Microsoft Corporation)mf.dll -> C:\Windows\System32\mf.dll -> [2009/06/20 17:29:22 | 02,868,224 | ---- | C] (Microsoft Corporation)icardagt.exe -> C:\Windows\System32\icardagt.exe -> [2009/06/20 17:29:22 | 00,619,864 | ---- | C] (Microsoft Corporation)AuxiliaryDisplayCpl.dll -> C:\Windows\System32\AuxiliaryDisplayCpl.dll -> [2009/06/20 17:29:21 | 01,216,000 | ---- | C] (Microsoft Corporation)EhStorShell.dll -> C:\Windows\System32\EhStorShell.dll -> [2009/06/20 17:29:21 | 00,114,176 | ---- | C] (Microsoft Corporation)drmv2clt.dll -> C:\Windows\System32\drmv2clt.dll -> [2009/06/20 17:29:20 | 00,978,432 | ---- | C] (Microsoft Corporation)spinstall.exe -> C:\Windows\System32\spinstall.exe -> [2009/06/20 17:29:20 | 00,289,792 | ---- | C] (Microsoft Corporation)spreview.exe -> C:\Windows\System32\spreview.exe -> [2009/06/20 17:29:20 | 00,112,640 | ---- | C] (Microsoft Corporation)shell32.dll -> C:\Windows\System32\shell32.dll -> [2009/06/20 17:29:19 | 11,584,000 | ---- | C] (Microsoft Corporation)secproc.dll -> C:\Windows\System32\secproc.dll -> [2009/06/20 17:29:19 | 00,472,064 | ---- | C] (Microsoft Corporation)mcupdate_GenuineIntel.dll -> C:\Windows\System32\mcupdate_GenuineIntel.dll -> [2009/08/24 17:29:19 | 00,438,744 | ---- | C] (Microsoft Corporation)spwizui.dll -> C:\Windows\System32\spwizui.dll -> [2009/06/20 17:29:19 | 00,164,352 | ---- | C] (Microsoft Corporation)p2psvc.dll -> C:\Windows\System32\p2psvc.dll -> [2009/06/20 17:29:18 | 00,644,608 | ---- | C] (Microsoft Corporation)mssvp.dll -> C:\Windows\System32\mssvp.dll -> [2009/06/20 17:29:17 | 00,670,720 | ---- | C] (Microsoft Corporation)SearchIndexer.exe -> C:\Windows\System32\SearchIndexer.exe -> [2009/06/20 17:29:17 | 00,441,344 | ---- | C] (Microsoft Corporation)MSMPEG2VDEC.DLL -> C:\Windows\System32\MSMPEG2VDEC.DLL -> [2009/06/20 17:29:16 | 00,613,888 | ---- | C] (Microsoft Corporation)imapi2.dll -> C:\Windows\System32\imapi2.dll -> [2009/06/20 17:29:16 | 00,378,368 | ---- | C] (Microsoft Corporation)mssph.dll -> C:\Windows\System32\mssph.dll -> [2009/06/20 17:29:16 | 00,351,744 | ---- | C] (Microsoft Corporation)mscoree.dll -> C:\Windows\System32\mscoree.dll -> [2009/06/20 17:29:16 | 00,278,848 | ---- | C] (Microsoft Corporation)mssphtb.dll -> C:\Windows\System32\mssphtb.dll -> [2009/06/20 17:29:16 | 00,203,264 | ---- | C] (Microsoft Corporation)mjkks000.exe -> C:\Users\mjkks000.exe -> [2009/07/28 16:22:22 | 19,237,111 | ---- | C] ()ntkrnlpa.exe -> C:\Windows\System32\ntkrnlpa.exe -> [2009/06/20 17:29:15 | 03,601,896 | ---- | C] (Microsoft Corporation)esent.dll -> C:\Windows\System32\esent.dll -> [2009/06/20 17:29:15 | 01,459,200 | ---- | C] (Microsoft Corporation)sdohlp.dll -> C:\Windows\System32\sdohlp.dll -> [2009/06/20 17:29:15 | 00,324,608 | ---- | C] (Microsoft Corporation)IMJP10K.DLL -> C:\Windows\System32\IMJP10K.DLL -> [2009/06/20 17:29:14 | 00,729,600 | ---- | C] (Microsoft Corporation)DevicePairing.dll -> C:\Windows\System32\DevicePairing.dll -> [2009/06/20 17:29:14 | 00,478,208 | ---- | C] (Microsoft Corporation)RMActivate_ssp.exe -> C:\Windows\System32\RMActivate_ssp.exe -> [2009/06/20 17:29:14 | 00,347,136 | ---- | C] (Microsoft Corporation)sperror.dll -> C:\Windows\System32\sperror.dll -> [2009/06/20 17:29:14 | 00,190,464 | ---- | C] (Microsoft Corporation)korwbrkr.dll -> C:\Windows\System32\korwbrkr.dll -> [2009/06/20 17:29:14 | 00,143,872 | ---- | C] (Microsoft Corporation)wevtsvc.dll -> C:\Windows\System32\wevtsvc.dll -> [2009/06/20 17:29:13 | 01,017,856 | ---- | C] (Microsoft Corporation)IasMigReader.exe -> C:\Windows\System32\IasMigReader.exe -> [2009/06/20 17:29:13 | 00,463,872 | ---- | C] (Microsoft Corporation)RMActivate_ssp_isv.exe -> C:\Windows\System32\RMActivate_ssp_isv.exe -> [2009/06/20 17:29:13 | 00,346,624 | ---- | C] (Microsoft Corporation)msshsq.dll -> C:\Windows\System32\msshsq.dll -> [2009/06/20 17:29:13 | 00,231,424 | ---- | C] (Microsoft Corporation)SLC.dll -> C:\Windows\System32\SLC.dll -> [2009/06/20 17:29:13 | 00,228,352 | ---- | C] (Microsoft Corporation)rfcomm.sys -> C:\Windows\System32\drivers\rfcomm.sys -> [2009/06/20 17:29:13 | 00,148,992 | ---- | C] (Microsoft Corporation)PresentationHostProxy.dll -> C:\Windows\System32\PresentationHostProxy.dll -> [2009/06/20 17:29:13 | 00,041,344 | ---- | C] (Microsoft Corporation)wmp.dll -> C:\Windows\System32\wmp.dll -> [2009/06/20 17:29:12 | 10,624,512 | ---- | C] (Microsoft Corporation)WMVCORE.DLL -> C:\Windows\System32\WMVCORE.DLL -> [2009/06/20 17:29:12 | 02,386,944 | ---- | C] (Microsoft Corporation)msjet40.dll -> C:\Windows\System32\msjet40.dll -> [2009/06/20 17:29:12 | 01,589,248 | ---- | C] (Microsoft Corporation)ntoskrnl.exe -> C:\Windows\System32\ntoskrnl.exe -> [2009/06/20 17:29:11 | 03,549,672 | ---- | C] (Microsoft Corporation)msxml6.dll -> C:\Windows\System32\msxml6.dll -> [2009/06/20 17:29:11 | 01,336,320 | ---- | C] (Microsoft Corporation)MPSSVC.dll -> C:\Windows\System32\MPSSVC.dll -> [2009/06/20 17:29:11 | 00,407,552 | ---- | C] (Microsoft Corporation)Query.dll -> C:\Windows\System32\Query.dll -> [2009/06/20 17:29:10 | 01,381,376 | ---- | C] (Microsoft Corporation)diagperf.dll -> C:\Windows\System32\diagperf.dll -> [2009/06/20 17:29:10 | 01,078,784 | ---- | C] (Microsoft Corporation)IMJP10.IME -> C:\Windows\System32\IMJP10.IME -> [2009/06/20 17:29:10 | 00,883,712 | ---- | C] (Microsoft Corporation)qmgr.dll -> C:\Windows\System32\qmgr.dll -> [2009/06/20 17:29:10 | 00,758,784 | ---- | C] (Microsoft Corporation)msexch40.dll -> C:\Windows\System32\msexch40.dll -> [2009/06/20 17:29:10 | 00,409,600 | ---- | C] (Microsoft Corporation)P2PGraph.dll -> C:\Windows\System32\P2PGraph.dll -> [2009/06/20 17:29:10 | 00,327,168 | ---- | C] (Microsoft Corporation)ole32.dll -> C:\Windows\System32\ole32.dll -> [2009/06/20 17:29:09 | 01,316,864 | ---- | C] (Microsoft Corporation)ntdll.dll -> C:\Windows\System32\ntdll.dll -> [2009/06/20 17:29:09 | 01,202,168 | ---- | C] (Microsoft Corporation)msxml3.dll -> C:\Windows\System32\msxml3.dll -> [2009/06/20 17:29:09 | 01,183,232 | ---- | C] (Microsoft Corporation)srchadmin.dll -> C:\Windows\System32\srchadmin.dll -> [2009/06/20 17:29:09 | 00,301,568 | ---- | C] (Microsoft Corporation)dfsr.exe -> C:\Windows\System32\dfsr.exe -> [2009/06/20 17:29:08 | 02,092,544 | ---- | C] (Microsoft Corporation)mmc.exe -> C:\Windows\System32\mmc.exe -> [2009/06/20 17:29:08 | 01,792,512 | ---- | C] (Microsoft Corporation)winload.exe -> C:\Windows\System32\winload.exe -> [2009/06/20 17:29:08 | 00,986,600 | ---- | C] (Microsoft Corporation)mblctr.exe -> C:\Windows\System32\mblctr.exe -> [2009/06/20 17:29:08 | 00,950,272 | ---- | C] (Microsoft Corporation)EncDec.dll -> C:\Windows\System32\EncDec.dll -> [2009/06/20 17:29:08 | 00,428,544 | ---- | C] (Microsoft Corporation)uDWM.dll -> C:\Windows\System32\uDWM.dll -> [2009/06/20 17:29:08 | 00,203,264 | ---- | C] (Microsoft Corporation)RacEngn.dll -> C:\Windows\System32\RacEngn.dll -> [2009/06/20 17:29:07 | 00,880,640 | ---- | C] (Microsoft Corporation)riched20.dll -> C:\Windows\System32\riched20.dll -> [2009/06/20 17:29:07 | 00,466,944 | ---- | C] (Microsoft Corporation)IasMigPlugin.dll -> C:\Windows\System32\IasMigPlugin.dll -> [2009/06/20 17:29:07 | 00,454,144 | ---- | C] (Microsoft)systemsf.ebd -> C:\Windows\System32\systemsf.ebd -> [2009/06/20 17:29:07 | 00,130,008 | ---- | C] ()fdBth.dll -> C:\Windows\System32\fdBth.dll -> [2009/06/20 17:29:07 | 00,088,064 | ---- | C] (Microsoft Corporation)tcpip.sys -> C:\Windows\System32\drivers\tcpip.sys -> [2009/06/20 17:29:06 | 00,897,000 | ---- | C] (Microsoft Corporation)kernel32.dll -> C:\Windows\System32\kernel32.dll -> [2009/06/20 17:29:06 | 00,891,392 | ---- | C] (Microsoft Corporation)SearchProtocolHost.exe -> C:\Windows\System32\SearchProtocolHost.exe -> [2009/06/20 17:29:06 | 00,185,344 | ---- | C] (Microsoft Corporation)SearchFilterHost.exe -> C:\Windows\System32\SearchFilterHost.exe -> [2009/06/20 17:29:06 | 00,087,552 | ---- | C] (Microsoft Corporation)milcore.dll -> C:\Windows\System32\milcore.dll -> [2009/06/20 17:29:05 | 02,012,160 | ---- | C] (Microsoft Corporation)CertEnroll.dll -> C:\Windows\System32\CertEnroll.dll -> [2009/06/20 17:29:05 | 01,112,064 | ---- | C] (Microsoft Corporation)NaturalLanguage6.dll -> C:\Windows\System32\NaturalLanguage6.dll -> [2009/06/20 17:29:05 | 00,805,376 | ---- | C] (Microsoft Corporation)schedsvc.dll -> C:\Windows\System32\schedsvc.dll -> [2009/06/20 17:29:05 | 00,595,456 | ---- | C] (Microsoft Corporation)spoolss.dll -> C:\Windows\System32\spoolss.dll -> [2009/06/20 17:29:05 | 00,160,768 | ---- | C] (Microsoft Corporation)EhStorAPI.dll -> C:\Windows\System32\EhStorAPI.dll -> [2009/06/20 17:29:05 | 00,120,320 | ---- | C] (Microsoft Corporation)spcinstrumentation.man -> C:\Windows\System32\spcinstrumentation.man -> [2009/06/20 17:29:05 | 00,009,239 | ---- | C] ()msjtes40.dll -> C:\Windows\System32\msjtes40.dll -> [2009/06/20 17:29:04 | 00,290,816 | ---- | C] (Microsoft Corporation)ahusndkekajdshdj.dll -> C:\Windows\System32\ahusndkekajdshdj.dll -> [2009/08/20 14:22:05 | 91,129,200 | ---- | C] ()kauehdfuaenxjawenx.dll -> C:\Windows\System32\kauehdfuaenxjawenx.dll -> [2009/08/20 14:22:07 | 91,129,200 | ---- | C] ()kasehdsoa.dll -> C:\Windows\System32\kasehdsoa.dll -> [2009/08/20 14:22:10 | 91,129,200 | ---- | C] ()wiuedhaiuwniajx.dll -> C:\Windows\System32\wiuedhaiuwniajx.dll -> [2009/08/20 14:22:12 | 91,129,200 | ---- | C] ()uaedhaizexneka.dll -> C:\Windows\System32\uaedhaizexneka.dll -> [2009/08/20 14:22:20 | 91,129,200 | ---- | C] ()skeuid9aew.dll -> C:\Windows\System32\skeuid9aew.dll -> [2009/08/20 14:22:25 | 91,129,200 | ---- | C] ()fsquirt.exe -> C:\Windows\System32\fsquirt.exe -> [2009/06/20 17:29:04 | 00,196,608 | ---- | C] (Microsoft Corporation)AuxiliaryDisplayDriverLib.dll -> C:\Windows\System32\AuxiliaryDisplayDriverLib.dll -> [2009/06/20 17:29:04 | 00,115,200 | ---- | C] (Microsoft Corporation)WinSAT.exe -> C:\Windows\System32\WinSAT.exe -> [2009/06/20 17:29:03 | 03,217,408 | ---- | C] (Microsoft Corporation)gpedit.dll -> C:\Windows\System32\gpedit.dll -> [2009/06/20 17:29:03 | 00,950,784 | ---- | C] (Microsoft Corporation)msvcp60.dll -> C:\Windows\System32\msvcp60.dll -> [2009/06/20 17:29:03 | 00,406,528 | ---- | C] (Microsoft Corporation)infocardapi.dll -> C:\Windows\System32\infocardapi.dll -> [2009/06/20 17:29:03 | 00,099,680 | ---- | C] (Microsoft Corporation)Magnify.exe -> C:\Windows\System32\Magnify.exe -> [2009/06/20 17:29:02 | 00,710,144 | ---- | C] (Microsoft Corporation)mstext40.dll -> C:\Windows\System32\mstext40.dll -> [2009/06/20 17:29:02 | 00,282,624 | ---- | C] (Microsoft Corporation)es.dll -> C:\Windows\System32\es.dll -> [2009/06/20 17:29:02 | 00,268,800 | ---- | C] (Microsoft Corporation)PresentationSettings.exe -> C:\Windows\System32\PresentationSettings.exe -> [2009/06/20 17:29:02 | 00,167,424 | ---- | C] (Microsoft Corporation)AuxiliaryDisplayServices.dll -> C:\Windows\System32\AuxiliaryDisplayServices.dll -> [2009/06/20 17:29:02 | 00,102,912 | ---- | C] (Microsoft Corporation)ntfs.sys -> C:\Windows\System32\drivers\ntfs.sys -> [2009/06/20 17:29:01 | 01,083,880 | ---- | C] (Microsoft Corporation)advapi32.dll -> C:\Windows\System32\advapi32.dll -> [2009/06/20 17:29:01 | 00,800,768 | ---- | C] (Microsoft Corporation)WMPhoto.dll -> C:\Windows\System32\WMPhoto.dll -> [2009/06/20 17:29:01 | 00,321,536 | ---- | C] (Microsoft Corporation)WebClnt.dll -> C:\Windows\System32\WebClnt.dll -> [2009/06/20 17:29:01 | 00,199,680 | ---- | C] (Microsoft Corporation)WindowsAnytimeUpgradeCPL.dll -> C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll -> [2009/06/20 17:29:00 | 01,524,736 | ---- | C] (Microsoft Corporation)comsvcs.dll -> C:\Windows\System32\comsvcs.dll -> [2009/06/20 17:29:00 | 01,209,856 | ---- | C] (Microsoft Corporation)vssapi.dll -> C:\Windows\System32\vssapi.dll -> [2009/06/20 17:29:00 | 01,077,248 | ---- | C] (Microsoft Corporation)msxbde40.dll -> C:\Windows\System32\msxbde40.dll -> [2009/06/20 17:29:00 | 00,454,656 | ---- | C] (Microsoft Corporation)msexcl40.dll -> C:\Windows\System32\msexcl40.dll -> [2009/06/20 17:29:00 | 00,339,968 | ---- | C] (Microsoft Corporation)psisrndr.ax -> C:\Windows\System32\psisrndr.ax -> [2009/06/20 17:29:00 | 00,217,088 | ---- | C] (Microsoft Corporation)slwmi.dll -> C:\Windows\System32\slwmi.dll -> [2009/06/20 17:29:00 | 00,067,584 | ---- | C] (Microsoft Corporation)mstscax.dll -> C:\Windows\System32\mstscax.dll -> [2009/06/20 17:28:59 | 02,066,432 | ---- | C] (Microsoft Corporation)authui.dll -> C:\Windows\System32\authui.dll -> [2009/06/20 17:28:59 | 01,985,024 | ---- | C] (Microsoft Corporation)NetProjW.dll -> C:\Windows\System32\NetProjW.dll -> [2009/06/20 17:28:59 | 01,086,464 | ---- | C] (Microsoft Corporation)propsys.dll -> C:\Windows\System32\propsys.dll -> [2009/06/20 17:28:58 | 00,754,688 | ---- | C] (Microsoft Corporation)msrepl40.dll -> C:\Windows\System32\msrepl40.dll -> [2009/06/20 17:28:58 | 00,643,072 | ---- | C] (Microsoft Corporation)bthprops.cpl -> C:\Windows\System32\bthprops.cpl -> [2009/06/20 17:28:58 | 00,640,512 | ---- | C] (Microsoft Corporation)newdev.dll -> C:\Windows\System32\newdev.dll -> [2009/06/20 17:28:58 | 00,469,504 | ---- | C] (Microsoft Corporation)PresentationHost.exe -> C:\Windows\System32\PresentationHost.exe -> [2009/06/20 17:28:58 | 00,323,952 | ---- | C] (Microsoft Corporation)explorer.exe -> C:\Windows\explorer.exe -> [2009/06/20 17:28:57 | 02,926,592 | ---- | C] (Microsoft Corporation)crypt32.dll -> C:\Windows\System32\crypt32.dll -> [2009/06/20 17:28:57 | 00,978,944 | ---- | C] (Microsoft Corporation)gpsvc.dll -> C:\Windows\System32\gpsvc.dll -> [2009/06/20 17:28:57 | 00,576,512 | ---- | C] (Microsoft Corporation)dot3.tmf -> C:\Windows\System32\dot3.tmf -> [2009/06/20 17:28:57 | 00,442,788 | ---- | C] ()eudcedit.exe -> C:\Windows\System32\eudcedit.exe -> [2009/06/20 17:28:57 | 00,205,824 | ---- | C] (Microsoft Corporation)iasrecst.dll -> C:\Windows\System32\iasrecst.dll -> [2009/06/20 17:28:57 | 00,119,296 | ---- | C] (Microsoft Corporation)PresentationCFFRasterizerNative_v0300.dll -> C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll -> [2009/06/20 17:28:57 | 00,102,816 | ---- | C] (Microsoft Corporation)d3d9.dll -> C:\Windows\System32\d3d9.dll -> [2009/06/20 17:28:56 | 01,788,416 | ---- | C] (Microsoft Corporation)setupapi.dll -> C:\Windows\System32\setupapi.dll -> [2009/06/20 17:28:56 | 01,591,296 | ---- | C] (Microsoft Corporation)rpcss.dll -> C:\Windows\System32\rpcss.dll -> [2009/06/20 17:28:56 | 00,550,400 | ---- | C] (Microsoft Corporation)mspbde40.dll -> C:\Windows\System32\mspbde40.dll -> [2009/06/20 17:28:56 | 00,368,640 | ---- | C] (Microsoft Corporation)mfc42.dll -> C:\Windows\System32\mfc42.dll -> [2009/08/24 17:28:55 | 01,135,104 | ---- | C] (Microsoft Corporation)shlwapi.dll -> C:\Windows\System32\shlwapi.dll -> [2009/06/20 17:28:55 | 00,353,280 | ---- | C] (Microsoft Corporation)msrd3x40.dll -> C:\Windows\System32\msrd3x40.dll -> [2009/06/20 17:28:55 | 00,344,064 | ---- | C] (Microsoft Corporation)msltus40.dll -> C:\Windows\System32\msltus40.dll -> [2009/06/20 17:28:55 | 00,241,664 | ---- | C] (Microsoft Corporation)EhStorAuthn.dll -> C:\Windows\System32\EhStorAuthn.dll -> [2009/06/20 17:28:55 | 00,117,248 | ---- | C] ()StructuredQuerySchema.bin -> C:\Windows\System32\StructuredQuerySchema.bin -> [2009/06/20 17:28:55 | 00,107,612 | ---- | C] ()davclnt.dll -> C:\Windows\System32\davclnt.dll -> [2009/06/20 17:28:55 | 00,061,440 | ---- | C] (Microsoft Corporation)EhStorPwdMgr.dll -> C:\Windows\System32\EhStorPwdMgr.dll -> [2009/06/20 17:28:55 | 00,037,376 | ---- | C] (Microsoft Corporation)browseui.dll -> C:\Windows\System32\browseui.dll -> [2009/06/20 17:28:54 | 01,324,032 | ---- | C] (Microsoft Corporation)msdtctm.dll -> C:\Windows\System32\msdtctm.dll -> [2009/06/20 17:28:54 | 01,053,696 | ---- | C] (Microsoft Corporation)dxgkrnl.sys -> C:\Windows\System32\drivers\dxgkrnl.sys -> [2009/06/20 17:28:54 | 00,626,176 | ---- | C] (Microsoft Corporation)photowiz.dll -> C:\Windows\System32\photowiz.dll -> [2009/06/20 17:28:54 | 00,293,376 | ---- | C] (Microsoft Corporation)wevtapi.dll -> C:\Windows\System32\wevtapi.dll -> [2009/06/20 17:28:54 | 00,250,368 | ---- | C] (Microsoft Corporation)locale.nls -> C:\Windows\System32\locale.nls -> [2009/06/20 17:28:53 | 03,662,128 | ---- | C] ()user32.dll -> C:\Windows\System32\user32.dll -> [2009/06/20 17:28:53 | 00,627,712 | ---- | C] (Microsoft Corporation)samsrv.dll -> C:\Windows\System32\samsrv.dll -> [2009/06/20 17:28:53 | 00,483,328 | ---- | C] (Microsoft Corporation)nlhtml.dll -> C:\Windows\System32\nlhtml.dll -> [2009/06/20 17:28:53 | 00,136,192 | ---- | C] (Microsoft Corporation)quartz.dll -> C:\Windows\System32\quartz.dll -> [2009/06/20 17:28:52 | 01,314,816 | ---- | C] (Microsoft Corporation)printfilterpipelinesvc.exe -> C:\Windows\System32\printfilterpipelinesvc.exe -> [2009/06/20 17:28:52 | 00,666,624 | ---- | C] (Microsoft Corporation)ci.dll -> C:\Windows\System32\ci.dll -> [2009/06/20 17:28:52 | 00,614,376 | ---- | C] (Microsoft Corporation)SLCommDlg.dll -> C:\Windows\System32\SLCommDlg.dll -> [2009/06/20 17:28:52 | 00,582,144 | ---- | C] (Microsoft Corporation)oleaut32.dll -> C:\Windows\System32\oleaut32.dll -> [2009/06/20 17:28:52 | 00,563,712 | ---- | C] (Microsoft Corporation)kerberos.dll -> C:\Windows\System32\kerberos.dll -> [2009/06/20 17:28:52 | 00,497,664 | ---- | C] (Microsoft Corporation)win32spl.dll -> C:\Windows\System32\win32spl.dll -> [2009/06/20 17:28:52 | 00,443,392 | ---- | C] (Microsoft Corporation)onex.tmf -> C:\Windows\System32\onex.tmf -> [2009/06/20 17:28:52 | 00,392,170 | ---- | C] ()WcnNetsh.dll -> C:\Windows\System32\WcnNetsh.dll -> [2009/06/20 17:28:52 | 00,165,376 | ---- | C] (Microsoft Corporation)netshell.dll -> C:\Windows\System32\netshell.dll -> [2009/06/20 17:28:51 | 03,174,400 | ---- | C] (Microsoft Corporation)apds.dll -> C:\Windows\System32\apds.dll -> [2009/06/20 17:28:51 | 01,730,560 | ---- | C] (Microsoft Corporation)IKEEXT.DLL -> C:\Windows\System32\IKEEXT.DLL -> [2009/06/20 17:28:51 | 00,438,784 | ---- | C] (Microsoft Corporation)winhttp.dll -> C:\Windows\System32\winhttp.dll -> [2009/06/20 17:28:51 | 00,375,808 | ---- | C] (Microsoft Corporation)rdbss.sys -> C:\Windows\System32\drivers\rdbss.sys -> [2009/06/20 17:28:51 | 00,225,280 | ---- | C] (Microsoft Corporation)msv1_0.dll -> C:\Windows\System32\msv1_0.dll -> [2009/06/20 17:28:51 | 00,215,040 | ---- | C] (Microsoft Corporation)compcln.exe -> C:\Windows\System32\compcln.exe -> [2009/06/20 17:28:51 | 00,057,856 | ---- | C] (Microsoft Corporation)msctf.dll -> C:\Windows\System32\msctf.dll -> [2009/06/20 17:28:50 | 00,807,424 | ---- | C] (Microsoft Corporation)mswstr10.dll -> C:\Windows\System32\mswstr10.dll -> [2009/06/20 17:28:50 | 00,618,496 | ---- | C] (Microsoft Corporation)emdmgmt.dll -> C:\Windows\System32\emdmgmt.dll -> [2009/06/20 17:28:50 | 00,564,224 | ---- | C] (Microsoft Corporation)audiosrv.dll -> C:\Windows\System32\audiosrv.dll -> [2009/06/20 17:28:50 | 00,315,392 | ---- | C] (Microsoft Corporation)mrxdav.sys -> C:\Windows\System32\drivers\mrxdav.sys -> [2009/06/20 17:28:50 | 00,114,688 | ---- | C] (Microsoft Corporation)xmlfilter.dll -> C:\Windows\System32\xmlfilter.dll -> [2009/06/20 17:28:50 | 00,056,320 | ---- | C] (Microsoft Corporation)VSSVC.exe -> C:\Windows\System32\VSSVC.exe -> [2009/06/20 17:28:49 | 01,055,232 | ---- | C] (Microsoft Corporation)msvcrt.dll -> C:\Windows\System32\msvcrt.dll -> [2009/06/20 17:28:49 | 00,679,936 | ---- | C] (Microsoft Corporation)QAGENTRT.DLL -> C:\Windows\System32\QAGENTRT.DLL -> [2009/06/20 17:28:49 | 00,302,592 | ---- | C] (Microsoft Corporation)gdi32.dll -> C:\Windows\System32\gdi32.dll -> [2009/06/20 17:28:49 | 00,297,472 | ---- | C] (Microsoft Corporation)netio.sys -> C:\Windows\System32\drivers\netio.sys -> [2009/06/20 17:28:49 | 00,223,208 | ---- | C] (Microsoft Corporation)iphlpsvc.dll -> C:\Windows\System32\iphlpsvc.dll -> [2009/06/20 17:28:49 | 00,199,168 | ---- | C] (Microsoft Corporation)mfc42u.dll -> C:\Windows\System32\mfc42u.dll -> [2009/06/20 17:28:48 | 01,160,704 | ---- | C] (Microsoft Corporation)sqlsrv32.dll -> C:\Windows\System32\sqlsrv32.dll -> [2009/06/20 17:28:48 | 00,524,288 | ---- | C] (Microsoft Corporation)SLUI.exe -> C:\Windows\System32\SLUI.exe -> [2009/06/20 17:28:48 | 00,361,984 | ---- | C] (Microsoft Corporation)eaphost.tmf -> C:\Windows\System32\eaphost.tmf -> [2009/06/20 17:28:48 | 00,344,698 | ---- | C] ()msrd2x40.dll -> C:\Windows\System32\msrd2x40.dll -> [2009/06/20 17:28:48 | 00,319,488 | ---- | C] (Microsoft Corporation)eapphost.dll -> C:\Windows\System32\eapphost.dll -> [2009/06/20 17:28:48 | 00,183,808 | ---- | C] (Microsoft Corporation)winresume.exe -> C:\Windows\System32\winresume.exe -> [2009/06/20 17:28:47 | 00,926,184 | ---- | C] (Microsoft Corporation)odbc32.dll -> C:\Windows\System32\odbc32.dll -> [2009/06/20 17:28:47 | 00,409,600 | ---- | C] (Microsoft Corporation)propdefs.dll -> C:\Windows\System32\propdefs.dll -> [2009/06/20 17:28:47 | 00,071,680 | ---- | C] (Microsoft Corporation)USBSTOR.SYS -> C:\Windows\System32\drivers\USBSTOR.SYS -> [2009/06/20 17:28:47 | 00,065,536 | ---- | C] (Microsoft Corporation)dbgeng.dll -> C:\Windows\System32\dbgeng.dll -> [2009/06/20 17:28:46 | 01,856,512 | ---- | C] (Microsoft Corporation)shdocvw.dll -> C:\Windows\System32\shdocvw.dll -> [2009/06/20 17:28:46 | 01,068,032 | ---- | C] (Microsoft Corporation)usbhub.sys -> C:\Windows\System32\drivers\usbhub.sys -> [2009/06/20 17:28:46 | 00,196,096 | ---- | C] (Microsoft Corporation)wevtutil.exe -> C:\Windows\System32\wevtutil.exe -> [2009/06/20 17:28:46 | 00,163,840 | ---- | C] (Microsoft Corporation)WsmSvc.dll -> C:\Windows\System32\WsmSvc.dll -> [2009/06/20 17:28:45 | 00,747,008 | ---- | C] (Microsoft Corporation)mssitlb.dll -> C:\Windows\System32\mssitlb.dll -> [2009/06/20 17:28:45 | 00,087,040 | ---- | C] (Microsoft Corporation)mmcndmgr.dll -> C:\Windows\System32\mmcndmgr.dll -> [2009/06/20 17:28:44 | 02,167,808 | ---- | C] (Microsoft Corporation)usp10.dll -> C:\Windows\System32\usp10.dll -> [2009/06/20 17:28:44 | 00,502,272 | ---- | C] (Microsoft Corporation)swprv.dll -> C:\Windows\System32\swprv.dll -> [2009/06/20 17:28:44 | 00,311,808 | ---- | C] (Microsoft Corporation)netlogon.dll -> C:\Windows\System32\netlogon.dll -> [2009/06/20 17:28:43 | 00,592,896 | ---- | C] (Microsoft Corporation)vds.exe -> C:\Windows\System32\vds.exe -> [2009/06/20 17:28:43 | 00,385,536 | ---- | C] (Microsoft Corporation)devmgr.dll -> C:\Windows\System32\devmgr.dll -> [2009/06/20 17:28:43 | 00,378,368 | ---- | C] (Microsoft Corporation)drvinst.exe -> C:\Windows\System32\drvinst.exe -> [2009/06/20 17:28:43 | 00,194,048 | ---- | C] (Microsoft Corporation)msctfp.dll -> C:\Windows\System32\msctfp.dll -> [2009/06/20 17:28:43 | 00,084,992 | ---- | C] (Microsoft Corporation)fdBthProxy.dll -> C:\Windows\System32\fdBthProxy.dll -> [2009/06/20 17:28:43 | 00,009,728 | ---- | C] (Microsoft Corporation)evr.dll -> C:\Windows\System32\evr.dll -> [2009/06/20 17:28:42 | 00,485,888 | ---- | C] (Microsoft Corporation)BFE.DLL -> C:\Windows\System32\BFE.DLL -> [2009/06/20 17:28:42 | 00,334,848 | ---- | C] (Microsoft Corporation)schannel.dll -> C:\Windows\System32\schannel.dll -> [2009/06/20 17:28:42 | 00,268,800 | ---- | C] (Microsoft Corporation)adsldpc.dll -> C:\Windows\System32\adsldpc.dll -> [2009/06/20 17:28:42 | 00,199,168 | ---- | C] (Microsoft Corporation)DevicePairingProxy.dll -> C:\Windows\System32\DevicePairingProxy.dll -> [2009/06/20 17:28:42 | 00,054,784 | ---- | C] (Microsoft Corporation)msscb.dll -> C:\Windows\System32\msscb.dll -> [2009/06/20 17:28:42 | 00,035,328 | ---- | C] (Microsoft Corporation)wcnwiz.dll -> C:\Windows\System32\wcnwiz.dll -> [2009/06/20 17:28:41 | 01,533,440 | ---- | C] (Microsoft Corporation)WMVSDECD.DLL -> C:\Windows\System32\WMVSDECD.DLL -> [2009/06/20 17:28:41 | 01,382,912 | ---- | C] (Microsoft Corporation)WindowsCodecs.dll -> C:\Windows\System32\WindowsCodecs.dll -> [2009/06/20 17:28:41 | 00,712,704 | ---- | C] (Microsoft Corporation)PhotoMetadataHandler.dll -> C:\Windows\System32\PhotoMetadataHandler.dll -> [2009/06/20 17:28:41 | 00,425,472 | ---- | C] (Microsoft Corporation)WSDApi.dll -> C:\Windows\System32\WSDApi.dll -> [2009/06/20 17:28:41 | 00,355,328 | ---- | C] (Microsoft Corporation)Wldap32.dll -> C:\Windows\System32\Wldap32.dll -> [2009/06/20 17:28:41 | 00,287,744 | ---- | C] (Microsoft Corporation)phon.ime -> C:\Windows\System32\phon.ime -> [2009/06/20 17:28:41 | 00,124,928 | ---- | C] (Microsoft Corporation)chajei.ime -> C:\Windows\System32\chajei.ime -> [2009/06/20 17:28:41 | 00,124,928 | ---- | C] (Microsoft Corporation)wercon.exe -> C:\Windows\System32\wercon.exe -> [2009/06/20 17:28:40 | 01,143,296 | ---- | C] (Microsoft Corporation)adtschema.dll -> C:\Windows\System32\adtschema.dll -> [2009/06/20 17:28:40 | 00,617,984 | ---- | C] (Microsoft Corporation)comdlg32.dll -> C:\Windows\System32\comdlg32.dll -> [2009/06/20 17:28:40 | 00,450,560 | ---- | C] (Microsoft Corporation)services.exe -> C:\Windows\System32\services.exe -> [2009/06/20 17:28:40 | 00,279,552 | ---- | C] (Microsoft Corporation)quick.ime -> C:\Windows\System32\quick.ime -> [2009/06/20 17:28:40 | 00,124,928 | ---- | C] (Microsoft Corporation)qintlgnt.ime -> C:\Windows\System32\qintlgnt.ime -> [2009/06/20 17:28:40 | 00,124,928 | ---- | C] (Microsoft Corporation)cintlgnt.ime -> C:\Windows\System32\cintlgnt.ime -> [2009/06/20 17:28:40 | 00,124,928 | ---- | C] (Microsoft Corporation)mimefilt.dll -> C:\Windows\System32\mimefilt.dll -> [2009/06/20 17:28:40 | 00,041,984 | ---- | C] (Microsoft Corporation)mswdat10.dll -> C:\Windows\System32\mswdat10.dll -> [2009/06/20 17:28:39 | 00,856,064 | ---- | C] (Microsoft Corporation)msdtcprx.dll -> C:\Windows\System32\msdtcprx.dll -> [2009/06/20 17:28:39 | 00,560,640 | ---- | C] (Microsoft Corporation)wcncsvc.dll -> C:\Windows\System32\wcncsvc.dll -> [2009/06/20 17:28:39 | 00,413,696 | ---- | C] (Microsoft Corporation)ipsmsnap.dll -> C:\Windows\System32\ipsmsnap.dll -> [2009/06/20 17:28:39 | 00,396,288 | ---- | C] (Microsoft Corporation)msdrm.dll -> C:\Windows\System32\msdrm.dll -> [2009/06/20 17:28:39 | 00,332,288 | ---- | C] (Microsoft Corporation)certcli.dll -> C:\Windows\System32\certcli.dll -> [2009/06/20 17:28:39 | 00,323,584 | ---- | C] (Microsoft Corporation)PortableDeviceApi.dll -> C:\Windows\System32\PortableDeviceApi.dll -> [2009/06/20 17:28:39 | 00,241,152 | ---- | C] (Microsoft Corporation)msiscsi.sys -> C:\Windows\System32\drivers\msiscsi.sys -> [2009/06/20 17:28:39 | 00,180,712 | ---- | C] (Microsoft Corporation)msjter40.dll -> C:\Windows\System32\msjter40.dll -> [2009/06/20 17:28:39 | 00,061,440 | ---- | C] (Microsoft Corporation)certutil.exe -> C:\Windows\System32\certutil.exe -> [2009/06/20 17:28:38 | 00,799,744 | ---- | C] (Microsoft Corporation)umpnpmgr.dll -> C:\Windows\System32\umpnpmgr.dll -> [2009/06/20 17:28:38 | 00,222,720 | ---- | C] (Microsoft Corporation)taskeng.exe -> C:\Windows\System32\taskeng.exe -> [2009/06/20 17:28:38 | 00,169,984 | ---- | C] (Microsoft Corporation)dnsapi.dll -> C:\Windows\System32\dnsapi.dll -> [2009/06/20 17:28:38 | 00,168,448 | ---- | C] (Microsoft Corporation)reg.exe -> C:\Windows\System32\reg.exe -> [2009/06/20 17:28:38 | 00,061,952 | ---- | C] (Microsoft Corporation)rtffilt.dll -> C:\Windows\System32\rtffilt.dll -> [2009/06/20 17:28:38 | 00,038,400 | ---- | C] (Microsoft Corporation)infocardcpl.cpl -> C:\Windows\System32\infocardcpl.cpl -> [2009/06/20 17:28:38 | 00,035,168 | ---- | C] (Microsoft Corporation)WMNetMgr.dll -> C:\Windows\System32\WMNetMgr.dll -> [2009/06/20 17:28:37 | 00,996,352 | ---- | C] (Microsoft Corporation)PhotoScreensaver.scr -> C:\Windows\System32\PhotoScreensaver.scr -> [2009/06/20 17:28:37 | 00,704,512 | ---- | C] (Microsoft Corporation)IPSECSVC.DLL -> C:\Windows\System32\IPSECSVC.DLL -> [2009/06/20 17:28:37 | 00,364,032 | ---- | C] (Microsoft Corporation)srv.sys -> C:\Windows\System32\drivers\srv.sys -> [2009/06/20 17:28:37 | 00,288,768 | ---- | C] (Microsoft Corporation)w32time.dll -> C:\Windows\System32\w32time.dll -> [2009/06/20 17:28:37 | 00,282,624 | ---- | C] (Microsoft Corporation)bcrypt.dll -> C:\Windows\System32\bcrypt.dll -> [2009/06/20 17:28:37 | 00,274,432 | ---- | C] (Microsoft Corporation)usbport.sys -> C:\Windows\System32\drivers\usbport.sys -> [2009/06/20 17:28:37 | 00,226,304 | ---- | C] (Microsoft Corporation)msscntrs.dll -> C:\Windows\System32\msscntrs.dll -> [2009/06/20 17:28:37 | 00,060,416 | ---- | C] (Microsoft Corporation)bthserv.dll -> C:\Windows\System32\bthserv.dll -> [2009/06/20 17:28:37 | 00,040,960 | ---- | C] (Microsoft Corporation)msshooks.dll -> C:\Windows\System32\msshooks.dll -> [2009/06/20 17:28:37 | 00,011,776 | ---- | C] (Microsoft Corporation)ndis.sys -> C:\Windows\System32\drivers\ndis.sys -> [2009/06/20 17:28:36 | 00,527,848 | ---- | C] (Microsoft Corporation)msihnd.dll -> C:\Windows\System32\msihnd.dll -> [2009/06/20 17:28:36 | 00,332,800 | ---- | C] (Microsoft Corporation)rsaenh.dll -> C:\Windows\System32\rsaenh.dll -> [2009/06/20 17:28:36 | 00,241,128 | ---- | C] (Microsoft Corporation)MMDevAPI.dll -> C:\Windows\System32\MMDevAPI.dll -> [2009/06/20 17:28:36 | 00,150,528 | ---- | C] (Microsoft Corporation)msstrc.dll -> C:\Windows\System32\msstrc.dll -> [2009/06/20 17:28:36 | 00,043,008 | ---- | C] (Microsoft Corporation)TsWpfWrp.exe -> C:\Windows\System32\TsWpfWrp.exe -> [2009/06/20 17:28:36 | 00,035,680 | ---- | C] (Microsoft Corporation)inetcomm.dll -> C:\Windows\System32\inetcomm.dll -> [2009/06/20 17:28:35 | 00,738,816 | ---- | C] (Microsoft Corporation)netapi32.dll -> C:\Windows\System32\netapi32.dll -> [2009/06/20 17:28:35 | 00,467,456 | ---- | C] (Microsoft Corporation)mtxclu.dll -> C:\Windows\System32\mtxclu.dll -> [2009/06/20 17:28:35 | 00,310,272 | ---- | C] (Microsoft Corporation)fundisc.dll -> C:\Windows\System32\fundisc.dll -> [2009/06/20 17:28:35 | 00,153,088 | ---- | C] (Microsoft Corporation)cryptsvc.dll -> C:\Windows\System32\cryptsvc.dll -> [2009/06/20 17:28:35 | 00,129,024 | ---- | C] (Microsoft Corporation)inetpp.dll -> C:\Windows\System32\inetpp.dll -> [2009/06/20 17:28:35 | 00,122,368 | ---- | C] (Microsoft Corporation)dfshim.dll -> C:\Windows\System32\dfshim.dll -> [2009/06/20 17:28:35 | 00,093,512 | ---- | C] (Microsoft Corporation)hidserv.dll -> C:\Windows\System32\hidserv.dll -> [2009/06/20 17:28:35 | 00,026,112 | ---- | C] (Microsoft Corporation)gameux.dll -> C:\Windows\System32\gameux.dll -> [2009/06/20 17:28:34 | 01,696,768 | ---- | C] (Microsoft Corporation)termsrv.dll -> C:\Windows\System32\termsrv.dll -> [2009/06/20 17:28:34 | 00,449,024 | ---- | C] (Microsoft Corporation)wmicmiplugin.dll -> C:\Windows\System32\wmicmiplugin.dll -> [2009/06/20 17:28:34 | 00,343,040 | ---- | C] (Microsoft Corporation)profsvc.dll -> C:\Windows\System32\profsvc.dll -> [2009/06/20 17:28:34 | 00,153,088 | ---- | C] (Microsoft Corporation)dhcpcsvc6.dll -> C:\Windows\System32\dhcpcsvc6.dll -> [2009/06/20 17:28:34 | 00,130,560 | ---- | C] (Microsoft Corporation)mscories.dll -> C:\Windows\System32\mscories.dll -> [2009/06/20 17:28:34 | 00,080,720 | ---- | C] (Microsoft Corporation)chsbrkr.dll -> C:\Windows\System32\chsbrkr.dll -> [2009/06/20 17:28:33 | 01,671,680 | ---- | C] (Microsoft Corporation)wdc.dll -> C:\Windows\System32\wdc.dll -> [2009/06/20 17:28:33 | 01,020,928 | ---- | C] (Microsoft Corporation)shsvcs.dll -> C:\Windows\System32\shsvcs.dll -> [2009/06/20 17:28:33 | 00,247,296 | ---- | C] (Microsoft Corporation)WFP.TMF -> C:\Windows\System32\WFP.TMF -> [2009/06/20 17:28:33 | 00,208,966 | ---- | C] ()pci.sys -> C:\Windows\System32\drivers\pci.sys -> [2009/06/20 17:28:33 | 00,149,480 | ---- | C] (Microsoft Corporation)Classpnp.sys -> C:\Windows\System32\drivers\Classpnp.sys -> [2009/06/20 17:28:33 | 00,125,928 | ---- | C] (Microsoft Corporation)imapi.dll -> C:\Windows\System32\imapi.dll -> [2009/06/20 17:28:33 | 00,107,520 | ---- | C] (Microsoft Corporation)msiexec.exe -> C:\Windows\System32\msiexec.exe -> [2009/06/20 17:28:33 | 00,073,216 | ---- | C] (Microsoft Corporation)pnidui.dll -> C:\Windows\System32\pnidui.dll -> [2009/06/20 17:28:32 | 01,823,744 | ---- | C] (Microsoft Corporation)autofmt.exe -> C:\Windows\System32\autofmt.exe -> [2009/06/20 17:28:32 | 00,636,416 | ---- | C] (Microsoft Corporation)rasmans.dll -> C:\Windows\System32\rasmans.dll -> [2009/06/20 17:28:32 | 00,262,144 | ---- | C] (Microsoft Corporation)iassdo.dll -> C:\Windows\System32\iassdo.dll -> [2009/06/20 17:28:32 | 00,252,928 | ---- | C] (Microsoft Corporation)mrxsmb10.sys -> C:\Windows\System32\drivers\mrxsmb10.sys -> [2009/06/20 17:28:32 | 00,212,992 | ---- | C] (Microsoft Corporation)spoolsv.exe -> C:\Windows\System32\spoolsv.exe -> [2009/06/20 17:28:32 | 00,127,488 | ---- | C] (Microsoft Corporation)Kswdmcap.ax -> C:\Windows\System32\Kswdmcap.ax -> [2009/06/20 17:28:32 | 00,093,696 | ---- | C] (Microsoft Corporation)termdd.sys -> C:\Windows\System32\drivers\termdd.sys -> [2009/06/20 17:28:32 | 00,053,224 | ---- | C] (Microsoft Corporation)icardres.dll -> C:\Windows\System32\icardres.dll -> [2009/06/20 17:28:32 | 00,009,048 | ---- | C] (Microsoft Corporation)ksecdd.sys -> C:\Windows\System32\drivers\ksecdd.sys -> [2009/06/20 17:28:31 | 00,439,784 | ---- | C] (Microsoft Corporation)acpi.sys -> C:\Windows\System32\drivers\acpi.sys -> [2009/06/20 17:28:31 | 00,265,688 | ---- | C] (Microsoft Corporation)scrrun.dll -> C:\Windows\System32\scrrun.dll -> [2009/06/20 17:28:31 | 00,172,032 | ---- | C] (Microsoft Corporation)srv2.sys -> C:\Windows\System32\drivers\srv2.sys -> [2009/06/20 17:28:31 | 00,144,896 | ---- | C] (Microsoft Corporation)wersvc.dll -> C:\Windows\System32\wersvc.dll -> [2009/06/20 17:28:31 | 00,126,976 | ---- | C] (Microsoft Corporation)Storport.sys -> C:\Windows\System32\drivers\Storport.sys -> [2009/06/20 17:28:31 | 00,122,344 | ---- | C] (Microsoft Corporation)slmgr.vbs -> C:\Windows\System32\slmgr.vbs -> [2009/06/20 17:28:31 | 00,092,918 | ---- | C] ()PSHED.DLL -> C:\Windows\System32\PSHED.DLL -> [2009/06/20 17:28:31 | 00,050,664 | ---- | C] (Microsoft Corporation)crashdmp.sys -> C:\Windows\System32\drivers\crashdmp.sys -> [2009/06/20 17:28:31 | 00,035,304 | ---- | C] (Microsoft Corporation)appwiz.cpl -> C:\Windows\System32\appwiz.cpl -> [2009/06/20 17:28:30 | 01,122,304 | ---- | C] (Microsoft Corporation)pidgenx.dll -> C:\Windows\System32\pidgenx.dll -> [2009/06/20 17:28:30 | 01,107,968 | ---- | C] (Microsoft Corporation)azroles.dll -> C:\Windows\System32\azroles.dll -> [2009/06/20 17:28:30 | 00,757,248 | ---- | C] (Microsoft Corporation)CertEnrollUI.dll -> C:\Windows\System32\CertEnrollUI.dll -> [2009/06/20 17:28:30 | 00,633,856 | ---- | C] (Microsoft Corporation)winspool.drv -> C:\Windows\System32\winspool.drv -> [2009/06/20 17:28:30 | 00,258,048 | ---- | C] (Microsoft Corporation)clfs.sys -> C:\Windows\System32\clfs.sys -> [2009/06/20 17:28:30 | 00,245,736 | ---- | C] (Microsoft Corporation)pdh.dll -> C:\Windows\System32\pdh.dll -> [2009/06/20 17:28:30 | 00,242,176 | ---- | C] (Microsoft Corporation)dhcpcsvc.dll -> C:\Windows\System32\dhcpcsvc.dll -> [2009/06/20 17:28:30 | 00,204,288 | ---- | C] (Microsoft Corporation)partmgr.sys -> C:\Windows\System32\drivers\partmgr.sys -> [2009/06/20 17:28:30 | 00,054,248 | ---- | C] (Microsoft Corporation)SyncCenter.dll -> C:\Windows\System32\SyncCenter.dll -> [2009/06/20 17:28:29 | 02,205,184 | ---- | C] (Microsoft Corporation)wmpmde.dll -> C:\Windows\System32\wmpmde.dll -> [2009/06/20 17:28:29 | 00,867,328 | ---- | C] (Microsoft Corporation)sysmon.ocx -> C:\Windows\System32\sysmon.ocx -> [2009/06/20 17:28:29 | 00,389,632 | ---- | C] (Microsoft Corporation)winlogon.exe -> C:\Windows\System32\winlogon.exe -> [2009/06/20 17:28:29 | 00,314,368 | ---- | C] (Microsoft Corporation)SLUINotify.dll -> C:\Windows\System32\SLUINotify.dll -> [2009/06/20 17:28:29 | 00,060,928 | ---- | C] (Microsoft Corporation)certmgr.dll -> C:\Windows\System32\certmgr.dll -> [2009/06/20 17:28:28 | 01,502,720 | ---- | C] (Microsoft Corporation)sethc.exe -> C:\Windows\System32\sethc.exe -> [2009/06/20 17:28:28 | 00,627,200 | ---- | C] (Microsoft Corporation)comuid.dll -> C:\Windows\System32\comuid.dll -> [2009/06/20 17:28:28 | 00,593,408 | ---- | C] (Microsoft Corporation)WindowsCodecsExt.dll -> C:\Windows\System32\WindowsCodecsExt.dll -> [2009/06/20 17:28:28 | 00,347,648 | ---- | C] (Microsoft Corporation)ncrypt.dll -> C:\Windows\System32\ncrypt.dll -> [2009/06/20 17:28:28 | 00,204,288 | ---- | C] (Microsoft Corporation)iassam.dll -> C:\Windows\System32\iassam.dll -> [2009/06/20 17:28:28 | 00,182,272 | ---- | C] (Microsoft Corporation)scrobj.dll -> C:\Windows\System32\scrobj.dll -> [2009/06/20 17:28:28 | 00,180,224 | ---- | C] (Microsoft Corporation)spp.dll -> C:\Windows\System32\spp.dll -> [2009/06/20 17:28:28 | 00,142,336 | ---- | C] (Microsoft Corporation)disk.sys -> C:\Windows\System32\drivers\disk.sys -> [2009/06/20 17:28:28 | 00,053,736 | ---- | C] (Microsoft Corporation)mup.sys -> C:\Windows\System32\drivers\mup.sys -> [2009/06/20 17:28:28 | 00,048,104 | ---- | C] (Microsoft Corporation)kd1394.dll -> C:\Windows\System32\kd1394.dll -> [2009/06/20 17:28:28 | 00,017,896 | ---- | C] (Microsoft Corporation)autochk.exe -> C:\Windows\System32\autochk.exe -> [2009/06/20 17:28:27 | 00,643,072 | ---- | C] (Microsoft Corporation)imkr80.ime -> C:\Windows\System32\imkr80.ime -> [2009/06/20 17:28:27 | 00,413,696 | ---- | C] (Microsoft Corporation)untfs.dll -> C:\Windows\System32\untfs.dll -> [2009/06/20 17:28:27 | 00,324,096 | ---- | C] (Microsoft Corporation)volmgrx.sys -> C:\Windows\System32\drivers\volmgrx.sys -> [2009/06/20 17:28:27 | 00,292,840 | ---- | C] (Microsoft Corporation)taskcomp.dll -> C:\Windows\System32\taskcomp.dll -> [2009/06/20 17:28:27 | 00,270,336 | ---- | C] (Microsoft Corporation)wisptis.exe -> C:\Windows\System32\wisptis.exe -> [2009/06/20 17:28:27 | 00,244,224 | ---- | C] (Microsoft Corporation)FWPKCLNT.SYS -> C:\Windows\System32\drivers\FWPKCLNT.SYS -> [2009/06/20 17:28:27 | 00,099,816 | ---- | C] (Microsoft Corporation)dwm.exe -> C:\Windows\System32\dwm.exe -> [2009/06/20 17:28:27 | 00,081,920 | ---- | C] (Microsoft Corporation)rtutils.dll -> C:\Windows\System32\rtutils.dll -> [2009/06/20 17:28:27 | 00,036,352 | ---- | C] (Microsoft Corporation)printui.dll -> C:\Windows\System32\printui.dll -> [2009/06/20 17:28:26 | 00,869,888 | ---- | C] (Microsoft Corporation)autoconv.exe -> C:\Windows\System32\autoconv.exe -> [2009/06/20 17:28:26 | 00,656,896 | ---- | C] (Microsoft Corporation)winsrv.dll -> C:\Windows\System32\winsrv.dll -> [2009/06/20 17:28:26 | 00,375,808 | ---- | C] (Microsoft Corporation)volsnap.sys -> C:\Windows\System32\drivers\volsnap.sys -> [2009/06/20 17:28:26 | 00,226,280 | ---- | C] (Microsoft Corporation)fltMgr.sys -> C:\Windows\System32\drivers\fltMgr.sys -> [2009/06/20 17:28:26 | 00,190,424 | ---- | C] (Microsoft Corporation)msrpc.sys -> C:\Windows\System32\drivers\msrpc.sys -> [2009/06/20 17:28:26 | 00,161,752 | ---- | C] (Microsoft Corporation)iasnap.dll -> C:\Windows\System32\iasnap.dll -> [2009/06/20 17:28:26 | 00,150,528 | ---- | C] (Microsoft Corporation)ecache.sys -> C:\Windows\System32\drivers\ecache.sys -> [2009/06/20 17:28:26 | 00,141,288 | ---- | C] (Microsoft Corporation)onex.dll -> C:\Windows\System32\onex.dll -> [2009/06/20 17:28:25 | 01,541,120 | ---- | C] (Microsoft Corporation)cscript.exe -> C:\Windows\System32\cscript.exe -> [2009/06/20 17:28:25 | 00,135,168 | ---- | C] (Microsoft Corporation)basecsp.dll -> C:\Windows\System32\basecsp.dll -> [2009/06/20 17:28:25 | 00,130,024 | ---- | C] (Microsoft Corporation)Dumpata.sys -> C:\Windows\System32\drivers\Dumpata.sys -> [2009/06/20 17:28:25 | 00,027,624 | ---- | C] (Microsoft Corporation)kdcom.dll -> C:\Windows\System32\kdcom.dll -> [2009/06/20 17:28:25 | 00,017,384 | ---- | C] (Microsoft Corporation)wow32.dll -> C:\Windows\System32\wow32.dll -> [2009/06/20 17:28:24 | 00,273,920 | ---- | C] (Microsoft Corporation)mswsock.dll -> C:\Windows\System32\mswsock.dll -> [2009/06/20 17:28:24 | 00,223,232 | ---- | C] (Microsoft Corporation)osk.exe -> C:\Windows\System32\osk.exe -> [2009/06/20 17:28:24 | 00,182,272 | ---- | C] (Microsoft Corporation)userenv.dll -> C:\Windows\System32\userenv.dll -> [2009/06/20 17:28:24 | 00,108,544 | ---- | C] (Microsoft Corporation)audiodg.exe -> C:\Windows\System32\audiodg.exe -> [2009/06/20 17:28:24 | 00,088,576 | ---- | C] (Microsoft Corporation)RelMon.dll -> C:\Windows\System32\RelMon.dll -> [2009/06/20 17:28:23 | 00,340,992 | ---- | C] (Microsoft Corporation)winmm.dll -> C:\Windows\System32\winmm.dll -> [2009/06/20 17:28:23 | 00,189,952 | ---- | C] (Microsoft Corporation)netbt.sys -> C:\Windows\System32\drivers\netbt.sys -> [2009/06/20 17:28:23 | 00,185,856 | ---- | C] (Microsoft Corporation)kdusb.dll -> C:\Windows\System32\kdusb.dll -> [2009/06/20 17:28:23 | 00,019,944 | ---- | C] (Microsoft Corporation)spcmsg.dll -> C:\Windows\System32\spcmsg.dll -> [2009/06/20 17:28:23 | 00,013,312 | ---- | C] (Microsoft Corporation)WerFaultSecure.exe -> C:\Windows\System32\WerFaultSecure.exe -> [2009/06/20 17:28:22 | 00,860,160 | ---- | C] (Microsoft Corporation)rdpencom.dll -> C:\Windows\System32\rdpencom.dll -> [2009/06/20 17:28:22 | 00,612,864 | ---- | C] (Microsoft Corporation)msftedit.dll -> C:\Windows\System32\msftedit.dll -> [2009/06/20 17:28:22 | 00,564,224 | ---- | C] (Microsoft Corporation)offfilt.dll -> C:\Windows\System32\offfilt.dll -> [2009/06/20 17:28:22 | 00,194,560 | ---- | C] (Microsoft Corporation)WinSCard.dll -> C:\Windows\System32\WinSCard.dll -> [2009/06/20 17:28:22 | 00,115,712 | ---- | C] (Microsoft Corporation)dnsrslvr.dll -> C:\Windows\System32\dnsrslvr.dll -> [2009/06/20 17:28:22 | 00,086,528 | ---- | C] (Microsoft Corporation)Utilman.exe -> C:\Windows\System32\Utilman.exe -> [2009/06/20 17:28:21 | 00,638,976 | ---- | C] (Microsoft Corporation)WerFault.exe -> C:\Windows\System32\WerFault.exe -> [2009/06/20 17:28:21 | 00,217,088 | ---- | C] (Microsoft Corporation)secproc_ssp.dll -> C:\Windows\System32\secproc_ssp.dll -> [2009/06/20 17:28:21 | 00,152,064 | ---- | C] (Microsoft Corporation)bthenum.sys -> C:\Windows\System32\drivers\bthenum.sys -> [2009/06/20 17:28:21 | 00,022,528 | ---- | C] (Microsoft Corporation)mcmde.dll -> C:\Windows\System32\mcmde.dll -> [2009/06/20 17:28:20 | 00,852,992 | ---- | C] (Microsoft Corporation)stobject.dll -> C:\Windows\System32\stobject.dll -> [2009/06/20 17:28:20 | 00,586,752 | ---- | C] (Microsoft Corporation)prnntfy.dll -> C:\Windows\System32\prnntfy.dll -> [2009/06/20 17:28:20 | 00,551,936 | ---- | C] (Microsoft Corporation)mscms.dll -> C:\Windows\System32\mscms.dll -> [2009/06/20 17:28:20 | 00,391,680 | ---- | C] (Microsoft Corporation)diskraid.exe -> C:\Windows\System32\diskraid.exe -> [2009/06/20 17:28:20 | 00,230,912 | ---- | C] (Microsoft Corporation)mfplat.dll -> C:\Windows\System32\mfplat.dll -> [2009/06/20 17:28:20 | 00,208,896 | ---- | C] (Microsoft Corporation)SndVol.exe -> C:\Windows\System32\SndVol.exe -> [2009/06/20 17:28:20 | 00,197,632 | ---- | C] (Microsoft Corporation)msnetobj.dll -> C:\Windows\System32\msnetobj.dll -> [2009/06/20 17:28:20 | 00,179,712 | ---- | C] (Microsoft Corporation)apphelp.dll -> C:\Windows\System32\apphelp.dll -> [2009/06/20 17:28:20 | 00,171,008 | ---- | C] (Microsoft Corporation)secproc_ssp_isv.dll -> C:\Windows\System32\secproc_ssp_isv.dll -> [2009/06/20 17:28:20 | 00,152,576 | ---- | C] (Microsoft Corporation)mrxsmb.sys -> C:\Windows\System32\drivers\mrxsmb.sys -> [2009/06/20 17:28:20 | 00,105,984 | ---- | C] (Microsoft Corporation)sysclass.dll -> C:\Windows\System32\sysclass.dll -> [2009/06/20 17:28:20 | 00,103,936 | ---- | C] (Microsoft Corporation)adsmsext.dll -> C:\Windows\System32\adsmsext.dll -> [2009/06/20 17:28:20 | 00,075,264 | ---- | C] (Microsoft Corporation)wsepno.dll -> C:\Windows\System32\wsepno.dll -> [2009/06/20 17:28:20 | 00,029,184 | ---- | C] (Microsoft Corporation)wiaservc.dll -> C:\Windows\System32\wiaservc.dll -> [2009/06/20 17:28:19 | 00,453,120 | ---- | C] (Microsoft Corporation)http.sys -> C:\Windows\System32\drivers\http.sys -> [2009/06/20 17:28:19 | 00,401,408 | ---- | C] (Microsoft Corporation)wscript.exe -> C:\Windows\System32\wscript.exe -> [2009/06/20 17:28:19 | 00,155,648 | ---- | C] (Microsoft Corporation)odbccp32.dll -> C:\Windows\System32\odbccp32.dll -> [2009/06/20 17:28:19 | 00,114,688 | ---- | C] (Microsoft Corporation)ulib.dll -> C:\Windows\System32\ulib.dll -> [2009/06/20 17:28:19 | 00,099,840 | ---- | C] (Microsoft Corporation)srvnet.sys -> C:\Windows\System32\drivers\srvnet.sys -> [2009/06/20 17:28:19 | 00,098,816 | ---- | C] (Microsoft Corporation)secur32.dll -> C:\Windows\System32\secur32.dll -> [2009/06/20 17:28:19 | 00,072,704 | ---- | C] (Microsoft Corporation)iasdatastore.dll -> C:\Windows\System32\iasdatastore.dll -> [2009/06/20 17:28:19 | 00,047,104 | ---- | C] (Microsoft Corporation)cryptui.dll -> C:\Windows\System32\cryptui.dll -> [2009/06/20 17:28:18 | 00,971,264 | ---- | C] (Microsoft Corporation)dsound.dll -> C:\Windows\System32\dsound.dll -> [2009/06/20 17:28:18 | 00,444,416 | ---- | C] (Microsoft Corporation)wscntfy.dll -> C:\Windows\System32\wscntfy.dll -> [2009/06/20 17:28:18 | 00,223,744 | ---- | C] (Microsoft Corporation)IPHLPAPI.DLL -> C:\Windows\System32\IPHLPAPI.DLL -> [2009/06/20 17:28:18 | 00,091,648 | ---- | C] (Microsoft Corporation)rastapi.dll -> C:\Windows\System32\rastapi.dll -> [2009/06/20 17:28:18 | 00,069,632 | ---- | C] (Microsoft Corporation)brcpl.dll -> C:\Windows\System32\brcpl.dll -> [2009/06/20 17:28:17 | 01,342,464 | ---- | C] (Microsoft Corporation)ipsecsnp.dll -> C:\Windows\System32\ipsecsnp.dll -> [2009/06/20 17:28:17 | 00,759,296 | ---- | C] (Microsoft Corporation)wlansvc.dll -> C:\Windows\System32\wlansvc.dll -> [2009/06/20 17:28:17 | 00,514,048 | ---- | C] (Microsoft Corporation)vdsdyn.dll -> C:\Windows\System32\vdsdyn.dll -> [2009/06/20 17:28:17 | 00,507,904 | ---- | C] (Microsoft Corporation)wlangpui.dll -> C:\Windows\System32\wlangpui.dll -> [2009/06/20 17:28:17 | 00,399,360 | ---- | C] (Microsoft Corporation)rastls.dll -> C:\Windows\System32\rastls.dll -> [2009/06/20 17:28:17 | 00,244,224 | ---- | C] (Microsoft Corporation)pnpsetup.dll -> C:\Windows\System32\pnpsetup.dll -> [2009/06/20 17:28:17 | 00,181,760 | ---- | C] (Microsoft Corporation)diskpart.exe -> C:\Windows\System32\diskpart.exe -> [2009/06/20 17:28:17 | 00,119,808 | ---- | C] (Microsoft Corporation)gpapi.dll -> C:\Windows\System32\gpapi.dll -> [2009/06/20 17:28:17 | 00,075,264 | ---- | C] (Microsoft Corporation)iashlpr.dll -> C:\Windows\System32\iashlpr.dll -> [2009/06/20 17:28:17 | 00,070,656 | ---- | C] (Microsoft Corporation)wscsvc.dll -> C:\Windows\System32\wscsvc.dll -> [2009/06/20 17:28:17 | 00,061,440 | ---- | C] (Microsoft Corporation)fdProxy.dll -> C:\Windows\System32\fdProxy.dll -> [2009/06/20 17:28:17 | 00,024,064 | ---- | C] (Microsoft Corporation)WMVENCOD.DLL -> C:\Windows\System32\WMVENCOD.DLL -> [2009/06/20 17:28:16 | 01,575,936 | ---- | C] (Microsoft Corporation)rasapi32.dll -> C:\Windows\System32\rasapi32.dll -> [2009/06/20 17:28:16 | 00,286,720 | ---- | C] (Microsoft Corporation)ntprint.dll -> C:\Windows\System32\ntprint.dll -> [2009/06/20 17:28:16 | 00,216,064 | ---- | C] (Microsoft Corporation)mscorier.dll -> C:\Windows\System32\mscorier.dll -> [2009/06/20 17:28:16 | 00,155,456 | ---- | C] (Microsoft Corporation)regsvc.dll -> C:\Windows\System32\regsvc.dll -> [2009/06/20 17:28:16 | 00,107,008 | ---- | C] (Microsoft Corporation)netiohlp.dll -> C:\Windows\System32\netiohlp.dll -> [2009/06/20 17:28:16 | 00,104,448 | ---- | C] (Microsoft Corporation)mrxsmb20.sys -> C:\Windows\System32\drivers\mrxsmb20.sys -> [2009/06/20 17:28:16 | 00,079,360 | ---- | C] (Microsoft Corporation)logman.exe -> C:\Windows\System32\logman.exe -> [2009/06/20 17:28:16 | 00,057,344 | ---- | C] (Microsoft Corporation)wpccpl.dll -> C:\Windows\System32\wpccpl.dll -> [2009/06/20 17:28:15 | 01,580,544 | ---- | C] (Microsoft Corporation)zipfldr.dll -> C:\Windows\System32\zipfldr.dll -> [2009/06/20 17:28:15 | 00,342,528 | ---- | C] (Microsoft Corporation)iasrad.dll -> C:\Windows\System32\iasrad.dll -> [2009/06/20 17:28:15 | 00,158,208 | ---- | C] (Microsoft Corporation)wusa.exe -> C:\Windows\System32\wusa.exe -> [2009/06/20 17:28:15 | 00,140,800 | ---- | C] (Microsoft Corporation)wshext.dll -> C:\Windows\System32\wshext.dll -> [2009/06/20 17:28:15 | 00,090,112 | ---- | C] (Microsoft Corporation)findstr.exe -> C:\Windows\System32\findstr.exe -> [2009/06/20 17:28:15 | 00,060,928 | ---- | C] (Microsoft Corporation)netcenter.dll -> C:\Windows\System32\netcenter.dll -> [2009/06/20 17:28:14 | 02,225,664 | ---- | C] (Microsoft Corporation)themecpl.dll -> C:\Windows\System32\themecpl.dll -> [2009/06/20 17:28:14 | 01,152,000 | ---- | C] (Microsoft Corporation)wer.dll -> C:\Windows\System32\wer.dll -> [2009/06/20 17:28:14 | 00,876,032 | ---- | C] (Microsoft Corporation)rasdlg.dll -> C:\Windows\System32\rasdlg.dll -> [2009/06/20 17:28:14 | 00,825,856 | ---- | C] (Microsoft Corporation)iassvcs.dll -> C:\Windows\System32\iassvcs.dll -> [2009/06/20 17:28:14 | 00,076,288 | ---- | C] (Microsoft Corporation)wsnmp32.dll -> C:\Windows\System32\wsnmp32.dll -> [2009/06/20 17:28:14 | 00,050,688 | ---- | C] (Microsoft Corporation)usbehci.sys -> C:\Windows\System32\drivers\usbehci.sys -> [2009/06/20 17:28:14 | 00,039,936 | ---- | C] (Microsoft Corporation)timedate.cpl -> C:\Windows\System32\timedate.cpl -> [2009/06/20 17:28:13 | 00,714,240 | ---- | C] (Microsoft Corporation)wshom.ocx -> C:\Windows\System32\wshom.ocx -> [2009/06/20 17:28:13 | 00,135,168 | ---- | C] (Microsoft Corporation)srvsvc.dll -> C:\Windows\System32\srvsvc.dll -> [2009/06/20 17:28:13 | 00,122,880 | ---- | C] (Microsoft Corporation)mssprxy.dll -> C:\Windows\System32\mssprxy.dll -> [2009/06/20 17:28:13 | 00,033,280 | ---- | C] (Microsoft Corporation)uxsms.dll -> C:\Windows\System32\uxsms.dll -> [2009/06/20 17:28:13 | 00,029,184 | ---- | C] (Microsoft Corporation)slcc.dll -> C:\Windows\System32\slcc.dll -> [2009/06/20 17:28:12 | 00,777,216 | ---- | C] (Microsoft Corporation)scansetting.dll -> C:\Windows\System32\scansetting.dll -> [2009/06/20 17:28:12 | 00,245,760 | ---- | C] (Microsoft Corporation)msutb.dll -> C:\Windows\System32\msutb.dll -> [2009/06/20 17:28:12 | 00,163,328 | ---- | C] (Microsoft Corporation)ntmarta.dll -> C:\Windows\System32\ntmarta.dll -> [2009/06/20 17:28:12 | 00,121,344 | ---- | C] (Microsoft Corporation)mstlsapi.dll -> C:\Windows\System32\mstlsapi.dll -> [2009/06/20 17:28:12 | 00,084,992 | ---- | C] (Microsoft Corporation)iasads.dll -> C:\Windows\System32\iasads.dll -> [2009/06/20 17:28:12 | 00,057,344 | ---- | C] (Microsoft Corporation)tsbyuv.dll -> C:\Windows\System32\tsbyuv.dll -> [2009/06/20 17:28:12 | 00,012,288 | ---- | C] (Microsoft Corporation)mstsc.exe -> C:\Windows\System32\mstsc.exe -> [2009/06/20 17:28:11 | 00,678,400 | ---- | C] (Microsoft Corporation)ks.sys -> C:\Windows\System32\drivers\ks.sys -> [2009/06/20 17:28:11 | 00,149,504 | ---- | C] (Microsoft Corporation)powrprof.dll -> C:\Windows\System32\powrprof.dll -> [2009/06/20 17:28:11 | 00,098,816 | ---- | C] (Microsoft Corporation)networkmap.dll -> C:\Windows\System32\networkmap.dll -> [2009/06/20 17:28:10 | 03,072,000 | ---- | C] (Microsoft Corporation)powercpl.dll -> C:\Windows\System32\powercpl.dll -> [2009/06/20 17:28:10 | 00,723,968 | ---- | C] (Microsoft Corporation)iasacct.dll -> C:\Windows\System32\iasacct.dll -> [2009/06/20 17:28:10 | 00,058,880 | ---- | C] (Microsoft Corporation)connect.dll -> C:\Windows\System32\connect.dll -> [2009/06/20 17:28:09 | 01,645,568 | ---- | C] (Microsoft Corporation)PerfCenterCPL.dll -> C:\Windows\System32\PerfCenterCPL.dll -> [2009/06/20 17:28:09 | 01,248,768 | ---- | C] (Microsoft Corporation)dot3svc.dll -> C:\Windows\System32\dot3svc.dll -> [2009/06/20 17:28:09 | 00,175,616 | ---- | C] (Microsoft Corporation)authz.dll -> C:\Windows\System32\authz.dll -> [2009/06/20 17:28:09 | 00,079,872 | ---- | C] (Microsoft Corporation)newdev.exe -> C:\Windows\System32\newdev.exe -> [2009/06/20 17:28:09 | 00,074,752 | ---- | C] (Microsoft Corporation)wlanhlp.dll -> C:\Windows\System32\wlanhlp.dll -> [2009/06/20 17:28:09 | 00,068,096 | ---- | C] (Microsoft Corporation)accessibilitycpl.dll -> C:\Windows\System32\accessibilitycpl.dll -> [2009/06/20 17:28:08 | 02,515,968 | ---- | C] (Microsoft Corporation)sud.dll -> C:\Windows\System32\sud.dll -> [2009/06/20 17:28:08 | 01,224,192 | ---- | C] (Microsoft Corporation)systemcpl.dll -> C:\Windows\System32\systemcpl.dll -> [2009/06/20 17:28:08 | 00,842,240 | ---- | C] (Microsoft Corporation)themeui.dll -> C:\Windows\System32\themeui.dll -> [2009/06/20 17:28:08 | 00,615,424 | ---- | C] (Microsoft Corporation)pcaui.dll -> C:\Windows\System32\pcaui.dll -> [2009/06/20 17:28:08 | 00,464,384 | ---- | C] (Microsoft Corporation)samlib.dll -> C:\Windows\System32\samlib.dll -> [2009/06/20 17:28:08 | 00,057,344 | ---- | C] (Microsoft Corporation)kbdhid.sys -> C:\Windows\System32\drivers\kbdhid.sys -> [2009/06/20 17:28:08 | 00,017,408 | ---- | C] (Microsoft Corporation)usercpl.dll -> C:\Windows\System32\usercpl.dll -> [2009/06/20 17:28:07 | 01,123,840 | ---- | C] (Microsoft Corporation)autoplay.dll -> C:\Windows\System32\autoplay.dll -> [2009/06/20 17:28:07 | 00,516,608 | ---- | C] (Microsoft Corporation)qdvd.dll -> C:\Windows\System32\qdvd.dll -> [2009/06/20 17:28:07 | 00,497,152 | ---- | C] (Microsoft Corporation)mmci.dll -> C:\Windows\System32\mmci.dll -> [2009/06/20 17:28:07 | 00,052,224 | ---- | C] (Microsoft Corporation)wlanpref.dll -> C:\Windows\System32\wlanpref.dll -> [2009/06/20 17:28:06 | 01,671,680 | ---- | C] (Microsoft Corporation)wpcao.dll -> C:\Windows\System32\wpcao.dll -> [2009/06/20 17:28:06 | 00,532,992 | ---- | C] (Microsoft Corporation)msinfo32.exe -> C:\Windows\System32\msinfo32.exe -> [2009/06/20 17:28:06 | 00,408,064 | ---- | C] (Microsoft Corporation)vdsutil.dll -> C:\Windows\System32\vdsutil.dll -> [2009/06/20 17:28:06 | 00,128,000 | ---- | C] (Microsoft Corporation)rpchttp.dll -> C:\Windows\System32\rpchttp.dll -> [2009/06/20 17:28:06 | 00,127,488 | ---- | C] (Microsoft Corporation)pintlgnt.ime -> C:\Windows\System32\pintlgnt.ime -> [2009/06/20 17:28:06 | 00,089,088 | ---- | C] (Microsoft Corporation)regapi.dll -> C:\Windows\System32\regapi.dll -> [2009/06/20 17:28:06 | 00,067,584 | ---- | C] (Microsoft Corporation)BTHUSB.SYS -> C:\Windows\System32\drivers\BTHUSB.SYS -> [2009/06/20 17:28:06 | 00,029,696 | ---- | C] (Microsoft Corporation)scesrv.dll -> C:\Windows\System32\scesrv.dll -> [2009/06/20 17:28:05 | 00,306,176 | ---- | C] (Microsoft Corporation)psisdecd.dll -> C:\Windows\System32\psisdecd.dll -> [2009/06/20 17:28:05 | 00,293,376 | ---- | C] (Microsoft Corporation)tapisrv.dll -> C:\Windows\System32\tapisrv.dll -> [2009/06/20 17:28:05 | 00,242,688 | ---- | C] (Microsoft Corporation)scksp.dll -> C:\Windows\System32\scksp.dll -> [2009/06/20 17:28:05 | 00,140,288 | ---- | C] (Microsoft Corporation)exfat.sys -> C:\Windows\System32\drivers\exfat.sys -> [2009/06/20 17:28:05 | 00,136,704 | ---- | C] (Microsoft Corporation)AudioSes.dll -> C:\Windows\System32\AudioSes.dll -> [2009/06/20 17:28:05 | 00,115,712 | ---- | C] (Microsoft Corporation)imm32.dll -> C:\Windows\System32\imm32.dll -> [2009/06/20 17:28:05 | 00,114,688 | ---- | C] (Microsoft Corporation)oleprn.dll -> C:\Windows\System32\oleprn.dll -> [2009/06/20 17:28:05 | 00,097,792 | ---- | C] (Microsoft Corporation)mpr.dll -> C:\Windows\System32\mpr.dll -> [2009/06/20 17:28:05 | 00,068,608 | ---- | C] (Microsoft Corporation)feclient.dll -> C:\Windows\System32\feclient.dll -> [2009/06/20 17:28:05 | 00,054,272 | ---- | C] (Microsoft Corporation)wscui.cpl -> C:\Windows\System32\wscui.cpl -> [2009/06/20 17:28:04 | 01,689,600 | ---- | C] (Microsoft Corporation)sdclt.exe -> C:\Windows\System32\sdclt.exe -> [2009/06/20 17:28:04 | 01,169,408 | ---- | C] (Microsoft Corporation)mmsys.cpl -> C:\Windows\System32\mmsys.cpl -> [2009/06/20 17:28:04 | 01,102,848 | ---- | C] (Microsoft Corporation)dpapimig.exe -> C:\Windows\System32\dpapimig.exe -> [2009/06/20 17:28:04 | 00,407,040 | ---- | C] (Microsoft Corporation)Faultrep.dll -> C:\Windows\System32\Faultrep.dll -> [2009/06/20 17:28:04 | 00,147,456 | ---- | C] (Microsoft Corporation)dot3msm.dll -> C:\Windows\System32\dot3msm.dll -> [2009/06/20 17:28:04 | 00,075,264 | ---- | C] (Microsoft Corporation)rekeywiz.exe -> C:\Windows\System32\rekeywiz.exe -> [2009/06/20 17:28:04 | 00,043,520 | ---- | C] (Microsoft Corporation)iaspolcy.dll -> C:\Windows\System32\iaspolcy.dll -> [2009/06/20 17:28:04 | 00,033,792 | ---- | C] (Microsoft Corporation)DeviceEject.exe -> C:\Windows\System32\DeviceEject.exe -> [2009/06/20 17:28:04 | 00,026,112 | ---- | C] (Microsoft Corporation)wscisvif.dll -> C:\Windows\System32\wscisvif.dll -> [2009/06/20 17:28:04 | 00,017,920 | ---- | C] (Microsoft Corporation)rasgcw.dll -> C:\Windows\System32\rasgcw.dll -> [2009/06/20 17:28:03 | 00,642,560 | ---- | C] (Microsoft Corporation)FWPUCLNT.DLL -> C:\Windows\System32\FWPUCLNT.DLL -> [2009/06/20 17:28:03 | 00,595,456 | ---- | C] (Microsoft Corporation)pnpui.dll -> C:\Windows\System32\pnpui.dll -> [2009/06/20 17:28:03 | 00,542,208 | ---- | C] (Microsoft Corporation)qedit.dll -> C:\Windows\System32\qedit.dll -> [2009/06/20 17:28:03 | 00,505,344 | ---- | C] (Microsoft Corporation)ncryptui.dll -> C:\Windows\System32\ncryptui.dll -> [2009/06/20 17:28:03 | 00,445,952 | ---- | C] (Microsoft Corporation)rasplap.dll -> C:\Windows\System32\rasplap.dll -> [2009/06/20 17:28:03 | 00,376,832 | ---- | C] (Microsoft Corporation)certreq.exe -> C:\Windows\System32\certreq.exe -> [2009/06/20 17:28:03 | 00,215,552 | ---- | C] (Microsoft Corporation)scecli.dll -> C:\Windows\System32\scecli.dll -> [2009/06/20 17:28:03 | 00,177,152 | ---- | C] (Microsoft Corporation)SmartcardCredentialProvider.dll -> C:\Windows\System32\SmartcardCredentialProvider.dll -> [2009/06/20 17:28:03 | 00,134,656 | ---- | C] (Microsoft Corporation)hdwwiz.exe -> C:\Windows\System32\hdwwiz.exe -> [2009/06/20 17:28:03 | 00,080,384 | ---- | C] (Microsoft Corporation)TSTheme.exe -> C:\Windows\System32\TSTheme.exe -> [2009/06/20 17:28:03 | 00,038,400 | ---- | C] (Microsoft Corporation)perfdisk.dll -> C:\Windows\System32\perfdisk.dll -> [2009/06/20 17:28:03 | 00,031,744 | ---- | C] (Microsoft Corporation)spwinsat.dll -> C:\Windows\System32\spwinsat.dll -> [2009/06/20 17:28:03 | 00,011,776 | ---- | C] (Microsoft Corporation)cmdial32.dll -> C:\Windows\System32\cmdial32.dll -> [2009/06/20 17:28:02 | 00,481,792 | ---- | C] (Microsoft Corporation)srcore.dll -> C:\Windows\System32\srcore.dll -> [2009/06/20 17:28:02 | 00,378,368 | ---- | C] (Microsoft Corporation)tcpipcfg.dll -> C:\Windows\System32\tcpipcfg.dll -> [2009/06/20 17:28:02 | 00,170,496 | ---- | C] (Microsoft Corporation)portcls.sys -> C:\Windows\System32\drivers\portcls.sys -> [2009/06/20 17:28:02 | 00,167,936 | ---- | C] (Microsoft Corporation)tcpmon.dll -> C:\Windows\System32\tcpmon.dll -> [2009/06/20 17:28:02 | 00,135,168 | ---- | C] (Microsoft Corporation)fdWSD.dll -> C:\Windows\System32\fdWSD.dll -> [2009/06/20 17:28:02 | 00,067,072 | ---- | C] (Microsoft Corporation)PnPUnattend.exe -> C:\Windows\System32\PnPUnattend.exe -> [2009/06/20 17:28:02 | 00,058,368 | ---- | C] (Microsoft Corporation)cmmon32.exe -> C:\Windows\System32\cmmon32.exe -> [2009/06/20 17:28:02 | 00,049,152 | ---- | C] (Microsoft Corporation)whealogr.dll -> C:\Windows\System32\whealogr.dll -> [2009/06/20 17:28:02 | 00,031,232 | ---- | C] (Microsoft Corporation)USBCAMD2.sys -> C:\Windows\System32\drivers\USBCAMD2.sys -> [2009/06/20 17:28:02 | 00,025,856 | ---- | C] (Microsoft Corporation)USBCAMD.sys -> C:\Windows\System32\drivers\USBCAMD.sys -> [2009/06/20 17:28:02 | 00,025,856 | ---- | C] (Microsoft Corporation)MSVidCtl.dll -> C:\Windows\System32\MSVidCtl.dll -> [2009/06/20 17:28:01 | 01,544,704 | ---- | C] (Microsoft Corporation)raschap.dll -> C:\Windows\System32\raschap.dll -> [2009/06/20 17:28:01 | 00,281,088 | ---- | C] (Microsoft Corporation)SnippingTool.exe -> C:\Windows\System32\SnippingTool.exe -> [2009/06/20 17:28:01 | 00,275,968 | ---- | C] (Microsoft Corporation)afd.sys -> C:\Windows\System32\drivers\afd.sys -> [2009/06/20 17:28:01 | 00,273,920 | ---- | C] (Microsoft Corporation)wdmaud.drv -> C:\Windows\System32\wdmaud.drv -> [2009/06/20 17:28:01 | 00,167,424 | ---- | C] (Microsoft Corporation)fontext.dll -> C:\Windows\System32\fontext.dll -> [2009/06/20 17:28:01 | 00,142,336 | ---- | C] (Microsoft Corporation)SCardSvr.dll -> C:\Windows\System32\SCardSvr.dll -> [2009/06/20 17:28:01 | 00,095,232 | ---- | C] (Microsoft Corporation)conime.exe -> C:\Windows\System32\conime.exe -> [2009/06/20 17:28:01 | 00,069,120 | ---- | C] (Microsoft Corporation)tcpipreg.sys -> C:\Windows\System32\drivers\tcpipreg.sys -> [2009/06/20 17:28:01 | 00,030,720 | ---- | C] (Microsoft Corporation)WMVXENCD.DLL -> C:\Windows\System32\WMVXENCD.DLL -> [2009/06/20 17:28:00 | 00,657,408 | ---- | C] (Microsoft Corporation)wiaaut.dll -> C:\Windows\System32\wiaaut.dll -> [2009/06/20 17:28:00 | 00,547,840 | ---- | C] (Microsoft Corporation)unimdm.tsp -> C:\Windows\System32\unimdm.tsp -> [2009/06/20 17:28:00 | 00,280,064 | ---- | C] (Microsoft Corporation)rasppp.dll -> C:\Windows\System32\rasppp.dll -> [2009/06/20 17:28:00 | 00,259,584 | ---- | C] (Microsoft Corporation)wlanui.dll -> C:\Windows\System32\wlanui.dll -> [2009/06/20 17:28:00 | 00,202,752 | ---- | C] (Microsoft Corporation)dsprop.dll -> C:\Windows\System32\dsprop.dll -> [2009/06/20 17:28:00 | 00,137,728 | ---- | C] (Microsoft Corporation)npfs.sys -> C:\Windows\System32\drivers\npfs.sys -> [2009/06/20 17:28:00 | 00,035,328 | ---- | C] (Microsoft Corporation)PnPutil.exe -> C:\Windows\System32\PnPutil.exe -> [2009/06/20 17:28:00 | 00,033,280 | ---- | C] (Microsoft Corporation)oobefldr.dll -> C:\Windows\System32\oobefldr.dll -> [2009/06/20 17:27:59 | 02,153,472 | ---- | C] (Microsoft Corporation)shwebsvc.dll -> C:\Windows\System32\shwebsvc.dll -> [2009/06/20 17:27:59 | 00,425,472 | ---- | C] (Microsoft Corporation)wlanmsm.dll -> C:\Windows\System32\wlanmsm.dll -> [2009/06/20 17:27:59 | 00,293,376 | ---- | C] (Microsoft Corporation)shsetup.dll -> C:\Windows\System32\shsetup.dll -> [2009/06/20 17:27:59 | 00,101,376 | ---- | C] (Microsoft Corporation)tdx.sys -> C:\Windows\System32\drivers\tdx.sys -> [2009/06/20 17:27:59 | 00,072,192 | ---- | C] (Microsoft Corporation)pacer.sys -> C:\Windows\System32\drivers\pacer.sys -> [2009/06/20 17:27:59 | 00,072,192 | ---- | C] (Microsoft Corporation)dimsroam.dll -> C:\Windows\System32\dimsroam.dll -> [2009/06/20 17:27:59 | 00,054,784 | ---- | C] (Microsoft Corporation)bthmodem.sys -> C:\Windows\System32\drivers\bthmodem.sys -> [2009/06/20 17:27:59 | 00,041,472 | ---- | C] (Microsoft Corporation)chtbrkr.dll -> C:\Windows\System32\chtbrkr.dll -> [2009/06/20 17:27:58 | 06,103,040 | ---- | C] (Microsoft Corporation)wmdrmsdk.dll -> C:\Windows\System32\wmdrmsdk.dll -> [2009/06/20 17:27:58 | 00,533,504 | ---- | C] (Microsoft Corporation)modemui.dll -> C:\Windows\System32\modemui.dll -> [2009/06/20 17:27:58 | 00,288,256 | ---- | C] (Microsoft Corporation)mscandui.dll -> C:\Windows\System32\mscandui.dll -> [2009/06/20 17:27:58 | 00,218,624 | ---- | C] (Microsoft Corporation)rasmontr.dll -> C:\Windows\System32\rasmontr.dll -> [2009/06/20 17:27:58 | 00,155,136 | ---- | C] (Microsoft Corporation)dataclen.dll -> C:\Windows\System32\dataclen.dll -> [2009/06/20 17:27:58 | 00,045,056 | ---- | C] (Microsoft Corporation)blackbox.dll -> C:\Windows\System32\blackbox.dll -> [2009/06/20 17:27:57 | 00,542,720 | ---- | C] (Microsoft Corporation)credui.dll -> C:\Windows\System32\credui.dll -> [2009/06/20 17:27:57 | 00,178,176 | ---- | C] (Microsoft Corporation)fastfat.sys -> C:\Windows\System32\drivers\fastfat.sys -> [2009/06/20 17:27:57 | 00,142,848 | ---- | C] (Microsoft Corporation)rdpwsx.dll -> C:\Windows\System32\rdpwsx.dll -> [2009/06/20 17:27:57 | 00,107,008 | ---- | C] (Microsoft Corporation)wlgpclnt.dll -> C:\Windows\System32\wlgpclnt.dll -> [2009/06/20 17:27:57 | 00,083,456 | ---- | C] (Microsoft Corporation)smss.exe -> C:\Windows\System32\smss.exe -> [2009/06/20 17:27:57 | 00,064,000 | ---- | C] (Microsoft Corporation)networkexplorer.dll -> C:\Windows\System32\networkexplorer.dll -> [2009/06/20 17:27:56 | 02,226,688 | ---- | C] (Microsoft Corporation)wmpeffects.dll -> C:\Windows\System32\wmpeffects.dll -> [2009/06/20 17:27:56 | 00,303,616 | ---- | C] (Microsoft Corporation)netplwiz.dll -> C:\Windows\System32\netplwiz.dll -> [2009/06/20 17:27:56 | 00,180,736 | ---- | C] (Microsoft Corporation)WSDMon.dll -> C:\Windows\System32\WSDMon.dll -> [2009/06/20 17:27:56 | 00,177,664 | ---- | C] (Microsoft Corporation)wpcsvc.dll -> C:\Windows\System32\wpcsvc.dll -> [2009/06/20 17:27:56 | 00,140,288 | ---- | C] (Microsoft Corporation)rmcast.sys -> C:\Windows\System32\drivers\rmcast.sys -> [2009/06/20 17:27:56 | 00,113,664 | ---- | C] (Microsoft Corporation)ohci1394.sys -> C:\Windows\System32\drivers\ohci1394.sys -> [2009/06/20 17:27:56 | 00,062,208 | ---- | C] (Microsoft Corporation)certprop.dll -> C:\Windows\System32\certprop.dll -> [2009/06/20 17:27:56 | 00,040,448 | ---- | C] (Microsoft Corporation)ifmon.dll -> C:\Windows\System32\ifmon.dll -> [2009/06/20 17:27:56 | 00,029,696 | ---- | C] (Microsoft Corporation)msscp.dll -> C:\Windows\System32\msscp.dll -> [2009/06/20 17:27:55 | 00,414,208 | ---- | C] (Microsoft Corporation)thawbrkr.dll -> C:\Windows\System32\thawbrkr.dll -> [2009/06/20 17:27:55 | 00,313,344 | ---- | C] (Microsoft Corporation)InkEd.dll -> C:\Windows\System32\InkEd.dll -> [2009/06/20 17:27:55 | 00,217,600 | ---- | C] (Microsoft Corporation)gpresult.exe -> C:\Windows\System32\gpresult.exe -> [2009/06/20 17:27:55 | 00,128,000 | ---- | C] (Microsoft Corporation)logagent.exe -> C:\Windows\System32\logagent.exe -> [2009/06/20 17:27:55 | 00,094,720 | ---- | C] (Microsoft Corporation)cipher.exe -> C:\Windows\System32\cipher.exe -> [2009/06/20 17:27:55 | 00,058,368 | ---- | C] (Microsoft Corporation)wscapi.dll -> C:\Windows\System32\wscapi.dll -> [2009/06/20 17:27:55 | 00,033,280 | ---- | C] (Microsoft Corporation)watchdog.sys -> C:\Windows\System32\drivers\watchdog.sys -> [2009/06/20 17:27:55 | 00,033,280 | ---- | C] (Microsoft Corporation)msimtf.dll -> C:\Windows\System32\msimtf.dll -> [2009/06/20 17:27:55 | 00,031,232 | ---- | C] (Microsoft Corporation)MediaMetadataHandler.dll -> C:\Windows\System32\MediaMetadataHandler.dll -> [2009/06/20 17:27:54 | 00,356,864 | ---- | C] (Microsoft Corporation)softkbd.dll -> C:\Windows\System32\softkbd.dll -> [2009/06/20 17:27:54 | 00,125,952 | ---- | C] (Microsoft Corporation)msctfui.dll -> C:\Windows\System32\msctfui.dll -> [2009/06/20 17:27:54 | 00,085,504 | ---- | C] (Microsoft Corporation)sendmail.dll -> C:\Windows\System32\sendmail.dll -> [2009/06/20 17:27:54 | 00,069,632 | ---- | C] (Microsoft Corporation)smb.sys -> C:\Windows\System32\drivers\smb.sys -> [2009/06/20 17:27:54 | 00,066,560 | ---- | C] (Microsoft Corporation)Apphlpdm.dll -> C:\Windows\System32\Apphlpdm.dll -> [2009/06/20 17:27:54 | 00,028,672 | ---- | C] (Microsoft Corporation)usbser.sys -> C:\Windows\System32\drivers\usbser.sys -> [2009/06/20 17:27:54 | 00,027,648 | ---- | C] (Microsoft Corporation)hidusb.sys -> C:\Windows\System32\drivers\hidusb.sys -> [2009/06/20 17:27:54 | 00,012,800 | ---- | C] (Microsoft Corporation)drmmgrtn.dll -> C:\Windows\System32\drmmgrtn.dll -> [2009/06/20 17:27:53 | 00,284,672 | ---- | C] (Microsoft Corporation)udfs.sys -> C:\Windows\System32\drivers\udfs.sys -> [2009/06/20 17:27:53 | 00,226,816 | ---- | C] (Microsoft Corporation)input.dll -> C:\Windows\System32\input.dll -> [2009/06/20 17:27:53 | 00,200,704 | ---- | C] (Microsoft Corporation)mpg2splt.ax -> C:\Windows\System32\mpg2splt.ax -> [2009/06/20 17:27:53 | 00,177,664 | ---- | C] (Microsoft Corporation)puiapi.dll -> C:\Windows\System32\puiapi.dll -> [2009/06/20 17:27:53 | 00,166,400 | ---- | C] (Microsoft Corporation)dmsynth.dll -> C:\Windows\System32\dmsynth.dll -> [2009/06/20 17:27:53 | 00,105,472 | ---- | C] (Microsoft Corporation)mprapi.dll -> C:\Windows\System32\mprapi.dll -> [2009/06/20 17:27:53 | 00,097,792 | ---- | C] (Microsoft Corporation)olepro32.dll -> C:\Windows\System32\olepro32.dll -> [2009/06/20 17:27:53 | 00,088,576 | ---- | C] (Microsoft Corporation)cdd.dll -> C:\Windows\System32\cdd.dll -> [2009/06/20 17:27:53 | 00,037,376 | ---- | C] (Microsoft Corporation)ExplorerFrame.dll -> C:\Windows\System32\ExplorerFrame.dll -> [2009/06/20 17:27:53 | 00,020,992 | ---- | C] (Microsoft Corporation)version.dll -> C:\Windows\System32\version.dll -> [2009/06/20 17:27:53 | 00,020,480 | ---- | C] (Microsoft Corporation)SLLUA.exe -> C:\Windows\System32\SLLUA.exe -> [2009/06/20 17:27:52 | 00,185,856 | ---- | C] (Microsoft Corporation)rdpwd.sys -> C:\Windows\System32\drivers\rdpwd.sys -> [2009/06/20 17:27:52 | 00,180,736 | ---- | C] (Microsoft Corporation)MSNP.ax -> C:\Windows\System32\MSNP.ax -> [2009/06/20 17:27:52 | 00,080,896 | ---- | C] (Microsoft Corporation)fdSSDP.dll -> C:\Windows\System32\fdSSDP.dll -> [2009/06/20 17:27:52 | 00,068,096 | ---- | C] (Microsoft Corporation)wshbth.dll -> C:\Windows\System32\wshbth.dll -> [2009/06/20 17:27:52 | 00,034,304 | ---- | C] (Microsoft Corporation)fc.exe -> C:\Windows\System32\fc.exe -> [2009/06/20 17:27:52 | 00,019,968 | ---- | C] (Microsoft Corporation)msisip.dll -> C:\Windows\System32\msisip.dll -> [2009/06/20 17:27:52 | 00,016,384 | ---- | C] (Microsoft Corporation)eapp3hst.dll -> C:\Windows\System32\eapp3hst.dll -> [2009/06/20 17:27:51 | 00,187,904 | ---- | C] (Microsoft Corporation)tintlgnt.ime -> C:\Windows\System32\tintlgnt.ime -> [2009/06/20 17:27:51 | 00,125,952 | ---- | C] (Microsoft Corporation)ndiswan.sys -> C:\Windows\System32\drivers\ndiswan.sys -> [2009/06/20 17:27:51 | 00,121,344 | ---- | C] (Microsoft Corporation)dmusic.dll -> C:\Windows\System32\dmusic.dll -> [2009/06/20 17:27:51 | 00,101,888 | ---- | C] (Microsoft Corporation)PortableDeviceClassExtension.dll -> C:\Windows\System32\PortableDeviceClassExtension.dll -> [2009/06/20 17:27:51 | 00,094,720 | ---- | C] (Microsoft Corporation)rrinstaller.exe -> C:\Windows\System32\rrinstaller.exe -> [2009/06/20 17:27:51 | 00,053,248 | ---- | C] (Microsoft Corporation)l2nacp.dll -> C:\Windows\System32\l2nacp.dll -> [2009/06/20 17:27:51 | 00,048,128 | ---- | C] (Microsoft Corporation)ftp.exe -> C:\Windows\System32\ftp.exe -> [2009/06/20 17:27:51 | 00,041,984 | ---- | C] (Microsoft Corporation)cscapi.dll -> C:\Windows\System32\cscapi.dll -> [2009/06/20 17:27:51 | 00,031,744 | ---- | C] (Microsoft Corporation)printfilterpipelineprxy.dll -> C:\Windows\System32\printfilterpipelineprxy.dll -> [2009/06/20 17:27:51 | 00,026,112 | ---- | C] (Microsoft Corporation)msjint40.dll -> C:\Windows\System32\msjint40.dll -> [2009/06/20 17:27:51 | 00,024,576 | ---- | C] (Microsoft Corporation)cscdll.dll -> C:\Windows\System32\cscdll.dll -> [2009/06/20 17:27:51 | 00,022,016 | ---- | C] (Microsoft Corporation)wsdchngr.dll -> C:\Windows\System32\wsdchngr.dll -> [2009/06/20 17:27:51 | 00,020,992 | ---- | C] (Microsoft Corporation)MsCtfMonitor.dll -> C:\Windows\System32\MsCtfMonitor.dll -> [2009/06/20 17:27:51 | 00,019,456 | ---- | C] (Microsoft Corporation)PortableDeviceTypes.dll -> C:\Windows\System32\PortableDeviceTypes.dll -> [2009/06/20 17:27:50 | 00,160,768 | ---- | C] (Microsoft Corporation)aaclient.dll -> C:\Windows\System32\aaclient.dll -> [2009/06/20 17:27:50 | 00,136,192 | ---- | C] (Microsoft Corporation)eappcfg.dll -> C:\Windows\System32\eappcfg.dll -> [2009/06/20 17:27:50 | 00,135,680 | ---- | C] (Microsoft Corporation)SMBHelperClass.dll -> C:\Windows\System32\SMBHelperClass.dll -> [2009/06/20 17:27:50 | 00,083,456 | ---- | C] (Microsoft)rassstp.sys -> C:\Windows\System32\drivers\rassstp.sys -> [2009/06/20 17:27:50 | 00,069,120 | ---- | C] (Microsoft Corporation)fdWCN.dll -> C:\Windows\System32\fdWCN.dll -> [2009/06/20 17:27:50 | 00,069,120 | ---- | C] (Microsoft Corporation)Storprop.dll -> C:\Windows\System32\Storprop.dll -> [2009/06/20 17:27:50 | 00,055,808 | ---- | C] (Microsoft Corporation)rasdiag.dll -> C:\Windows\System32\rasdiag.dll -> [2009/06/20 17:27:50 | 00,052,736 | ---- | C] (Microsoft Corporation)dot3cfg.dll -> C:\Windows\System32\dot3cfg.dll -> [2009/06/20 17:27:50 | 00,049,664 | ---- | C] (Microsoft Corporation)bthci.dll -> C:\Windows\System32\bthci.dll -> [2009/06/20 17:27:50 | 00,045,568 | ---- | C] (Microsoft Corporation)bthudtask.exe -> C:\Windows\System32\bthudtask.exe -> [2009/06/20 17:27:50 | 00,034,304 | ---- | C] (Microsoft Corporation)ipconfig.exe -> C:\Windows\System32\ipconfig.exe -> [2009/06/20 17:27:50 | 00,026,624 | ---- | C] (Microsoft Corporation)rasdial.exe -> C:\Windows\System32\rasdial.exe -> [2009/06/20 17:27:50 | 00,016,896 | ---- | C] (Microsoft Corporation)mfps.dll -> C:\Windows\System32\mfps.dll -> [2009/06/20 17:27:49 | 00,098,816 | ---- | C] (Microsoft Corporation)eappgnui.dll -> C:\Windows\System32\eappgnui.dll -> [2009/06/20 17:27:49 | 00,093,696 | ---- | C] (Microsoft Corporation)nslookup.exe -> C:\Windows\System32\nslookup.exe -> [2009/06/20 17:27:49 | 00,082,944 | ---- | C] (Microsoft Corporation)tscupgrd.exe -> C:\Windows\System32\tscupgrd.exe -> [2009/06/20 17:27:49 | 00,063,488 | ---- | C] (Microsoft Corporation)slcinst.dll -> C:\Windows\System32\slcinst.dll -> [2009/06/20 17:27:49 | 00,042,496 | ---- | C] (Microsoft Corporation)networkitemfactory.dll -> C:\Windows\System32\networkitemfactory.dll -> [2009/06/20 17:27:49 | 00,039,936 | ---- | C] (Microsoft Corporation)hidclass.sys -> C:\Windows\System32\drivers\hidclass.sys -> [2009/06/20 17:27:49 | 00,039,424 | ---- | C] (Microsoft Corporation)ocsetup.exe -> C:\Windows\System32\ocsetup.exe -> [2009/06/20 17:27:49 | 00,035,840 | ---- | C] (Microsoft Corporation)FwRemoteSvr.dll -> C:\Windows\System32\FwRemoteSvr.dll -> [2009/06/20 17:27:49 | 00,028,672 | ---- | C] (Microsoft Corporation)CHxReadingStringIME.dll -> C:\Windows\System32\CHxReadingStringIME.dll -> [2009/06/20 17:27:49 | 00,010,752 | ---- | C] (Microsoft Corporation)nwifi.sys -> C:\Windows\System32\drivers\nwifi.sys -> [2009/06/20 17:27:48 | 00,148,480 | ---- | C] (Microsoft Corporation)dfsc.sys -> C:\Windows\System32\drivers\dfsc.sys -> [2009/06/20 17:27:48 | 00,075,264 | ---- | C] (Microsoft Corporation)PNPXAssoc.dll -> C:\Windows\System32\PNPXAssoc.dll -> [2009/06/20 17:27:48 | 00,069,632 | ---- | C] (Microsoft Corporation)cdrom.sys -> C:\Windows\System32\drivers\cdrom.sys -> [2009/06/20 17:27:48 | 00,067,072 | ---- | C] (Microsoft Corporation)fdeploy.dll -> C:\Windows\System32\fdeploy.dll -> [2009/06/20 17:27:48 | 00,053,760 | ---- | C] (Microsoft Corporation)tsgqec.dll -> C:\Windows\System32\tsgqec.dll -> [2009/06/20 17:27:48 | 00,053,248 | ---- | C] (Microsoft Corporation)hbaapi.dll -> C:\Windows\System32\hbaapi.dll -> [2009/06/20 17:27:48 | 00,041,472 | ---- | C] (Microsoft Corporation)mfpmp.exe -> C:\Windows\System32\mfpmp.exe -> [2009/06/20 17:27:48 | 00,024,576 | ---- | C] (Microsoft Corporation)msacm32.drv -> C:\Windows\System32\msacm32.drv -> [2009/06/20 17:27:48 | 00,021,504 | ---- | C] (Microsoft Corporation)mmcico.dll -> C:\Windows\System32\mmcico.dll -> [2009/06/20 17:27:48 | 00,012,800 | ---- | C] (Microsoft Corporation)csrstub.exe -> C:\Windows\System32\csrstub.exe -> [2009/06/20 17:27:47 | 00,046,080 | ---- | C] (Microsoft Corporation)cbsra.exe -> C:\Windows\System32\cbsra.exe -> [2009/06/20 17:27:47 | 00,044,032 | ---- | C] (Microsoft Corporation)gpupdate.exe -> C:\Windows\System32\gpupdate.exe -> [2009/06/20 17:27:47 | 00,016,896 | ---- | C] (Microsoft Corporation)bitsigd.dll -> C:\Windows\System32\bitsigd.dll -> [2009/06/20 17:27:46 | 00,031,744 | ---- | C] (Microsoft Corporation)NcdProp.dll -> C:\Windows\System32\NcdProp.dll -> [2009/06/20 17:27:46 | 00,019,968 | ---- | C] (Microsoft Corporation)iscsilog.dll -> C:\Windows\System32\iscsilog.dll -> [2009/06/20 17:27:46 | 00,016,384 | ---- | C] (Microsoft Corporation)dxg.sys -> C:\Windows\System32\drivers\dxg.sys -> [2009/06/20 17:27:45 | 00,076,288 | ---- | C] (Microsoft Corporation)odbcconf.dll -> C:\Windows\System32\odbcconf.dll -> [2009/06/20 17:27:45 | 00,040,960 | ---- | C] (Microsoft Corporation)winrnr.dll -> C:\Windows\System32\winrnr.dll -> [2009/06/20 17:27:45 | 00,019,968 | ---- | C] (Microsoft Corporation)Diskdump.sys -> C:\Windows\System32\drivers\Diskdump.sys -> [2009/06/20 17:27:45 | 00,019,456 | ---- | C] (Microsoft Corporation)vdmdbg.dll -> C:\Windows\System32\vdmdbg.dll -> [2009/06/20 17:27:45 | 00,017,408 | ---- | C] (Microsoft Corporation)inetppui.dll -> C:\Windows\System32\inetppui.dll -> [2009/06/20 17:27:45 | 00,015,360 | ---- | C] (Microsoft Corporation)slwga.dll -> C:\Windows\System32\slwga.dll -> [2009/06/20 17:27:45 | 00,012,288 | ---- | C] (Microsoft Corporation)RacUR.xml -> C:\Windows\System32\RacUR.xml -> [2009/06/20 17:27:45 | 00,009,212 | ---- | C] ()midimap.dll -> C:\Windows\System32\midimap.dll -> [2009/06/20 17:27:44 | 00,017,408 | ---- | C] (Microsoft Corporation)bridge.sys -> C:\Windows\System32\drivers\bridge.sys -> [2009/06/20 17:27:43 | 00,093,696 | ---- | C] (Microsoft Corporation)stream.sys -> C:\Windows\System32\drivers\stream.sys -> [2009/06/20 17:27:43 | 00,052,992 | ---- | C] (Microsoft Corporation)RNDISMP.sys -> C:\Windows\System32\drivers\RNDISMP.sys -> [2009/06/20 17:27:43 | 00,033,280 | ---- | C] (Microsoft Corporation)usb8023.sys -> C:\Windows\System32\drivers\usb8023.sys -> [2009/06/20 17:27:42 | 00,015,872 | ---- | C] (Microsoft Corporation)spwmp.dll -> C:\Windows\System32\spwmp.dll -> [2009/06/20 17:27:42 | 00,007,680 | ---- | C] (Microsoft Corporation)msdxm.ocx -> C:\Windows\System32\msdxm.ocx -> [2009/06/20 17:27:42 | 00,004,096 | ---- | C] (Microsoft Corporation)dxmasf.dll -> C:\Windows\System32\dxmasf.dll -> [2009/06/20 17:27:42 | 00,004,096 | ---- | C] (Microsoft Corporation)wmploc.DLL -> C:\Windows\System32\wmploc.DLL -> [2009/06/20 17:27:41 | 08,147,456 | ---- | C] (Microsoft Corporation)raspppoe.sys -> C:\Windows\System32\drivers\raspppoe.sys -> [2009/06/20 17:27:41 | 00,041,472 | ---- | C] (Microsoft Corporation)f3ahvoas.dll -> C:\Windows\System32\f3ahvoas.dll -> [2009/06/20 17:27:41 | 00,007,168 | ---- | C] (Microsoft Corporation)msimsg.dll -> C:\Windows\System32\msimsg.dll -> [2009/06/20 17:27:41 | 00,002,560 | ---- | C] (Microsoft Corporation)mferror.dll -> C:\Windows\System32\mferror.dll -> [2009/06/20 17:27:41 | 00,002,048 | ---- | C] (Microsoft Corporation)SmiEngine.dll -> C:\Windows\System32\SmiEngine.dll -> [2009/06/20 17:27:24 | 00,705,536 | ---- | C] (Microsoft Corporation)wdscore.dll -> C:\Windows\System32\wdscore.dll -> [2009/06/20 17:27:19 | 00,218,624 | ---- | C] (Microsoft Corporation)PkgMgr.exe -> C:\Windows\System32\PkgMgr.exe -> [2009/06/20 17:27:19 | 00,130,560 | ---- | C] (Microsoft Corporation)drvstore.dll -> C:\Windows\System32\drvstore.dll -> [2009/06/20 17:27:05 | 00,247,808 | ---- | C] (Microsoft Corporation)Iyvu9_32.dll -> C:\Windows\System32\Iyvu9_32.dll -> [2009/06/15 15:35:07 | 00,056,832 | ---- | C] ()avisplitter.ini -> C:\Windows\avisplitter.ini -> [2009/06/15 15:06:04 | 00,000,038 | ---- | C] ()unrar.dll -> C:\Windows\System32\unrar.dll -> [2009/05/08 22:43:18 | 00,168,448 | ---- | C] ()xvidcore.dll -> C:\Windows\System32\xvidcore.dll -> [2009/05/08 22:43:12 | 00,881,664 | ---- | C] ()xvidvfw.dll -> C:\Windows\System32\xvidvfw.dll -> [2009/05/08 22:43:12 | 00,205,824 | ---- | C] ()qt-dx331.dll -> C:\Windows\System32\qt-dx331.dll -> [2009/05/08 22:43:11 | 03,596,288 | ---- | C] ()ff_vfw.dll -> C:\Windows\System32\ff_vfw.dll -> [2009/05/08 22:43:10 | 00,085,504 | ---- | C] ()ff_vfw.dll.manifest -> C:\Windows\System32\ff_vfw.dll.manifest -> [2009/05/08 22:43:10 | 00,000,547 | ---- | C] ()OGACheckControl.dll -> C:\Windows\System32\OGACheckControl.dll -> [2008/12/31 17:04:42 | 00,691,560 | ---- | C] ()igfxCoIn_v1511.dll -> C:\Windows\System32\igfxCoIn_v1511.dll -> [2008/12/05 07:14:54 | 00,147,456 | ---- | C] ()VAIOUpdt.INI -> C:\Windows\VAIOUpdt.INI -> [2007/01/13 12:06:16 | 00,000,000 | ---- | C] ()SSMSIppCustom.dll -> C:\Windows\System32\SSMSIppCustom.dll -> [2007/01/13 11:59:26 | 00,344,064 | ---- | C] ()sysprepMCE.dll -> C:\Windows\System32\sysprepMCE.dll -> [2006/11/02 20:35:32 | 00,005,632 | ---- | C] ()win.ini -> C:\Windows\win.ini -> [2006/11/02 18:23:31 | 00,000,219 | ---- | C] ()system.ini -> C:\Windows\system.ini -> [2006/11/02 18:23:31 | 00,000,215 | ---- | C] ()pacerprf.ini -> C:\Windows\System32\pacerprf.ini -> [2006/11/02 15:40:29 | 00,013,750 | ---- | C] ()lcppn21.dll -> C:\Windows\System32\lcppn21.dll -> [2001/11/15 05:56:00 | 01,802,240 | ---- | C] () [Files/Folders - Modified Within 30 Days]NTUSER.DAT -> C:\Users\Dreddski\NTUSER.DAT -> [2009/08/20 15:19:08 | 02,097,152 | -HS- | M] ()OTS.exe -> C:\Users\Dreddski\Desktop\OTS.exe -> [2009/08/27 17:55:15 | 00,514,560 | ---- | M] (OldTimer Tools)7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> [2009/08/20 14:09:23 | 00,003,616 | -H-- | M] ()7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> [2009/08/20 14:09:23 | 00,003,616 | -H-- | M] ()Golden Axe 2.lnk -> C:\Users\Dreddski\Desktop\Golden Axe 2.lnk -> [2009/07/20 13:15:50 | 00,000,876 | ---- | M] ()Golden Axe 2 on the Gamefabrique.lnk -> C:\Users\Dreddski\Desktop\Golden Axe 2 on the Gamefabrique.lnk -> [2009/07/20 13:15:50 | 00,000,545 | ---- | M] ()User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job -> C:\Windows\tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job -> [2009/07/20 11:57:38 | 00,000,428 | -H-- | M] ()PerfStringBackup.INI -> C:\Windows\System32\PerfStringBackup.INI -> [2009/07/20 11:10:28 | 00,756,644 | ---- | M] ()perfh009.dat -> C:\Windows\System32\perfh009.dat -> [2009/07/20 11:10:28 | 00,647,086 | ---- | M] ()perfc009.dat -> C:\Windows\System32\perfc009.dat -> [2009/07/20 11:10:28 | 00,123,374 | ---- | M] ()DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Users\Dreddski\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2009/07/20 11:07:37 | 00,065,536 | ---- | M] ()PublishedRacMonSWITable.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonSWITable.DAT -> [2009/07/20 00:25:01 | 00,119,280 | ---- | M] ()PublishedRacMonAFLTable.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonAFLTable.DAT -> [2009/07/20 00:25:01 | 00,017,112 | ---- | M] ()PublishedRacMonOSFTable.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonOSFTable.DAT -> [2009/07/20 00:25:01 | 00,001,932 | ---- | M] ()PublishedRacMonIndex.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonIndex.DAT -> [2009/07/20 00:25:01 | 00,001,752 | ---- | M] ()PublishedRacMonCLKTable.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonCLKTable.DAT -> [2009/07/20 00:25:01 | 00,000,048 | ---- | M] ()PublishedRacMonHFLTable.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonHFLTable.DAT -> [2009/07/20 00:25:01 | 00,000,000 | ---- | M] ()addon.dat -> C:\Users\Dreddski\AppData\Roaming\addon.dat -> [2009/08/10 14:10:31 | 00,022,040 | -H-- | M] ()Config.MPF -> C:\Windows\System32\Config.MPF -> [2009/07/18 14:10:26 | 00,020,297 | ---- | M] ()nvModes.001 -> C:\ProgramData\nvModes.001 -> [2009/07/18 14:10:23 | 00,057,372 | ---- | M] ()SA.DAT -> C:\Windows\tasks\SA.DAT -> [2009/08/23 14:09:31 | 00,000,006 | -H-- | M] ()bootstat.dat -> C:\Windows\bootstat.dat -> [2009/07/18 14:09:28 | 00,067,584 | --S- | M] ()hiberfil.sys -> C:\hiberfil.sys -> [2009/07/18 14:09:26 | 32,159,94880 | -HS- | M] ()IconCache.db -> C:\Users\Dreddski\AppData\Local\IconCache.db -> [2009/07/18 14:07:10 | 02,855,890 | -H-- | M] ()NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\Dreddski\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms -> [2009/07/17 20:59:12 | 00,524,288 | -HS- | M] ()NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf -> C:\Users\Dreddski\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf -> [2009/07/17 20:59:12 | 00,065,536 | -HS- | M] ()bthservsdp.dat -> C:\Windows\bthservsdp.dat -> [2009/07/17 20:58:41 | 00,000,012 | ---- | M] ()qmgr1.dat -> C:\ProgramData\Microsoft\Network\Downloader\qmgr1.dat -> [2009/07/17 18:53:24 | 04,194,304 | ---- | M] ()qmgr0.dat -> C:\ProgramData\Microsoft\Network\Downloader\qmgr0.dat -> [2009/07/17 18:53:24 | 04,194,304 | ---- | M] ()Maricar Reyes Hyden Kho Part 2 and 3.rar [mininova].torrent -> C:\Users\Dreddski\Desktop\Maricar Reyes Hyden Kho Part 2 and 3.rar [mininova].torrent -> [2009/07/17 09:43:38 | 00,015,271 | ---- | M] ()nvModes.dat -> C:\ProgramData\nvModes.dat -> [2009/07/17 04:45:08 | 00,057,372 | ---- | M] ()erunt_setup.exe -> C:\Users\Dreddski\Desktop\erunt_setup.exe -> [2009/07/17 01:20:43 | 00,791,393 | ---- | M] (Lars Hederer                                                )system.ini -> C:\Windows\system.ini -> [2009/07/16 23:11:48 | 00,000,215 | ---- | M] ()hosts -> C:\Windows\System32\drivers\etc\hosts -> [2009/07/16 23:11:34 | 00,000,027 | ---- | M] ()FNTCACHE.DAT -> C:\Windows\System32\FNTCACHE.DAT -> [2009/07/16 03:12:39 | 00,403,152 | ---- | M] ()mbamswissarmy.sys -> C:\Windows\System32\drivers\mbamswissarmy.sys -> [2009/08/22 13:36:34 | 00,038,160 | ---- | M] (Malwarebytes Corporation)mbam.sys -> C:\Windows\System32\drivers\mbam.sys -> [2009/08/22 13:36:12 | 00,019,096 | ---- | M] (Malwarebytes Corporation)PEV.exe -> C:\Windows\PEV.exe -> [2009/07/13 05:48:54 | 00,219,648 | ---- | M] ()Revo Uninstaller.lnk -> C:\Users\Dreddski\Desktop\Revo Uninstaller.lnk -> [2009/08/12 13:17:43 | 00,001,057 | ---- | M] ()DSC02698.jpg -> C:\Users\Dreddski\Documents\DSC02698.jpg -> [2009/07/11 23:48:48 | 00,000,000 | ---- | M] ()Msft_User_PCCSWpdDriver_01_05_00.Wdf -> C:\Windows\System32\drivers\Msft_User_PCCSWpdDriver_01_05_00.Wdf -> [2009/07/11 02:06:19 | 00,000,000 | -H-- | M] ()Msft_Kernel_ccdcmb_01007.Wdf -> C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01007.Wdf -> [2009/07/11 02:03:46 | 00,000,000 | -H-- | M] ()MSN.lnk -> C:\Users\Dreddski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MSN.lnk -> [2009/07/11 01:45:37 | 00,001,924 | ---- | M] ()mrt.exe -> C:\Windows\System32\mrt.exe -> [2009/07/07 23:10:56 | 24,539,592 | ---- | M] (Microsoft Corporation)opa12.dat -> C:\ProgramData\Microsoft\OFFICE\DATA\opa12.dat -> [2009/07/03 09:28:51 | 00,008,498 | ---- | M] ()iTunes.lnk -> C:\Users\Public\Desktop\iTunes.lnk -> [2009/06/26 18:56:51 | 00,001,804 | ---- | M] ()QuickTime Player.lnk -> C:\Users\Public\Desktop\QuickTime Player.lnk -> [2009/06/26 18:53:21 | 00,001,726 | ---- | M] ()Malwarebytes' Anti-Malware.lnk -> C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk -> [2009/08/22 09:58:17 | 00,000,818 | ---- | M] ()Spyware Doctor.lnk -> C:\Users\Public\Desktop\Spyware Doctor.lnk -> [2009/08/23 09:16:08 | 00,001,759 | ---- | M] ()VP3.lnk -> C:\Users\Public\Desktop\VP3.lnk -> [2009/06/21 20:32:11 | 00,000,972 | ---- | M] ()Dreddski.dat -> C:\ProgramData\Microsoft\User Account Pictures\Dreddski.dat -> [2009/05/24 00:26:09 | 00,000,000 | ---- | M] ()Rubie Jale.dat -> C:\ProgramData\Microsoft\User Account Pictures\Rubie Jale.dat -> [2009/05/07 13:22:00 | 00,000,000 | ---- | M] () [File - Lop Check]Roaming -> C:\Users\Default\AppData\Roaming -> [2007/01/13 12:10:51 | 00,000,000 | ---D | M]Intel -> C:\Users\Default\AppData\Roaming\Intel -> [2007/01/13 12:10:51 | 00,000,000 | ---D | M]Media Center Programs -> C:\Users\Default\AppData\Roaming\Media Center Programs -> [2006/11/02 20:37:34 | 00,000,000 | ---D | M]Roaming -> C:\Users\Default User\AppData\Roaming -> [2007/01/13 12:10:51 | 00,000,000 | ---D | M]Intel -> C:\Users\Default User\AppData\Roaming\Intel -> [2007/01/13 12:10:51 | 00,000,000 | ---D | M]Media Center Programs -> C:\Users\Default User\AppData\Roaming\Media Center Programs -> [2006/11/02 20:37:34 | 00,000,000 | ---D | M]Roaming -> C:\Users\Dreddski\AppData\Roaming -> [2009/07/18 14:10:31 | 00,000,000 | ---D | M]ArcSoft -> C:\Users\Dreddski\AppData\Roaming\ArcSoft -> [2009/05/08 09:42:45 | 00,000,000 | ---D | M]Dev-Cpp -> C:\Users\Dreddski\AppData\Roaming\Dev-Cpp -> [2009/05/19 14:27:15 | 00,000,000 | ---D | M]Hobioza.job -> C:\WINDOWS\Tasks\Hobioza.job -> [2009/06/08 20:11:00 | 00,000,123 | ---- | M]Intel -> C:\Users\Dreddski\AppData\Roaming\Intel -> [2009/01/13 12:10:51 | 00,000,000 | ---D | M]Media Center Programs -> C:\Users\Dreddski\AppData\Roaming\Media Center Programs -> [2006/11/02 20:37:34 | 00,000,000 | ---D | M]Nokia -> C:\Users\Dreddski\AppData\Roaming\Nokia -> [2009/07/11 02:05:37 | 00,000,000 | ---D | M]PC Suite -> C:\Users\Dreddski\AppData\Roaming\PC Suite -> [2009/07/11 02:05:43 | 00,000,000 | ---D | M]Roxio -> C:\Users\Dreddski\AppData\Roaming\Roxio -> [2009/06/01 19:39:11 | 00,000,000 | ---D | M]uTorrent -> C:\Users\Dreddski\AppData\Roaming\uTorrent -> [2009/07/20 15:06:30 | 00,000,000 | ---D | M]C:\Windows\Tasks\ -> C:\Windows\Tasks -> [2009/07/16 23:16:13 | 00,000,000 | ---D | M]McDefragTask.job -> C:\Windows\Tasks\McDefragTask.job -> [2009/06/15 01:00:02 | 00,000,338 | ---- | M] ()McQcTask.job -> C:\Windows\Tasks\McQcTask.job -> [2009/06/01 01:00:06 | 00,000,348 | ---- | M] ()SCHEDLGU.TXT -> C:\Windows\Tasks\SCHEDLGU.TXT -> [2009/07/17 20:58:44 | 00,032,610 | ---- | M] ()User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job -> C:\Windows\Tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job -> [2009/07/20 11:57:38 | 00,000,428 | -H-- | M] () [File - Purity Scan]  [Alternate Data Streams]@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:073341D1@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:DFC5A2B2< End of report >

[MGuitar 11]

1ª Etapa

 

Execute novamente a ferramenta OTS.exe.

 

Copie este conteúdo abaixo dentro do quote:

 

[Kill All Processes]

[unregister Dlls]

[Driver Services - Safe List]

YY -> amx -> C:\Windows\system32\drivers\x.sys

YY -> valstorns -> C:\Windows\system32\drivers\Sadkjuiswush.sys

[Registry - Safe List]

< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List

YN -> "C:\Program Files\alsidjdn.exe" -> C:\Program Files\alsidjdn.exe [C:\Program Files\alsidjdn.exe:*:Enabled:asd]

< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\

YY -> ivxxxxxxxx ->

[Files/Folders - Created Within 30 Days]

NY -> addon.dat -> C:\Users\Dreddski\AppData\Roaming\addon.dat

NY -> ajuhshdf.exe -> C:\Windows\ajuhshdf.exe

NY -> Uckvo.exe -> C:\Windows\System32\Uckvo.exe

NY -> mjkks000.exe -> C:\Users\mjkks000.exe

NY -> ahusndkekajdshdj.dll -> C:\Windows\System32\ahusndkekajdshdj.dll

NY -> kauehdfuaenxjawenx.dll -> C:\Windows\System32\kauehdfuaenxjawenx.dll

NY -> kasehdsoa.dll -> C:\Windows\System32\kasehdsoa.dll

NY -> wiuedhaiuwniajx.dll -> C:\Windows\System32\wiuedhaiuwniajx.dll

NY -> uaedhaizexneka.dll -> C:\Windows\System32\uaedhaizexneka.dll

NY -> skeuid9aew.dll -> C:\Windows\System32\skeuid9aew.dll

[Files/Folders - Modified Within 30 Days]

NY -> addon.dat -> C:\Users\Dreddski\AppData\Roaming\addon.dat

[File - Lop Check]

NY -> Hobioza.job -> C:\WINDOWS\Tasks\Hobioza.job

[Empty Temp Folders]

[start Explorer]

[Reboot]

Cole na janela Paste Fix Here e clique no botão Run Fix.

 

Confirme a mensagem dizendo deseja reiniciar o PC, e aguarde-o reiniciar.

 

Após o reinicio, um log estará no desktop com o nome "XXXXXXXX_XXXX" (onde os "X" são a data e hora em que o resultado foi gerado).

 

 

2ª Etapa

 

Baixe o TFC e salve-o no desktop.

 

Feche todos os programas abertos e salve tudo o que estiver fazendo na máquina;

Clique no botão Start e aguarde a rápida verificação. Dê um OK na mensagem e aguarde o PC reiniciar.

 

 

3ª Etapa

 

Abra o Malwarebytes' Anti-Malware e clique em Atualização > Verificar atualizações. Aguarde o programa atualizar.

 

Reinicie o computador em Modo de Segurança e abra o Malwarebytes.

 

Clique em Verificação > Verificação Completa > Marque todas as unidades > Iniciar Verificação.

 

 

4ª Etapa

 

Após a verificação do Malwarebytes, reinicie o PC em modo normal e poste os logs do OTS, Malwarebytes e um novo do HijackThis.

[Dreddski 0]

Olá amigo boa tarde!!!! :lol:

 

Poxa meu pc deu uma melhorada significativa depois disso que você me passou obrigado msm :clap:

 

Bom aqui tao o q você me pediu

 

Log do Ots

 

All Processes Killed

[Driver Services - Safe List]

Service amx stopped successfully!

Service amx deleted successfully!

C:\Windows\system32\drivers\x.sys not found.

Service valstorns stopped successfully!

Service valstorns deleted successfully!

C:\Windows\system32\drivers\Sadkjuiswush.sys not found.

[Registry - Safe List]

Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\C:\Program Files\alsidjdn.exe not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ivxxxxxxxx not found.

[Files/Folders - Created Within 30 Days]

File C:\Users\Dreddski\AppData\Roaming\addon.dat moved successfully.

File C:\Windows\ajuhshdf.exe moved successfully.

File C:\Windows\System32\Uckvo.exe moved successfully.

File C:\Users\mjkks000.exe moved successfully.

DllUnregisterServer procedure not found in C:\Windows\System32\ahusndkekajdshdj.dll

File C:\Windows\System32\ahusndkekajdshdj.dll NOT unregistered.

File C:\Windows\System32\ahusndkekajdshdj.dll moved successfully.

DllUnregisterServer procedure not found in C:\Windows\System32\kauehdfuaenxjawenx.dll

File C:\Windows\System32\kauehdfuaenxjawenx.dll NOT unregistered.

File C:\Windows\System32\kauehdfuaenxjawenx.dll moved successfully.

DllUnregisterServer procedure not found in C:\Windows\System32\kasehdsoa.dll

File C:\Windows\System32\kasehdsoa.dll NOT unregistered.

File C:\Windows\System32\kasehdsoa.dll moved successfully.

DllUnregisterServer procedure not found in C:\Windows\System32\wiuedhaiuwniajx.dll

File C:\Windows\System32\wiuedhaiuwniajx.dll NOT unregistered.

File C:\Windows\System32\wiuedhaiuwniajx.dll moved successfully.

DllUnregisterServer procedure not found in C:\Windows\System32\uaedhaizexneka.dll

File C:\Windows\System32\uaedhaizexneka.dll NOT unregistered.

File C:\Windows\System32\uaedhaizexneka.dll moved successfully.

DllUnregisterServer procedure not found in C:\Windows\System32\skeuid9aew.dll

File C:\Windows\System32\skeuid9aew.dll NOT unregistered.

File C:\Windows\System32\skeuid9aew.dll moved successfully.

[Files/Folders - Modified Within 30 Days]

File C:\Users\Dreddski\AppData\Roaming\addon.dat moved successfully.

[File - Lop Check]

File C:\WINDOWS\Tasks\Hobioza.job deleted successfully.

[Empty Temp Folders]

File delete failed. C:\Documents and Settings\Dreddski\Local Settings\Temp\etilqs_hgdxxadfgtwsxfgh scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Dreddski\Local Settings\Temp\etilqs_asfhvcguyutttgfg scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Dreddski\Local Settings\Temp\~EFG66.tmp scheduled to be deleted on reboot.

User's Temp folder emptied.

User's Internet Explorer cache folder emptied.

User's Temporary Internet Files folder emptied.

Local Service Temp folder emptied.

File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.

Local Service Temporary Internet Files folder emptied.

Network Service Temp folder emptied.

Network Service Temporary Internet Files folder emptied.

Windows Temp folder emptied.

Java cache emptied.

FireFox cache emptied.

RecycleBin -> emptied.

Explorer started successfully

< End of fix log >

OTS by OldTimer - Version 3.0.10.3 fix logfile created on 08292009_141228

 

Files moved on Reboot...

File C:\Documents and Settings\Dreddski\Local Settings\Temp\etilqs_hgdxxadfgtwsxfgh not found!

File C:\Documents and Settings\Dreddski\Local Settings\Temp\etilqs_asfhvcguyutttgfg not found!

File C:\Documents and Settings\Dreddski\Local Settings\Temp\~EFG66.tmp moved successfully.

File C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat moved successfully.

 

Registry entries deleted on Reboot...

 

 

 

 

 

 

Log do malwarebytes

 

 

Malwarebytes' Anti-Malware 1.40

Versão do banco de dados: 2713

Windows 6.00.1906 Service Pack 2

 

29/8/2009 14:33:26

mbam-log-2009-08-29 (14-33-26).txt

 

Tipo de Verificação: Completa (C:\|)

Objetos verificados: 131689

Tempo decorrido: 48 minute(s), 32 second(s)

 

Processos da Memória infectados: 0

Módulos de Memória Infectados: 0

Chaves do Registro infectadas: 0

Valores do Registro infectados: 0

Ítens do Registro infectados: 0

Pastas infectadas: 0

Arquivos infectados: 11

 

Processos da Memória infectados:

(Nenhum ítem malicioso foi detectado)

 

Módulos de Memória Infectados:

(Nenhum ítem malicioso foi detectado)

 

Chaves do Registro infectadas:

(Nenhum ítem malicioso foi detectado)

 

Valores do Registro infectados:

(Nenhum ítem malicioso foi detectado)

 

Ítens do Registro infectados:

(Nenhum ítem malicioso foi detectado)

 

Pastas infectadas:

(Nenhum ítem malicioso foi detectado)

 

Arquivos infectados:

c:\WINDOWS\Fonts\services.exe (Worm.Archive) -> Quarantined and deleted successfully.

C:\WINDOWS\Tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.

c:\documents and settings\Dreddski\Local Settings\Temp\services.exe (Password.Stealer) -> Delete on reboot.

C:\WINDOWS\394347843593248209.dat (Worm.KoobFace) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\msbgnv.exe (Malware.Trace) -> Quarantined and deleted successfully.

c:\WINDOWS\0101120101464849.dat (Worm.KoobFace) -> Quarantined and deleted successfully.

c:\documents and settings\Dreddski\local settings\Temp\712638673737xx.dll (Spyware.OnlineGames) -> Delete on reboot.

c:\documents and settings\Dreddski\local settings\Temp\93847565823mxx.dll (Trojan.Downloader) -> Delete on reboot.

C:\lKvvas.exe (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\Program Files\ujxa\fxu.sys (Trojan.Agent) -> Quarantined and deleted successfully.

C:\Program Files\ujxa\lamxma.dll (Trojan.Agent) -> Delete on reboot.

 

 

 

 

 

Log do hijackthis

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 15:38:18, on 29/08/2009

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18813)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\system32\conime.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Windows\system32\msfeedssync.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Users\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [lxdcamon] "C:\Program Files\Lexmark 1300 Series\lxdcamon.exe"

O4 - HKLM\..\Run: [LXDCCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXDCtime.dll,_RunDLLEntry@16

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe

O4 - HKUS\S-1-5-18\..\Run: [Exetender] "C:\Program Files\Free Ride Games\GPlayer.exe /runonstartup" (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [Exetender] "C:\Program Files\Free Ride Games\GPlayer.exe /runonstartup" (User 'Default user')

O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O13 - Gopher Prefix:

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/você/bin/AvSniff.cab

O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab

O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: lxdc_device - - C:\Windows\system32\lxdccoms.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

 

--

End of file - 7100 bytes

 

 

 

 

 

 

 

Qual anti-virus você me recomenda???

 

 

Obrigado pela vossa atençao :joia:

[MGuitar 11]

Com o navegador Internet Explorer, acesse o '>http://www.kaspersky.com/virusscanner"]Kaspersky Online Scanner e faça um scan conforme o tutorial abaixo:

 

http://www.linhadefensiva.org/forum/index.php?showtopic=74159

 

Ao término do scan, salve o relatório, conforme é mostrado no final do tutorial, e poste-o aqui.

[Dreddski 0]

Olá amigo boa tarde

 

Fiz o escan no kapersky como você ordenou mais nao consigui de maneira alguma salvar o relatorio eu apertava o botao save report e nada acontecia entao eu tive que fechar a pagina.sera q preciso fazer um outro escan??

 

só digo q nada foi encontrado pelo escan,0 infection q apareceu lah

 

o q faço??

 

obrigado por toda ajuda meu pc nao ta mais reiniciando sozinho,nao ta mais travando e passei dinovo aquele malwarebytes e nada foi encontrado

 

poderia me dizer um bom anti-virus tbm???

 

t+

[MGuitar 11]

Olá amigo boa tarde

 

Fiz o escan no kapersky como você ordenou mais nao consigui de maneira alguma salvar o relatorio eu apertava o botao save report e nada acontecia entao eu tive que fechar a pagina.sera q preciso fazer um outro escan??

Não.

 

só digo q nada foi encontrado pelo escan,0 infection q apareceu lah

Isso responde.

 

o q faço??

Está com algum problema ainda?

 

Em caso negativo, não há mais nada a fazer. Apenas delete as ferramentas utilizadas.

 

poderia me dizer um bom anti-virus tbm???

Gratuito: '>http://www.free-av.com/en/products/1/avira_antivir_personal__free_antivirus.html"]Avira AntiVir

Pago: '>http://www.eset.com/download/free_trial_download_int.php"]ESET NOD32 Antivirus 4 ou '>http://www.kaspersky.com/kav_latest_versions"]Kaspersky Antivirus 2010

[Dreddski 0]

Olá amigo

Nao to com mais nenhum problema aki ta tdo certo mto obrigado msm :joia: :clap:

 

Eu ja deletei os programas aki era so deleta eles msm neh??

 

eu baixei esse avira antivir pq to sem grana p compra um anti-virus pago hauaheuhauehau

 

poderia me passar algum manual de instalaçao e configuraçao do avira soh p mim ter uma ideia ???

 

mto obrigado por toda ajuda foi de mta avalia :lol: meu problema foi sanado

 

um abraçao :D

[MGuitar 11]

poderia me passar algum manual de instalaçao e configuraçao do avira soh p mim ter uma ideia ???

 

http://www.techhandbook.com/security/3035-Guide-installation-and-use-Avira-AntiVir-Personal-Edition.html

[Dreddski 0]

Oi amigo

mto obrigado pelo tutorial do avira,segui ele todinho e deu tdo certo,otimo tutorial e obrigado mais ainda pela maravilhosa ajuda meu pc ta a bala dinovo,100% :D

 

nem sei como agradecer esse forum eh d++++++++

 

qq probleminha dinovo eu posto ok???

 

ate mais

 

um abraçao e bom feriado pra ti

 

Rodrigo

[MGuitar 11]

PROBLEMA RESOLVIDO!

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.