Spam/Spyware - "Windows Recovery" und "Windows Securety Alert"

#1 Hallo!

habe in der Tastleiste nach einem Antivir fund auf einmal
- roten Kreis mit weisem X
- gelbes Ausrufezeichen
- bunte Zahnräder
- Desktop Schwarz
- IE9 ist weg
- Startmenü ist leer
- startet immer neu von alleine
- HDD Fehlermeldungen kommen

Kann auch Screenshots machen, wer mag

Windows Recovery und Windows Securety Alert zeigt es an!


Habe die Scans gemacht, aber probleme beim posten hier...


Ich versuche die Logs zu posten!

Wie kann ich den Fehler bekämpfen?!

Zitat

OTL logfile created on: 23.03.2011 23:36:01 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Home\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 47,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,43 Gb Total Space | 37,62 Gb Free Space | 50,54% Space Free | Partition Type: NTFS
Drive F: | 39,06 Gb Total Space | 16,09 Gb Free Space | 41,18% Space Free | Partition Type: NTFS
Drive G: | 363,29 Gb Total Space | 236,39 Gb Free Space | 65,07% Space Free | Partition Type: NTFS
Drive H: | 503,02 Gb Total Space | 5,05 Gb Free Space | 1,00% Space Free | Partition Type: NTFS
Drive I: | 195,31 Gb Total Space | 55,93 Gb Free Space | 28,64% Space Free | Partition Type: NTFS
Drive J: | 270,45 Gb Total Space | 3,79 Gb Free Space | 1,40% Space Free | Partition Type: NTFS
Drive K: | 234,74 Gb Total Space | 42,73 Gb Free Space | 18,20% Space Free | Partition Type: NTFS
Drive L: | 231,02 Gb Total Space | 11,89 Gb Free Space | 5,15% Space Free | Partition Type: NTFS
Drive M: | 341,80 Gb Total Space | 29,74 Gb Free Space | 8,70% Space Free | Partition Type: NTFS
Drive N: | 123,96 Gb Total Space | 13,99 Gb Free Space | 11,28% Space Free | Partition Type: NTFS
Drive O: | 240,40 Gb Total Space | 90,88 Gb Free Space | 37,80% Space Free | Partition Type: NTFS
Drive P: | 1033,98 Gb Total Space | 337,96 Gb Free Space | 32,69% Space Free | Partition Type: NTFS
Drive Q: | 428,49 Gb Total Space | 14,55 Gb Free Space | 3,40% Space Free | Partition Type: NTFS
Drive R: | 149,05 Gb Total Space | 11,02 Gb Free Space | 7,39% Space Free | Partition Type: NTFS
Drive S: | 149,05 Gb Total Space | 127,76 Gb Free Space | 85,71% Space Free | Partition Type: NTFS

Computer Name: HOME-PC | User Name: Home | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2011.03.23 23:35:04 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Home\Desktop\OTL.exe
PRC - [2011.03.23 23:17:32 | 000,467,968 | -H-- | M] () -- C:\ProgramData\46456584.exe
PRC - [2011.03.23 23:08:27 | 000,546,816 | -H-- | M] (HiTech) -- C:\ProgramData\IGSYNkFRmaqdjEh.exe
PRC - [2011.03.18 18:56:37 | 000,924,632 | -H-- | M] (Mozilla Corporation) -- C:\02_Firefox 4\firefox.exe
PRC - [2011.03.18 18:56:37 | 000,016,856 | -H-- | M] (Mozilla Corporation) -- C:\02_Firefox 4\plugin-container.exe
PRC - [2011.03.17 12:25:48 | 000,269,480 | -H-- | M] (Avira GmbH) -- C:\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.02.01 14:49:28 | 000,220,552 | ---- | M] (Geek Software GmbH) -- F:\11_PDF24\pdf24.exe
PRC - [2011.01.10 14:23:04 | 000,135,336 | -H-- | M] (Avira GmbH) -- C:\Avira\AntiVir Desktop\sched.exe
PRC - [2011.01.10 14:22:55 | 000,281,768 | -H-- | M] (Avira GmbH) -- C:\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.12.28 13:14:04 | 000,075,136 | -H-- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010.05.28 16:29:26 | 002,650,112 | -H-- | M] (DATA BECKER GmbH & Co KG) -- C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
PRC - [2010.04.23 14:04:08 | 002,468,448 | ---- | M] (Lavalys, Inc.) -- F:\91_ever-23\Everest Ultimate Edition v.5.50.2123 beta (portable)\everest.exe
PRC - [2010.04.01 10:16:20 | 000,357,696 | -H-- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2009.10.16 10:42:48 | 000,319,488 | -H-- | M] (DeviceVM, Inc.) -- C:\ASUS.SYS\config\DVMExportService.exe
PRC - [2009.10.07 01:47:22 | 000,125,464 | -H-- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
PRC - [2009.07.14 02:14:12 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\attrib.exe
PRC - [2009.03.30 07:32:40 | 000,032,768 | RH-- | M] () -- C:\Windows\DAODx.exe
PRC - [2008.08.29 15:20:56 | 000,935,208 | -H-- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2007.09.02 12:58:52 | 000,495,616 | ---- | M] () -- F:\97_RocketDock\RocketDock.exe
PRC - [2007.07.17 15:48:16 | 000,180,224 | -H-- | M] () -- C:\Windows\SysWOW64\WinService.exe
PRC - [2007.04.04 17:17:34 | 000,446,464 | -H-- | M] (Ambit Microsystems) -- C:\Windows\SysWOW64\WN311BFCS.exe
PRC - [2007.04.04 16:35:52 | 002,125,824 | -H-- | M] ( ) -- C:\Program Files (x86)\NETGEAR\WN311B\Utility\WN311B.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2011.03.23 23:35:04 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Home\Desktop\OTL.exe
MOD - [2010.11.20 12:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2007.09.02 12:57:36 | 000,069,632 | ---- | M] () -- F:\97_RocketDock\RocketDock.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV:64bit: - [2011.02.27 05:35:50 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.11.25 22:03:12 | 000,354,304 | -H-- | M] (Advanced Micro Devices, Inc.) [Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2009.10.07 01:47:10 | 000,191,000 | -H-- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011.03.17 12:25:48 | 000,269,480 | -H-- | M] (Avira GmbH) [Auto | Running] -- C:\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.01.10 14:23:04 | 000,135,336 | -H-- | M] (Avira GmbH) [Auto | Running] -- C:\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.12.28 13:14:04 | 000,075,136 | -H-- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010.10.28 11:14:30 | 000,357,456 | -H-- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2010.05.28 16:29:26 | 002,650,112 | -H-- | M] (DATA BECKER GmbH & Co KG) [Auto | Running] -- C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe -- (DBService)
SRV - [2010.03.18 13:16:28 | 000,130,384 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.10.16 10:42:48 | 000,319,488 | -H-- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\ASUS.SYS\config\DVMExportService.exe -- (DvmMDES)
SRV - [2009.07.13 01:08:04 | 000,024,168 | -H-- | M] (The Within Network, LLC) [Auto | Running] -- C:\Windows\UnsignedThemesSvc.exe -- (UnsignedThemes)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.08.29 15:20:56 | 000,935,208 | -H-- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2007.07.17 15:48:16 | 000,180,224 | -H-- | M] () [Auto | Running] -- C:\Windows\SysWOW64\WinService.exe -- (SCM_Service)
SRV - [2007.05.31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007.04.04 17:17:34 | 000,446,464 | -H-- | M] (Ambit Microsystems) [Auto | Running] -- C:\Windows\SysWOW64\WN311BFCS.exe -- (WN311BFCS)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:64bit: - [2011.02.27 10:28:06 | 009,319,424 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.02.27 04:59:42 | 000,303,616 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.01.10 14:23:15 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.01.10 14:23:15 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.01.07 16:02:28 | 000,045,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2010.12.28 00:12:52 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.11.20 14:34:02 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010.11.20 14:34:02 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 14:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.20 12:35:32 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010.11.20 12:35:20 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.17 13:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010.09.29 22:19:58 | 000,046,720 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010.08.24 18:29:32 | 000,057,936 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2010.08.24 18:29:10 | 000,063,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2010.06.17 11:15:36 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2010.02.24 11:20:40 | 000,191,616 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11)
DRV:64bit: - [2010.02.18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010.02.01 14:20:24 | 000,325,152 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.12.24 09:31:07 | 000,115,824 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2009.11.23 17:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009.11.23 17:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009.10.07 08:49:28 | 006,379,288 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64) Logitech QuickCam S5500(UVC)
DRV:64bit: - [2009.10.07 08:47:46 | 000,327,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2009.10.07 01:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2009.10.07 01:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2009.07.16 04:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009.07.13 01:09:20 | 000,030,568 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\uxpatch.sys -- (uxpatch)
DRV:64bit: - [2009.06.10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 21:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.08.14 06:48:34 | 000,024,064 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ctafiltv.sys -- (Ctafiltv)
DRV:64bit: - [2008.04.29 23:24:30 | 000,022,568 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SiWinAcc.sys -- (SiFilter)
DRV:64bit: - [2008.04.29 23:24:28 | 000,327,720 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Si3114r5.sys -- (Si3114r5)
DRV:64bit: - [2008.04.29 23:24:28 | 000,016,936 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SiRemFil.sys -- (SiRemFil)
DRV:64bit: - [2008.03.13 08:46:00 | 000,027,136 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ManyCam_x64.sys -- (ManyCam)
DRV:64bit: - [2007.12.26 10:46:26 | 000,340,992 | ---- | M] (NETGEAR Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wg111v2.sys -- (RTL8187)
DRV:64bit: - [2007.01.19 03:24:24 | 000,025,312 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SCMNdisP.sys -- (SCMNdisP)
DRV:64bit: - [2006.12.19 12:18:28 | 000,640,512 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wn311b64.SYS -- (NETGEAR)
DRV - [2010.02.17 19:47:04 | 000,026,752 | ---- | M] () [Kernel | On_Demand | Running] -- F:\91_ever-23\Everest Ultimate Edition v.5.50.2123 beta (portable)\kerneld.amd64 -- (EverestDriver)
DRV - [2008.02.15 14:52:20 | 000,036,368 | -H-- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\drivers\hotcore3.sys -- (hotcore3)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 85 08 5D 51 4E D8 CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "chrome://foxtab/content/homepage.html"

FF - HKLM\software\mozilla\Firefox\Extensions\\{0C956BB3-BAA3-4672-A1E8-92B214C55722}: C:\Users\Home\AppData\Local\{0C956BB3-BAA3-4672-A1E8-92B214C55722} [2011.02.26 18:52:53 | 000,000,000 | -H-D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\02_Firefox 4\components [2011.03.21 18:20:09 | 000,000,000 | -H-D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\02_Firefox 4\plugins

[2011.03.22 16:52:15 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Home\AppData\Roaming\mozilla\Extensions
[2011.03.22 16:52:15 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Home\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.03.21 20:58:46 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Home\AppData\Roaming\mozilla\Firefox\Profiles\kmdteo40.default\extensions
[2011.03.21 18:39:31 | 000,000,000 | -H-D | M] (Flagfox) -- C:\Users\Home\AppData\Roaming\mozilla\Firefox\Profiles\kmdteo40.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
File not found (No name found) --
[2011.02.26 18:52:53 | 000,000,000 | -H-D | M] (XULRunner) -- C:\USERS\HOME\APPDATA\LOCAL\{0C956BB3-BAA3-4672-A1E8-92B214C55722}
() (No name found) -- C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMDTEO40.DEFAULT\EXTENSIONS\{A0D7CCB3-214D-498B-B4AA-0E8FDA9A7BF7}.XPI
() (No name found) -- C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMDTEO40.DEFAULT\EXTENSIONS\{B9DB16A4-6EDC-47EC-A1F4-B86292ED211D}.XPI
() (No name found) -- C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMDTEO40.DEFAULT\EXTENSIONS\{C07D1A49-9894-49FF-A594-38960EDE8FB9}.XPI
() (No name found) -- C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMDTEO40.DEFAULT\EXTENSIONS\{EF4E370E-D9F0-4E00-B93E-A4F274CFDD5A}.XPI
() (No name found) -- C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMDTEO40.DEFAULT\EXTENSIONS\PERSONAS@CHRISTOPHER.BEARD.XPI
() (No name found) -- C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMDTEO40.DEFAULT\EXTENSIONS\TINEYE@IDEEINC.COM.XPI

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - F:\02_Office 2010\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - F:\95_Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [EvtMgr6] F:\17_Logitech G700\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AS00_WN311B] C:\Program Files (x86)\NETGEAR\WN311B\Utility\WN311B.exe ( )
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CtaMon] File not found
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [PDFPrint] F:\11_PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [ccleaner] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [IGSYNkFRmaqdjEh] C:\ProgramData\IGSYNkFRmaqdjEh.exe (HiTech)
O4 - HKCU..\Run: [RocketDock] F:\97_RocketDock\RocketDock.exe ()
O4 - Startup: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - F:\02_Office 2010\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - F:\02_Office 2010\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - F:\46_ICQ\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - F:\46_ICQ\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - F:\95_Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - F:\95_Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.3.16.0.cab (SysInfo Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - F:\95_Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (RtlGina2.dll) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Programme\Common Files\logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - Unable to obtain root file information for disk M:\
O33 - MountPoints2\{b3f7d585-121a-11e0-8ea1-e628764da063}\Shell - "" = AutoRun
O33 - MountPoints2\{b3f7d585-121a-11e0-8ea1-e628764da063}\Shell\AutoRun\command - "" = E:\DBstart.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (OODBS) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2011.03.23 23:35:03 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Home\Desktop\OTL.exe
[2011.03.23 23:26:40 | 000,000,000 | -H-D | C] -- C:\Users\Home\DoctorWeb
[2011.03.23 23:17:34 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Recovery
[2011.03.23 23:08:27 | 000,546,816 | -H-- | C] (HiTech) -- C:\ProgramData\IGSYNkFRmaqdjEh.exe
[2011.03.23 15:10:05 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Local\{CF69FD6E-9B3F-4C5D-AF31-CC5C55155999}
[2011.03.22 16:24:10 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Local\{7A347EEC-D38B-4E7A-87F0-46C7462B307D}
[2011.03.21 22:09:00 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\AMD APP
[2011.03.21 22:08:56 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2011.03.21 22:08:40 | 000,000,000 | -H-D | C] -- C:\ProgramData\ATI
[2011.03.21 22:08:35 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.03.21 21:56:20 | 000,000,000 | -H-D | C] -- C:\AMD
[2011.03.21 21:37:01 | 130,558,072 | -H-- | C] (AMD Inc.) -- C:\Users\Home\Desktop\amd_catalyst_11.4_preview_win7_march7.exe
[2011.03.21 18:20:09 | 000,000,000 | -H-D | C] -- C:\02_Firefox 4
[2011.03.21 16:53:49 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Local\{46165FC5-206D-47B0-BA5E-B4EFF02AEA53}
[2011.03.20 18:55:46 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Local\{59B35DCD-AA0C-41D6-A28B-EEDEDB72C3D4}
[2011.03.18 09:20:19 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Local\{0991A4E6-A423-4115-ABD3-FAEDF2ACD519}
[2011.03.17 10:58:49 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Local\{AA3CBA32-6312-40BD-816B-24DAA5686311}
[2011.03.16 22:58:25 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Local\{C51AF6C8-78D5-465F-A5B1-3B7FBC9FF8AD}
[2011.03.16 10:58:00 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Local\{943CEB96-89EC-485D-868A-A54433AE75AC}
[2011.03.15 21:06:20 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Local\{6F9DC976-DB9A-4E61-A4F9-4DD3DEB73855}
[2011.03.15 14:32:45 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2011.03.15 14:32:45 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll
[2011.03.15 14:32:45 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011.03.15 14:32:45 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.03.15 14:32:45 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011.03.15 14:32:45 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011.03.15 14:32:45 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011.03.15 14:32:45 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll
[2011.03.15 14:32:45 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.03.15 14:32:45 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011.03.15 14:32:45 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll
[2011.03.15 14:32:45 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2011.03.15 14:32:45 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.03.15 14:32:45 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2011.03.15 14:32:45 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2011.03.15 14:32:45 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll
[2011.03.15 14:32:45 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2011.03.15 14:32:45 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2011.03.15 14:32:45 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011.03.15 14:32:45 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2011.03.15 14:32:45 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011.03.15 14:32:45 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011.03.15 14:32:45 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2011.03.15 14:32:45 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2011.03.15 14:32:45 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2011.03.15 14:32:45 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011.03.15 14:32:45 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2011.03.15 14:32:45 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2011.03.15 14:32:45 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2011.03.15 14:32:45 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011.03.15 14:32:45 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011.03.15 14:32:45 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.03.15 14:32:45 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2011.03.15 14:32:45 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2011.03.15 14:32:45 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2011.03.15 14:32:45 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2011.03.15 14:32:45 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll
[2011.03.15 14:32:45 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011.03.15 14:32:45 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011.03.15 14:32:45 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011.03.15 14:32:44 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2011.03.15 14:32:44 | 002,303,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.03.15 14:32:44 | 001,492,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011.03.15 14:32:44 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.03.15 14:32:44 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011.03.15 14:32:44 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011.03.15 14:32:44 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2011.03.15 14:32:44 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2011.03.15 14:32:44 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011.03.15 14:32:44 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2011.03.15 14:32:44 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2011.03.15 14:32:44 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.03.15 14:32:44 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.03.15 14:32:44 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2011.03.15 14:32:44 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2011.03.15 14:32:44 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2011.03.15 14:32:44 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2011.03.15 14:32:44 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2011.03.15 14:32:44 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2011.03.15 14:32:44 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2011.03.15 14:32:44 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011.03.15 14:32:44 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2011.03.15 14:32:44 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2011.03.15 14:32:44 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2011.03.15 14:32:44 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2011.03.15 14:32:44 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.03.15 14:32:44 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2011.03.15 14:32:44 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2011.03.15 14:32:44 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2011.03.15 14:32:44 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2011.03.15 14:32:44 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2011.03.15 14:32:44 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2011.03.15 14:32:44 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2011.03.15 14:32:44 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2011.03.15 14:32:44 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2011.03.15 14:32:44 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011.03.15 14:32:44 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2011.03.15 14:32:44 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011.03.15 09:05:56 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Local\{4BD3BF27-1915-4107-89CD-D6A10590BE82}
[2011.03.14 22:18:36 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
[2011.03.14 20:09:51 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Local\{7DFD24B1-0144-4FEB-80AB-B99A505207CC}
[2011.03.14 17:12:27 | 000,000,000 | -H-D | C] -- C:\ProgramData\DATA BECKER Downloads
[2011.03.14 17:12:20 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\ProtectDisc Driver Installer
[2011.03.14 17:12:20 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Roaming\ProtectDisc
[2011.03.14 17:12:15 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\DATA BECKER Shared
[2011.03.14 17:12:01 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\DATA BECKER Druckereien
[2011.03.14 17:09:47 | 000,000,000 | -H-D | C] -- C:\Users\Home\Documents\DATA BECKER Druckereien
[2011.03.14 15:12:26 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011.03.14 08:09:27 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Local\{DC89B2A9-264B-4F81-8C4C-A3DCA80C2FA4}
[2011.03.13 14:43:24 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Local\{00088B49-E35A-4F39-9BF2-98A86B6EFEBA}
[2011.03.12 16:08:13 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Local\{BF71CB55-630C-46C2-8DBC-C7DF5957FE81}
[2011.03.11 15:13:01 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Local\{9B08A633-23A3-4F06-96F8-C8B8C24CE706}
[2011.03.10 16:09:34 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Local\{ECA9DA4F-4490-4AE4-88B3-50F06197EFD2}
[2011.03.09 16:45:10 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2011.03.09 16:45:10 | 001,076,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll
[2011.03.09 16:45:10 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2011.03.09 16:45:10 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll
[2011.03.09 16:44:55 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2011.03.09 16:44:55 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2011.03.09 16:44:55 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2011.03.09 16:44:55 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011.03.09 16:44:55 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2011.03.09 16:44:55 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011.03.09 16:44:55 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2011.03.09 16:44:55 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2011.03.09 16:28:22 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Local\{754BB742-7C87-445C-921F-E6E0FF1E8BDC}
[2011.03.08 15:54:17 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Local\{B5AF446F-135B-434A-83D0-57DA4FD373EE}
[2011.03.07 15:51:14 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Local\{32F96F9C-D97C-4E1A-8E49-3C1F387A8E2D}
[2011.03.06 23:26:50 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Local\{3F69CA4D-7F74-4A55-ADF7-09AA265DCA16}
[2011.03.06 11:26:25 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Local\{4D1FE0D4-DDCB-4106-843D-C07EEFB14E0F}
[2011.03.05 14:46:42 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Local\{C80DD5E6-63A4-43E5-9CB4-F273EB8A7CE9}
[2011.03.05 02:46:06 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Local\{D91F2801-2F01-43EF-8993-47AFEEFF5412}
[2011.03.04 21:01:44 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Roaming\DivX
[2011.03.04 21:01:29 | 000,000,000 | -H-D | C] -- C:\Windows\SysWow64\custom matrices
[2011.03.04 21:01:27 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack
[2011.03.04 21:01:27 | 000,000,000 | -H-D | C] -- C:\Windows\SysWow64\QuickTime
[2011.03.04 21:01:27 | 000,000,000 | -H-D | C] -- C:\Windows\SysWow64\C2MP
[2011.03.04 20:58:15 | 000,000,000 | -H-D | C] -- C:\Users\Home\Documents\HyperCam3
[2011.03.04 20:56:40 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HyperCam 3
[2011.03.04 20:56:39 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\Solveig Multimedia
[2011.03.04 14:45:42 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Local\{B3A133DB-0D0F-491D-BF08-DBCD95247E80}
[2011.03.03 16:51:33 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2011.03.03 16:23:48 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Local\{786B9E37-26B4-4347-BA7A-13ECE9120C7B}
[2011.03.02 23:58:26 | 000,000,000 | -H-D | C] -- C:\Users\Public\Documents\microsoft
[2011.03.02 23:58:17 | 000,000,000 | -H-D | C] -- C:\Users\Home\Documents\My Games
[2011.03.02 23:47:39 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2011.03.02 23:47:39 | 000,528,216 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2011.03.02 23:47:39 | 000,238,936 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2011.03.02 23:47:39 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2011.03.02 23:47:39 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2011.03.02 23:47:39 | 000,074,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2011.03.02 23:47:10 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2011.03.02 23:47:08 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2011.03.02 23:46:58 | 000,000,000 | -H-D | C] -- C:\Windows\SysWow64\xlive
[2011.03.02 23:46:57 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2011.03.02 15:51:14 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Local\{9D6D91FF-0D72-4E1C-9E0B-77CA884D7FC8}
[2011.03.01 18:41:16 | 000,000,000 | -H-D | C] -- C:\ProgramData\Electronic Arts
[2011.03.01 18:41:16 | 000,000,000 | -H-D | C] -- C:\ProgramData\EA Core
[2011.03.01 18:39:45 | 000,000,000 | -H-D | C] -- C:\09_Crysis 2 Demo
[2011.03.01 16:04:27 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Local\{DD581877-3381-450C-9B22-09E9429AEA1B}
[2011.02.28 18:53:49 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Local\LogiShrd
[2011.02.28 18:52:32 | 000,018,960 | ---- | C] (Logitech, Inc.) -- C:\Windows\SysNative\drivers\LNonPnP.sys
[2011.02.28 18:52:25 | 000,000,000 | -H-D | C] -- C:\Users\Public\Documents\LogiShrd
[2011.02.28 18:51:36 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Roaming\Logitech
[2011.02.28 18:51:36 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Roaming\Logishrd
[2011.02.28 17:07:36 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Local\{42C87723-0381-4CBA-AA46-7B04BFCAAFEA}
[2011.02.28 00:06:15 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Local\{94997DC0-7F2F-4F98-9F24-246C3C6B776B}
[2011.02.27 19:07:00 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus
[2011.02.27 19:06:56 | 000,000,000 | -H-D | C] -- C:\Programme\Microsoft IntelliPoint
[2011.02.27 12:05:51 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Local\{E2EB5F2D-C4F5-45EC-88D0-5B3C9E7E0AF1}
[2011.02.27 10:28:06 | 009,319,424 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2011.02.27 06:05:08 | 017,468,416 | -H-- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2011.02.27 05:39:52 | 000,147,456 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2011.02.27 05:36:22 | 000,480,256 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2011.02.27 05:35:50 | 000,203,776 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2011.02.27 05:34:52 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2011.02.27 05:34:28 | 000,356,352 | -H-- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\atipdlxx.dll
[2011.02.27 05:34:20 | 000,278,528 | -H-- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\Oemdspif.dll
[2011.02.27 05:34:16 | 000,016,384 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2011.02.27 05:34:12 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2011.02.27 05:34:06 | 000,043,520 | -H-- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2011.02.27 05:11:48 | 001,208,320 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6v.dll
[2011.02.27 05:11:16 | 001,912,832 | -H-- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdmv.dll
[2011.02.27 05:08:34 | 000,051,200 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2011.02.27 05:08:32 | 000,046,080 | -H-- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2011.02.27 05:08:22 | 000,044,544 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2011.02.27 05:08:20 | 000,044,032 | -H-- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2011.02.27 05:08:10 | 007,466,496 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2011.02.27 05:04:26 | 006,097,920 | -H-- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2011.02.27 05:00:08 | 000,258,048 | -H-- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2011.02.27 04:59:56 | 000,012,800 | -H-- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2011.02.27 04:59:56 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2011.02.27 04:59:48 | 000,032,768 | -H-- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2011.02.27 04:59:42 | 000,303,616 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2011.02.27 04:53:14 | 000,053,760 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2011.02.27 04:53:14 | 000,053,760 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2011.02.27 04:53:10 | 000,052,736 | -H-- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2011.02.27 04:53:10 | 000,052,736 | -H-- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2011.02.27 04:05:00 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2011.02.27 00:55:46 | 000,053,760 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2011.02.27 00:55:42 | 000,051,712 | -H-- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011.02.27 00:55:34 | 016,066,048 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl64.dll
[2011.02.27 00:55:22 | 012,339,712 | -H-- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl.dll
[2011.02.26 21:51:23 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Local\{2D93F5AC-D901-4286-BE25-8D334570AE19}
[2011.02.26 18:52:53 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Local\{0C956BB3-BAA3-4672-A1E8-92B214C55722}
[2011.02.26 18:12:24 | 000,162,816 | -H-- | C] (Firelight Technologies Pty, Ltd) -- C:\Windows\SysWow64\fmod.dll
[2011.02.26 17:37:42 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eXtreme Movie Manager 7
[2011.02.26 09:50:57 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Local\{09F0A184-F418-4B7D-9E78-2C4D0CD1EB6B}
[2011.02.25 14:30:30 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Local\{867B548D-96B2-4967-B10A-FD8CA011112B}
[2011.02.24 15:59:40 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Local\{C9EF1D7C-4580-42BF-AB5D-7402721BC289}
[2011.02.23 17:52:12 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Local\{C08198E3-B06C-48E9-A701-4A0930A622E7}
[2011.02.23 07:30:03 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Local\{D828E7D5-0815-4360-A5E1-92B926AC828D}
[2011.02.22 21:57:00 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2011.02.22 21:56:35 | 000,000,000 | -H-D | C] -- C:\Windows\Minidump
[2011.02.22 21:53:37 | 000,000,000 | -H-D | C] -- C:\ce2ee1e7a44e3ff6682b2e4c15a161
[2011.02.22 21:53:37 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2011.02.22 21:52:45 | 004,514,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpc.exe
[2011.02.22 21:52:45 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2011.02.22 21:52:45 | 000,048,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2011.02.22 21:52:41 | 002,264,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VPCWizard.exe
[2011.02.22 21:52:41 | 001,369,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VPCSettings.exe
[2011.02.22 21:52:41 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2011.02.22 21:52:41 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VMCPropertyHandler.dll
[2011.02.22 21:52:40 | 001,210,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VMWindow.exe
[2011.02.22 21:52:40 | 000,936,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vmsal.exe
[2011.02.22 21:52:39 | 005,563,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011.02.22 21:52:39 | 000,360,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcvmm.sys
[2011.02.22 21:52:38 | 003,715,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2011.02.22 21:52:38 | 001,838,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2011.02.22 21:52:38 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2011.02.22 21:52:38 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2011.02.22 21:52:36 | 003,215,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2011.02.22 21:52:35 | 001,171,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10warp.dll
[2011.02.22 21:52:35 | 001,109,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2011.02.22 21:52:35 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2011.02.22 21:52:35 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2011.02.22 21:52:35 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tssrvlic.dll
[2011.02.22 21:52:34 | 000,629,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pmcsnap.dll
[2011.02.22 21:52:33 | 014,633,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2011.02.22 21:52:33 | 002,314,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2011.02.22 21:52:33 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2011.02.22 21:52:33 | 000,793,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vmsal.exe
[2011.02.22 21:52:32 | 004,120,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2011.02.22 21:52:32 | 003,205,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmcndmgr.dll
[2011.02.22 21:52:32 | 003,008,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xpsservices.dll
[2011.02.22 21:52:32 | 001,731,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2011.02.22 21:52:32 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2011.02.22 21:52:32 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2011.02.22 21:52:32 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2011.02.22 21:52:32 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2011.02.22 21:52:32 | 000,359,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2011.02.22 21:52:31 | 001,219,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2011.02.22 21:52:31 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2011.02.22 21:52:31 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2011.02.22 21:52:30 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2011.02.22 21:52:30 | 002,086,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2011.02.22 21:52:30 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2011.02.22 21:52:30 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwizui.dll
[2011.02.22 21:52:30 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ppcsnap.dll
[2011.02.22 21:52:30 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PushPrinterConnections.exe
[2011.02.22 21:52:29 | 003,966,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011.02.22 21:52:29 | 003,207,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2011.02.22 21:52:29 | 001,866,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll
[2011.02.22 21:52:29 | 001,753,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vssapi.dll
[2011.02.22 21:52:29 | 001,556,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RacEngn.dll
[2011.02.22 21:52:29 | 001,340,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diagperf.dll
[2011.02.22 21:52:29 | 001,197,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll
[2011.02.22 21:52:28 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2011.02.22 21:52:28 | 003,860,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbon.dll
[2011.02.22 21:52:28 | 002,872,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011.02.22 21:52:28 | 001,698,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2011.02.22 21:52:28 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2011.02.22 21:52:28 | 001,334,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2011.02.22 21:52:28 | 001,326,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NaturalLanguage6.dll
[2011.02.22 21:52:28 | 000,299,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcupdate_GenuineIntel.dll
[2011.02.22 21:52:27 | 003,911,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011.02.22 21:52:27 | 003,027,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVCORE.DLL
[2011.02.22 21:52:27 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2011.02.22 21:52:27 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2011.02.22 21:52:27 | 000,109,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2011.02.22 21:52:27 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2011.02.22 21:52:26 | 003,957,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSAT.exe
[2011.02.22 21:52:26 | 002,067,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d9.dll
[2011.02.22 21:52:26 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll
[2011.02.22 21:52:26 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2011.02.22 21:52:26 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2011.02.22 21:52:26 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spinstall.exe
[2011.02.22 21:52:26 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spreview.exe
[2011.02.22 21:52:26 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpdd.dll
[2011.02.22 21:52:26 | 000,194,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpchbus.sys
[2011.02.22 21:52:26 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2011.02.22 21:52:26 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcusb.sys
[2011.02.22 21:52:25 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AuthFWSnapin.dll
[2011.02.22 21:52:25 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuthFWSnapin.dll
[2011.02.22 21:52:25 | 001,115,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RacEngn.dll
[2011.02.22 21:52:25 | 000,867,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFolder.dll
[2011.02.22 21:52:24 | 003,391,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dbgeng.dll
[2011.02.22 21:52:24 | 001,632,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmcore.dll
[2011.02.22 21:52:24 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
[2011.02.22 21:52:24 | 001,456,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2011.02.22 21:52:24 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2011.02.22 21:52:24 | 000,079,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdvgumd32.dll
[2011.02.22 21:52:23 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2011.02.22 21:52:23 | 001,116,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2011.02.22 21:52:23 | 000,958,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\actxprxy.dll
[2011.02.22 21:52:23 | 000,784,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpprefcl.dll
[2011.02.22 21:52:23 | 000,750,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWorkspace.dll
[2011.02.22 21:52:23 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2011.02.22 21:52:23 | 000,244,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sqmapi.dll
[2011.02.22 21:52:22 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2011.02.22 21:52:22 | 001,927,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2011.02.22 21:52:22 | 001,900,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setupapi.dll
[2011.02.22 21:52:22 | 001,828,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d9.dll
[2011.02.22 21:52:22 | 001,281,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\werconcpl.dll
[2011.02.22 21:52:22 | 001,244,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi2fs.dll
[2011.02.22 21:52:22 | 001,212,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\propsys.dll
[2011.02.22 21:52:22 | 000,787,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2011.02.22 21:52:22 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll
[2011.02.22 21:52:22 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netlogon.dll
[2011.02.22 21:52:22 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll
[2011.02.22 21:52:22 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe
[2011.02.22 21:52:22 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcnfltr.sys
[2011.02.22 21:52:22 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PushPrinterConnections.exe
[2011.02.22 21:52:21 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certmgr.dll
[2011.02.22 21:52:21 | 001,049,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2011.02.22 21:52:21 | 001,008,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\user32.dll
[2011.02.22 21:52:21 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011.02.22 21:52:21 | 000,376,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2011.02.22 21:52:21 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2011.02.22 21:52:21 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\LSCSHostPolicy.dll
[2011.02.22 21:52:20 | 002,652,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netshell.dll
[2011.02.22 21:52:20 | 001,509,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdtctm.dll
[2011.02.22 21:52:20 | 001,371,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dwmcore.dll
[2011.02.22 21:52:20 | 000,955,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2011.02.22 21:52:20 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceApi.dll
[2011.02.22 21:52:20 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
[2011.02.22 21:52:20 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcfgx.dll
[2011.02.22 21:52:20 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appmgr.dll
[2011.02.22 21:52:20 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2011.02.22 21:52:20 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shlwapi.dll
[2011.02.22 21:52:20 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2011.02.22 21:52:20 | 000,390,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2011.02.22 21:52:20 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
[2011.02.22 21:52:20 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
[2011.02.22 21:52:20 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsmf.dll
[2011.02.22 21:52:20 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpshell.exe
[2011.02.22 21:52:20 | 000,295,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\framedynos.dll
[2011.02.22 21:52:20 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2011.02.22 21:52:20 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavengeui.dll
[2011.02.22 21:52:20 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tcpmonui.dll
[2011.02.22 21:52:20 | 000,000,000 | -H-D | C] -- C:\spy.qwas
[2011.02.22 21:52:19 | 002,543,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpdshext.dll
[2011.02.22 21:52:19 | 002,055,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Query.dll
[2011.02.22 21:52:19 | 001,572,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2011.02.22 21:52:19 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2011.02.22 21:52:19 | 000,800,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2011.02.22 21:52:19 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2011.02.22 21:52:19 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TSWorkspace.dll
[2011.02.22 21:52:19 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comdlg32.dll
[2011.02.22 21:52:19 | 000,481,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpps.dll
[2011.02.22 21:52:19 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsm.exe
[2011.02.22 21:52:19 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apphelp.dll
[2011.02.22 21:52:19 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2011.02.22 21:52:19 | 000,297,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ws2_32.dll
[2011.02.22 21:52:19 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsmf.dll
[2011.02.22 21:52:19 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2011.02.22 21:52:19 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3api.dll
[2011.02.22 21:52:18 | 002,522,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dbgeng.dll
[2011.02.22 21:52:18 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2011.02.22 21:52:18 | 001,190,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2011.02.22 21:52:18 | 001,098,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Vault.dll
[2011.02.22 21:52:18 | 000,897,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\azroles.dll
[2011.02.22 21:52:18 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2011.02.22 21:52:18 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samsrv.dll
[2011.02.22 21:52:18 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2011.02.22 21:52:18 | 000,653,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpksetup.exe
[2011.02.22 21:52:18 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2011.02.22 21:52:18 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2011.02.22 21:52:18 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2011.02.22 21:52:18 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcfgx.dll
[2011.02.22 21:52:18 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmd.exe
[2011.02.22 21:52:18 | 000,281,600 | ---- | C] (Microsoft) -- C:\Windows\SysNative\DShowRdpFilter.dll
[2011.02.22 21:52:18 | 000,266,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QAGENT.DLL
[2011.02.22 21:52:18 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpclip.exe
[2011.02.22 21:52:17 | 002,151,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmcndmgr.dll
[2011.02.22 21:52:17 | 001,808,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pnidui.dll
[2011.02.22 21:52:17 | 001,363,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Query.dll
[2011.02.22 21:52:17 | 001,158,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webservices.dll
[2011.02.22 21:52:17 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2011.02.22 21:52:17 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ipsmsnap.dll
[2011.02.22 21:52:17 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpprefcl.dll
[2011.02.22 21:52:17 | 000,582,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sxs.dll
[2011.02.22 21:52:17 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll
[2011.02.22 21:52:17 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfds.dll
[2011.02.22 21:52:17 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2011.02.22 21:52:17 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wldap32.dll
[2011.02.22 21:52:17 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcbuilder.exe
[2011.02.22 21:52:17 | 000,252,928 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\DShowRdpFilter.dll
[2011.02.22 21:52:17 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscobj.dll
[2011.02.22 21:52:17 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hgprint.dll
[2011.02.22 21:52:17 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll
[2011.02.22 21:52:17 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2011.02.22 21:52:17 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp.dll
[2011.02.22 21:52:17 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2011.02.22 21:52:16 | 001,792,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2011.02.22 21:52:16 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certmgr.dll
[2011.02.22 21:52:16 | 001,243,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMNetMgr.dll
[2011.02.22 21:52:16 | 001,009,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcmde.dll
[2011.02.22 21:52:16 | 000,933,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sqlsrv32.dll
[2011.02.22 21:52:16 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2fs.dll
[2011.02.22 21:52:16 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceApi.dll
[2011.02.22 21:52:16 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2011.02.22 21:52:16 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2011.02.22 21:52:16 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fveapi.dll
[2011.02.22 21:52:16 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdrm.dll
[2011.02.22 21:52:16 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2011.02.22 21:52:16 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe
[2011.02.22 21:52:16 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsta.dll
[2011.02.22 21:52:16 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mcbuilder.exe
[2011.02.22 21:52:16 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prncache.dll
[2011.02.22 21:52:16 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3api.dll
[2011.02.22 21:52:15 | 001,712,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xpsservices.dll
[2011.02.22 21:52:15 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanpref.dll
[2011.02.22 21:52:15 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2011.02.22 21:52:15 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpnike.dll
[2011.02.22 21:52:15 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2011.02.22 21:52:15 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1core.dll
[2011.02.22 21:52:15 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\userenv.dll
[2011.02.22 21:52:14 | 002,262,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SyncCenter.dll
[2011.02.22 21:52:14 | 002,072,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPEncEn.dll
[2011.02.22 21:52:14 | 001,082,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppobjs.dll
[2011.02.22 21:52:14 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2011.02.22 21:52:14 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\evr.dll
[2011.02.22 21:52:14 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpeffects.dll
[2011.02.22 21:52:14 | 000,501,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSATAPI.dll
[2011.02.22 21:52:14 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2011.02.22 21:52:14 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2011.02.22 21:52:14 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2011.02.22 21:52:14 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\photowiz.dll
[2011.02.22 21:52:14 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmd.exe
[2011.02.22 21:52:14 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfds.dll
[2011.02.22 21:52:14 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
[2011.02.22 21:52:14 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\framedyn.dll
[2011.02.22 21:52:14 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2011.02.22 21:52:14 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vmicsvc.exe
[2011.02.22 21:52:14 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\framedynos.dll
[2011.02.22 21:52:14 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tscfgwmi.dll
[2011.02.22 21:52:14 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpinit.exe
[2011.02.22 21:52:14 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fde.dll
[2011.02.22 21:52:14 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tspubwmi.dll
[2011.02.22 21:52:13 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localsec.dll
[2011.02.22 21:52:13 | 000,503,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi2.dll
[2011.02.22 21:52:13 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netdiagfx.dll
[2011.02.22 21:52:13 | 000,298,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcryptprimitives.dll
[2011.02.22 21:52:13 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\stobject.dll
[2011.02.22 21:52:13 | 000,253,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tcpipcfg.dll
[2011.02.22 21:52:13 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spp.dll
[2011.02.22 21:52:13 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QSHVHOST.DLL
[2011.02.22 21:52:13 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
[2011.02.22 21:52:13 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetpp.dll
[2011.02.22 21:52:13 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netid.dll
[2011.02.22 21:52:13 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2011.02.22 21:52:13 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp.dll
[2011.02.22 21:52:13 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2011.02.22 21:52:12 | 002,755,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\themeui.dll
[2011.02.22 21:52:12 | 002,746,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2011.02.22 21:52:12 | 001,050,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printui.dll
[2011.02.22 21:52:12 | 000,762,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\azroles.dll
[2011.02.22 21:52:12 | 000,571,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mspbda.dll
[2011.02.22 21:52:12 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
[2011.02.22 21:52:12 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\biocpl.dll
[2011.02.22 21:52:12 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscui.dll
[2011.02.22 21:52:12 | 000,477,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PhotoScreensaver.scr
[2011.02.22 21:52:12 | 000,378,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msinfo32.exe
[2011.02.22 21:52:12 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appmgr.dll
[2011.02.22 21:52:12 | 000,337,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2011.02.22 21:52:12 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wusa.exe
[2011.02.22 21:52:12 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scansetting.dll
[2011.02.22 21:52:12 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\credui.dll
[2011.02.22 21:52:12 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2011.02.22 21:52:12 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IPHLPAPI.DLL
[2011.02.22 21:52:12 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aitagent.exe
[2011.02.22 21:52:12 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2011.02.22 21:52:11 | 003,211,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2011.02.22 21:52:11 | 000,934,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FirewallControlPanel.dll
[2011.02.22 21:52:11 | 000,854,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dbghelp.dll
[2011.02.22 21:52:11 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscms.dll
[2011.02.22 21:52:11 | 000,577,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AdmTmpl.dll
[2011.02.22 21:52:11 | 000,508,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxgi.dll
[2011.02.22 21:52:11 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winspool.drv
[2011.02.22 21:52:11 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wisptis.exe
[2011.02.22 21:52:11 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
[2011.02.22 21:52:11 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll
[2011.02.22 21:52:11 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2011.02.22 21:52:11 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
[2011.02.22 21:52:11 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ocsetup.exe
[2011.02.22 21:52:11 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll
[2011.02.22 21:52:11 | 000,144,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\basecsp.dll
[2011.02.22 21:52:10 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbon.dll
[2011.02.22 21:52:10 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2011.02.22 21:52:10 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmsys.cpl
[2011.02.22 21:52:10 | 000,780,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ci.dll
[2011.02.22 21:52:10 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sqlsrv32.dll
[2011.02.22 21:52:10 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\calc.exe
[2011.02.22 21:52:10 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2011.02.22 21:52:10 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\evr.dll
[2011.02.22 21:52:10 | 000,459,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DXP.dll
[2011.02.22 21:52:10 | 000,418,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppwinob.dll
[2011.02.22 21:52:10 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eapp3hst.dll
[2011.02.22 21:52:10 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WinSATAPI.dll
[2011.02.22 21:52:10 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eapphost.dll
[2011.02.22 21:52:10 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\upnp.dll
[2011.02.22 21:52:10 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mprapi.dll
[2011.02.22 21:52:10 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cfgmgr32.dll
[2011.02.22 21:52:10 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ocsetapi.dll
[2011.02.22 21:52:10 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2011.02.22 21:52:10 | 000,128,000 | ---- | C] (Microsoft) -- C:\Windows\SysNative\Robocopy.exe
[2011.02.22 21:52:10 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\thumbcache.dll
[2011.02.22 21:52:10 | 000,078,720 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\HpSAMD.sys
[2011.02.22 21:52:09 | 002,494,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netshell.dll
[2011.02.22 21:52:09 | 001,457,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DxpTaskSync.dll
[2011.02.22 21:52:09 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSMPEG2ENC.DLL
[2011.02.22 21:52:09 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PerfCenterCPL.dll
[2011.02.22 21:52:09 | 000,263,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hal.dll
[2011.02.22 21:52:09 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scecli.dll
[2011.02.22 21:52:09 | 000,179,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys
[2011.02.22 21:52:09 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmredir.dll
[2011.02.22 21:52:09 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2011.02.22 21:52:08 | 002,851,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themeui.dll
[2011.02.22 21:52:08 | 002,341,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msi.dll
[2011.02.22 21:52:08 | 001,363,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdc.dll
[2011.02.22 21:52:08 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2011.02.22 21:52:08 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdengin2.dll
[2011.02.22 21:52:08 | 000,932,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\printui.dll
[2011.02.22 21:52:08 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msftedit.dll
[2011.02.22 21:52:08 | 000,675,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DXPTaskRingtone.dll
[2011.02.22 21:52:08 | 000,568,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrptadm.dll
[2011.02.22 21:52:08 | 000,475,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlangpui.dll
[2011.02.22 21:52:08 | 000,429,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\puiobj.dll
[2011.02.22 21:52:08 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scesrv.dll
[2011.02.22 21:52:08 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpeffects.dll
[2011.02.22 21:52:08 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scansetting.dll
[2011.02.22 21:52:08 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2011.02.22 21:52:08 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\onex.dll
[2011.02.22 21:52:08 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2011.02.22 21:52:08 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\net1.exe
[2011.02.22 21:52:08 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2011.02.22 21:52:08 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2011.02.22 21:52:08 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prncache.dll
[2011.02.22 21:52:08 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2011.02.22 21:52:07 | 002,621,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2011.02.22 21:52:07 | 002,504,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVCORE.DLL
[2011.02.22 21:52:07 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcenter.dll
[2011.02.22 21:52:07 | 000,691,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VAN.dll
[2011.02.22 21:52:07 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2011.02.22 21:52:07 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wiadefui.dll
[2011.02.22 21:52:07 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlangpui.dll
[2011.02.22 21:52:07 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SndVol.exe
[2011.02.22 21:52:07 | 000,239,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dskquoui.dll
[2011.02.22 21:52:07 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MMDevAPI.dll
[2011.02.22 21:52:07 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QSHVHOST.DLL
[2011.02.22 21:52:07 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2011.02.22 21:52:07 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\regapi.dll
[2011.02.22 21:52:07 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\davclnt.dll
[2011.02.22 21:52:07 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samcli.dll
[2011.02.22 21:52:07 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
[2011.02.22 21:52:06 | 002,311,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpdshext.dll
[2011.02.22 21:52:06 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SyncCenter.dll
[2011.02.22 21:52:06 | 001,750,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pnidui.dll
[2011.02.22 21:52:06 | 000,782,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webservices.dll
[2011.02.22 21:52:06 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appwiz.cpl
[2011.02.22 21:52:06 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TabletPC.cpl
[2011.02.22 21:52:06 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2011.02.22 21:52:06 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2011.02.22 21:52:06 | 000,464,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrptadm.dll
[2011.02.22 21:52:06 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rastls.dll
[2011.02.22 21:52:06 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srchadmin.dll
[2011.02.22 21:52:06 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hgcpl.dll
[2011.02.22 21:52:06 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\clusapi.dll
[2011.02.22 21:52:06 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msconfig.exe
[2011.02.22 21:52:06 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2011.02.22 21:52:06 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netdiagfx.dll
[2011.02.22 21:52:06 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netiohlp.dll
[2011.02.22 21:52:06 | 000,166,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\basecsp.dll
[2011.02.22 21:52:06 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscobj.dll
[2011.02.22 21:52:06 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WinSCard.dll
[2011.02.22 21:52:06 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fde.dll
[2011.02.22 21:52:06 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2011.02.22 21:52:06 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2011.02.22 21:52:06 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QUTIL.DLL
[2011.02.22 21:52:06 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setupcl.exe
[2011.02.22 21:52:06 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2011.02.22 21:52:06 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
[2011.02.22 21:52:06 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsmproxy.dll
[2011.02.22 21:52:06 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mimefilt.dll
[2011.02.22 21:52:05 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2011.02.22 21:52:05 | 000,974,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WFS.exe
[2011.02.22 21:52:05 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPEG2ENC.DLL
[2011.02.22 21:52:05 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2011.02.22 21:52:05 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayCpl.dll
[2011.02.22 21:52:05 | 000,633,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\riched20.dll
[2011.02.22 21:52:05 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DXPTaskRingtone.dll
[2011.02.22 21:52:05 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2.dll
[2011.02.22 21:52:05 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mtxclu.dll
[2011.02.22 21:52:05 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winsta.dll
[2011.02.22 21:52:05 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscmmc.dll
[2011.02.22 21:52:05 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdeploy.dll
[2011.02.22 21:52:05 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2011.02.22 21:52:05 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2011.02.22 21:52:04 | 002,250,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SensorsCpl.dll
[2011.02.22 21:52:04 | 002,193,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themecpl.dll
[2011.02.22 21:52:04 | 001,624,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPEncEn.dll
[2011.02.22 21:52:04 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Narrator.exe
[2011.02.22 21:52:04 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autoconv.exe
[2011.02.22 21:52:04 | 000,777,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autochk.exe
[2011.02.22 21:52:04 | 000,763,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autofmt.exe
[2011.02.22 21:52:04 | 000,679,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autoconv.exe
[2011.02.22 21:52:04 | 000,668,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autochk.exe
[2011.02.22 21:52:04 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2011.02.22 21:52:04 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autofmt.exe
[2011.02.22 21:52:04 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2011.02.22 21:52:04 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powercpl.dll
[2011.02.22 21:52:04 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshipsec.dll
[2011.02.22 21:52:04 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ipsmsnap.dll
[2011.02.22 21:52:04 | 000,359,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eudcedit.exe
[2011.02.22 21:52:04 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sharemediacpl.dll
[2011.02.22 21:52:04 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Faultrep.dll
[2011.02.22 21:52:04 | 000,303,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msinfo32.exe
[2011.02.22 21:52:04 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\srchadmin.dll
[2011.02.22 21:52:04 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppcomapi.dll
[2011.02.22 21:52:04 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\onex.dll
[2011.02.22 21:52:04 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AudioSes.dll
[2011.02.22 21:52:04 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netjoin.dll
[2011.02.22 21:52:04 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logoncli.dll
[2011.02.22 21:52:04 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tcpipcfg.dll
[2011.02.22 21:52:04 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe
[2011.02.22 21:52:04 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msutb.dll
[2011.02.22 21:52:04 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netiohlp.dll
[2011.02.22 21:52:04 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2011.02.22 21:52:04 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shsetup.dll
[2011.02.22 21:52:04 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\audiodg.exe
[2011.02.22 21:52:04 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2011.02.22 21:52:04 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IPHLPAPI.DLL
[2011.02.22 21:52:04 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nci.dll
[2011.02.22 21:52:04 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\regapi.dll
[2011.02.22 21:52:04 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hbaapi.dll
[2011.02.22 21:52:04 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RpcRtRemote.dll
[2011.02.22 21:52:04 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mimefilt.dll
[2011.02.22 21:52:04 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpnikeapi.dll
[2011.02.22 21:52:04 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\proquota.exe
[2011.02.22 21:52:03 | 001,264,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdclt.exe
[2011.02.22 21:52:03 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdc.dll
[2011.02.22 21:52:03 | 001,066,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Display.dll
[2011.02.22 21:52:03 | 000,905,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmsys.cpl
[2011.02.22 21:52:03 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontext.dll
[2011.02.22 21:52:03 | 000,749,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\batmeter.dll
[2011.02.22 21:52:03 | 000,665,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AuxiliaryDisplayCpl.dll
[2011.02.22 21:52:03 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2011.02.22 21:52:03 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpd_ci.dll
[2011.02.22 21:52:03 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2011.02.22 21:52:03 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powercpl.dll
[2011.02.22 21:52:03 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanui.dll
[2011.02.22 21:52:03 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2011.02.22 21:52:03 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2011.02.22 21:52:03 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanconn.dll
[2011.02.22 21:52:03 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eapphost.dll
[2011.02.22 21:52:03 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mprddm.dll
[2011.02.22 21:52:03 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2011.02.22 21:52:03 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\framedyn.dll
[2011.02.22 21:52:03 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QAGENT.DLL
[2011.02.22 21:52:03 | 000,171,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\scsiport.sys
[2011.02.22 21:52:03 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcdsrv.dll
[2011.02.22 21:52:03 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prntvpt.dll
[2011.02.22 21:52:03 | 000,155,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscorier.dll
[2011.02.22 21:52:03 | 000,154,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscorier.dll
[2011.02.22 21:52:03 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netid.dll
[2011.02.22 21:52:03 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2011.02.22 21:52:03 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpsign.exe
[2011.02.22 21:52:03 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2011.02.22 21:52:02 | 002,217,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bootres.dll
[2011.02.22 21:52:02 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DxpTaskSync.dll
[2011.02.22 21:52:02 | 001,326,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanpref.dll
[2011.02.22 21:52:02 | 001,202,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DiagCpl.dll
[2011.02.22 21:52:02 | 001,003,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMNetMgr.dll
[2011.02.22 21:52:02 | 000,957,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mblctr.exe
[2011.02.22 21:52:02 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Vault.dll
[2011.02.22 21:52:02 | 000,812,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpccpl.dll
[2011.02.22 21:52:02 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usercpl.dll
[2011.02.22 21:52:02 | 000,433,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MCEWMDRMNDBootstrap.dll
[2011.02.22 21:52:02 | 000,372,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastls.dll
[2011.02.22 21:52:02 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\untfs.dll
[2011.02.22 21:52:02 | 000,307,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scesrv.dll
[2011.02.22 21:52:02 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ksproxy.ax
[2011.02.22 21:52:02 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskmgr.exe
[2011.02.22 21:52:02 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SndVolSSO.dll
[2011.02.22 21:52:02 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpsrcwp.dll
[2011.02.22 21:52:02 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasppp.dll
[2011.02.22 21:52:02 | 000,098,816 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\Robocopy.exe
[2011.02.22 21:52:02 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSTPager.ax
[2011.02.22 21:52:02 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nci.dll
[2011.02.22 21:52:02 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3cfg.dll
[2011.02.22 21:52:02 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2011.02.22 21:52:02 | 000,052,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\winhv.sys
[2011.02.22 21:52:01 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Display.dll
[2011.02.22 21:52:01 | 000,416,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prnfldr.dll
[2011.02.22 21:52:01 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\termmgr.dll
[2011.02.22 21:52:01 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\puiobj.dll
[2011.02.22 21:52:01 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mtxclu.dll
[2011.02.22 21:52:01 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pdh.dll
[2011.02.22 21:52:01 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eudcedit.exe
[2011.02.22 21:52:01 | 000,279,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxdiagn.dll
[2011.02.22 21:52:01 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskmgr.exe
[2011.02.22 21:52:01 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssphtb.dll
[2011.02.22 21:52:01 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2011.02.22 21:52:01 | 000,155,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys
[2011.02.22 21:52:01 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
[2011.02.22 21:52:01 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDShServiceObj.dll
[2011.02.22 21:52:01 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hbaapi.dll
[2011.02.22 21:52:01 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\proquota.exe
[2011.02.22 21:52:00 | 003,745,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\accessibilitycpl.dll
[2011.02.22 21:52:00 | 002,202,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SensorsCpl.dll
[2011.02.22 21:52:00 | 002,157,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\themecpl.dll
[2011.02.22 21:52:00 | 000,856,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FirewallControlPanel.dll
[2011.02.22 21:52:00 | 000,649,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appwiz.cpl
[2011.02.22 21:52:00 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wiadefui.dll
[2011.02.22 21:52:00 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PhotoScreensaver.scr
[2011.02.22 21:52:00 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\untfs.dll
[2011.02.22 21:52:00 | 000,366,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\zipfldr.dll
[2011.02.22 21:52:00 | 000,349,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slui.exe
[2011.02.22 21:52:00 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
[2011.02.22 21:52:00 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hgcpl.dll
[2011.02.22 21:52:00 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSAC3ENC.DLL
[2011.02.22 21:52:00 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\defaultlocationcpl.dll
[2011.02.22 21:52:00 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2011.02.22 21:52:00 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sppcomapi.dll
[2011.02.22 21:52:00 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasppp.dll
[2011.02.22 21:52:00 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2011.02.22 21:52:00 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2011.02.22 21:52:00 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logoncli.dll
[2011.02.22 21:52:00 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shsetup.dll
[2011.02.22 21:52:00 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscmmc.dll
[2011.02.22 21:52:00 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpchbuspipe.dll
[2011.02.22 21:51:59 | 002,146,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkmap.dll
[2011.02.22 21:51:59 | 001,065,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptui.dll
[2011.02.22 21:51:59 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontext.dll
[2011.02.22 21:51:59 | 000,780,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ActionCenter.dll
[2011.02.22 21:51:59 | 000,769,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sud.dll
[2011.02.22 21:51:59 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DeviceCenter.dll
[2011.02.22 21:51:59 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscms.dll
[2011.02.22 21:51:59 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\localsec.dll
[2011.02.22 21:51:59 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2011.02.22 21:51:59 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mprddm.dll
[2011.02.22 21:51:59 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskbarcpl.dll
[2011.02.22 21:51:59 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OnLineIDCpl.dll
[2011.02.22 21:51:59 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SndVolSSO.dll
[2011.02.22 21:51:59 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scecli.dll
[2011.02.22 21:51:59 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2011.02.22 21:51:59 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Mpeg2Data.ax
[2011.02.22 21:51:59 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscories.dll
[2011.02.22 21:51:58 | 003,727,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\accessibilitycpl.dll
[2011.02.22 21:51:58 | 002,130,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\networkmap.dll
[2011.02.22 21:51:58 | 001,644,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcenter.dll
[2011.02.22 21:51:58 | 001,003,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptui.dll
[2011.02.22 21:51:58 | 000,898,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OobeFldr.dll
[2011.02.22 21:51:58 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdcpl.dll
[2011.02.22 21:51:58 | 000,740,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\batmeter.dll
[2011.02.22 21:51:58 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthprops.cpl
[2011.02.22 21:51:58 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dsuiext.dll
[2011.02.22 21:51:58 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VAN.dll
[2011.02.22 21:51:58 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PerfCenterCPL.dll
[2011.02.22 21:51:58 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\usercpl.dll
[2011.02.22 21:51:58 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\main.cpl
[2011.02.22 21:51:58 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2011.02.22 21:51:58 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2011.02.22 21:51:58 | 000,503,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2011.02.22 21:51:58 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\azroleui.dll
[2011.02.22 21:51:58 | 000,460,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2011.02.22 21:51:58 | 000,451,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shwebsvc.dll
[2011.02.22 21:51:58 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\systemcpl.dll
[2011.02.22 21:51:58 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanmsm.dll
[2011.02.22 21:51:58 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanui.dll
[2011.02.22 21:51:58 | 000,373,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\intl.cpl
[2011.02.22 21:51:58 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwizeng.dll
[2011.02.22 21:51:58 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcdedit.exe
[2011.02.22 21:51:58 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MediaMetadataHandler.dll
[2011.02.22 21:51:58 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\zipfldr.dll
[2011.02.22 21:51:58 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SndVol.exe
[2011.02.22 21:51:58 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\azroleui.dll
[2011.02.22 21:51:58 | 000,304,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\efscore.dll
[2011.02.22 21:51:58 | 000,288,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2011.02.22 21:51:58 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\recdisc.exe
[2011.02.22 21:51:58 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSAC3ENC.DLL
[2011.02.22 21:51:58 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysclass.dll
[2011.02.22 21:51:58 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\syncui.dll
[2011.02.22 21:51:58 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VBICodec.ax
[2011.02.22 21:51:58 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netplwiz.dll
[2011.02.22 21:51:58 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adsldp.dll
[2011.02.22 21:51:58 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fvecpl.dll
[2011.02.22 21:51:58 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twext.dll
[2011.02.22 21:51:58 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netjoin.dll
[2011.02.22 21:51:58 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autoplay.dll
[2011.02.22 21:51:58 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxlib.dll
[2011.02.22 21:51:58 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\recovery.dll
[2011.02.22 21:51:58 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prntvpt.dll
[2011.02.22 21:51:58 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cca.dll
[2011.02.22 21:51:58 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\isoburn.exe
[2011.02.22 21:51:58 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2011.02.22 21:51:58 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\w32tm.exe
[2011.02.22 21:51:58 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncryptui.dll
[2011.02.22 21:51:58 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdeploy.dll
[2011.02.22 21:51:58 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tzutil.exe
[2011.02.22 21:51:58 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\httpapi.dll
[2011.02.22 21:51:58 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2011.02.22 21:51:58 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sisbkup.dll
[2011.02.22 21:51:57 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sud.dll
[2011.02.22 21:51:57 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ActionCenter.dll
[2011.02.22 21:51:57 | 000,641,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscp.dll
[2011.02.22 21:51:57 | 000,549,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ActionCenterCPL.dll
[2011.02.22 21:51:57 | 000,474,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysmon.ocx
[2011.02.22 21:51:57 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwizeng.dll
[2011.02.22 21:51:57 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\termmgr.dll
[2011.02.22 21:51:57 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prnfldr.dll
[2011.02.22 21:51:57 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sysmon.ocx
[2011.02.22 21:51:57 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Faultrep.dll
[2011.02.22 21:51:57 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wusa.exe
[2011.02.22 21:51:57 | 000,312,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MCEWMDRMNDBootstrap.dll
[2011.02.22 21:51:57 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
[2011.02.22 21:51:57 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2011.02.22 21:51:57 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\photowiz.dll
[2011.02.22 21:51:57 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sethc.exe
[2011.02.22 21:51:57 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iprtrmgr.dll
[2011.02.22 21:51:57 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MediaMetadataHandler.dll
[2011.02.22 21:51:57 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MFPlay.dll
[2011.02.22 21:51:57 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\defaultlocationcpl.dll
[2011.02.22 21:51:57 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OnLineIDCpl.dll
[2011.02.22 21:51:57 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsutil.dll
[2011.02.22 21:51:57 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2011.02.22 21:51:57 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayServices.dll
[2011.02.22 21:51:57 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntlanman.dll
[2011.02.22 21:51:57 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ksxbar.ax
[2011.02.22 21:51:56 | 000,781,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmsdk.dll
[2011.02.22 21:51:56 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2011.02.22 21:51:56 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bthprops.cpl
[2011.02.22 21:51:56 | 000,537,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ActionCenterCPL.dll
[2011.02.22 21:51:56 | 000,495,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmmgrtn.dll
[2011.02.22 21:51:56 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DeviceCenter.dll
[2011.02.22 21:51:56 | 000,446,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sqlcese30.dll
[2011.02.22 21:51:56 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shwebsvc.dll
[2011.02.22 21:51:56 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\intl.cpl
[2011.02.22 21:51:56 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ssText3d.scr
[2011.02.22 21:51:56 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\unimdm.tsp
[2011.02.22 21:51:56 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2011.02.22 21:51:56 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ReAgent.dll
[2011.02.22 21:51:56 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iTVData.dll
[2011.02.22 21:51:56 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iprtrmgr.dll
[2011.02.22 21:51:56 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2011.02.22 21:51:56 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\efscore.dll
[2011.02.22 21:51:56 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dskquoui.dll
[2011.02.22 21:51:56 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
[2011.02.22 21:51:56 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\syncui.dll
[2011.02.22 21:51:56 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ifsutil.dll
[2011.02.22 21:51:56 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autoplay.dll
[2011.02.22 21:51:56 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srvcli.dll
[2011.02.22 21:51:56 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nslookup.exe
[2011.02.22 21:51:56 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UserAccountControlSettings.dll
[2011.02.22 21:51:56 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3cfg.dll
[2011.02.22 21:51:56 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntlanman.dll
[2011.02.22 21:51:56 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSTPager.ax
[2011.02.22 21:51:56 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpd3d.dll
[2011.02.22 21:51:56 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2011.02.22 21:51:56 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2011.02.22 21:51:56 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftp.exe
[2011.02.22 21:51:56 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2011.02.22 21:51:56 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2011.02.22 21:51:56 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sisbkup.dll
[2011.02.22 21:51:56 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
[2011.02.22 21:51:55 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OobeFldr.dll
[2011.02.22 21:51:55 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\blackbox.dll
[2011.02.22 21:51:55 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2011.02.22 21:51:55 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\riched20.dll
[2011.02.22 21:51:55 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\systemcpl.dll
[2011.02.22 21:51:55 | 000,344,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntprint.dll
[2011.02.22 21:51:55 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntprint.dll
[2011.02.22 21:51:55 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srrstr.dll
[2011.02.22 21:51:55 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sethc.exe
[2011.02.22 21:51:55 | 000,255,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wavemsp.dll
[2011.02.22 21:51:55 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairingFolder.dll
[2011.02.22 21:51:55 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\activeds.dll
[2011.02.22 21:51:55 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ksproxy.ax
[2011.02.22 21:51:55 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpsrcwp.dll
[2011.02.22 21:51:55 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netplwiz.dll
[2011.02.22 21:51:55 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcdboot.exe
[2011.02.22 21:51:55 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powercfg.cpl
[2011.02.22 21:51:55 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
[2011.02.22 21:51:55 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NAPHLPR.DLL
[2011.02.22 21:51:55 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NAPHLPR.DLL
[2011.02.22 21:51:55 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppnp.dll
[2011.02.22 21:51:55 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\migisol.dll
[2011.02.22 21:51:55 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2011.02.22 21:51:55 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acppage.dll
[2011.02.22 21:51:54 | 001,911,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OpcServices.dll
[2011.02.22 21:51:54 | 001,672,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkexplorer.dll
[2011.02.22 21:51:54 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2011.02.22 21:51:54 | 000,899,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Bubbles.scr
[2011.02.22 21:51:54 | 000,840,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\blackbox.dll
[2011.02.22 21:51:54 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2011.02.22 21:51:54 | 000,685,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dsuiext.dll
[2011.02.22 21:51:54 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmdev.dll
[2011.02.22 21:51:54 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfrgui.exe
[2011.02.22 21:51:54 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wvc.dll
[2011.02.22 21:51:54 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msftedit.dll
[2011.02.22 21:51:54 | 000,586,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfrgui.exe
[2011.02.22 21:51:54 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wvc.dll
[2011.02.22 21:51:54 | 000,438,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AdmTmpl.dll
[2011.02.22 21:51:54 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanmsm.dll
[2011.02.22 21:51:54 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wimgapi.dll
[2011.02.22 21:51:54 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpdxm.dll
[2011.02.22 21:51:54 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshipsec.dll
[2011.02.22 21:51:54 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3ui.dll
[2011.02.22 21:51:54 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsqmcons.exe
[2011.02.22 21:51:54 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unimdm.tsp
[2011.02.22 21:51:54 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2011.02.22 21:51:54 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ReAgent.dll
[2011.02.22 21:51:54 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wavemsp.dll
[2011.02.22 21:51:54 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSCard.dll
[2011.02.22 21:51:54 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstask.dll
[2011.02.22 21:51:54 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2011.02.22 21:51:54 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ocsetup.exe
[2011.02.22 21:51:54 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2011.02.22 21:51:54 | 000,178,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2011.02.22 21:51:54 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationSettings.exe
[2011.02.22 21:51:54 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2011.02.22 21:51:54 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\remotepg.dll
[2011.02.22 21:51:54 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\net1.exe
[2011.02.22 21:51:54 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twext.dll
[2011.02.22 21:51:54 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kstvtune.ax
[2011.02.22 21:51:54 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabinet.dll
[2011.02.22 21:51:54 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mapistub.dll
[2011.02.22 21:51:54 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mapi32.dll
[2011.02.22 21:51:54 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\isoburn.exe
[2011.02.22 21:51:54 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wkscli.dll
[2011.02.22 21:51:54 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsnmp32.dll
[2011.02.22 21:51:54 | 000,051,200 | ---- | C] (Twain Working Group) -- C:\Windows\twain_32.dll
[2011.02.22 21:51:54 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftp.exe
[2011.02.22 21:51:54 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tzutil.exe
[2011.02.22 21:51:54 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wtsapi32.dll
[2011.02.22 21:51:54 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\httpapi.dll
[2011.02.22 21:51:54 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WerFaultSecure.exe
[2011.02.22 21:51:54 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2011.02.22 21:51:53 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmsdk.dll
[2011.02.22 21:51:53 | 000,573,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2011.02.22 21:51:53 | 000,497,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\main.cpl
[2011.02.22 21:51:53 | 000,363,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diskraid.exe
[2011.02.22 21:51:53 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsAnytimeUpgradeResults.exe
[2011.02.22 21:51:53 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ssText3d.scr
[2011.02.22 21:51:53 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\audiodev.dll
[2011.02.22 21:51:53 | 000,242,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Mystify.scr
[2011.02.22 21:51:53 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Ribbons.scr
[2011.02.22 21:51:53 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\clusapi.dll
[2011.02.22 21:51:53 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpencom.dll
[2011.02.22 21:51:53 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qasf.dll
[2011.02.22 21:51:53 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qcap.dll
[2011.02.22 21:51:53 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ifsutil.dll
[2011.02.22 21:51:53 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perfmon.exe
[2011.02.22 21:51:53 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpshell.dll
[2011.02.22 21:51:53 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvfw32.dll
[2011.02.22 21:51:53 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\uxlib.dll
[2011.02.22 21:51:53 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setupugc.exe
[2011.02.22 21:51:53 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nslookup.exe
[2011.02.22 21:51:53 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
[2011.02.22 21:51:53 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\unimdmat.dll
[2011.02.22 21:51:53 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iscsium.dll
[2011.02.22 21:51:53 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\muifontsetup.dll
[2011.02.22 21:51:53 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2011.02.22 21:51:52 | 001,232,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMADMOD.DLL
[2011.02.22 21:51:52 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\onexui.dll
[2011.02.22 21:51:52 | 001,087,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dbghelp.dll
[2011.02.22 21:51:52 | 000,666,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVSDECD.DLL
[2011.02.22 21:51:52 | 000,623,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSAPI.dll
[2011.02.22 21:51:52 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscp.dll
[2011.02.22 21:51:52 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmmgrtn.dll
[2011.02.22 21:51:52 | 000,337,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\raschap.dll
[2011.02.22 21:51:52 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wimserv.exe
[2011.02.22 21:51:52 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\raschap.dll
[2011.02.22 21:51:52 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpdxm.dll
[2011.02.22 21:51:52 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\diskraid.exe
[2011.02.22 21:51:52 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qasf.dll
[2011.02.22 21:51:52 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iTVData.dll
[2011.02.22 21:51:52 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpdwcn.dll
[2011.02.22 21:51:52 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ActionQueue.dll
[2011.02.22 21:51:52 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairingFolder.dll
[2011.02.22 21:51:52 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\input.dll
[2011.02.22 21:51:52 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpdwcn.dll
[2011.02.22 21:51:52 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsbas.dll
[2011.02.22 21:51:52 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpencom.dll
[2011.02.22 21:51:52 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ocsetapi.dll
[2011.02.22 21:51:52 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vdsbas.dll
[2011.02.22 21:51:52 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfmon.exe
[2011.02.22 21:51:52 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\remotepg.dll
[2011.02.22 21:51:52 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MdSched.exe
[2011.02.22 21:51:52 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Kswdmcap.ax
[2011.02.22 21:51:52 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wiavideo.dll
[2011.02.22 21:51:52 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2011.02.22 21:51:52 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QUTIL.DLL
[2011.02.22 21:51:52 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UserAccountControlSettings.dll
[2011.02.22 21:51:52 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tlscsp.dll
[2011.02.22 21:51:52 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe
[2011.02.22 21:51:52 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\umb.dll
[2011.02.22 21:51:52 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\runonce.exe
[2011.02.22 21:51:52 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\runonce.exe
[2011.02.22 21:51:52 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NAPCRYPT.DLL
[2011.02.22 21:51:52 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PrintIsolationProxy.dll
[2011.02.22 21:51:52 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NAPCRYPT.DLL
[2011.02.22 21:51:52 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\acppage.dll
[2011.02.22 21:51:52 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AzSqlExt.dll
[2011.02.22 21:51:52 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netutils.dll
[2011.02.22 21:51:52 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vpnikeapi.dll
[2011.02.22 21:51:52 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\syssetup.dll
[2011.02.22 21:51:51 | 000,527,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmnet.dll
[2011.02.22 21:51:51 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmdev.dll
[2011.02.22 21:51:51 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10level9.dll
[2011.02.22 21:51:51 | 000,431,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDSp.dll
[2011.02.22 21:51:51 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nltest.exe
[2011.02.22 21:51:51 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eapp3hst.dll
[2011.02.22 21:51:51 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstask.dll
[2011.02.22 21:51:51 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bitsadmin.exe
[2011.02.22 21:51:51 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxdiagn.dll
[2011.02.22 21:51:51 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bitsadmin.exe
[2011.02.22 21:51:51 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qcap.dll
[2011.02.22 21:51:51 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFPlay.dll
[2011.02.22 21:51:51 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys
[2011.02.22 21:51:51 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shacct.dll
[2011.02.22 21:51:51 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QSVRMGMT.DLL
[2011.02.22 21:51:51 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shacct.dll
[2011.02.22 21:51:51 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpshell.dll
[2011.02.22 21:51:51 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logman.exe
[2011.02.22 21:51:51 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logagent.exe
[2011.02.22 21:51:51 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tabcal.exe
[2011.02.22 21:51:51 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vss_ps.dll
[2011.02.22 21:51:51 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscapi.dll
[2011.02.22 21:51:51 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\lsmproxy.dll
[2011.02.22 21:51:50 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OpcServices.dll
[2011.02.22 21:51:50 | 001,148,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10.IME
[2011.02.22 21:51:50 | 000,978,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMSPDMOD.DLL
[2011.02.22 21:51:50 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMADMOD.DLL
[2011.02.22 21:51:50 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Bubbles.scr
[2011.02.22 21:51:50 | 000,681,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2011.02.22 21:51:50 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVSDECD.DLL
[2011.02.22 21:51:50 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmnet.dll
[2011.02.22 21:51:50 | 000,435,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceStatus.dll
[2011.02.22 21:51:50 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceStatus.dll
[2011.02.22 21:51:50 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2011.02.22 21:51:50 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WPDSp.dll
[2011.02.22 21:51:50 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msnetobj.dll
[2011.02.22 21:51:50 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2011.02.22 21:51:50 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3ui.dll
[2011.02.22 21:51:50 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sqlcese30.dll
[2011.02.22 21:51:50 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2011.02.22 21:51:50 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdv.dll
[2011.02.22 21:51:50 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msnetobj.dll
[2011.02.22 21:51:50 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdv.dll
[2011.02.22 21:51:50 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pdh.dll
[2011.02.22 21:51:50 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2011.02.22 21:51:50 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceSyncProvider.dll
[2011.02.22 21:51:50 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mystify.scr
[2011.02.22 21:51:50 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Ribbons.scr
[2011.02.22 21:51:50 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sqmapi.dll
[2011.02.22 21:51:50 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceSyncProvider.dll
[2011.02.22 21:51:50 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2011.02.22 21:51:50 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mprapi.dll
[2011.02.22 21:51:50 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imagehlp.dll
[2011.02.22 21:51:50 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VBICodec.ax
[2011.02.22 21:51:50 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EhStorAPI.dll
[2011.02.22 21:51:50 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powercfg.cpl
[2011.02.22 21:51:50 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CscMig.dll
[2011.02.22 21:51:50 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\desk.cpl
[2011.02.22 21:51:50 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EhStorAPI.dll
[2011.02.22 21:51:50 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2011.02.22 21:51:50 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2011.02.22 21:51:50 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fphc.dll
[2011.02.22 21:51:50 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3msm.dll
[2011.02.22 21:51:50 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wiavideo.dll
[2011.02.22 21:51:50 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Kswdmcap.ax
[2011.02.22 21:51:50 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sppinst.dll
[2011.02.22 21:51:50 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QSVRMGMT.DLL
[2011.02.22 21:51:50 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2011.02.22 21:51:50 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fphc.dll
[2011.02.22 21:51:50 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmstp.exe
[2011.02.22 21:51:50 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2011.02.22 21:51:50 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\amstream.dll
[2011.02.22 21:51:50 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2011.02.22 21:51:50 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kstvtune.ax
[2011.02.22 21:51:50 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logman.exe
[2011.02.22 21:51:50 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QCLIPROV.DLL
[2011.02.22 21:51:50 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spbcd.dll
[2011.02.22 21:51:50 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\olethk32.dll
[2011.02.22 21:51:50 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mapistub.dll
[2011.02.22 21:51:50 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mapi32.dll
[2011.02.22 21:51:50 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2011.02.22 21:51:50 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2011.02.22 21:51:50 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mpeg2Data.ax
[2011.02.22 21:51:50 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertPolEng.dll
[2011.02.22 21:51:50 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\takeown.exe
[2011.02.22 21:51:50 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll
[2011.02.22 21:51:50 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PnPUnattend.exe
[2011.02.22 21:51:50 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\djoin.exe
[2011.02.22 21:51:50 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncryptui.dll
[2011.02.22 21:51:50 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unimdmat.dll
[2011.02.22 21:51:50 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpd3d.dll
[2011.02.22 21:51:50 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vmictimeprovider.dll
[2011.02.22 21:51:50 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\takeown.exe
[2011.02.22 21:51:50 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shimgvw.dll
[2011.02.22 21:51:50 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2011.02.22 21:51:50 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\utildll.dll
[2011.02.22 21:51:50 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iscsium.dll
[2011.02.22 21:51:50 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\HotStartUserAgent.dll
[2011.02.22 21:51:50 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nrpsrv.dll
[2011.02.22 21:51:49 | 001,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10.IME
[2011.02.22 21:51:49 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMSPDMOD.DLL
[2011.02.22 21:51:49 | 000,434,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSTIFF.dll
[2011.02.22 21:51:49 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2011.02.22 21:51:49 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2011.02.22 21:51:49 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2011.02.22 21:51:49 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2011.02.22 21:51:49 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\itircl.dll
[2011.02.22 21:51:49 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msorcl32.dll
[2011.02.22 21:51:49 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diskpart.exe
[2011.02.22 21:51:49 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\itircl.dll
[2011.02.22 21:51:49 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iscsicli.exe
[2011.02.22 21:51:49 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppc.dll
[2011.02.22 21:51:49 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iscsicli.exe
[2011.02.22 21:51:49 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpps.dll
[2011.02.22 21:51:49 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mydocs.dll
[2011.02.22 21:51:49 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mydocs.dll
[2011.02.22 21:51:49 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\diskpart.exe
[2011.02.22 21:51:49 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BdeHdCfg.exe
[2011.02.22 21:51:49 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\desk.cpl
[2011.02.22 21:51:49 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setupcln.dll
[2011.02.22 21:51:49 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eappgnui.dll
[2011.02.22 21:51:49 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3msm.dll
[2011.02.22 21:51:49 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mobsync.exe
[2011.02.22 21:51:49 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eappgnui.dll
[2011.02.22 21:51:49 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2011.02.22 21:51:49 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2011.02.22 21:51:49 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmstp.exe
[2011.02.22 21:51:49 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2011.02.22 21:51:49 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSDvbNP.ax
[2011.02.22 21:51:49 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdProxy.dll
[2011.02.22 21:51:49 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QCLIPROV.DLL
[2011.02.22 21:51:49 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\resutils.dll
[2011.02.22 21:51:49 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\findstr.exe
[2011.02.22 21:51:49 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MuiUnattend.exe
[2011.02.22 21:51:49 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\amstream.dll
[2011.02.22 21:51:49 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tlscsp.dll
[2011.02.22 21:51:49 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastapi.dll
[2011.02.22 21:51:49 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cca.dll
[2011.02.22 21:51:49 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertPolEng.dll
[2011.02.22 21:51:49 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\findstr.exe
[2011.02.22 21:51:49 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WavDest.dll
[2011.02.22 21:51:49 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spbcd.dll
[2011.02.22 21:51:49 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2011.02.22 21:51:49 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\g711codc.ax
[2011.02.22 21:51:49 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vfwwdm32.dll
[2011.02.22 21:51:49 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsnmp32.dll
[2011.02.22 21:51:49 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MultiDigiMon.exe
[2011.02.22 21:51:49 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2011.02.22 21:51:49 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\luainstall.dll
[2011.02.22 21:51:49 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ksxbar.ax
[2011.02.22 21:51:49 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wkscli.dll
[2011.02.22 21:51:49 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pdhui.dll
[2011.02.22 21:51:49 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbisurf.ax
[2011.02.22 21:51:49 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\relog.exe
[2011.02.22 21:51:49 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mciqtz32.dll
[2011.02.22 21:51:49 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\relog.exe
[2011.02.22 21:51:49 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2011.02.22 21:51:49 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\choice.exe
[2011.02.22 21:51:49 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdmo.dll
[2011.02.22 21:51:49 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2011.02.22 21:51:49 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2011.02.22 21:51:49 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WerFaultSecure.exe
[2011.02.22 21:51:49 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AzSqlExt.dll
[2011.02.22 21:51:49 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qprocess.exe
[2011.02.22 21:51:49 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netiougc.exe
[2011.02.22 21:51:49 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netbtugc.exe
[2011.02.22 21:51:49 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ReAgentc.exe
[2011.02.22 21:51:49 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\syssetup.dll
[2011.02.22 21:51:49 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BWUnpairElevated.dll
[2011.02.22 21:51:49 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sscore.dll
[2011.02.22 21:51:48 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbonRes.dll
[2011.02.22 21:51:48 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbonRes.dll
[2011.02.22 21:51:48 | 001,080,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\onexui.dll
[2011.02.22 21:51:48 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RDPENCDD.dll
[2011.02.22 21:51:48 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sppc.dll
[2011.02.22 21:51:48 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mobsync.exe
[2011.02.22 21:51:48 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2011.02.22 21:51:48 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\manage-bde.exe
[2011.02.22 21:51:48 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabinet.dll
[2011.02.22 21:51:48 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\napdsnap.dll
[2011.02.22 21:51:48 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetmib1.dll
[2011.02.22 21:51:48 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDvbNP.ax
[2011.02.22 21:51:48 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vmicres.dll
[2011.02.22 21:51:48 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbcconf.dll
[2011.02.22 21:51:48 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetmib1.dll
[2011.02.22 21:51:48 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\repair-bde.exe
[2011.02.22 21:51:48 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\g711codc.ax
[2011.02.22 21:51:48 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2011.02.22 21:51:48 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vmbusres.dll
[2011.02.22 21:51:48 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\luainstall.dll
[2011.02.22 21:51:48 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSMON.dll
[2011.02.22 21:51:48 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2011.02.22 21:51:48 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcconf.dll
[2011.02.22 21:51:48 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vmstorfltres.dll
[2011.02.22 21:51:48 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dsauth.dll
[2011.02.22 21:51:48 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdiasqmmodule.dll
[2011.02.22 21:51:48 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciqtz32.dll
[2011.02.22 21:51:48 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shimgvw.dll
[2011.02.22 21:51:48 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unlodctr.exe
[2011.02.22 21:51:48 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbisurf.ax
[2011.02.22 21:51:48 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\profprov.dll
[2011.02.22 21:51:48 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbrpm.sys
[2011.02.22 21:51:48 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2011.02.22 21:51:48 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdmo.dll
[2011.02.22 21:51:48 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscdll.dll
[2011.02.22 21:51:48 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2011.02.22 21:51:48 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2011.02.22 21:51:48 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\LogonUI.exe
[2011.02.22 21:51:48 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdi.sys
[2011.02.22 21:51:48 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elsTrans.dll
[2011.02.22 21:51:48 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bitsperf.dll
[2011.02.22 21:51:48 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schedcli.dll
[2011.02.22 21:51:48 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\chgport.exe
[2011.02.22 21:51:48 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tskill.exe
[2011.02.22 21:51:48 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdprefdrvapi.dll
[2011.02.22 21:51:48 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qappsrv.exe
[2011.02.22 21:51:48 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tscon.exe
[2011.02.22 21:51:48 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elsTrans.dll
[2011.02.22 21:51:48 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\chglogon.exe
[2011.02.22 21:51:48 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsdiscon.exe
[2011.02.22 21:51:48 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TRAPI.dll
[2011.02.22 21:51:48 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TRAPI.dll
[2011.02.22 21:51:48 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shadow.exe
[2011.02.22 21:51:48 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rwinsta.exe
[2011.02.22 21:51:48 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdprefdrvapi.dll
[2011.02.22 21:51:48 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logoff.exe
[2011.02.22 21:51:48 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\chgusr.exe
[2011.02.22 21:51:48 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spopk.dll
[2011.02.22 21:51:48 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bitsperf.dll
[2011.02.22 21:51:48 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spopk.dll
[2011.02.22 21:51:48 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSUNATD.exe
[2011.02.22 21:51:48 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fixmapi.exe
[2011.02.22 21:51:48 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfts.dll
[2011.02.22 21:51:48 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\reset.exe
[2011.02.22 21:51:48 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\change.exe
[2011.02.22 21:51:48 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\query.exe
[2011.02.22 21:51:48 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\muifontsetup.dll
[2011.02.22 21:51:47 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imkr80.ime
[2011.02.22 21:51:47 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imkr80.ime
[2011.02.22 21:51:47 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2011.02.22 21:51:47 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\napdsnap.dll
[2011.02.22 21:51:47 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2011.02.22 21:51:47 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2011.02.22 21:51:47 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBCAMD2.sys
[2011.02.22 21:51:47 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dsauth.dll
[2011.02.22 21:51:47 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shgina.dll
[2011.02.22 21:51:47 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsdchngr.dll
[2011.02.22 21:51:47 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsdchngr.dll
[2011.02.22 21:51:47 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shgina.dll
[2011.02.22 21:51:47 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schedcli.dll
[2011.02.22 21:51:47 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshirda.dll
[2011.02.22 21:51:47 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2011.02.22 21:51:47 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshirda.dll
[2011.02.22 21:51:47 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcfgex.dll
[2011.02.22 21:51:47 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2011.02.22 21:51:47 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\riched32.dll
[2011.02.22 21:51:46 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VmbusCoinstaller.dll
[2011.02.22 21:51:46 | 000,129,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VmdCoinstall.dll
[2011.02.22 21:51:46 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IcCoinstall.dll
[2011.02.22 21:51:46 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vmbuspipe.dll
[2011.02.22 21:51:46 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\C_ISCII.DLL
[2011.02.22 21:51:46 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\riched32.dll
[2011.02.22 21:51:46 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwmp.dll
[2011.02.22 21:51:46 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwmp.dll
[2011.02.22 21:51:45 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2011.02.22 21:51:45 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2011.02.22 21:51:45 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shunimpl.dll
[2011.02.22 21:51:45 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\C_ISCII.DLL
[2011.02.22 21:51:45 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shunimpl.dll
[2011.02.22 21:51:45 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTUQ.DLL
[2011.02.22 21:51:45 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTUF.DLL
[2011.02.22 21:51:45 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDSG.DLL
[2011.02.22 21:51:45 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kbdlk41a.dll
[2011.02.22 21:51:45 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDGKL.DLL
[2011.02.22 21:51:45 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDCZ1.DLL
[2011.02.22 21:51:45 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTUQ.DLL
[2011.02.22 21:51:45 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTUF.DLL
[2011.02.22 21:51:45 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDSG.DLL
[2011.02.22 21:51:45 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDSF.DLL
[2011.02.22 21:51:45 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDPO.DLL
[2011.02.22 21:51:45 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDNEPR.DLL
[2011.02.22 21:51:45 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kbdlk41a.dll
[2011.02.22 21:51:45 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTAM.DLL
[2011.02.22 21:51:45 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBEN.DLL
[2011.02.22 21:51:45 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDGR1.DLL
[2011.02.22 21:51:45 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDGR1.DLL
[2011.02.22 21:51:45 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDGKL.DLL
[2011.02.22 21:51:45 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDCZ1.DLL
[2011.02.22 21:51:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDUS.DLL
[2011.02.22 21:51:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDUGHR1.DLL
[2011.02.22 21:51:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTURME.DLL
[2011.02.22 21:51:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTAJIK.DLL
[2011.02.22 21:51:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDSF.DLL
[2011.02.22 21:51:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDPO.DLL
[2011.02.22 21:51:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDNEPR.DLL
[2011.02.22 21:51:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDMON.DLL
[2011.02.22 21:51:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDMAORI.DLL
[2011.02.22 21:51:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDLT1.DLL
[2011.02.22 21:51:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTEL.DLL
[2011.02.22 21:51:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTAM.DLL
[2011.02.22 21:51:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINORI.DLL
[2011.02.22 21:51:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINORI.DLL
[2011.02.22 21:51:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAR.DLL
[2011.02.22 21:51:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAR.DLL
[2011.02.22 21:51:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINKAN.DLL
[2011.02.22 21:51:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINKAN.DLL
[2011.02.22 21:51:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINHIN.DLL
[2011.02.22 21:51:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINHIN.DLL
[2011.02.22 21:51:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBEN.DLL
[2011.02.22 21:51:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBULG.DLL
[2011.02.22 21:51:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBLR.DLL
[2011.02.22 21:51:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBASH.DLL
[2011.02.22 21:51:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDUS.DLL
[2011.02.22 21:51:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDUGHR1.DLL
[2011.02.22 21:51:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTURME.DLL
[2011.02.22 21:51:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTAJIK.DLL
[2011.02.22 21:51:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDMON.DLL
[2011.02.22 21:51:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDMAORI.DLL
[2011.02.22 21:51:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDLT1.DLL
[2011.02.22 21:51:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTEL.DLL
[2011.02.22 21:51:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDGEO.DLL
[2011.02.22 21:51:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDGEO.DLL
[2011.02.22 21:51:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBULG.DLL
[2011.02.22 21:51:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBLR.DLL
[2011.02.22 21:51:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBASH.DLL
[2011.02.22 21:51:45 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdxm.ocx
[2011.02.22 21:51:45 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxmasf.dll
[2011.02.22 21:51:45 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.ocx
[2011.02.22 21:51:45 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxmasf.dll
[2011.02.22 21:51:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-ums-l1-1-0.dll
[2011.02.22 21:51:44 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nlsbres.dll
[2011.02.22 21:51:44 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nlsbres.dll
[2011.02.22 21:51:44 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BlbEvents.dll
[2011.02.22 21:51:44 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pifmgr.dll
[2011.02.22 21:51:44 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pifmgr.dll
[2011.02.22 21:51:44 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwizres.dll
[2011.02.22 21:51:44 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwizres.dll
[2011.02.22 21:51:44 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnaddr.dll
[2011.02.22 21:51:44 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnaddr.dll
[2011.02.22 21:51:31 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PkgMgr.exe
[2011.02.22 21:51:31 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdscore.dll
[2011.02.22 21:51:28 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvstore.dll
[2011.02.22 21:51:28 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpx.dll
[2011.02.22 21:51:03 | 000,529,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wbemcomn.dll
[2011.02.22 21:51:03 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll
[2011.02.22 21:51:02 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmiEngine.dll
[2011.02.22 21:51:01 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PkgMgr.exe
[2011.02.22 21:50:55 | 000,422,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvstore.dll
[2011.02.22 21:50:55 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpx.dll
[2011.02.22 20:15:25 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011.02.22 20:15:25 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011.02.22 20:15:25 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011.02.22 20:15:24 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011.02.22 15:41:38 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData\Local\{4DB1F147-E1F7-440D-8CF6-EA017ED33961}
[2010.12.27 22:03:35 | 000,221,184 | -H-- | C] ( ) -- C:\Windows\UninstallDialog.exe
[2010.12.27 22:03:35 | 000,221,184 | -H-- | C] ( ) -- C:\Windows\InstallDialog.exe

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011.03.23 23:35:04 | 000,580,608 | -H-- | M] (OldTimer Tools) -- C:\Users\Home\Desktop\OTL.exe
[2011.03.23 23:32:46 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2011.03.23 23:32:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.03.23 23:26:10 | 058,599,328 | -H-- | M] () -- C:\Users\Home\Desktop\cureit.exe
[2011.03.23 23:17:35 | 000,000,128 | -H-- | M] () -- C:\ProgramData\~46456584r
[2011.03.23 23:17:35 | 000,000,096 | -H-- | M] () -- C:\ProgramData\~46456584
[2011.03.23 23:17:34 | 000,000,639 | -H-- | M] () -- C:\Users\Home\Desktop\Windows Recovery.lnk
[2011.03.23 23:17:33 | 000,000,344 | -H-- | M] () -- C:\ProgramData\46456584
[2011.03.23 23:17:32 | 000,467,968 | -H-- | M] () -- C:\ProgramData\46456584.exe
[2011.03.23 23:08:27 | 000,546,816 | -H-- | M] (HiTech) -- C:\ProgramData\IGSYNkFRmaqdjEh.exe
[2011.03.23 22:46:02 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx
[2011.03.23 22:43:08 | 000,013,728 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.03.23 22:43:08 | 000,013,728 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.03.23 22:42:23 | 001,628,274 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.03.23 22:42:23 | 000,709,642 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.03.23 22:42:23 | 000,652,694 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.03.23 22:42:23 | 000,150,736 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.03.23 22:42:23 | 000,123,632 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.03.23 22:38:49 | 000,266,400 | -H-- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011.03.23 22:38:49 | 000,266,400 | -H-- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.03.23 22:36:56 | 000,215,128 | -H-- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011.03.21 21:42:58 | 130,558,072 | -H-- | M] (AMD Inc.) -- C:\Users\Home\Desktop\amd_catalyst_11.4_preview_win7_march7.exe
[2011.03.21 21:29:39 | 000,007,611 | -H-- | M] () -- C:\Users\Home\AppData\Local\resmon.resmoncfg
[2011.03.16 21:54:01 | 000,030,692 | -H-- | M] () -- C:\Users\Home\Documents\cc_20110316_215358.reg
[2011.03.16 20:42:41 | 000,001,362 | -H-- | M] () -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
[2011.03.16 14:21:42 | 000,002,044 | -H-- | M] () -- C:\Users\Home\Documents\Default.rdp
[2011.03.15 22:55:24 | 000,017,408 | -H-- | M] () -- C:\Users\Home\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.03.15 14:32:45 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2011.03.15 14:32:45 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll
[2011.03.15 14:32:45 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011.03.15 14:32:45 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.03.15 14:32:45 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011.03.15 14:32:45 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011.03.15 14:32:45 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011.03.15 14:32:45 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll
[2011.03.15 14:32:45 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.03.15 14:32:45 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011.03.15 14:32:45 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll
[2011.03.15 14:32:45 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2011.03.15 14:32:45 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.03.15 14:32:45 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2011.03.15 14:32:45 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2011.03.15 14:32:45 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll
[2011.03.15 14:32:45 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2011.03.15 14:32:45 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2011.03.15 14:32:45 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011.03.15 14:32:45 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2011.03.15 14:32:45 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011.03.15 14:32:45 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011.03.15 14:32:45 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2011.03.15 14:32:45 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2011.03.15 14:32:45 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2011.03.15 14:32:45 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011.03.15 14:32:45 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2011.03.15 14:32:45 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2011.03.15 14:32:45 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2011.03.15 14:32:45 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011.03.15 14:32:45 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011.03.15 14:32:45 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011.03.15 14:32:45 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.03.15 14:32:45 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2011.03.15 14:32:45 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2011.03.15 14:32:45 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2011.03.15 14:32:45 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2011.03.15 14:32:45 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll
[2011.03.15 14:32:45 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011.03.15 14:32:45 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011.03.15 14:32:45 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011.03.15 14:32:44 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2011.03.15 14:32:44 | 002,303,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.03.15 14:32:44 | 001,492,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011.03.15 14:32:44 | 000,818,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.03.15 14:32:44 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011.03.15 14:32:44 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011.03.15 14:32:44 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2011.03.15 14:32:44 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2011.03.15 14:32:44 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011.03.15 14:32:44 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2011.03.15 14:32:44 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2011.03.15 14:32:44 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.03.15 14:32:44 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.03.15 14:32:44 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2011.03.15 14:32:44 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2011.03.15 14:32:44 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2011.03.15 14:32:44 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2011.03.15 14:32:44 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2011.03.15 14:32:44 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2011.03.15 14:32:44 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2011.03.15 14:32:44 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011.03.15 14:32:44 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2011.03.15 14:32:44 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2011.03.15 14:32:44 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2011.03.15 14:32:44 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2011.03.15 14:32:44 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.03.15 14:32:44 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2011.03.15 14:32:44 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2011.03.15 14:32:44 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2011.03.15 14:32:44 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2011.03.15 14:32:44 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2011.03.15 14:32:44 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2011.03.15 14:32:44 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2011.03.15 14:32:44 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2011.03.15 14:32:44 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2011.03.15 14:32:44 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2011.03.15 14:32:44 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011.03.15 14:32:44 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2011.03.15 14:32:44 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011.03.14 22:18:36 | 000,000,611 | -H-- | M] () -- C:\Users\Public\Desktop\PDF24 Editor.lnk
[2011.03.14 17:44:52 | 000,578,192 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.03.04 21:03:53 | 000,000,093 | -H-- | M] () -- C:\Windows\SMM_HCEditor.INI
[2011.03.04 20:56:40 | 000,000,584 | -H-- | M] () -- C:\Users\Home\Desktop\HyperCam 3.lnk
[2011.03.04 14:45:30 | 000,000,120 | -H-- | M] () -- C:\Users\Home\AppData\Local\Pbibuxomo.dat
[2011.03.04 14:45:30 | 000,000,000 | -H-- | M] () -- C:\Users\Home\AppData\Local\Iyenohu.bin
[2011.03.02 23:50:33 | 000,001,763 | -H-- | M] () -- C:\Users\Public\Desktop\Bulletstorm.lnk
[2011.03.01 16:22:08 | 000,018,960 | ---- | M] (Logitech, Inc.) -- C:\Windows\SysNative\drivers\LNonPnP.sys
[2011.02.28 18:46:43 | 000,250,743 | -H-- | M] () -- C:\Users\Home\Documents\ts3_clientui-win64-12815-2011-02-28 18_46_42.877199.dmp
[2011.02.27 19:07:00 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01009.Wdf
[2011.02.27 10:28:06 | 009,319,424 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2011.02.27 06:28:04 | 022,622,208 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2011.02.27 06:05:08 | 017,468,416 | -H-- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2011.02.27 05:45:16 | 000,058,880 | ---- | M] (AMD) -- C:\Windows\SysNative\coinst.dll
[2011.02.27 05:40:18 | 000,150,184 | ---- | M] () -- C:\Windows\SysNative\atiapfxx.blb
[2011.02.27 05:39:52 | 000,147,456 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2011.02.27 05:39:42 | 000,671,232 | -H-- | M] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\aticfx32.dll
[2011.02.27 05:38:38 | 000,787,968 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysNative\aticfx64.dll
[2011.02.27 05:36:32 | 000,462,848 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIDEMGX.dll
[2011.02.27 05:36:22 | 000,480,256 | ---- | M] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2011.02.27 05:35:50 | 000,203,776 | ---- | M] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2011.02.27 05:34:52 | 000,120,320 | ---- | M] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2011.02.27 05:34:34 | 000,423,424 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atipdl64.dll
[2011.02.27 05:34:28 | 000,356,352 | -H-- | M] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\atipdlxx.dll
[2011.02.27 05:34:20 | 000,278,528 | -H-- | M] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\Oemdspif.dll
[2011.02.27 05:34:16 | 000,016,384 | ---- | M] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2011.02.27 05:34:12 | 000,059,392 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2011.02.27 05:34:06 | 000,043,520 | -H-- | M] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2011.02.27 05:31:06 | 004,307,456 | -H-- | M] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2011.02.27 05:22:36 | 005,085,184 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysNative\atidxx64.dll
[2011.02.27 05:12:34 | 004,274,176 | -H-- | M] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2011.02.27 05:11:48 | 001,208,320 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6v.dll
[2011.02.27 05:11:16 | 001,912,832 | -H-- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdmv.dll
[2011.02.27 05:11:04 | 003,420,672 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll
[2011.02.27 05:08:42 | 000,889,344 | ---- | M] () -- C:\Windows\SysNative\atiumd6a.cap
[2011.02.27 05:08:34 | 000,051,200 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2011.02.27 05:08:32 | 000,046,080 | -H-- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2011.02.27 05:08:22 | 000,044,544 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2011.02.27 05:08:20 | 000,044,032 | -H-- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2011.02.27 05:08:10 | 007,466,496 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2011.02.27 05:06:48 | 005,423,104 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysNative\atiumd64.dll
[2011.02.27 05:05:04 | 003,631,104 | -H-- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2011.02.27 05:04:36 | 000,889,344 | -H-- | M] () -- C:\Windows\SysWow64\atiumdva.cap
[2011.02.27 05:04:26 | 006,097,920 | -H-- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2011.02.27 05:00:16 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll
[2011.02.27 05:00:08 | 000,258,048 | -H-- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2011.02.27 05:00:00 | 000,014,848 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2011.02.27 04:59:56 | 000,012,800 | -H-- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2011.02.27 04:59:56 | 000,012,800 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2011.02.27 04:59:54 | 000,039,936 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2011.02.27 04:59:48 | 000,032,768 | -H-- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2011.02.27 04:59:42 | 000,303,616 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2011.02.27 04:59:02 | 000,040,448 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll
[2011.02.27 04:58:58 | 000,031,232 | -H-- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2011.02.27 04:58:52 | 000,038,912 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2011.02.27 04:58:46 | 000,029,184 | -H-- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll
[2011.02.27 04:53:14 | 000,053,760 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2011.02.27 04:53:14 | 000,053,760 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2011.02.27 04:53:10 | 000,052,736 | -H-- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2011.02.27 04:53:10 | 000,052,736 | -H-- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2011.02.27 04:05:00 | 000,053,248 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2011.02.27 00:55:56 | 000,061,952 | ---- | M] () -- C:\Windows\SysNative\OVDecode64.dll
[2011.02.27 00:55:54 | 000,059,904 | -H-- | M] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.02.27 00:55:46 | 000,053,760 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2011.02.27 00:55:42 | 000,051,712 | -H-- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011.02.27 00:55:34 | 016,066,048 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl64.dll
[2011.02.27 00:55:22 | 012,339,712 | -H-- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl.dll
[2011.02.26 18:24:56 | 000,162,816 | -H-- | M] (Firelight Technologies Pty, Ltd) -- C:\Windows\SysWow64\fmod.dll
[2011.02.22 21:59:42 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msclmd.dll
[2011.02.22 21:59:42 | 000,152,576 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msclmd.dll
[2011.02.22 20:39:04 | 000,240,640 | -H-- | M] () -- C:\Windows\SysWow64\xvidvfw.dll

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011.03.23 23:23:23 | 058,599,328 | -H-- | C] () -- C:\Users\Home\Desktop\cureit.exe
[2011.03.23 23:17:35 | 000,000,128 | -H-- | C] () -- C:\ProgramData\~46456584r
[2011.03.23 23:17:35 | 000,000,096 | -H-- | C] () -- C:\ProgramData\~46456584
[2011.03.23 23:17:34 | 000,000,639 | -H-- | C] () -- C:\Users\Home\Desktop\Windows Recovery.lnk
[2011.03.23 23:17:33 | 000,000,344 | -H-- | C] () -- C:\ProgramData\46456584
[2011.03.23 23:17:32 | 000,467,968 | -H-- | C] () -- C:\ProgramData\46456584.exe
[2011.03.21 18:20:10 | 000,000,704 | -H-- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011.03.16 21:54:00 | 000,030,692 | -H-- | C] () -- C:\Users\Home\Documents\cc_20110316_215358.reg
[2011.03.16 20:42:41 | 000,001,362 | -H-- | C] () -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
[2011.03.15 14:32:45 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011.03.15 14:32:44 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011.03.04 21:03:53 | 000,000,093 | -H-- | C] () -- C:\Windows\SMM_HCEditor.INI
[2011.03.04 20:56:40 | 000,000,584 | -H-- | C] () -- C:\Users\Home\Desktop\HyperCam 3.lnk
[2011.03.02 23:50:33 | 000,001,763 | -H-- | C] () -- C:\Users\Public\Desktop\Bulletstorm.lnk
[2011.02.28 18:46:42 | 000,250,743 | -H-- | C] () -- C:\Users\Home\Documents\ts3_clientui-win64-12815-2011-02-28 18_46_42.877199.dmp
[2011.02.27 19:07:00 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01009.Wdf
[2011.02.27 05:40:18 | 000,150,184 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2011.02.27 05:08:42 | 000,889,344 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2011.02.27 05:04:36 | 000,889,344 | -H-- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2011.02.27 00:55:56 | 000,061,952 | ---- | C] () -- C:\Windows\SysNative\OVDecode64.dll
[2011.02.27 00:55:54 | 000,059,904 | -H-- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.02.25 17:37:09 | 000,000,000 | -H-- | C] () -- C:\Users\Home\AppData\Local\Iyenohu.bin
[2011.02.25 17:37:08 | 000,000,120 | -H-- | C] () -- C:\Users\Home\AppData\Local\Pbibuxomo.dat
[2011.02.22 21:52:35 | 000,095,744 | ---- | C] () -- C:\Windows\SysNative\RDVGHelper.exe
[2011.02.22 21:52:28 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2011.02.22 21:51:48 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2011.02.22 21:51:44 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2011.02.22 21:51:44 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2011.02.22 21:51:31 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2011.02.22 21:51:30 | 000,146,389 | ---- | C] () -- C:\Windows\SysWow64\printmanagement.msc
[2011.02.22 20:39:04 | 000,240,640 | -H-- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011.02.17 19:24:24 | 000,003,910 | -H-- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.02.07 19:00:08 | 001,529,856 | -H-- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll
[2011.02.07 19:00:08 | 000,925,667 | -H-- | C] () -- C:\Windows\SysWow64\ffmpegmt.dll
[2011.02.07 19:00:08 | 000,721,798 | -H-- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011.02.07 19:00:08 | 000,336,384 | -H-- | C] () -- C:\Windows\SysWow64\ff_libfaad2.dll
[2011.02.07 19:00:08 | 000,324,096 | -H-- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll
[2011.02.07 19:00:08 | 000,216,576 | -H-- | C] () -- C:\Windows\SysWow64\ff_libdts.dll
[2011.02.07 19:00:08 | 000,151,552 | -H-- | C] () -- C:\Windows\SysWow64\ff_libmad.dll
[2011.02.07 19:00:08 | 000,145,408 | -H-- | C] () -- C:\Windows\SysWow64\libmpeg2_ff.dll
[2011.02.07 19:00:08 | 000,140,800 | -H-- | C] () -- C:\Windows\SysWow64\ff_unrar.dll
[2011.02.07 19:00:08 | 000,121,856 | -H-- | C] () -- C:\Windows\SysWow64\ff_liba52.dll
[2011.02.07 19:00:08 | 000,100,864 | -H-- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll
[2011.02.07 19:00:08 | 000,065,024 | -H-- | C] () -- C:\Windows\SysWow64\FLT_ffdshow.dll
[2011.02.07 18:45:52 | 000,080,896 | -H-- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011.02.07 18:39:02 | 004,166,551 | -H-- | C] () -- C:\Windows\SysWow64\ffmpeg.dll
[2011.01.30 19:53:40 | 000,007,611 | -H-- | C] () -- C:\Users\Home\AppData\Local\resmon.resmoncfg
[2011.01.09 23:50:12 | 000,017,408 | -H-- | C] () -- C:\Users\Home\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.06 15:43:41 | 001,608,912 | -H-- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.12.28 03:00:01 | 000,386,923 | -H-- | C] () -- C:\Windows\KMSAct.exe
[2010.12.28 00:56:35 | 000,266,400 | -H-- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.12.28 00:56:34 | 002,434,856 | -H-- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2010.12.28 00:56:34 | 000,075,136 | -H-- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.12.28 00:24:02 | 000,000,000 | -H-- | C] () -- C:\Windows\nsreg.dat
[2010.12.28 00:17:13 | 004,244,744 | -H-- | C] () -- C:\Windows\SysWow64\qtp-mt334.dll
[2010.12.28 00:17:13 | 000,247,560 | -H-- | C] () -- C:\Windows\SysWow64\prgiso.dll
[2010.12.28 00:17:13 | 000,013,576 | -H-- | C] () -- C:\Windows\SysWow64\wnaspi32.dll
[2010.12.27 22:47:09 | 000,180,224 | -H-- | C] () -- C:\Windows\SysWow64\WinService.exe
[2010.12.27 21:55:15 | 000,155,745 | -H-- | C] () -- C:\Windows\SysWow64\installservice.exe
[2010.12.27 21:24:09 | 000,001,769 | -H-- | C] () -- C:\Windows\Language_trs.ini
[2010.12.27 21:24:05 | 000,030,354 | -H-- | C] () -- C:\Windows\Ascd_tmp.ini
[2010.12.27 21:24:04 | 000,061,440 | -H-- | C] () -- C:\Windows\SysWow64\FDI.exe
[2010.12.27 21:22:24 | 000,000,000 | -H-- | C] () -- C:\Windows\ativpsrm.bin
[2010.10.14 01:36:44 | 000,179,263 | -H-- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010.08.18 20:56:38 | 000,000,151 | -H-- | C] () -- C:\Windows\SysWow64\Registration.ini
[2010.08.14 09:45:18 | 000,249,856 | -H-- | C] () -- C:\Windows\SysWow64\dxr.dll
[2010.08.14 09:45:10 | 000,358,400 | -H-- | C] () -- C:\Windows\SysWow64\gdsmux.exe
[2010.08.14 09:43:52 | 000,150,528 | -H-- | C] () -- C:\Windows\SysWow64\mkx.dll
[2010.08.14 09:43:42 | 000,109,568 | -H-- | C] () -- C:\Windows\SysWow64\avi.dll
[2010.08.14 09:43:34 | 000,141,824 | -H-- | C] () -- C:\Windows\SysWow64\mp4.dll
[2010.08.14 09:43:22 | 000,123,392 | -H-- | C] () -- C:\Windows\SysWow64\ogm.dll
[2010.08.14 09:42:54 | 000,113,152 | -H-- | C] () -- C:\Windows\SysWow64\dsmux.exe
[2010.08.14 09:42:48 | 000,154,112 | -H-- | C] () -- C:\Windows\SysWow64\ts.dll
[2010.08.14 09:42:10 | 000,097,792 | -H-- | C] () -- C:\Windows\SysWow64\avs.dll
[2010.08.14 09:42:06 | 000,137,728 | -H-- | C] () -- C:\Windows\SysWow64\mkv2vfr.exe
[2010.08.14 09:41:54 | 000,093,184 | -H-- | C] () -- C:\Windows\SysWow64\avss.dll
[2010.08.14 09:40:02 | 000,080,384 | -H-- | C] () -- C:\Windows\SysWow64\mkzlib.dll
[2010.08.14 09:39:58 | 000,024,576 | -H-- | C] () -- C:\Windows\SysWow64\mkunicode.dll
[2009.08.11 22:21:26 | 000,087,552 | -H-- | C] () -- C:\Windows\SysWow64\ac3config.exe
[2009.08.11 22:21:20 | 001,021,440 | -H-- | C] () -- C:\Windows\SysWow64\ac3filter_intl.dll
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | -H-- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | -H-- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.04.02 13:30:14 | 000,010,296 | -H-- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2009.03.30 07:32:40 | 000,032,768 | RH-- | C] () -- C:\Windows\DAODx.exe
[2009.01.10 23:15:44 | 000,159,744 | -H-- | C] () -- C:\Windows\SysWow64\mmfinfo.dll
[2008.12.01 18:32:32 | 000,362,029 | -H-- | C] () -- C:\Windows\SysWow64\sqlite3.dll
[2008.11.06 16:37:32 | 003,596,288 | -H-- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2008.09.18 07:45:54 | 000,001,515 | -H-- | C] () -- C:\Windows\Ctacfg.ini
[2008.09.18 07:45:50 | 000,000,504 | -H-- | C] () -- C:\Windows\CtaMCcfg.ini
[2006.03.04 05:52:00 | 000,088,576 | -H-- | C] () -- C:\Windows\SysWow64\OptimFROG.dll

[color=#E56717]========== LOP Check ==========[/color]

[2011.01.08 10:29:08 | 000,000,000 | -H-D | M] -- C:\Users\Home\AppData\Roaming\BFBC2CC
[2011.01.09 23:46:17 | 000,000,000 | -H-D | M] -- C:\Users\Home\AppData\Roaming\COWON
[2010.12.28 02:40:43 | 000,000,000 | -H-D | M] -- C:\Users\Home\AppData\Roaming\DAEMON Tools Lite
[2011.01.31 00:02:12 | 000,000,000 | -H-D | M] -- C:\Users\Home\AppData\Roaming\e-on software
[2011.03.23 23:31:31 | 000,000,000 | -H-D | M] -- C:\Users\Home\AppData\Roaming\ICQ
[2011.01.26 19:19:22 | 000,000,000 | -H-D | M] -- C:\Users\Home\AppData\Roaming\Leadertech
[2011.01.26 17:08:03 | 000,000,000 | -H-D | M] -- C:\Users\Home\AppData\Roaming\ManyCam
[2011.02.14 00:17:08 | 000,000,000 | -H-D | M] -- C:\Users\Home\AppData\Roaming\Mumble
[2011.02.19 15:02:41 | 000,000,000 | -H-D | M] -- C:\Users\Home\AppData\Roaming\OnLive App
[2011.03.14 17:12:20 | 000,000,000 | -H-D | M] -- C:\Users\Home\AppData\Roaming\ProtectDisc
[2011.01.29 13:13:52 | 000,000,000 | -H-D | M] -- C:\Users\Home\AppData\Roaming\Publish Providers
[2011.01.29 13:14:21 | 000,000,000 | -H-D | M] -- C:\Users\Home\AppData\Roaming\Sony
[2011.01.29 13:24:10 | 000,000,000 | -H-D | M] -- C:\Users\Home\AppData\Roaming\Sony Creative Software Inc
[2011.01.16 20:11:12 | 000,000,000 | -H-D | M] -- C:\Users\Home\AppData\Roaming\TeamViewer
[2011.03.23 15:49:32 | 000,000,000 | -H-D | M] -- C:\Users\Home\AppData\Roaming\TeraCopy
[2011.03.23 20:06:54 | 000,000,000 | -H-D | M] -- C:\Users\Home\AppData\Roaming\Thunderbird
[2011.02.16 20:45:14 | 000,032,632 | -H-- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:4FC01C57

< End of report >

3.

Zitat

GMER 1.0.15.15570 - http://www.gmer.net
Rootkit scan 2011-03-24 18:47:59
Windows 6.1.7601 Service Pack 1
Running: 2q1zrlm3.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xF3 0xBB 0x46 0xB6 ...
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xAD 0x2E 0x5E 0x60 ...
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xEB 0x52 0xA0 0x13 ...
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x20 0x5A 0xA3 0x99 ...
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x56 0x2B 0x7F 0xF0 ...
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xAD 0x2E 0x5E 0x60 ...
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xEB 0x52 0xA0 0x13 ...
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x20 0x5A 0xA3 0x99 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xF3 0xBB 0x46 0xB6 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xAD 0x2E 0x5E 0x60 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xEB 0x52 0xA0 0x13 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x20 0x5A 0xA3 0x99 ...

---- EOF - GMER 1.0.15 ----

#2 Anbei noch eine HJ Logfile!

Zitat

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:55:14, on 24.03.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\DAODx.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
F:\97_RocketDock\RocketDock.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\ProgramData\IGSYNkFRmaqdjEh.exe
C:\Windows\SysWOW64\attrib.exe
C:\ProgramData\46456584.exe
C:\Program Files (x86)\NETGEAR\WN311B\Utility\WN311B.exe
C:\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\SysWOW64\rundll32.exe
F:\11_PDF24\pdf24.exe
F:\91_ever-23\Everest Ultimate Edition v.5.50.2123 beta (portable)\everest.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\02_Firefox 4\firefox.exe
C:\02_Firefox 4\plugin-container.exe
C:\Users\Home\Desktop\HiJackThis204.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - F:\95_Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [AS00_WN311B] C:\Program Files (x86)\NETGEAR\WN311B\Utility\WN311B.exe -hide
O4 - HKLM\..\Run: [avgnt] "C:\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [CtaMon] Rundll32 CtaMon.dll,RunMonitor
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [PDFPrint] F:\11_PDF24\pdf24.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RocketDock] "F:\97_RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [IGSYNkFRmaqdjEh] C:\ProgramData\IGSYNkFRmaqdjEh.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O4 - Startup: Logitech . Produktregistrierung.lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe
O4 - Startup: setup_9.0.0.722_23.03.2011_20-11.lnk = Home\Desktop\Virus Removal Tool\setup_9.0.0.722_23.03.2011_20-11\startup.exe
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://F:\02_OFF~1\Office14\EXCEL.EXE/3000
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - F:\46_ICQ\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - F:\46_ICQ\ICQ7.2\ICQ.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - F:\95_Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - F:\95_Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.3.16.0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - F:\95_Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Avira\AntiVir Desktop\avguard.exe
O23 - Service: DATA BECKER Update Service (DBService) - DATA BECKER GmbH & Co KG - C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - C:\ASUS.SYS\config\DVMExportService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SCM_Service - Unknown owner - C:\Windows\SysWOW64\WinService.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Unsigned Themes (UnsignedThemes) - The Within Network, LLC - C:\Windows\UnsignedThemesSvc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Netgear WN311B Wireless Control Service (WN311BFCS) - Ambit Microsystems - C:\Windows\system32\WN311BFCS.exe

--
End of file - 10460 bytes

#3 Anbei CombFix Log

Zitat

ComboFix 11-03-24.01 - Home 24.03.2011 20:16:43.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1031.18.4093.2186 [GMT 1:00]
ausgeführt von:: c:\users\Home\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\46456584.exe
C:\spy.qwas
c:\spy.qwas\config.bin
c:\users\Home\AppData\Local\{0C956BB3-BAA3-4672-A1E8-92B214C55722}
c:\users\Home\AppData\Local\{0C956BB3-BAA3-4672-A1E8-92B214C55722}\chrome.manifest
c:\users\Home\AppData\Local\{0C956BB3-BAA3-4672-A1E8-92B214C55722}\chrome\content\_cfg.js
c:\users\Home\AppData\Local\{0C956BB3-BAA3-4672-A1E8-92B214C55722}\chrome\content\overlay.xul
c:\users\Home\AppData\Local\{0C956BB3-BAA3-4672-A1E8-92B214C55722}\install.rdf
c:\users\Home\Documents\cc_20110316_215358.reg
c:\windows\SysWow64\winservice.exe
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SCM_Service
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-02-24 bis 2011-03-24 ))))))))))))))))))))))))))))))
.
.
2011-03-24 16:42 . 2011-03-24 16:43 -------- d--h--w- c:\users\Home\AppData\Local\{2CCC7996-25CD-4E4C-94FB-BE80F3DFEA66}
2011-03-23 23:13 . 2011-03-23 23:16 -------- d--h--w- c:\programdata\Kaspersky Lab
2011-03-23 23:12 . 2009-10-22 11:54 40464 ----a-w- c:\windows\system32\drivers\40400602.sys
2011-03-23 23:12 . 2009-10-09 21:30 352784 ----a-w- c:\windows\system32\drivers\4040060.sys
2011-03-23 23:12 . 2009-09-25 15:59 157712 ----a-w- c:\windows\system32\drivers\40400601.sys
2011-03-23 22:26 . 2011-03-23 22:26 -------- d--h--w- c:\users\Home\DoctorWeb
2011-03-23 22:08 . 2011-03-23 22:08 546816 ---ha-w- c:\programdata\IGSYNkFRmaqdjEh.exe
2011-03-23 14:10 . 2011-03-23 14:10 -------- d--h--w- c:\users\Home\AppData\Local\{CF69FD6E-9B3F-4C5D-AF31-CC5C55155999}
2011-03-22 15:26 . 2011-02-11 07:30 7947600 ---ha-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0B6FCADD-1A02-48F2-A36F-0D1DDDF323BF}\mpengine.dll
2011-03-22 15:24 . 2011-03-22 15:24 -------- d--h--w- c:\users\Home\AppData\Local\{7A347EEC-D38B-4E7A-87F0-46C7462B307D}
2011-03-21 21:09 . 2011-03-21 21:09 -------- d--h--w- c:\program files (x86)\AMD APP
2011-03-21 21:08 . 2011-03-21 21:08 -------- d--h--w- c:\programdata\ATI
2011-03-21 20:56 . 2011-03-21 20:56 -------- d-----w- C:\AMD
2011-03-21 17:20 . 2011-03-23 22:08 -------- d-----w- C:\02_Firefox 4
2011-03-21 15:53 . 2011-03-21 15:54 -------- d--h--w- c:\users\Home\AppData\Local\{46165FC5-206D-47B0-BA5E-B4EFF02AEA53}
2011-03-20 17:55 . 2011-03-20 17:55 -------- d--h--w- c:\users\Home\AppData\Local\{59B35DCD-AA0C-41D6-A28B-EEDEDB72C3D4}
2011-03-18 08:20 . 2011-03-18 08:20 -------- d--h--w- c:\users\Home\AppData\Local\{0991A4E6-A423-4115-ABD3-FAEDF2ACD519}
2011-03-17 09:58 . 2011-03-17 09:59 -------- d--h--w- c:\users\Home\AppData\Local\{AA3CBA32-6312-40BD-816B-24DAA5686311}
2011-03-16 21:58 . 2011-03-16 21:58 -------- d--h--w- c:\users\Home\AppData\Local\{C51AF6C8-78D5-465F-A5B1-3B7FBC9FF8AD}
2011-03-16 09:58 . 2011-03-16 09:58 -------- d--h--w- c:\users\Home\AppData\Local\{943CEB96-89EC-485D-868A-A54433AE75AC}
2011-03-15 20:06 . 2011-03-15 20:06 -------- d--h--w- c:\users\Home\AppData\Local\{6F9DC976-DB9A-4E61-A4F9-4DD3DEB73855}
2011-03-15 19:48 . 2011-03-15 19:48 -------- d--h--w- c:\windows\SysWow64\wbem\en-US
2011-03-15 19:48 . 2011-03-15 19:48 -------- d-----w- c:\windows\system32\wbem\en-US
2011-03-15 08:05 . 2011-03-15 08:06 -------- d--h--w- c:\users\Home\AppData\Local\{4BD3BF27-1915-4107-89CD-D6A10590BE82}
2011-03-14 19:09 . 2011-03-14 19:10 -------- d--h--w- c:\users\Home\AppData\Local\{7DFD24B1-0144-4FEB-80AB-B99A505207CC}
2011-03-14 16:12 . 2011-03-14 16:12 -------- d--h--w- c:\programdata\DATA BECKER Downloads
2011-03-14 16:12 . 2011-03-14 16:12 -------- d--h--w- c:\users\Home\AppData\Roaming\ProtectDisc
2011-03-14 16:12 . 2011-03-14 16:12 -------- d--h--w- c:\program files (x86)\ProtectDisc Driver Installer
2011-03-14 16:12 . 2011-03-14 16:12 -------- d--h--w- c:\program files (x86)\Common Files\DATA BECKER Shared
2011-03-14 16:12 . 2011-03-14 16:12 -------- d--h--w- c:\program files (x86)\Common Files\DATA BECKER Druckereien
2011-03-14 07:09 . 2011-03-14 07:09 -------- d--h--w- c:\users\Home\AppData\Local\{DC89B2A9-264B-4F81-8C4C-A3DCA80C2FA4}
2011-03-13 13:43 . 2011-03-13 13:43 -------- d--h--w- c:\users\Home\AppData\Local\{00088B49-E35A-4F39-9BF2-98A86B6EFEBA}
2011-03-12 15:08 . 2011-03-12 15:08 -------- d--h--w- c:\users\Home\AppData\Local\{BF71CB55-630C-46C2-8DBC-C7DF5957FE81}
2011-03-11 14:13 . 2011-03-11 14:13 -------- d--h--w- c:\users\Home\AppData\Local\{9B08A633-23A3-4F06-96F8-C8B8C24CE706}
2011-03-10 15:09 . 2011-03-10 15:09 -------- d--h--w- c:\users\Home\AppData\Local\{ECA9DA4F-4490-4AE4-88B3-50F06197EFD2}
2011-03-09 15:45 . 2011-02-19 12:05 1139200 ----a-w- c:\windows\system32\FntCache.dll
2011-03-09 15:45 . 2011-02-19 12:04 1544192 ----a-w- c:\windows\system32\DWrite.dll
2011-03-09 15:45 . 2011-02-19 12:04 902656 ----a-w- c:\windows\system32\d2d1.dll
2011-03-09 15:45 . 2011-02-19 06:30 1076736 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-03-09 15:45 . 2011-02-19 06:30 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-03-09 15:44 . 2010-12-23 10:42 1118720 ----a-w- c:\windows\system32\sbe.dll
2011-03-09 15:44 . 2010-12-23 10:42 961024 ----a-w- c:\windows\system32\CPFilters.dll
2011-03-09 15:44 . 2010-12-23 10:42 723968 ----a-w- c:\windows\system32\EncDec.dll
2011-03-09 15:44 . 2010-12-23 10:36 259072 ----a-w- c:\windows\system32\mpg2splt.ax
2011-03-09 15:44 . 2010-12-23 05:54 850944 ----a-w- c:\windows\SysWow64\sbe.dll
2011-03-09 15:44 . 2010-12-23 05:54 642048 ----a-w- c:\windows\SysWow64\CPFilters.dll
2011-03-09 15:44 . 2010-12-23 05:54 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-03-09 15:44 . 2010-12-23 05:50 199680 ----a-w- c:\windows\SysWow64\mpg2splt.ax
2011-03-09 15:28 . 2011-03-09 15:28 -------- d--h--w- c:\users\Home\AppData\Local\{754BB742-7C87-445C-921F-E6E0FF1E8BDC}
2011-03-08 14:54 . 2011-03-08 14:54 -------- d--h--w- c:\users\Home\AppData\Local\{B5AF446F-135B-434A-83D0-57DA4FD373EE}
2011-03-07 14:51 . 2011-03-07 14:51 -------- d--h--w- c:\users\Home\AppData\Local\{32F96F9C-D97C-4E1A-8E49-3C1F387A8E2D}
2011-03-06 22:26 . 2011-03-06 22:27 -------- d--h--w- c:\users\Home\AppData\Local\{3F69CA4D-7F74-4A55-ADF7-09AA265DCA16}
2011-03-06 10:26 . 2011-03-06 10:26 -------- d--h--w- c:\users\Home\AppData\Local\{4D1FE0D4-DDCB-4106-843D-C07EEFB14E0F}
2011-03-05 13:46 . 2011-03-05 13:47 -------- d--h--w- c:\users\Home\AppData\Local\{C80DD5E6-63A4-43E5-9CB4-F273EB8A7CE9}
2011-03-05 01:46 . 2011-03-05 01:46 -------- d--h--w- c:\users\Home\AppData\Local\{D91F2801-2F01-43EF-8993-47AFEEFF5412}
2011-03-04 20:01 . 2011-03-04 20:01 -------- d--h--w- c:\users\Home\AppData\Roaming\DivX
2011-03-04 20:01 . 2011-03-04 20:01 -------- d--h--w- c:\windows\SysWow64\custom matrices
2011-03-04 20:01 . 2011-03-04 20:01 -------- d--h--w- c:\windows\SysWow64\C2MP
2011-03-04 20:01 . 2011-03-04 20:01 -------- d--h--w- c:\windows\SysWow64\QuickTime
2011-03-04 19:56 . 2011-03-04 19:56 -------- d--h--w- c:\program files (x86)\Common Files\Solveig Multimedia
2011-03-04 13:45 . 2011-03-04 13:45 -------- d--h--w- c:\users\Home\AppData\Local\{B3A133DB-0D0F-491D-BF08-DBCD95247E80}
2011-03-03 15:23 . 2011-03-03 15:23 -------- d--h--w- c:\users\Home\AppData\Local\{786B9E37-26B4-4347-BA7A-13ECE9120C7B}
2011-03-02 22:47 . 2010-02-04 09:01 78680 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2011-03-02 22:47 . 2010-02-04 09:01 74072 ---ha-w- c:\windows\SysWow64\XAPOFX1_4.dll
2011-03-02 22:47 . 2010-02-04 09:01 530776 ----a-w- c:\windows\system32\XAudio2_6.dll
2011-03-02 22:47 . 2010-02-04 09:01 528216 ---ha-w- c:\windows\SysWow64\XAudio2_6.dll
2011-03-02 22:47 . 2010-02-04 09:01 238936 ---ha-w- c:\windows\SysWow64\xactengine3_6.dll
2011-03-02 22:47 . 2010-02-04 09:01 176984 ----a-w- c:\windows\system32\xactengine3_6.dll
2011-03-02 22:47 . 2011-03-02 22:47 -------- d--h--w- c:\program files (x86)\NVIDIA Corporation
2011-03-02 22:47 . 2011-03-02 22:47 -------- d--h--w- c:\program files (x86)\Common Files\Wise Installation Wizard
2011-03-02 22:46 . 2011-03-02 22:46 -------- d--h--w- c:\windows\SysWow64\xlive
2011-03-02 22:46 . 2011-03-03 15:51 -------- d--h--w- c:\program files (x86)\Microsoft Games for Windows - LIVE
2011-03-02 14:51 . 2011-03-02 14:51 -------- d--h--w- c:\users\Home\AppData\Local\{9D6D91FF-0D72-4E1C-9E0B-77CA884D7FC8}
2011-03-01 17:41 . 2011-03-01 17:41 -------- d--h--w- c:\programdata\Electronic Arts
2011-03-01 17:41 . 2011-03-01 17:41 -------- d--h--w- c:\programdata\EA Core
2011-03-01 17:39 . 2011-03-01 17:47 -------- d-----w- C:\09_Crysis 2 Demo
2011-03-01 15:04 . 2011-03-01 15:04 -------- d--h--w- c:\users\Home\AppData\Local\{DD581877-3381-450C-9B22-09E9429AEA1B}
2011-02-28 17:53 . 2011-02-28 17:53 -------- d--h--w- c:\users\Home\AppData\Local\LogiShrd
2011-02-28 17:52 . 2011-02-28 17:52 53248 ---ha-r- c:\users\Home\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2011-02-28 17:52 . 2011-03-01 15:22 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2011-02-28 17:51 . 2011-02-28 17:53 -------- d--h--w- c:\users\Home\AppData\Roaming\Logitech
2011-02-28 17:51 . 2011-02-28 17:51 -------- d--h--w- c:\users\Home\AppData\Roaming\Logishrd
2011-02-28 16:07 . 2011-02-28 16:07 -------- d--h--w- c:\users\Home\AppData\Local\{42C87723-0381-4CBA-AA46-7B04BFCAAFEA}
2011-02-27 23:06 . 2011-02-27 23:06 -------- d--h--w- c:\users\Home\AppData\Local\{94997DC0-7F2F-4F98-9F24-246C3C6B776B}
2011-02-27 18:06 . 2011-02-27 18:06 -------- d--h--w- c:\program files\Microsoft IntelliPoint
2011-02-27 11:05 . 2011-02-27 11:06 -------- d--h--w- c:\users\Home\AppData\Local\{E2EB5F2D-C4F5-45EC-88D0-5B3C9E7E0AF1}
2011-02-27 09:28 . 2011-02-27 09:28 9319424 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-02-27 05:05 . 2011-02-27 05:05 17468416 ---ha-w- c:\windows\SysWow64\atioglxx.dll
2011-02-27 04:39 . 2011-02-27 04:39 147456 ----a-w- c:\windows\system32\atiapfxx.exe
2011-02-27 04:36 . 2011-02-27 04:36 480256 ----a-w- c:\windows\system32\atieclxx.exe
2011-02-27 04:35 . 2011-02-27 04:35 203776 ----a-w- c:\windows\system32\atiesrxx.exe
2011-02-27 04:34 . 2011-02-27 04:34 120320 ----a-w- c:\windows\system32\atitmm64.dll
2011-02-27 04:34 . 2011-02-27 04:34 356352 ---ha-w- c:\windows\SysWow64\atipdlxx.dll
2011-02-27 04:34 . 2011-02-27 04:34 278528 ---ha-w- c:\windows\SysWow64\Oemdspif.dll
2011-02-27 04:34 . 2011-02-27 04:34 16384 ----a-w- c:\windows\system32\atimuixx.dll
2011-02-27 04:34 . 2011-02-27 04:34 59392 ----a-w- c:\windows\system32\atiedu64.dll
2011-02-27 04:34 . 2011-02-27 04:34 43520 ---ha-w- c:\windows\SysWow64\ati2edxx.dll
2011-02-27 04:11 . 2011-02-27 04:11 1208320 ----a-w- c:\windows\system32\atiumd6v.dll
2011-02-27 04:11 . 2011-02-27 04:11 1912832 ---ha-w- c:\windows\SysWow64\atiumdmv.dll
2011-02-27 04:08 . 2011-02-27 04:08 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2011-02-27 04:08 . 2011-02-27 04:08 46080 ---ha-w- c:\windows\SysWow64\aticalrt.dll
2011-02-27 04:08 . 2011-02-27 04:08 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2011-02-27 04:08 . 2011-02-27 04:08 44032 ---ha-w- c:\windows\SysWow64\aticalcl.dll
2011-02-27 04:08 . 2011-02-27 04:08 7466496 ----a-w- c:\windows\system32\aticaldd64.dll
2011-02-27 04:04 . 2011-02-27 04:04 6097920 ---ha-w- c:\windows\SysWow64\aticaldd.dll
2011-02-27 04:00 . 2011-02-27 04:00 258048 ---ha-w- c:\windows\SysWow64\atiadlxy.dll
2011-02-27 03:59 . 2011-02-27 03:59 12800 ---ha-w- c:\windows\SysWow64\atiglpxx.dll
2011-02-27 03:59 . 2011-02-27 03:59 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2011-02-27 03:59 . 2011-02-27 03:59 32768 ---ha-w- c:\windows\SysWow64\atigktxx.dll
2011-02-27 03:59 . 2011-02-27 03:59 303616 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-02-27 03:53 . 2011-02-27 03:53 53760 ----a-w- c:\windows\system32\atimpc64.dll
2011-02-27 03:53 . 2011-02-27 03:53 53760 ----a-w- c:\windows\system32\amdpcom64.dll
2011-02-27 03:53 . 2011-02-27 03:53 52736 ---ha-w- c:\windows\SysWow64\atimpc32.dll
2011-02-27 03:53 . 2011-02-27 03:53 52736 ---ha-w- c:\windows\SysWow64\amdpcom32.dll
2011-02-27 03:05 . 2011-02-27 03:05 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-02-26 23:55 . 2011-02-26 23:55 61952 ----a-w- c:\windows\system32\OVDecode64.dll
2011-02-26 23:55 . 2011-02-26 23:55 59904 ---ha-w- c:\windows\SysWow64\OVDecode.dll
2011-02-26 23:55 . 2011-02-26 23:55 53760 ----a-w- c:\windows\system32\OpenCL.dll
2011-02-26 23:55 . 2011-02-26 23:55 51712 ---ha-w- c:\windows\SysWow64\OpenCL.dll
2011-02-26 23:55 . 2011-02-26 23:55 16066048 ----a-w- c:\windows\system32\amdocl64.dll
2011-02-26 23:55 . 2011-02-26 23:55 12339712 ---ha-w- c:\windows\SysWow64\amdocl.dll
2011-02-26 20:51 . 2011-02-26 20:51 -------- d--h--w- c:\users\Home\AppData\Local\{2D93F5AC-D901-4286-BE25-8D334570AE19}
2011-02-26 17:12 . 2011-02-26 17:24 162816 ---ha-w- c:\windows\SysWow64\fmod.dll
2011-02-26 08:50 . 2011-02-26 08:51 -------- d--h--w- c:\users\Home\AppData\Local\{09F0A184-F418-4B7D-9E78-2C4D0CD1EB6B}
2011-02-25 16:37 . 2011-03-04 13:45 0 ---ha-w- c:\users\Home\AppData\Local\Iyenohu.bin
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-23 21:38 . 2010-12-28 00:08 266400 ---ha-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-03-23 21:38 . 2010-12-27 23:56 266400 ---ha-w- c:\windows\SysWow64\PnkBstrB.exe
2011-03-23 21:36 . 2010-12-27 23:56 215128 ---ha-w- c:\windows\SysWow64\PnkBstrB.ex0
2011-03-08 18:40 . 2010-06-24 10:33 18328 ---ha-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-02-27 05:28 . 2010-11-26 03:19 22622208 ----a-w- c:\windows\system32\atio6axx.dll
2011-02-27 04:45 . 2010-11-26 02:24 58880 ----a-w- c:\windows\system32\coinst.dll
2011-02-27 04:39 . 2010-11-26 02:58 671232 ---ha-w- c:\windows\SysWow64\aticfx32.dll
2011-02-27 04:38 . 2010-11-26 02:57 787968 ----a-w- c:\windows\system32\aticfx64.dll
2011-02-27 04:36 . 2011-01-26 22:56 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-02-27 04:34 . 2011-01-26 22:54 423424 ----a-w- c:\windows\system32\atipdl64.dll
2011-02-27 04:31 . 2010-11-26 02:49 4307456 ---ha-w- c:\windows\SysWow64\atidxx32.dll
2011-02-27 04:22 . 2010-11-26 02:40 5085184 ----a-w- c:\windows\system32\atidxx64.dll
2011-02-27 04:12 . 2010-11-26 02:30 4274176 ---ha-w- c:\windows\SysWow64\atiumdag.dll
2011-02-27 04:11 . 2011-01-26 22:32 3420672 ----a-w- c:\windows\system32\atiumd6a.dll
2011-02-27 04:06 . 2011-01-26 22:21 5423104 ----a-w- c:\windows\system32\atiumd64.dll
2011-02-27 04:05 . 2010-11-26 02:22 3631104 ---ha-w- c:\windows\SysWow64\atiumdva.dll
2011-02-27 04:00 . 2010-11-26 02:17 361984 ----a-w- c:\windows\system32\atiadlxx.dll
2011-02-27 04:00 . 2010-11-26 02:17 14848 ----a-w- c:\windows\system32\atig6pxx.dll
2011-02-27 03:59 . 2010-11-26 02:17 39936 ----a-w- c:\windows\system32\atig6txx.dll
2011-02-27 03:59 . 2010-11-26 02:16 40448 ----a-w- c:\windows\system32\atiuxp64.dll
2011-02-27 03:58 . 2010-11-26 02:15 31232 ---ha-w- c:\windows\SysWow64\atiuxpag.dll
2011-02-27 03:58 . 2010-11-26 02:15 38912 ----a-w- c:\windows\system32\atiu9p64.dll
2011-02-27 03:58 . 2010-11-26 02:15 29184 ---ha-w- c:\windows\SysWow64\atiu9pag.dll
2011-02-22 20:59 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-02-22 20:59 . 2009-07-14 02:36 152576 ---ha-w- c:\windows\SysWow64\msclmd.dll
2011-02-18 16:23 . 2011-02-18 16:23 4306702 ----a-w- c:\windows\system32\ffmpeg.dll
2011-02-18 14:42 . 2011-02-18 14:42 4792832 ----a-w- c:\windows\system32\ffdshow.ax
2011-02-18 14:36 . 2011-02-18 14:36 989746 ----a-w- c:\windows\system32\ffmpegmt.dll
2011-02-16 17:47 . 2011-02-16 17:47 168448 ----a-w- c:\windows\system32\ff_unrar.dll
2011-02-07 18:00 . 2011-02-07 18:00 925667 ---ha-w- c:\windows\SysWow64\ffmpegmt.dll
2011-02-07 18:00 . 2011-02-07 18:00 721798 ---ha-w- c:\windows\SysWow64\xvidcore.dll
2011-02-07 18:00 . 2011-02-07 18:00 65024 ---ha-w- c:\windows\SysWow64\FLT_ffdshow.dll
2011-02-07 18:00 . 2011-02-07 18:00 3669504 ---ha-w- c:\windows\SysWow64\ffdshow.ax
2011-02-07 18:00 . 2011-02-07 18:00 336384 ---ha-w- c:\windows\SysWow64\ff_libfaad2.dll
2011-02-07 18:00 . 2011-02-07 18:00 324096 ---ha-w- c:\windows\SysWow64\TomsMoComp_ff.dll
2011-02-07 18:00 . 2011-02-07 18:00 216576 ---ha-w- c:\windows\SysWow64\ff_libdts.dll
2011-02-07 18:00 . 2011-02-07 18:00 1529856 ---ha-w- c:\windows\SysWow64\ff_samplerate.dll
2011-02-07 18:00 . 2011-02-07 18:00 151552 ---ha-w- c:\windows\SysWow64\ff_libmad.dll
2011-02-07 18:00 . 2011-02-07 18:00 145408 ---ha-w- c:\windows\SysWow64\libmpeg2_ff.dll
2011-02-07 18:00 . 2011-02-07 18:00 140800 ---ha-w- c:\windows\SysWow64\ff_unrar.dll
2011-02-07 18:00 . 2011-02-07 18:00 121856 ---ha-w- c:\windows\SysWow64\ff_liba52.dll
2011-02-07 18:00 . 2011-02-07 18:00 100864 ---ha-w- c:\windows\SysWow64\ff_wmv9.dll
2011-02-07 17:45 . 2011-02-07 17:45 80896 ---ha-w- c:\windows\SysWow64\ff_vfw.dll
2011-02-07 17:39 . 2011-02-07 17:39 4166551 ---ha-w- c:\windows\SysWow64\ffmpeg.dll
2011-02-02 16:11 . 2010-12-27 22:46 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-01-10 13:23 . 2010-12-27 23:52 83120 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-01-10 13:23 . 2010-12-27 23:52 116568 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-01-07 15:02 . 2011-01-07 15:02 45408 ----a-w- c:\windows\system32\drivers\point64.sys
2011-01-07 15:02 . 2011-01-07 15:02 1721576 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll
2011-01-07 12:17 . 2011-02-22 19:15 475648 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-01-07 12:17 . 2011-02-22 19:15 1465344 ----a-w- c:\windows\system32\XpsPrint.dll
2011-01-07 12:14 . 2011-02-09 22:51 46080 ----a-w- c:\windows\system32\atmlib.dll
2011-01-07 09:20 . 2011-02-09 22:51 366592 ----a-w- c:\windows\system32\atmfd.dll
2011-01-07 07:46 . 2011-02-22 19:15 870912 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-01-07 07:46 . 2011-02-22 19:15 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-01-07 07:45 . 2011-02-09 22:51 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-01-07 05:43 . 2011-02-09 22:51 294400 ----a-w- c:\windows\SysWow64\atmfd.dll
2011-01-05 06:56 . 2011-02-09 22:53 3129344 ----a-w- c:\windows\system32\win32k.sys
2010-12-28 18:03 . 2010-12-28 18:03 374792 ----a-w- c:\windows\system32\drivers\UMDF\lgSSQVGA.dll
2010-12-28 18:03 . 2010-12-28 18:03 157704 ----a-w- c:\windows\system32\drivers\UMDF\lgSSBW.dll
2010-12-28 12:14 . 2010-12-27 23:56 75136 ---ha-w- c:\windows\SysWow64\PnkBstrA.exe
2010-12-27 23:56 . 2010-12-27 23:56 2434856 ---ha-w- c:\windows\SysWow64\pbsvc_bc2.exe
2010-12-27 20:28 . 2010-12-27 20:28 16896 ---ha-w- c:\windows\AsTaskSched.dll
2010-12-27 20:14 . 2010-12-27 20:14 455680 ----a-w- c:\windows\system32\deploytk.dll
2010-12-27 20:14 . 2010-12-27 20:14 411368 ---ha-w- c:\windows\SysWow64\deploytk.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"RocketDock"="f:\97_rocketdock\RocketDock.exe" [2007-09-02 495616]
"ccleaner"="c:\program files\CCleaner\CCleaner64.exe" [2010-12-21 3391288]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-11-10 4240760]
"IGSYNkFRmaqdjEh"="c:\programdata\IGSYNkFRmaqdjEh.exe" [2011-03-23 546816]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2009-12-24 36864]
"AS00_WN311B"="c:\program files (x86)\NETGEAR\WN311B\Utility\WN311B.exe" [2007-04-04 2125824]
"avgnt"="c:\avira\AntiVir Desktop\avgnt.exe" [2011-01-10 281768]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"PDFPrint"="f:\11_pdf24\pdf24.exe" [2011-02-01 220552]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-02-26 336384]
.
c:\users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech . Produktregistrierung.lnk - c:\program files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe [2009-11-16 517384]
setup_9.0.0.722_23.03.2011_20-11.lnk - c:\users\Home\Desktop\Virus Removal Tool\setup_9.0.0.722_23.03.2011_20-11\startup.exe [2011-3-24 72208]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2010-11-25 354304]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 atillk64;atillk64;f:\13_amd sys moni\atillk64.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
R3 RTL8187;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\DRIVERS\wg111v2.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
S0 40400602;40400602 Boot Guard Driver;c:\windows\system32\DRIVERS\40400602.sys [x]
S0 hotcore3;hotcore3;c:\windows\SysWOW64\drivers\hotcore3.sys [2008-02-15 36368]
S0 SCMNdisP;General NDIS Protocol Driver;c:\windows\system32\DRIVERS\scmndisp.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 40400601;40400601;c:\windows\system32\DRIVERS\40400601.sys [x]
S1 setup_9.0.0.722_23.03.2011_20-11drv;setup_9.0.0.722_23.03.2011_20-11drv;c:\windows\system32\DRIVERS\4040060.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\avira\AntiVir Desktop\sched.exe [2011-01-10 135336]
S2 DBService;DATA BECKER Update Service;c:\program files (x86)\Common Files\DATA BECKER Shared\DBService.exe [2010-05-28 2650112]
S2 DvmMDES;DeviceVM Meta Data Export Service;c:\asus.sys\config\DVMExportService.exe [2009-10-16 319488]
S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 191000]
S2 UnsignedThemes;Unsigned Themes;c:\windows\UnsignedThemesSvc.exe [2009-07-13 24168]
S2 uxpatch;uxpatch;c:\windows\system32\drivers\uxpatch.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 Ctafiltv;Ctafiltv;c:\windows\system32\drivers\Ctafiltv.sys [x]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;f:\91_ever-23\Everest Ultimate Edition v.5.50.2123 beta (portable)\kerneld.amd64 [2010-02-17 26752]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [x]
S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech QuickCam S5500(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [x]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam_x64.sys [x]
S3 NETGEAR;Netgear 802.11 Network Adapter Driver;c:\windows\system32\DRIVERS\wn311b64.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - EVERESTDRIVER
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"="c:\combofix\CF29997.cfxxe" [X]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-01-29 10038304]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2010-11-16 104008]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-01-07 2328944]
"EvtMgr6"="f:\17_logitech g700\SetPointP\SetPoint.exe" [2010-10-28 1680976]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Nach Microsoft E&xcel exportieren - f:\02_off~1\Office14\EXCEL.EXE/3000
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\kmdteo40.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-CtaMon - CtaMon.dll
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\services\EverestDriver]
"ImagePath"="\??\f:\91_ever-23\Everest Ultimate Edition v.5.50.2123 beta (portable)\kerneld.amd64"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3950338975-466694779-4150402184-1001\Software\SecuROM\License information*]
"datasecu"=hex:c4,93,f2,c9,23,b6,49,21,48,62,32,29,da,8f,3e,8d,a9,35,ef,d5,39,
0c,48,2f,82,13,7e,70,e2,71,d3,09,fb,c7,10,3c,54,3f,92,17,d0,66,fd,be,c7,af,\
"rkeysecu"=hex:cf,80,34,32,99,2f,41,ff,9a,39,39,11,ae,5a,f8,aa
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@="{6EF568F4-D437-4466-AA63-A3645136D93E}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\WN311BFCS.exe
c:\windows\DAODx.exe
c:\windows\SysWOW64\attrib.exe
c:\programdata\44621576.exe
f:\91_ever-23\Everest Ultimate Edition v.5.50.2123 beta (portable)\everest.exe
c:\program files (x86)\Windows Live\Contacts\wlcomm.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-03-24 20:28:19 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2011-03-24 19:28
.
Vor Suchlauf: 1 Verzeichnis(se), 39.968.669.696 Bytes frei
.
- - End Of File - - CA08AE9681C36B90468DF42F01B092AA

#4 schau mal hier: http://www.trojaner-board.de/96741-windows-recovery-entfernen.html oder hier http://www.trojaner-board.de/thema/windows%20security%20alert.html

#5 Danke!

Nun sehe ich viele Ordner nicht mehr...C ist Leer. ALso die Ansicht etc.. Sehe nur auf einem Teil der HDDs den Inhalt. Rest ist alles versteckt.
Admin kann ich nicht Starten...Also selbst die Systemsteuerung ist noch "zerschossen". Viele Optionen fehlen und sind weg! Also mehr Schaden noch...

#6 Aus welchem Anlass hast Du Combofix angewendet? Das ist ein aggresives Tool und sollte nur unter Anleitung benutzt werden.

Nun frage ich mich ob Du, bei solchen Problemen ein Neuaufsetzen nicht sinnvoller findest?

Ansonsten kannst Du einmals versuchen mit der Systemwiederherstellung zu arbeiten und auf einen früheren Zeitpunkt das System zurück setzten.

Du kannst weiterhin aber normal aufstarten und kommst auch ins Internet?