Rustys Posted October 31, 2018 Posted October 31, 2018 I was asked to see if I could get this system up and running. Windows Vista 32 bit Gateway Laptop Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24.10.2018 Ran by Angela (administrator) on ANGELA-PC (20-03-2007 01:02:34) Running from C:\Users\Angela\Desktop Loaded Profiles: Angela (Available Profiles: Angela) Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: English (United States) Internet Explorer Version 9 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Windows\System32\SLsvc.exe () C:\Program Files\74697254-1425516543-2D2D-2D2D-0003254135CB\knsj6E67.tmp () C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe () C:\Users\Angela\AppData\Roaming\74697254-1425516543-2D2D-2D2D-0003254135CB\jnsqBF1A.tmp () C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe (SupportSoft, Inc.) C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe (Hefei Hejunzhengce Info Tech Co., Ltd.) C:\Program Files\Windows Audio\R1\AudioSrv.exe () C:\Program Files\NETGEAR\WNA1000M\WlanWpsSvc.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (@Microsoft Corporation) C:\Program Files\Windows Network Services\v9\wmnserv.exe (Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe (Microsoft Corporation) C:\Windows\ehome\ehtray.exe (Microsoft Corporation) C:\Windows\ehome\ehmsas.exe (Microsoft Corporation) C:\Windows\System32\schtasks.exe (Absolute Software Corp.) C:\Windows\System32\rpcnet.exe () C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKU\S-1-5-21-2860630475-1531993715-2310474269-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-20] (Microsoft Corporation) HKU\S-1-5-21-2860630475-1531993715-2310474269-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Aurora.scr [1370624 2008-01-20] (Microsoft Corporation) AppInit_DLLs: C:\ProgramData\FlashBeat\THIHPQ32.dll => No File AppInit_DLLs: __C:\PROGRA~1\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL => C:\Program Files\SearchProtect\SearchProtect\bin\VC32Loader.dll [218384 2015-02-19] () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA1000M Genie.lnk [2013-07-31] ShortcutTarget: NETGEAR WNA1000M Genie.lnk -> C:\Program Files\NETGEAR\WNA1000M\WNA1000M.exe () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 Tcpip\..\Interfaces\{B70AE2D1-D67F-4712-BEEC-16719D97668E}: [DhcpNameServer] 75.75.75.75 75.75.76.76 Tcpip\..\Interfaces\{F9FE20A3-34D6-449E-8914-12FC15E7F958}: [DhcpNameServer] 75.75.75.75 75.75.76.76 Internet Explorer: ================== HKU\S-1-5-21-2860630475-1531993715-2310474269-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp SearchScopes: HKU\S-1-5-21-2860630475-1531993715-2310474269-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Toolbar: HKU\S-1-5-21-2860630475-1531993715-2310474269-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File Toolbar: HKU\S-1-5-21-2860630475-1531993715-2310474269-1000 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File Toolbar: HKU\S-1-5-21-2860630475-1531993715-2310474269-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation) FireFox: ======== FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-07] [Legacy] [not signed] FF HKLM\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension FF Extension: (Default Manager) - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2011-01-07] [Legacy] [not signed] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-10-30] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-10-30] (Google Inc.) Chrome: ======= StartMenuInternet: Google Chrome.L7J5TMSOM5SFHPIGRLQDE2HRWY - C:\Users\Angela\AppData\Local\Microsoft\Internet Explorer\Application\46.10.2479.3\switcher_ie.exe ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 cyriryvo; C:\Program Files\74697254-1425516543-2D2D-2D2D-0003254135CB\knsj6E67.tmp [482816 2015-08-24] () [File not signed] <==== ATTENTION R2 ETService; C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe [24576 2008-06-11] () [File not signed] S3 GameConsoleService; C:\Program Files\Gateway Games\Gateway Game Console\GameConsoleService.exe [250616 2009-03-30] (WildTangent, Inc.) R2 gyviboxy; C:\Users\Angela\AppData\Roaming\74697254-1425516543-2D2D-2D2D-0003254135CB\jnsqBF1A.tmp [193536 2015-03-04] () [File not signed] S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4753104 2018-05-09] (Malwarebytes) R2 rpcnet; C:\Windows\system32\rpcnet.exe [78032 2007-03-20] (Absolute Software Corp.) R2 sprtlisten; C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe [1213728 2008-01-08] (SupportSoft, Inc.) R2 WinAudioSrv_R1; C:\Program Files\Windows Audio\R1\AudioSrv.exe [4024920 2015-04-07] (Hefei Hejunzhengce Info Tech Co., Ltd.) R2 WlanWpsSvc; C:\Program Files\NETGEAR\WNA1000M\WlanWpsSvc.exe [167936 2011-06-30] () [File not signed] R2 wmmserv_r11; C:\Program Files\Windows Network Services\v9\wmnserv.exe [3402752 2015-11-17] (@Microsoft Corporation) [File not signed] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 pneteth; C:\Windows\System32\DRIVERS\pneteth.sys [13440 2011-11-25] (June Fabrics Technology Inc.) S3 protect; C:\Program Files\QualityChecker\qc.sys [10752 2015-12-30] () [File not signed] R3 RTL8192cu; C:\Windows\System32\DRIVERS\WNA1000M.sys [700520 2011-01-31] (Realtek Semiconductor Corporation ) R1 RtlProt; C:\Windows\System32\DRIVERS\rtlprot.sys [25896 2007-04-23] (Windows ® Codename Longhorn DDK provider) R0 SymDS; C:\Windows\System32\drivers\NAV\1302000.00A\SYMDS.SYS [340088 2011-07-25] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\NAV\1302000.00A\SYMEFA.SYS [897656 2011-09-26] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [127096 2011-12-29] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\NAV\1302000.00A\Ironx86.SYS [149624 2011-07-25] (Symantec Corporation) R1 SYMTDIv; C:\Windows\System32\Drivers\NAV\1302000.00A\SYMTDIV.SYS [344184 2011-07-25] (Symantec Corporation) S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [43520 2012-02-15] (Apple, Inc.) [File not signed] S3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [11776 2007-05-23] (Chicony Electronics Co., Ltd.) R1 {a55667f1-a319-4629-a8b6-a68d9d3313ee}Gt; C:\Windows\System32\drivers\{a55667f1-a319-4629-a8b6-a68d9d3313ee}Gt.sys [55824 2015-03-04] (StdLib) S1 cherimoya; system32\drivers\cherimoya.sys [X] <==== ATTENTION S3 IpInIp; system32\DRIVERS\ipinip.sys [X] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] S1 qrnfd_1_10_0_9; system32\drivers\qrnfd_1_10_0_9.sys [X] S1 swsedrvr_vt_1_10_0_29; system32\drivers\swsedrvr_vt_1_10_0_29.sys [X] S3 vzandnetdiag; system32\DRIVERS\lgvzandnetdiag.sys [X] S3 vzandnetdiag2; system32\DRIVERS\lgvzandnetdiag2.sys [X] S3 vzandnetmodem; system32\DRIVERS\lgvzandnetmdm.sys [X] S3 vzandnetndis; system32\DRIVERS\lgvzandnetndis.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-10-31 00:40 - 2018-10-31 00:40 - 000001857 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2018-10-31 00:40 - 2018-10-31 00:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2018-10-31 00:40 - 2018-10-31 00:40 - 000000000 ____D C:\ProgramData\Malwarebytes 2018-10-31 00:40 - 2018-10-31 00:40 - 000000000 ____D C:\Program Files\Malwarebytes 2018-10-31 00:40 - 2018-04-26 05:36 - 000128736 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys 2018-10-31 00:39 - 2018-10-31 00:39 - 076534856 _____ (Malwarebytes ) C:\Users\Angela\Desktop\mb3-setup-legacywos-3.5.1.2522-1.0.365-1.0.5292.exe 2018-10-31 00:35 - 2018-10-31 00:35 - 007592144 _____ (Malwarebytes) C:\Users\Angela\Desktop\AdwCleaner.exe 2018-10-30 22:25 - 2018-10-30 22:25 - 000068072 _____ (Absolute Software Corp.) C:\Windows\system32\agremove.exe 2018-10-30 22:16 - 2018-10-30 22:16 - 000000302 _____ C:\3C4D.tmp 2018-10-30 16:39 - 2018-10-30 22:27 - 000000000 ____D C:\Users\Angela\Desktop\New Folder 2018-10-30 11:46 - 2018-10-30 13:15 - 000000000 ____D C:\Windows\pss 2018-10-30 11:39 - 2018-10-30 11:39 - 000019912 ____H C:\Windows\Tasks\{080A7E47-0B08-0B0F-0411-0A047D0E1178}.job 2018-10-30 11:39 - 2018-10-30 11:39 - 000000000 ____D C:\ProgramData\c6b12a7f-08a7-1 2018-10-30 11:36 - 2018-10-30 11:36 - 000019728 ____H C:\Windows\Tasks\{05040C47-0805-0C05-0B11-0B0E05041109}.job 2018-10-30 11:36 - 2018-10-30 11:36 - 000000000 ____D C:\ProgramData\ca85ed86-4687-1 2018-10-29 10:54 - 2018-10-30 16:22 - 000000680 _____ C:\Users\Angela\AppData\Local\d3d9caps.dat 2015-11-18 14:07 - 2015-07-03 10:04 - 001316864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2015-11-18 14:06 - 2015-07-31 13:27 - 000103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2015-11-18 14:04 - 2015-06-17 10:50 - 002264576 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2015-11-18 14:04 - 2015-06-17 09:09 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe 2015-11-18 14:02 - 2015-07-10 13:37 - 002067968 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2015-11-18 13:59 - 2015-07-22 14:54 - 012386816 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-11-18 13:59 - 2015-07-22 14:54 - 000367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-11-18 13:59 - 2015-07-22 14:51 - 001810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-11-18 13:59 - 2015-07-22 14:47 - 009751040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-11-18 13:59 - 2015-07-22 14:46 - 001139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-11-18 13:59 - 2015-07-22 14:46 - 001129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-11-18 13:59 - 2015-07-22 14:45 - 001427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-11-18 13:59 - 2015-07-22 14:45 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2015-11-18 13:59 - 2015-07-22 14:45 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-11-18 13:59 - 2015-07-22 14:44 - 001804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-11-18 13:59 - 2015-07-22 14:44 - 000718336 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-11-18 13:59 - 2015-07-22 14:44 - 000607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-11-18 13:59 - 2015-07-22 14:44 - 000421888 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-11-18 13:59 - 2015-07-22 14:44 - 000142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-11-18 13:59 - 2015-07-22 14:43 - 002382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-11-18 13:59 - 2015-07-22 14:43 - 000353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-11-18 13:59 - 2015-07-22 14:43 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-11-18 13:59 - 2015-07-22 14:43 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-11-18 13:59 - 2015-07-22 14:43 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2015-11-18 13:59 - 2015-07-22 14:43 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2015-11-18 13:59 - 2015-07-22 14:43 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2015-11-18 13:59 - 2015-07-22 14:42 - 000176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-11-18 13:58 - 2015-07-11 09:56 - 011587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2015-11-18 13:54 - 2015-07-10 13:37 - 001402368 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2015-11-18 13:54 - 2015-07-10 13:37 - 001253376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2015-11-18 13:53 - 2015-05-31 02:11 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll 2015-11-18 13:52 - 2015-07-31 16:08 - 000034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-11-18 13:52 - 2015-07-31 15:46 - 001029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll 2015-11-18 13:52 - 2015-07-31 15:46 - 000219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll 2015-11-18 13:52 - 2015-07-31 15:46 - 000189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll 2015-11-18 13:52 - 2015-07-31 15:46 - 000160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll 2015-11-18 13:52 - 2015-07-31 14:41 - 001172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2015-11-18 13:52 - 2015-07-31 14:40 - 000486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2015-11-18 13:52 - 2015-07-31 14:35 - 000682496 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2015-11-18 13:52 - 2015-07-31 14:33 - 002066944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-11-18 13:52 - 2015-07-31 14:33 - 001072640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-11-18 13:52 - 2015-07-31 14:33 - 000802304 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-11-18 13:52 - 2015-07-31 14:33 - 000297472 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-11-18 13:49 - 2015-06-27 10:03 - 000783872 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2015-11-18 13:49 - 2015-06-27 10:02 - 000501248 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-11-18 13:49 - 2015-06-27 10:02 - 000218112 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-11-18 13:49 - 2015-06-27 10:01 - 000801280 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2015-11-18 13:49 - 2015-06-27 08:21 - 000217088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2015-11-18 13:49 - 2015-06-27 08:21 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2015-11-18 13:49 - 2015-06-12 07:13 - 000440768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-11-18 13:49 - 2015-01-08 18:17 - 000107008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2015-09-10 08:23 - 2015-07-09 08:20 - 000304640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2015-09-10 08:23 - 2015-06-12 10:01 - 000298496 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2015-09-10 08:19 - 2015-07-01 09:57 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2015-09-08 09:08 - 2015-07-09 08:25 - 000151040 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe 2015-09-08 09:08 - 2015-07-09 08:25 - 000151040 _____ (Microsoft Corporation) C:\Windows\notepad.exe 2015-08-24 11:18 - 2018-10-30 23:22 - 000000000 ____D C:\Program Files\74697254-1425516543-2D2D-2D2D-0003254135CB 2015-08-05 01:03 - 2015-08-05 01:03 - 000877152 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll 2015-08-05 01:03 - 2015-08-05 01:03 - 000538208 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll 2015-06-25 09:42 - 2018-10-31 00:36 - 000000000 _____ C:\Users\Angela\Documents\IE11-Windows6.1-x86-en-us.exe 2015-06-17 02:01 - 2015-06-17 02:01 - 001202856 _____ (Microsoft Corporation) C:\Windows\system32\FM20.DLL 2015-06-12 03:15 - 2015-04-24 09:54 - 000532480 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2015-06-12 03:14 - 2015-05-08 17:08 - 000894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-06-12 03:01 - 2015-05-04 16:51 - 010628608 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2015-06-12 03:01 - 2015-05-04 16:50 - 000007680 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2015-06-12 03:01 - 2015-05-04 16:50 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2015-06-12 03:01 - 2015-05-04 16:50 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2015-06-12 03:01 - 2015-05-04 15:21 - 008147456 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2015-05-16 11:16 - 2018-10-30 18:35 - 000000000 ____D C:\Windows\Minidump 2015-05-16 11:02 - 2015-04-30 10:03 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-05-14 12:01 - 2015-04-10 17:22 - 000279552 _____ (Microsoft Corporation) C:\Windows\system32\services.exe 2015-04-14 22:45 - 2015-03-04 20:32 - 000244152 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys 2015-04-14 22:45 - 2015-03-04 20:23 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll 2015-04-07 13:19 - 2015-04-07 13:19 - 000000461 _____ C:\Users\Angela\Desktop\2015 - Shortcut.lnk 2015-04-07 13:18 - 2015-05-16 10:53 - 000000000 ____D C:\Users\Angela\Documents\2015 2015-04-07 13:17 - 2015-04-07 13:17 - 000000540 _____ C:\Users\Angela\Desktop\Reoccuring Payments - Shortcut.lnk 2015-04-07 13:15 - 2007-03-20 01:31 - 000000000 ____D C:\Users\Angela\Documents\Reoccuring Payments 2015-04-07 12:10 - 2018-10-30 13:13 - 000000000 ____D C:\Program Files\Internet Explorer 11 2015-04-07 12:10 - 2015-06-29 10:47 - 000000000 ____D C:\ProgramData\imexplorer 2015-04-07 10:54 - 2015-04-07 10:54 - 000000000 ____D C:\Program Files\Windows Audio 2015-04-06 01:05 - 2015-04-06 01:05 - 000240980 _____ C:\Users\Angela\Downloads\FTF_2015-04-06_1428303913734.pdf 2015-03-13 18:01 - 2015-03-24 20:28 - 000000000 ____D C:\ProgramData\Windows VXM 2015-03-13 18:01 - 2015-03-24 20:28 - 000000000 ____D C:\Program Files\Windows Network Accelerater 2015-03-13 17:42 - 2015-01-28 19:35 - 000369664 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2015-03-13 17:40 - 2015-01-28 19:35 - 000975360 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-03-13 17:30 - 2015-01-08 18:18 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-03-13 17:29 - 2015-01-20 20:02 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2015-03-05 19:22 - 2015-03-13 17:26 - 000000000 ____D C:\ProgramData\Optimizer 2015-03-05 19:22 - 2015-03-05 19:22 - 000000000 ____D C:\Users\Angela\Documents\DreamVideoSoft 2015-03-05 19:22 - 2015-03-05 19:22 - 000000000 ____D C:\Program Files\predm 2015-03-05 18:07 - 2014-11-25 20:05 - 000564224 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2015-03-05 18:02 - 2014-12-07 19:59 - 000306176 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll 2015-03-05 17:58 - 2015-03-05 20:14 - 000000004 _____ C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7 2015-03-04 19:17 - 2015-03-06 19:22 - 000000000 ____D C:\Program Files\globalUpdate 2015-03-04 19:17 - 2015-03-05 17:57 - 000008840 _____ C:\Windows\system32\BasementDusterOff.ini 2015-03-04 19:17 - 2015-03-04 19:17 - 000000000 ____D C:\Users\Angela\AppData\Local\globalUpdate 2015-03-04 18:49 - 2018-10-30 23:23 - 000000000 ____D C:\Users\Angela\AppData\Roaming\74697254-1425516543-2D2D-2D2D-0003254135CB 2015-03-04 18:47 - 2015-03-04 13:15 - 000055824 _____ (StdLib) C:\Windows\system32\Drivers\{a55667f1-a319-4629-a8b6-a68d9d3313ee}Gt.sys 2015-03-04 18:43 - 2015-03-04 18:43 - 000000000 ____D C:\Users\Angela\AppData\Local\rito 2015-03-04 18:43 - 2015-03-04 18:43 - 000000000 ____D C:\Program Files\WSE_Binkiland 2015-03-04 18:43 - 2011-06-21 12:24 - 000032768 _____ C:\Windows\system32\Drivers\sp_rsdrv2.sys 2015-03-04 18:36 - 2015-03-05 19:11 - 000000000 ____D C:\Program Files\VideoLAN 2015-03-04 18:33 - 2015-03-05 19:09 - 000000000 ____D C:\Program Files\shopperz 2015-03-04 18:33 - 2015-03-04 18:33 - 000000000 ____D C:\Users\Angela\AppData\LocalLow\Company 2015-03-04 18:33 - 2015-03-04 18:33 - 000000000 ____D C:\Users\Angela\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A} 2015-03-04 18:32 - 2015-03-04 18:33 - 000019384 _____ C:\Windows\system32\Drivers\SPPD.sys 2015-03-04 18:32 - 2015-03-04 18:32 - 000000000 ____D C:\Users\Angela\AppData\Local\avayvaxvaa 2015-03-04 18:31 - 2015-03-04 18:32 - 000000000 ____D C:\Program Files\SearchProtect 2015-01-14 20:22 - 2014-12-18 18:25 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2015-01-14 20:14 - 2014-12-05 21:14 - 000174080 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll 2015-01-14 20:14 - 2014-12-05 21:14 - 000093184 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll 2015-01-14 20:14 - 2014-12-05 21:14 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll 2015-01-14 20:13 - 2014-12-05 21:14 - 000153600 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll 2015-01-13 13:03 - 2014-11-03 18:19 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-12-12 13:21 - 2014-10-09 19:01 - 000449536 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-12-12 13:21 - 2014-10-09 19:00 - 001259008 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-12-12 13:21 - 2014-10-09 19:00 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2014-12-12 13:21 - 2014-10-09 17:22 - 000619520 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2014-12-12 13:16 - 2014-08-26 18:55 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-12-12 13:13 - 2014-10-23 19:04 - 000067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-12-12 13:09 - 2014-08-11 20:25 - 000729600 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL 2014-12-12 13:06 - 2014-10-02 19:18 - 000274432 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2014-12-12 13:06 - 2014-10-02 19:17 - 000396800 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2014-12-12 13:06 - 2014-10-02 19:17 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2014-12-12 13:06 - 2014-10-02 19:17 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2014-11-17 12:32 - 2014-11-17 12:32 - 000137766 _____ C:\Users\Angela\Documents\verizon bill.pdf 2014-10-17 11:11 - 2014-06-15 16:18 - 001131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2014-10-17 11:11 - 2014-06-13 12:22 - 000156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll 2014-10-17 11:11 - 2014-06-13 12:22 - 000081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll 2014-10-17 11:01 - 2014-09-04 17:27 - 000143360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys 2014-10-03 12:01 - 2012-08-21 13:01 - 000026840 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys 2014-10-03 12:00 - 2018-10-30 18:27 - 000000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 2014-10-03 10:24 - 2014-06-26 16:17 - 000619664 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe 2014-10-03 10:24 - 2014-06-26 16:17 - 000099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll 2014-10-03 10:24 - 2014-06-26 16:17 - 000008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll 2014-10-03 10:24 - 2014-06-05 22:28 - 000035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2014-09-24 13:26 - 2014-06-13 18:44 - 000638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2014-09-24 13:26 - 2014-06-13 18:33 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll 2014-09-24 13:26 - 2014-06-02 04:31 - 000332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2014-09-24 13:26 - 2014-06-02 04:30 - 001993728 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2014-09-24 13:26 - 2014-06-02 04:30 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2014-09-24 13:26 - 2014-06-02 02:56 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2014-07-10 10:54 - 2014-06-06 02:59 - 000506880 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-07-10 10:54 - 2014-05-30 00:53 - 000273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-06-12 11:41 - 2014-04-26 10:01 - 000502784 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2014-06-12 11:41 - 2014-04-04 20:42 - 000905664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-06-12 11:19 - 2014-06-12 11:19 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2014-05-07 15:08 - 2014-05-07 15:08 - 000000000 ____D C:\ProgramData\Visan 2014-05-07 15:04 - 2014-05-07 15:04 - 000000057 _____ C:\ProgramData\Ament.ini 2014-04-21 15:24 - 2014-04-21 15:24 - 000017512 _____ (Absolute Software Corp.) C:\Windows\system32\wceprv.dll 2014-03-31 22:46 - 2014-03-31 22:46 - 001070232 _____ (Microsoft Corporation) C:\Windows\system32\MSCOMCTL.OCX 2014-03-31 22:46 - 2014-03-31 22:46 - 000130712 _____ (Microsoft Corporation) C:\Windows\system32\MSSTDFMT.DLL 2014-03-31 12:29 - 2017-12-20 12:32 - 000065512 _____ (Absolute Software Corporation) C:\Windows\system32\identprv.dll 2014-03-12 23:01 - 2014-01-30 01:46 - 000876032 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2014-01-27 12:10 - 2018-10-30 18:35 - 000000000 ____D C:\Users\Angela\AppData\Local\CrashDumps 2014-01-06 18:53 - 2014-01-06 18:53 - 000000439 _____ C:\Users\Angela\Desktop\2014 - Shortcut.lnk 2014-01-06 18:52 - 2014-01-06 18:52 - 000000439 _____ C:\Users\Angela\Desktop\2013 - Shortcut.lnk 2014-01-06 18:39 - 2007-03-25 19:20 - 000000000 ____D C:\Users\Angela\Documents\2014 2014-01-06 18:38 - 2015-04-01 18:18 - 000000000 ____D C:\Users\Angela\Documents\2013 2014-01-06 12:50 - 2014-01-06 17:41 - 000247160 _____ C:\Users\Angela\Downloads\transactions.csv 2014-01-04 18:37 - 2014-01-06 12:53 - 000000000 ____D C:\Users\Angela\Documents\2012 2013-12-10 13:57 - 2013-10-29 20:12 - 000335360 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll 2013-12-10 13:57 - 2013-10-29 19:43 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys 2013-12-10 13:57 - 2013-10-29 18:43 - 000167936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys 2013-12-10 13:57 - 2013-10-22 01:19 - 000158208 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll 2013-12-10 13:57 - 2013-10-10 20:08 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll 2013-12-10 13:57 - 2013-10-10 20:08 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx 2013-12-10 13:57 - 2013-10-10 20:08 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wshcon.dll 2013-12-10 13:57 - 2013-10-10 18:35 - 000155648 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe 2013-12-10 13:57 - 2013-10-10 18:35 - 000135168 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe 2013-12-05 15:44 - 2013-12-05 15:44 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_07_00.Wdf 2013-11-29 18:11 - 2013-11-29 18:11 - 000000000 ____D C:\Program Files\MSXML 4.0 2013-11-27 19:41 - 2013-11-27 20:20 - 000000000 ____D C:\Users\Angela\Documents\SelfMV 2013-11-27 19:29 - 2013-11-27 19:29 - 000000000 ____D C:\Users\Public\Documents\NativeFus_Log 2013-11-27 19:29 - 2013-11-27 19:29 - 000000000 ____D C:\Users\Public\Documents\CrashDump 2013-11-27 19:27 - 2013-08-20 22:31 - 000015560 _____ (MCCI Corporation) C:\Windows\system32\Drivers\sscdcm.sys 2013-11-27 19:27 - 2013-08-20 22:31 - 000015304 _____ (MCCI Corporation) C:\Windows\system32\Drivers\sscdwh.sys 2013-11-27 19:24 - 2013-11-27 20:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung 2013-11-27 19:24 - 2013-10-30 13:13 - 004659712 _____ (Dmitry Streblechenko) C:\Windows\system32\Redemption.dll 2013-11-27 19:22 - 2018-10-30 23:47 - 000000000 ____D C:\Users\Angela\AppData\Local\Downloaded Installations 2013-11-24 15:50 - 2013-11-24 15:50 - 000000000 ____D C:\Program Files\Common Files\Motorola Shared 2013-11-24 13:50 - 2013-11-24 13:50 - 000000000 ____D C:\Windows\system32\VirtualExpander 2013-11-24 13:43 - 2015-09-25 09:39 - 000000000 ____D C:\Users\Angela\Documents\Resume 2013-11-24 13:43 - 2013-11-24 13:43 - 000000000 ____D C:\Users\Angela\Documents\Readme_flashdemo 2013-11-24 13:42 - 2013-11-24 13:42 - 000000000 ____D C:\Users\Angela\Documents\Conditional use letter 2013-11-24 13:42 - 2013-11-24 13:42 - 000000000 ____D C:\Users\Angela\Documents\Conditional use and Variance 2013-11-20 14:05 - 2013-11-20 14:05 - 000056364 _____ C:\Users\Angela\Downloads\PGRNovemberBill.html 2013-11-17 13:08 - 2013-10-10 20:08 - 000444928 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2013-11-17 13:08 - 2013-10-10 20:07 - 000596480 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2013-11-17 13:08 - 2013-10-10 18:39 - 000218228 _____ C:\Windows\system32\WFP.TMF 2013-11-17 13:08 - 2013-10-03 06:45 - 000993792 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-10-30 13:06 - 2013-10-30 13:06 - 000974848 _____ C:\Windows\system32\cis-2.4.dll 2013-10-30 13:06 - 2013-10-30 13:06 - 000569344 _____ (© MusicCity) C:\Windows\system32\muzdecode.ax 2013-10-30 13:06 - 2013-10-30 13:06 - 000491520 _____ (Musiccity Co.Ltd.) C:\Windows\system32\muzapp.dll 2013-10-30 13:06 - 2013-10-30 13:06 - 000352256 _____ (Sample Corporation) C:\Windows\system32\MSLUR71.dll 2013-10-30 13:06 - 2013-10-30 13:06 - 000258048 _____ (© PeeringPortal) C:\Windows\system32\muzoggsp.ax 2013-10-30 13:06 - 2013-10-30 13:06 - 000245760 _____ (Teruten Inc.) C:\Windows\system32\MSCLib.dll 2013-10-30 13:06 - 2013-10-30 13:06 - 000200704 _____ ( © MusicCity) C:\Windows\system32\muzwmts.dll 2013-10-30 13:06 - 2013-10-30 13:06 - 000172032 _____ (Musiccity Co.Ltd.) C:\Windows\system32\muzapp.exe 2013-10-30 13:06 - 2013-10-30 13:06 - 000155648 _____ (Teruten Inc.) C:\Windows\system32\MSFLib.dll 2013-10-30 13:06 - 2013-10-30 13:06 - 000143360 _____ C:\Windows\system32\3DAudio.ax 2013-10-30 13:06 - 2013-10-30 13:06 - 000135168 _____ (Musiccity Co.Ltd.) C:\Windows\system32\muzaf1.dll 2013-10-30 13:06 - 2013-10-30 13:06 - 000131072 _____ (© MusicCity) C:\Windows\system32\muzmpgsp.ax 2013-10-30 13:06 - 2013-10-30 13:06 - 000122880 _____ (© MUSICCITY) C:\Windows\system32\muzeffect.ax 2013-10-30 13:06 - 2013-10-30 13:06 - 000118784 _____ ((주)마크애니) C:\Windows\system32\MaDRM.dll 2013-10-30 13:06 - 2013-10-30 13:06 - 000110592 _____ (© MusicCity) C:\Windows\system32\muzmp4sp.ax 2013-10-30 13:06 - 2013-10-30 13:06 - 000081920 _____ C:\Windows\system32\issacapi_bs-2.3.dll 2013-10-30 13:06 - 2013-10-30 13:06 - 000065536 _____ C:\Windows\system32\issacapi_pe-2.3.dll 2013-10-30 13:06 - 2013-10-30 13:06 - 000057344 _____ C:\Windows\system32\issacapi_se-2.3.dll 2013-10-30 13:06 - 2013-10-30 13:06 - 000057344 _____ (Marktek) C:\Windows\system32\MK_Lyric.dll 2013-10-30 13:06 - 2013-10-30 13:06 - 000057344 _____ (Marktek Inc.) C:\Windows\system32\MTXSYNCICON.dll 2013-10-30 13:06 - 2013-10-30 13:06 - 000049152 _____ ((주) 마크애니) C:\Windows\system32\MaJGUILib.dll 2013-10-30 13:06 - 2013-10-30 13:06 - 000045320 _____ (MARKANY) C:\Windows\system32\MAMACExtract.dll 2013-10-30 13:06 - 2013-10-30 13:06 - 000045056 _____ ((주) 마크애니) C:\Windows\system32\MaXMLProto.dll 2013-10-30 13:06 - 2013-10-30 13:06 - 000045056 _____ ((주) 마크애니) C:\Windows\system32\MACXMLProto.dll 2013-10-30 13:06 - 2013-10-30 13:06 - 000040960 _____ (Telechips Inc.,) C:\Windows\system32\MTTELECHIP.dll 2013-10-30 13:06 - 2013-10-30 13:06 - 000024576 _____ ((주)마크애니) C:\Windows\system32\MASetupCleaner.exe 2013-10-28 20:10 - 2013-10-28 20:10 - 000000079 _____ C:\Users\Angela\AppData\Local\DVDPATH.TXT 2013-10-11 11:45 - 2013-07-02 20:33 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys 2013-10-11 11:45 - 2013-07-02 20:10 - 000025472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2013-10-11 11:45 - 2013-06-28 20:07 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2013-10-11 11:45 - 2013-06-28 20:07 - 000197632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2013-10-11 11:45 - 2013-06-28 20:07 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2013-10-11 11:45 - 2013-06-28 20:06 - 000006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2013-10-11 11:45 - 2013-06-26 17:01 - 000527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys 2013-10-11 11:45 - 2011-05-05 07:54 - 000039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2013-10-11 11:45 - 2011-05-05 07:54 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2013-10-05 14:46 - 2013-10-05 14:46 - 000138466 _____ C:\Users\Angela\Documents\birthplan_pdf.pdf 2013-10-01 13:37 - 2013-10-11 11:40 - 000000000 ____D C:\Users\Angela\Documents\Mesquite Rental Desert Gold Dispute 2013-10-01 13:25 - 2013-10-01 13:25 - 000332222 _____ C:\Users\Angela\Downloads\Security Deposit Disbursement Statement for 156 DW C.pdf 2013-09-19 17:25 - 2013-08-01 22:09 - 001548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2013-09-19 17:25 - 2013-07-15 22:35 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll 2013-09-19 17:05 - 2007-03-20 03:28 - 000000000 ____D C:\Windows\system32\MRT 2013-09-11 22:21 - 2013-09-11 22:21 - 000863344 _____ (Microsoft Corporation) C:\Windows\system32\msvcr110_clr0400.dll 2013-09-11 22:21 - 2013-09-11 22:21 - 000501872 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110_clr0400.dll 2013-09-11 22:21 - 2013-09-11 22:21 - 000028776 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll 2013-09-11 22:21 - 2013-09-11 22:21 - 000018000 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll 2013-08-26 14:31 - 2013-07-07 22:20 - 000172544 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2013-08-26 14:31 - 2013-07-07 22:16 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2013-08-26 14:31 - 2013-07-07 22:16 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2013-08-26 14:31 - 2013-06-15 07:22 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll 2013-08-26 14:31 - 2013-06-15 05:23 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2013-08-13 22:33 - 2013-08-13 22:33 - 000271032 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpinkstsB511LM.dll 2013-08-13 16:33 - 2013-08-13 22:33 - 002220216 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpinkinsB511.exe 2013-08-13 16:33 - 2013-08-13 22:33 - 000222904 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpinkcoiB511.dll 2013-08-04 16:32 - 2012-07-25 21:39 - 000047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys 2013-08-04 16:32 - 2012-07-25 21:21 - 000196608 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe 2013-08-04 16:32 - 2012-07-25 21:20 - 000613888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll 2013-08-04 16:32 - 2012-07-25 21:20 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll 2013-08-04 16:32 - 2012-07-25 21:20 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll 2013-08-04 16:32 - 2012-07-25 21:20 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll 2013-08-04 16:32 - 2012-07-25 20:46 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll 2013-08-04 16:32 - 2012-07-25 20:33 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys 2013-08-04 16:32 - 2012-07-25 20:32 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys 2013-08-04 16:32 - 2012-06-02 08:57 - 000000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf 2013-08-04 16:32 - 2009-07-14 06:12 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\winusb.dll 2013-08-04 16:32 - 2009-07-13 17:51 - 000034944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys 2013-08-04 15:36 - 2012-05-11 09:57 - 000623616 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2013-08-04 15:35 - 2012-11-02 04:18 - 000376320 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll 2013-08-04 15:35 - 2012-11-02 02:26 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe 2013-08-04 15:35 - 2012-09-25 10:19 - 000075776 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll 2013-08-04 15:35 - 2012-08-21 05:47 - 000224640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys 2013-08-04 15:35 - 2012-06-29 10:01 - 000467968 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll 2013-08-04 15:34 - 2013-05-01 22:04 - 000443904 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2013-08-04 15:34 - 2013-05-01 22:03 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\printcom.dll 2013-08-04 15:34 - 2013-04-23 22:00 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll 2013-08-04 15:34 - 2013-04-23 19:46 - 000812544 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe 2013-08-04 15:34 - 2013-03-03 13:07 - 001082232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2013-08-04 15:34 - 2012-11-21 21:54 - 000353280 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll 2013-08-04 15:34 - 2012-11-19 22:22 - 000204288 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2013-08-04 15:34 - 2012-11-07 21:48 - 001314816 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2013-08-04 15:33 - 2013-04-17 06:30 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll 2013-08-04 15:33 - 2013-03-07 21:53 - 000376320 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2013-08-04 15:33 - 2013-02-11 19:57 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023x.sys 2013-08-04 15:33 - 2013-02-11 19:57 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys 2013-08-04 15:33 - 2012-05-01 08:03 - 000180736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys 2013-08-04 15:10 - 2013-08-04 16:12 - 000047616 _____ C:\Users\Angela\Downloads\Copy of Daily Report Sample (1).xls 2013-08-04 14:24 - 2013-08-04 14:24 - 000000000 ____D C:\Users\Angela\Downloads\NETGEAR 2013-08-04 14:20 - 2013-08-04 14:20 - 000055296 _____ C:\Users\Angela\Downloads\Copy of Daily Report Sample.xls 2013-07-31 13:36 - 2013-07-31 13:36 - 000001786 _____ C:\Users\Public\Desktop\NETGEAR WNA1000M Genie.lnk 2013-07-31 13:36 - 2013-07-31 13:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR WNA1000M Genie 2013-07-31 13:36 - 2013-07-31 13:36 - 000000000 ____D C:\Program Files\NETGEAR 2013-07-31 13:35 - 2013-07-31 13:35 - 000000000 ____D C:\Windows\Downloaded Installations 2013-05-07 19:05 - 2012-06-02 16:19 - 001933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2013-05-07 19:05 - 2012-06-02 16:19 - 000577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2013-05-07 19:05 - 2012-06-02 16:19 - 000053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2013-05-07 19:05 - 2012-06-02 16:19 - 000045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2013-05-07 19:05 - 2012-06-02 16:19 - 000035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2013-05-07 19:05 - 2012-06-02 16:12 - 002422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2013-05-07 19:05 - 2012-06-02 16:12 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2013-05-07 19:04 - 2012-06-02 15:19 - 000171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2013-05-07 19:04 - 2012-06-02 15:12 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2012-05-12 03:09 - 2012-03-20 17:28 - 000053120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys 2012-04-17 03:04 - 2012-02-29 09:11 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll 2012-04-17 03:04 - 2012-02-29 07:32 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys 2012-03-13 13:51 - 2012-01-09 09:54 - 000613376 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll 2012-02-27 16:06 - 2012-02-27 16:06 - 000000000 ____D C:\Windows\CheckSur 2012-02-23 11:04 - 2012-02-23 11:04 - 003695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2012-02-23 11:04 - 2012-02-23 11:04 - 000434176 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2012-02-23 11:04 - 2012-02-23 11:04 - 000353584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2012-02-23 11:04 - 2012-02-23 11:04 - 000227840 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll 2012-02-23 11:04 - 2012-02-23 11:04 - 000203776 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2012-02-23 11:04 - 2012-02-23 11:04 - 000163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll 2012-02-23 11:04 - 2012-02-23 11:04 - 000162304 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2012-02-23 11:04 - 2012-02-23 11:04 - 000161792 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2012-02-23 11:04 - 2012-02-23 11:04 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2012-02-23 11:04 - 2012-02-23 11:04 - 000150528 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2012-02-23 11:04 - 2012-02-23 11:04 - 000130560 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll 2012-02-23 11:04 - 2012-02-23 11:04 - 000123392 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2012-02-23 11:04 - 2012-02-23 11:04 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2012-02-23 11:04 - 2012-02-23 11:04 - 000114176 _____ (Microsoft Corporation) C:\Windows\system32\advpack.dll 2012-02-23 11:04 - 2012-02-23 11:04 - 000110592 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2012-02-23 11:04 - 2012-02-23 11:04 - 000101888 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll 2012-02-23 11:04 - 2012-02-23 11:04 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2012-02-23 11:04 - 2012-02-23 11:04 - 000078848 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2012-02-23 11:04 - 2012-02-23 11:04 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2012-02-23 11:04 - 2012-02-23 11:04 - 000074752 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2012-02-23 11:04 - 2012-02-23 11:04 - 000074752 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2012-02-23 11:04 - 2012-02-23 11:04 - 000074240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2012-02-23 11:04 - 2012-02-23 11:04 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2012-02-23 11:04 - 2012-02-23 11:04 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2012-02-23 11:04 - 2012-02-23 11:04 - 000054272 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2012-02-23 11:04 - 2012-02-23 11:04 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2012-02-23 11:04 - 2012-02-23 11:04 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2012-02-23 11:04 - 2012-02-23 11:04 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2012-02-23 11:04 - 2012-02-23 11:04 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2012-02-20 22:39 - 2011-11-16 10:23 - 000377344 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll 2012-02-20 22:39 - 2011-11-16 10:23 - 000072704 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2012-02-20 22:39 - 2011-11-16 08:12 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2012-02-20 22:38 - 2011-12-14 10:17 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll 2012-02-15 11:01 - 2012-02-15 11:01 - 004547944 _____ (Apple, Inc.) C:\Windows\system32\usbaaplrc.dll 2012-02-15 11:01 - 2012-02-15 11:01 - 000043520 _____ (Apple, Inc.) C:\Windows\system32\Drivers\usbaapl.sys 2012-01-26 22:21 - 2012-01-26 22:21 - 000000000 ____D C:\Users\Angela\AppData\Local\{9061903F-77E5-431A-AB33-DC3D492BBF4C} 2012-01-26 22:21 - 2012-01-26 22:21 - 000000000 ____D C:\Users\Angela\AppData\Local\{585A4D00-52AE-4BD6-931A-BF9E6D6097BD} 2012-01-13 16:27 - 2011-10-14 10:03 - 000189952 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll 2012-01-13 16:27 - 2011-10-14 10:00 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\mciseq.dll 2012-01-13 16:26 - 2011-10-25 09:58 - 000497152 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2012-01-11 19:50 - 2012-01-11 19:50 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf 2012-01-11 19:47 - 2011-11-25 01:26 - 000013440 _____ (June Fabrics Technology Inc.) C:\Windows\system32\Drivers\pneteth.sys 2012-01-11 19:47 - 2009-11-08 02:41 - 001112288 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll 2012-01-11 19:47 - 2009-11-08 02:41 - 000581192 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll 2012-01-11 19:32 - 2013-11-24 15:50 - 000000000 ____D C:\Program Files\Motorola 2011-12-15 01:22 - 2011-10-14 10:02 - 000429056 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll 2011-10-13 10:06 - 2011-07-29 10:01 - 000293376 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll 2011-10-13 10:06 - 2011-07-29 10:01 - 000217088 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax 2011-10-13 10:06 - 2011-07-29 10:00 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax 2011-10-13 10:06 - 2011-07-29 10:00 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax 2011-10-13 10:04 - 2011-08-25 10:15 - 000555520 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll 2011-10-13 10:04 - 2011-08-25 10:14 - 000238080 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll 2011-10-13 10:04 - 2011-08-25 07:31 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\oleaccrc.dll 2011-08-11 22:17 - 2011-06-15 10:12 - 000182784 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll 2011-06-14 22:46 - 2011-04-29 07:25 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2011-06-14 22:46 - 2011-04-29 07:25 - 000102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2011-06-14 22:46 - 2011-04-14 08:59 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys 2011-06-14 22:45 - 2011-05-02 11:16 - 000739328 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2011-04-26 22:27 - 2011-04-26 22:27 - 000000814 _____ C:\Users\Angela\Desktop\Magic DVD Copier.lnk 2011-04-26 22:27 - 2011-04-26 22:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic DVD Copier 2011-04-26 22:27 - 2011-04-26 22:27 - 000000000 ____D C:\Program Files\MagicDVDCopier 2011-04-26 20:57 - 2011-03-03 09:40 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\Apphlpdm.dll 2011-04-26 20:57 - 2011-03-03 07:35 - 004240384 _____ (Microsoft) C:\Windows\system32\GameUXLegacyGDFs.dll 2011-04-26 20:56 - 2011-03-12 15:55 - 000876032 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll 2011-04-12 21:24 - 2011-03-10 11:03 - 001162240 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll 2011-04-12 21:24 - 2011-03-10 11:03 - 001136640 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll 2011-04-12 21:24 - 2011-03-02 09:44 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll 2011-04-12 21:24 - 2011-03-02 09:44 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll 2011-04-12 21:24 - 2011-02-22 07:23 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys 2011-04-12 21:24 - 2009-05-04 03:59 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe 2011-03-22 19:25 - 2011-02-22 08:13 - 000288768 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll 2011-03-09 19:13 - 2011-03-09 19:14 - 000000000 ____D C:\Windows\XSxS 2011-03-09 19:13 - 2011-03-09 19:13 - 000000000 ____D C:\Users\Angela\AppData\Local\Xenocode 2011-03-09 19:13 - 2011-03-09 19:13 - 000000000 ____D C:\Program Files\Xenocode 2011-03-09 03:44 - 2010-12-29 12:28 - 000322560 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll 2011-03-09 03:44 - 2010-12-29 12:28 - 000153088 _____ (Microsoft Corporation) C:\Windows\system32\sbeio.dll 2011-03-09 03:44 - 2010-12-29 12:26 - 000177664 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax 2011-03-09 03:44 - 2010-12-17 07:54 - 000677888 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2011-03-01 17:32 - 2009-07-10 05:47 - 000247808 _____ (Microsoft Corporation) C:\Windows\system32\shsvcs.dll 2011-02-24 04:01 - 2009-10-09 15:56 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\winrsmgr.dll 2011-02-24 04:00 - 2009-10-09 15:56 - 001181696 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll 2011-02-24 04:00 - 2009-10-09 15:56 - 000246272 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe 2011-02-24 04:00 - 2009-10-09 15:56 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\winrscmd.dll 2011-02-24 04:00 - 2009-10-09 15:56 - 000214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll 2011-02-24 04:00 - 2009-10-09 15:56 - 000145408 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll 2011-02-24 04:00 - 2009-10-09 15:56 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\pwrshplugin.dll 2011-02-24 04:00 - 2009-10-09 15:56 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\winrs.exe 2011-02-24 04:00 - 2009-10-09 15:56 - 000020480 _____ (Microsoft Corporation) C:\Windows\system32\winrshost.exe 2011-02-24 04:00 - 2009-10-09 15:56 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe 2011-02-24 04:00 - 2009-10-09 15:56 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll 2011-02-24 04:00 - 2009-10-09 15:56 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\winrssrv.dll 2011-02-24 04:00 - 2009-10-09 15:55 - 000252416 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll 2011-02-24 04:00 - 2009-10-09 15:55 - 000146944 _____ (Microsoft Corporation) C:\Windows\system32\wecsvc.dll 2011-02-24 04:00 - 2009-10-09 15:55 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\wevtfwd.dll 2011-02-24 04:00 - 2009-10-09 15:55 - 000079872 _____ (Microsoft Corporation) C:\Windows\system32\wecutil.exe 2011-02-24 04:00 - 2009-10-09 15:55 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\wecapi.dll 2011-02-24 04:00 - 2009-10-09 15:55 - 000054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll 2011-02-24 04:00 - 2009-08-01 00:27 - 000201184 _____ C:\Windows\system32\winrm.vbs 2011-02-24 04:00 - 2009-07-16 11:30 - 000004675 _____ C:\Windows\system32\wsmanconfig_schema.xml 2011-02-24 04:00 - 2009-07-16 11:30 - 000002426 _____ C:\Windows\system32\WsmTxt.xsl 2011-02-17 20:51 - 2011-02-17 20:53 - 000010067 _____ C:\Users\Angela\Documents\Vett 135 Practical exam 2 week 5.xlsx 2011-02-15 22:15 - 2011-02-15 22:15 - 000000000 ____D C:\Windows\en 2011-02-15 22:14 - 2011-03-31 03:04 - 000001229 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk 2011-02-15 22:14 - 2011-03-31 03:03 - 000002027 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk 2011-02-15 22:14 - 2011-03-31 03:03 - 000001160 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk 2011-02-15 22:12 - 2009-09-04 18:44 - 000515416 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll 2011-02-15 22:12 - 2009-09-04 18:44 - 000069464 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll 2011-02-15 22:12 - 2009-09-04 18:29 - 000453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll 2011-02-15 22:12 - 2006-11-29 14:06 - 003426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll 2011-02-15 21:32 - 2011-12-29 12:05 - 000127096 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT.SYS 2011-02-15 21:32 - 2011-12-29 12:05 - 000007510 _____ C:\Windows\system32\Drivers\SYMEVENT.CAT 2011-02-15 21:31 - 2012-02-20 14:21 - 000000000 ____D C:\Windows\system32\Drivers\NAV 2011-02-15 21:31 - 2011-12-29 12:49 - 000000000 ____D C:\ProgramData\Norton 2011-02-10 13:48 - 2011-02-10 13:48 - 000178891 _____ C:\Users\Angela\Documents\Capstone_Project_Form_VETT_131_Spring_20.pdf 2011-02-10 01:16 - 2011-01-20 10:08 - 000478720 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll 2011-02-10 01:16 - 2011-01-20 10:07 - 001075712 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll 2011-02-10 01:16 - 2011-01-20 10:07 - 000586240 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll 2011-02-10 01:16 - 2011-01-20 10:07 - 000258048 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv 2011-02-10 01:16 - 2011-01-20 10:06 - 002873344 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2011-02-10 01:16 - 2011-01-20 10:06 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll 2011-02-10 01:16 - 2011-01-20 10:04 - 000209920 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2011-02-10 01:16 - 2011-01-20 10:04 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2011-02-10 01:16 - 2011-01-20 08:28 - 001554432 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll 2011-02-10 01:16 - 2011-01-20 08:26 - 000667648 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe 2011-02-10 01:16 - 2011-01-20 08:25 - 000847360 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll 2011-02-10 01:16 - 2011-01-20 08:24 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll 2011-02-10 01:16 - 2011-01-20 08:15 - 000979456 _____ (Microsoft Corporation) C:\Windows\system32\MFH264Dec.dll 2011-02-10 01:16 - 2011-01-20 08:14 - 000357376 _____ (Microsoft Corporation) C:\Windows\system32\MFHEAACdec.dll 2011-02-10 01:16 - 2011-01-20 08:14 - 000302592 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4src.dll 2011-02-10 01:16 - 2011-01-20 08:14 - 000261632 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll 2011-02-04 00:02 - 2011-02-17 20:53 - 000010002 _____ C:\Users\Angela\Documents\Vett 135 Practical exam 1 week 3.xlsx 2011-02-01 13:58 - 2011-02-03 14:43 - 000025600 _____ C:\Users\Angela\Documents\Vett 131_Week 3_FAQ_assignment_Angela_Vega.xls 2011-01-31 17:03 - 2011-01-31 17:03 - 000700520 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\WNA1000M.sys 2011-01-12 05:29 - 2010-12-28 09:55 - 000413696 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll 2011-01-12 05:29 - 2010-12-14 08:49 - 001169408 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe 2011-01-09 21:18 - 2011-01-28 12:22 - 000008810 _____ C:\Users\Angela\Documents\Pet Expenses 2011.xlsx 2011-01-07 13:05 - 2011-01-07 13:05 - 000000000 ____D C:\Users\Angela\AppData\Local\Oberon Media 2011-01-07 04:02 - 2011-01-07 04:02 - 000001243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Default Manager.lnk 2011-01-07 04:01 - 2011-03-12 04:01 - 000000000 ____D C:\Program Files\MSN Toolbar 2011-01-07 04:01 - 2011-01-07 04:01 - 000000000 ____D C:\Users\Default\AppData\Roaming\Mozilla 2011-01-07 04:01 - 2011-01-07 04:01 - 000000000 ____D C:\Users\Default User\AppData\Roaming\Mozilla 2010-12-15 08:12 - 2010-11-04 12:56 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll 2010-12-15 08:12 - 2010-11-04 12:55 - 000601600 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll 2010-12-15 08:12 - 2010-11-04 12:55 - 000352768 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll 2010-12-15 08:12 - 2010-11-04 12:55 - 000270336 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll 2010-12-15 08:12 - 2010-11-04 10:34 - 000171520 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe 2010-12-15 08:11 - 2010-06-16 09:30 - 000072704 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2010-11-30 00:15 - 2010-11-30 00:15 - 000000000 ___DL C:\Users\Angela\AppData\LocalLow\PlayReady 2010-11-11 11:49 - 2012-01-26 22:21 - 000000000 ____D C:\Users\Angela\AppData\Local\Windows Live 2010-11-10 02:54 - 2010-11-10 02:54 - 000049016 _____ (Microsoft Corporation) C:\Windows\system32\sirenacm.dll 2010-11-09 18:31 - 2009-08-04 02:02 - 000754688 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll 2010-11-09 18:26 - 2018-10-29 10:54 - 000000000 ____D C:\Users\Angela\AppData\Roaming\FrostWire 2010-10-27 01:24 - 2010-08-26 10:34 - 001696256 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll 2010-10-25 14:25 - 2010-10-25 14:25 - 000449024 _____ C:\Users\Angela\Documents\Steph.sig 2010-10-23 14:23 - 2018-10-30 18:18 - 000000000 ___HD C:\ProgramData\CanonIJScan 2010-10-23 14:14 - 2010-10-23 14:14 - 000000000 ___HD C:\ProgramData\CanonIJEGV 2010-10-13 14:31 - 2010-09-06 10:20 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll 2010-10-13 14:31 - 2010-09-06 10:19 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll 2010-10-13 14:30 - 2010-08-26 10:37 - 000157184 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll 2010-10-13 14:29 - 2010-08-31 09:46 - 000954752 _____ (Microsoft Corporation) C:\Windows\system32\mfc40.dll 2010-10-13 14:29 - 2010-08-31 09:46 - 000954288 _____ (Microsoft Corporation) C:\Windows\system32\mfc40u.dll 2010-10-13 14:28 - 2010-05-04 13:13 - 000231424 _____ (Microsoft Corporation) C:\Windows\system32\msshsq.dll 2010-10-13 14:27 - 2010-08-20 10:05 - 000867328 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll 2010-10-04 13:02 - 2018-10-30 11:03 - 000000000 ____D C:\Users\Angela\AppData\LocalLow\Macromedia 2010-09-14 15:30 - 2010-08-17 08:11 - 000128000 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe 2010-09-14 15:30 - 2010-04-05 11:02 - 000317952 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL 2010-08-12 14:22 - 2010-09-15 05:50 - 000472808 _____ (Sun Microsystems, Inc.) C:\Windows\system32\deployJava1.dll 2010-08-11 04:43 - 2010-05-27 14:08 - 000081920 _____ (Radius Inc.) C:\Windows\system32\iccvid.dll 2010-08-11 04:41 - 2010-06-18 11:31 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll 2010-07-11 16:47 - 2010-07-11 16:47 - 001846632 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll 2010-07-11 16:47 - 2010-07-11 16:47 - 000453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll 2010-06-25 22:02 - 2010-06-25 22:02 - 000000000 ____D C:\3fe8a8bc5f49ce6633501653d2b12367 2010-06-23 03:00 - 2009-11-08 10:55 - 000297808 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll 2010-06-23 03:00 - 2009-11-08 10:55 - 000295264 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe 2010-06-23 03:00 - 2009-11-08 10:55 - 000099176 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll 2010-06-23 03:00 - 2009-11-08 10:55 - 000049472 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll 2010-06-21 15:19 - 2010-06-21 15:19 - 000010392 _____ C:\Users\Angela\Documents\Vett_116_Week 7_Technique_chart_Angela_Vega.xlsx 2010-06-11 11:45 - 2010-04-05 11:01 - 000067072 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll 2010-06-08 12:33 - 2010-06-08 12:33 - 000000000 ____D C:\Program Files\Citrix 2010-06-08 12:32 - 2010-06-08 12:32 - 000103720 _____ C:\Users\Angela\GoToAssistDownloadHelper.exe 2010-06-08 12:32 - 2010-06-08 12:32 - 000000000 ____D C:\Users\Angela\AppData\Local\Citrix 2010-06-08 12:29 - 2010-06-08 12:32 - 000000000 ____D C:\Users\Angela\AppData\Local\Deployment 2010-06-08 12:29 - 2010-06-08 12:29 - 000000000 ____D C:\Users\Angela\AppData\Local\Apps\2.0 2010-06-06 19:40 - 2012-08-21 13:01 - 000106928 _____ (GEAR Software Inc.) C:\Windows\system32\GEARAspi.dll 2010-06-06 19:39 - 2010-06-06 19:40 - 000000000 ____D C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521} 2010-06-05 03:01 - 2007-03-20 03:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2010-04-14 11:12 - 2010-01-21 09:05 - 000062464 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\system32\l3codeca.acm 2010-04-14 11:12 - 2009-04-11 00:27 - 000220672 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\system32\l3codecp.acm 2010-04-14 11:11 - 2010-02-18 07:30 - 000200704 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll 2010-04-14 11:11 - 2010-02-18 05:28 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys 2010-04-14 11:05 - 2010-01-13 11:34 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll 2010-04-14 10:50 - 2010-07-22 23:21 - 000000000 ____D C:\MAGICDVDCOPY_TEMP 2010-04-09 16:19 - 2010-04-09 16:34 - 000112128 _____ C:\Users\Angela\Documents\OZRYEL.sig 2010-04-09 16:13 - 2010-04-09 16:13 - 000047104 _____ C:\Users\Angela\Documents\HELENE.sig 2010-04-09 16:01 - 2010-04-09 16:01 - 000108032 _____ C:\Users\Angela\Documents\LAVINA.sig 2010-04-09 15:53 - 2010-04-09 15:55 - 000075264 _____ C:\Users\Angela\Documents\AVALANCHE.sig 2010-03-11 04:03 - 2010-02-20 17:06 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\nshhttp.dll 2010-03-11 04:02 - 2010-02-20 17:05 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\httpapi.dll 2010-03-11 04:02 - 2010-02-20 14:53 - 000411648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys 2010-03-08 23:41 - 2010-03-08 23:41 - 000000000 ____D C:\ProgramData\WindowsSearch 2010-02-24 05:09 - 2010-01-25 06:00 - 000471552 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll 2010-02-24 05:09 - 2010-01-25 06:00 - 000471552 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll 2010-02-24 05:09 - 2010-01-25 06:00 - 000152576 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll 2010-02-24 05:09 - 2010-01-25 06:00 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll 2010-02-24 05:09 - 2010-01-25 05:58 - 000332288 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll 2010-02-24 05:09 - 2010-01-25 02:21 - 000526336 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe 2010-02-24 05:09 - 2010-01-25 02:21 - 000518144 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe 2010-02-24 05:09 - 2010-01-25 02:21 - 000347136 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe 2010-02-24 05:09 - 2010-01-25 02:21 - 000346624 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe 2010-02-14 20:20 - 2010-02-14 20:20 - 000000000 ____D C:\ProgramData\Oberon Media 2010-02-10 08:16 - 2009-12-08 11:26 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys 2010-02-10 08:16 - 2009-12-04 12:30 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\tsbyuv.dll 2010-02-10 08:16 - 2009-12-04 12:28 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\msvfw32.dll 2010-02-10 08:16 - 2009-12-04 12:28 - 000082944 _____ (Microsoft Corporation) C:\Windows\system32\mciavi32.dll 2010-02-10 08:16 - 2009-12-04 12:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\iyuv_32.dll 2010-02-10 08:16 - 2009-12-04 12:28 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\msvidc32.dll 2010-02-10 08:16 - 2009-12-04 12:28 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\msyuv.dll 2010-02-10 08:16 - 2009-12-04 12:28 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\msrle32.dll 2010-02-10 08:16 - 2009-12-04 12:27 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\avifil32.dll 2010-01-30 15:50 - 2011-01-09 21:12 - 000013054 _____ C:\Users\Angela\Documents\Pet Expenses 2010.xlsx 2010-01-15 13:10 - 2013-05-31 13:14 - 000000000 __SHD C:\Users\Angela\AppData\Roaming\.# 2010-01-15 13:09 - 2010-01-15 13:09 - 000002268 _____ C:\Users\Angela\Desktop\An Illustrated Guide to Veterinary Medical Terminology, 3e .lnk 2010-01-15 13:09 - 2010-01-15 13:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Delmar Learning 2010-01-15 13:07 - 2010-01-15 13:07 - 000000000 ____D C:\Program Files\Delmar Learning 2010-01-05 15:00 - 2018-10-31 00:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX320 series Manual 2010-01-05 14:58 - 2008-10-26 06:00 - 000236032 _____ (CANON INC.) C:\Windows\system32\CNMLM9O.DLL 2010-01-05 14:58 - 2008-08-25 19:02 - 000015872 _____ (CANON INC.) C:\Windows\system32\CNHMCA.dll 2010-01-05 14:58 - 2008-07-02 14:10 - 000013568 _____ C:\Windows\system32\CNC1736D.TBL 2010-01-05 14:57 - 2008-09-25 13:19 - 000003584 _____ (Canon Inc.) C:\Windows\system32\CNCFLhTH.DLL 2010-01-05 14:57 - 2008-09-25 13:19 - 000003584 _____ (Canon Inc.) C:\Windows\system32\CNCFLhID.DLL 2010-01-05 14:57 - 2008-09-25 13:19 - 000003072 _____ (Canon Inc.) C:\Windows\system32\CNCFLhKR.DLL 2010-01-05 14:57 - 2008-09-25 13:19 - 000002560 _____ (Canon Inc.) C:\Windows\system32\CNCFLhTW.DLL 2010-01-05 14:57 - 2008-09-25 13:19 - 000002560 _____ (Canon Inc.) C:\Windows\system32\CNCFLhCN.DLL 2010-01-05 14:57 - 2008-09-25 13:18 - 000003584 _____ (Canon Inc.) C:\Windows\system32\CNCFLhSE.DLL 2010-01-05 14:57 - 2008-09-25 13:18 - 000003584 _____ (Canon Inc.) C:\Windows\system32\CNCFLhRU.DLL 2010-01-05 14:57 - 2008-09-25 13:18 - 000003584 _____ (Canon Inc.) C:\Windows\system32\CNCFLhPL.DLL 2010-01-05 14:57 - 2008-09-25 13:18 - 000003584 _____ (Canon Inc.) C:\Windows\system32\CNCFLhGR.DLL 2010-01-05 14:57 - 2008-09-25 13:18 - 000003584 _____ (Canon Inc.) C:\Windows\system32\CNCFLhFI.DLL 2010-01-05 14:57 - 2008-09-25 13:18 - 000003072 _____ (Canon Inc.) C:\Windows\system32\CNCFLhTR.DLL 2010-01-05 14:57 - 2008-09-25 13:18 - 000003072 _____ (Canon Inc.) C:\Windows\system32\CNCFLhNO.DLL 2010-01-05 14:57 - 2008-09-25 13:18 - 000003072 _____ (Canon Inc.) C:\Windows\system32\CNCFLhHU.DLL 2010-01-05 14:57 - 2008-09-25 13:18 - 000003072 _____ (Canon Inc.) C:\Windows\system32\CNCFLhDK.DLL 2010-01-05 14:57 - 2008-09-25 13:18 - 000003072 _____ (Canon Inc.) C:\Windows\system32\CNCFLhCZ.DLL 2010-01-05 14:57 - 2008-09-25 13:18 - 000003072 _____ (Canon Inc.) C:\Windows\system32\CNCFLhAR.DLL 2010-01-05 14:57 - 2008-09-25 13:17 - 000003584 _____ (Canon Inc.) C:\Windows\system32\CNCFLhPT.DLL 2010-01-05 14:57 - 2008-09-25 13:17 - 000003584 _____ (Canon Inc.) C:\Windows\system32\CNCFLhNL.DLL 2010-01-05 14:57 - 2008-09-25 13:17 - 000003584 _____ (Canon Inc.) C:\Windows\system32\CNCFLhIT.DLL 2010-01-05 14:57 - 2008-09-25 13:17 - 000003584 _____ (Canon Inc.) C:\Windows\system32\CNCFLhFR.DLL 2010-01-05 14:57 - 2008-09-25 13:17 - 000003584 _____ (Canon Inc.) C:\Windows\system32\CNCFLhES.DLL 2010-01-05 14:57 - 2008-09-25 13:17 - 000003584 _____ (Canon Inc.) C:\Windows\system32\CNCFLhDE.DLL 2010-01-05 14:57 - 2008-09-03 12:09 - 000225792 _____ (Canon Inc.) C:\Windows\system32\CNCF2Lh.DLL 2010-01-05 14:57 - 2008-09-03 12:02 - 000167936 _____ (Canon Inc.) C:\Windows\system32\CNCFMSh.EXE 2010-01-05 14:57 - 2008-09-03 12:01 - 000003584 _____ (Canon Inc.) C:\Windows\system32\CNCFLhUS.DLL 2010-01-05 14:57 - 2008-09-03 12:01 - 000003072 _____ (Canon Inc.) C:\Windows\system32\CNCFLhJP.DLL 2009-12-09 19:06 - 2009-10-07 05:36 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll 2009-12-08 18:02 - 2009-12-08 18:02 - 000000000 ____D C:\ProgramData\vsosdk 2009-12-06 13:42 - 2009-12-06 13:42 - 000000946 _____ C:\Users\Angela\Desktop\ImTOO DVD Creator.lnk 2009-12-06 13:42 - 2009-12-06 13:42 - 000000000 ____D C:\Users\Angela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ImTOO 2009-12-06 13:42 - 2009-12-06 13:42 - 000000000 ____D C:\Program Files\ImTOO 2009-11-25 14:36 - 2009-11-25 14:36 - 000000000 ____D C:\Users\Angela\AppData\Local\MagicSoftware 2009-11-25 14:35 - 2011-04-26 22:27 - 000000000 ____D C:\Users\Angela\AppData\Roaming\Vso 2009-11-25 14:35 - 2009-11-25 14:35 - 000087608 _____ C:\Users\Angela\AppData\Roaming\inst.exe 2009-11-25 14:35 - 2009-11-25 14:35 - 000047360 _____ (VSO Software) C:\Windows\system32\Drivers\pcouffin.sys 2009-11-25 14:35 - 2009-11-25 14:35 - 000047360 _____ (VSO Software) C:\Users\Angela\AppData\Roaming\pcouffin.sys 2009-11-25 14:35 - 2009-11-25 14:35 - 000007887 _____ C:\Users\Angela\AppData\Roaming\pcouffin.cat 2009-11-25 05:05 - 2009-10-23 11:10 - 000714240 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl 2009-11-25 02:04 - 2009-11-25 02:04 - 001060864 _____ (Microsoft Corporation) C:\Windows\system32\MFC71.dll 2009-11-25 02:04 - 2009-11-25 02:04 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\msvcp71.dll 2009-11-25 02:04 - 2009-11-25 02:04 - 000348160 _____ (Microsoft Corporation) C:\Windows\system32\msvcr71.dll 2009-11-17 04:20 - 2009-11-17 04:20 - 000000000 ____D C:\Program Files\Windows Portable Devices 2009-11-17 04:19 - 2009-11-17 04:19 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_07_00.Wdf 2009-11-17 04:03 - 2009-09-24 20:07 - 000189440 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll 2009-11-17 04:03 - 2009-09-24 20:04 - 000321024 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll 2009-11-17 04:03 - 2009-09-24 19:33 - 000195584 _____ (Microsoft Corporation) C:\Windows\system32\dxdiagn.dll 2009-11-17 04:03 - 2009-09-24 19:32 - 000252928 _____ (Microsoft Corporation) C:\Windows\system32\dxdiag.exe 2009-11-17 04:03 - 2009-09-09 20:01 - 003023360 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll 2009-11-17 04:03 - 2009-09-09 20:00 - 001164800 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll 2009-11-17 04:03 - 2009-09-09 20:00 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll 2009-11-17 04:02 - 2009-09-30 19:02 - 002537472 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll 2009-11-17 04:02 - 2009-09-30 19:02 - 000334848 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll 2009-11-17 04:02 - 2009-09-30 19:02 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll 2009-11-17 04:02 - 2009-09-30 19:02 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\BthMtpContextHandler.dll 2009-11-17 04:02 - 2009-09-30 19:02 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\WPDShextAutoplay.exe 2009-11-17 04:02 - 2009-09-30 19:01 - 000546816 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll 2009-11-17 04:02 - 2009-09-30 19:01 - 000350208 _____ (Microsoft Corporation) C:\Windows\system32\WPDSp.dll 2009-11-17 04:02 - 2009-09-30 19:01 - 000226816 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtp.dll 2009-11-17 04:02 - 2009-09-30 19:01 - 000196608 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceWMDRM.dll 2009-11-17 04:02 - 2009-09-30 19:01 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceTypes.dll 2009-11-17 04:02 - 2009-09-30 19:01 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceClassExtension.dll 2009-11-17 04:02 - 2009-09-30 19:01 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll 2009-11-17 04:02 - 2009-09-30 19:01 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtpUS.dll 2009-11-17 04:02 - 2009-09-30 19:01 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceConnectApi.dll 2009-11-17 04:02 - 2009-09-30 19:01 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WpdUsb.sys 2009-11-17 04:02 - 2009-09-30 19:01 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\WpdConns.dll 2009-11-17 04:02 - 2009-09-24 19:31 - 000519680 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2009-11-13 15:20 - 2007-03-20 04:16 - 000000000 ____D C:\Program Files\Microsoft Silverlight 2009-11-10 15:04 - 2009-08-10 06:35 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll 2009-10-28 03:09 - 2009-10-28 03:09 - 000000000 ____D C:\Windows\system32\vi-VN 2009-10-28 03:09 - 2009-10-28 03:09 - 000000000 ____D C:\Windows\system32\eu-ES 2009-10-28 03:09 - 2009-10-28 03:09 - 000000000 ____D C:\Windows\system32\ca-ES 2009-10-27 23:08 - 2009-10-27 23:08 - 000000000 ____D C:\Windows\system32\EventProviders 2009-10-27 16:29 - 2009-09-10 08:58 - 000310784 _____ (Microsoft Corporation) C:\Windows\system32\unregmp2.exe 2009-10-13 17:20 - 2009-09-04 05:41 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\msasn1.dll 2009-10-13 17:19 - 2009-05-08 06:53 - 000604672 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL 2009-09-24 10:15 - 2009-04-11 00:28 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\FunctionDiscoveryFolder.dll 2009-09-24 10:15 - 2009-04-11 00:28 - 001081344 _____ (Microsoft Corporation) C:\Windows\system32\SLCExt.dll 2009-09-24 10:15 - 2009-04-11 00:27 - 003408896 _____ (Microsoft Corporation) C:\Windows\system32\SLsvc.exe 2009-09-24 10:15 - 2009-04-11 00:27 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingWizard.exe 2009-09-24 10:15 - 2009-04-10 23:03 - 012240896 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0007.dll 2009-09-24 10:15 - 2009-04-10 23:03 - 002644480 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0009.dll 2009-09-24 10:14 - 2009-04-11 00:33 - 000986600 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2009-09-24 10:14 - 2009-04-11 00:33 - 000926184 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2009-09-24 10:14 - 2009-04-11 00:33 - 000614376 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2009-09-24 10:14 - 2009-04-11 00:32 - 000438744 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll 2009-09-24 10:14 - 2009-04-11 00:32 - 000223208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2009-09-24 10:14 - 2009-04-11 00:28 - 003217408 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe 2009-09-24 10:14 - 2009-04-11 00:28 - 003174400 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 002012160 _____ (Microsoft Corporation) C:\Windows\system32\milcore.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 001856512 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 001788416 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 001730560 _____ (Microsoft Corporation) C:\Windows\system32\apds.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 001591296 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 001589248 _____ (Microsoft Corporation) C:\Windows\system32\msjet40.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 001576960 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 001524736 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 001480704 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 001459200 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 001381376 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 001324032 _____ (Microsoft Corporation) C:\Windows\system32\browseui.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 001216000 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayCpl.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 001209856 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 001112064 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 001086464 _____ (Microsoft Corporation) C:\Windows\system32\NetProjW.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 001078784 _____ (Microsoft Corporation) C:\Windows\system32\diagperf.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 001077248 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 001055232 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe 2009-09-24 10:14 - 2009-04-11 00:28 - 001053696 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 001017856 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000978432 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000968192 _____ (Microsoft Corporation) C:\Windows\system32\wcnwiz2.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000950784 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000928768 _____ (Microsoft Corporation) C:\Windows\system32\scavenge.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\RacEngn.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000805376 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000758784 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000754688 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000677376 _____ (Microsoft Corporation) C:\Windows\system32\imapi2fs.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000670720 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000644608 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000643072 _____ (Microsoft Corporation) C:\Windows\system32\msrepl40.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000627712 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000618496 _____ (Microsoft Corporation) C:\Windows\system32\mswstr10.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000613888 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2VDEC.DLL 2009-09-24 10:14 - 2009-04-11 00:28 - 000582144 _____ (Microsoft Corporation) C:\Windows\system32\SLCommDlg.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000558080 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000550400 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000524288 _____ (Microsoft Corporation) C:\Windows\system32\sqlsrv32.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000483328 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000478208 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000469504 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000466944 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000454656 _____ (Microsoft Corporation) C:\Windows\system32\msxbde40.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000454144 _____ (Microsoft) C:\Windows\system32\IasMigPlugin.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000409600 _____ (Microsoft Corporation) C:\Windows\system32\msexch40.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000407552 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000406528 _____ (Microsoft Corporation) C:\Windows\system32\msvcp60.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000378368 _____ (Microsoft Corporation) C:\Windows\system32\imapi2.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000368640 _____ (Microsoft Corporation) C:\Windows\system32\mspbde40.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\SLUI.exe 2009-09-24 10:14 - 2009-04-11 00:28 - 000351744 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\msrd3x40.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000339968 _____ (Microsoft Corporation) C:\Windows\system32\msexcl40.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\P2PGraph.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000324608 _____ (Microsoft Corporation) C:\Windows\system32\sdohlp.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000319488 _____ (Microsoft Corporation) C:\Windows\system32\msrd2x40.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000302592 _____ (Microsoft Corporation) C:\Windows\system32\QAGENTRT.DLL 2009-09-24 10:14 - 2009-04-11 00:28 - 000301568 _____ (Microsoft Corporation) C:\Windows\system32\srchadmin.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000293376 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\WscEapPr.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000290816 _____ (Microsoft Corporation) C:\Windows\system32\msjtes40.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000289792 _____ (Microsoft Corporation) C:\Windows\system32\spinstall.exe 2009-09-24 10:14 - 2009-04-11 00:28 - 000282624 _____ (Microsoft Corporation) C:\Windows\system32\mstext40.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000268800 _____ (Microsoft Corporation) C:\Windows\system32\es.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000250368 _____ (Microsoft Corporation) C:\Windows\system32\wevtapi.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000241664 _____ (Microsoft Corporation) C:\Windows\system32\msltus40.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000228352 _____ (Microsoft Corporation) C:\Windows\system32\SLC.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000203264 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000203264 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\sperror.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000183808 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000165376 _____ (Microsoft Corporation) C:\Windows\system32\WcnNetsh.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000164352 _____ (Microsoft Corporation) C:\Windows\system32\spwizui.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000163840 _____ (Microsoft Corporation) C:\Windows\system32\wevtutil.exe 2009-09-24 10:14 - 2009-04-11 00:28 - 000160768 _____ (Microsoft Corporation) C:\Windows\system32\spoolss.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000143872 _____ (Microsoft Corporation) C:\Windows\system32\korwbrkr.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000136192 _____ (Microsoft Corporation) C:\Windows\system32\nlhtml.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\EhStorAPI.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000117248 _____ C:\Windows\system32\EhStorAuthn.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayDriverLib.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000114176 _____ (Microsoft Corporation) C:\Windows\system32\EhStorShell.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\spreview.exe 2009-09-24 10:14 - 2009-04-11 00:28 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayServices.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\fdBth.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\propdefs.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\slwmi.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\xmlfilter.dll 2009-09-24 10:14 - 2009-04-11 00:28 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\EhStorPwdMgr.dll 2009-09-24 10:14 - 2009-04-11 00:27 - 002926592 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2009-09-24 10:14 - 2009-04-11 00:27 - 002092544 _____ (Microsoft Corporation) C:\Windows\system32\dfsr.exe 2009-09-24 10:14 - 2009-04-11 00:27 - 001792512 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe 2009-09-24 10:14 - 2009-04-11 00:27 - 000950272 _____ (Microsoft Corporation) C:\Windows\system32\mblctr.exe 2009-09-24 10:14 - 2009-04-11 00:27 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe 2009-09-24 10:14 - 2009-04-11 00:27 - 000640512 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl 2009-09-24 10:14 - 2009-04-11 00:27 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\IasMigReader.exe 2009-09-24 10:14 - 2009-04-11 00:27 - 000441344 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe 2009-09-24 10:14 - 2009-04-11 00:27 - 000205824 _____ (Microsoft Corporation) C:\Windows\system32\eudcedit.exe 2009-09-24 10:14 - 2009-04-11 00:27 - 000185344 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe 2009-09-24 10:14 - 2009-04-11 00:27 - 000167424 _____ (Microsoft Corporation) C:\Windows\system32\PresentationSettings.exe 2009-09-24 10:14 - 2009-04-11 00:27 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe 2009-09-24 10:14 - 2009-04-11 00:27 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\compcln.exe 2009-09-24 10:14 - 2009-04-11 00:22 - 000883712 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME 2009-09-24 10:14 - 2009-04-10 22:48 - 000344698 _____ C:\Windows\system32\eaphost.tmf 2009-09-24 10:14 - 2009-04-10 22:43 - 000442788 _____ C:\Windows\system32\dot3.tmf 2009-09-24 10:14 - 2009-04-10 22:43 - 000392170 _____ C:\Windows\system32\onex.tmf 2009-09-24 10:14 - 2009-04-10 22:42 - 000561152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys 2009-09-24 10:14 - 2009-04-10 22:42 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS 2009-09-24 10:14 - 2009-04-10 22:14 - 000225280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys 2009-09-24 10:14 - 2009-04-10 20:52 - 000684032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spsys.sys 2009-09-24 10:14 - 2009-04-10 19:59 - 000107612 _____ C:\Windows\system32\StructuredQuerySchema.bin 2009-09-24 10:14 - 2009-04-10 19:54 - 003662128 _____ C:\Windows\system32\locale.nls 2009-09-24 10:14 - 2009-03-06 19:11 - 000130008 _____ C:\Windows\system32\systemsf.ebd 2009-09-24 10:14 - 2009-02-19 18:20 - 000009239 _____ C:\Windows\system32\spcinstrumentation.man 2009-09-24 10:14 - 2009-02-18 12:39 - 000779136 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll 2009-09-24 10:13 - 2009-04-11 00:33 - 000292840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys 2009-09-24 10:13 - 2009-04-11 00:32 - 000527848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2009-09-24 10:13 - 2009-04-11 00:32 - 000265688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys 2009-09-24 10:13 - 2009-04-11 00:32 - 000190424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys 2009-09-24 10:13 - 2009-04-11 00:32 - 000180712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2009-09-24 10:13 - 2009-04-11 00:32 - 000161752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys 2009-09-24 10:13 - 2009-04-11 00:32 - 000149480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys 2009-09-24 10:13 - 2009-04-11 00:32 - 000125928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys 2009-09-24 10:13 - 2009-04-11 00:32 - 000122344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Storport.sys 2009-09-24 10:13 - 2009-04-11 00:32 - 000109032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys 2009-09-24 10:13 - 2009-04-11 00:32 - 000099816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2009-09-24 10:13 - 2009-04-11 00:32 - 000053736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys 2009-09-24 10:13 - 2009-04-11 00:32 - 000053224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys 2009-09-24 10:13 - 2009-04-11 00:32 - 000050664 _____ (Microsoft Corporation) C:\Windows\system32\PSHED.DLL 2009-09-24 10:13 - 2009-04-11 00:32 - 000048104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys 2009-09-24 10:13 - 2009-04-11 00:32 - 000043496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys 2009-09-24 10:13 - 2009-04-11 00:32 - 000035304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys 2009-09-24 10:13 - 2009-04-11 00:32 - 000027624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpata.sys 2009-09-24 10:13 - 2009-04-11 00:32 - 000027112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys 2009-09-24 10:13 - 2009-04-11 00:32 - 000019944 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll 2009-09-24 10:13 - 2009-04-11 00:32 - 000019944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys 2009-09-24 10:13 - 2009-04-11 00:32 - 000017896 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll 2009-09-24 10:13 - 2009-04-11 00:32 - 000017384 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 002205184 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 002167808 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 001823744 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 001671680 _____ (Microsoft Corporation) C:\Windows\system32\chsbrkr.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 001575936 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL 2009-09-24 10:13 - 2009-04-11 00:28 - 001541120 _____ (Microsoft Corporation) C:\Windows\system32\onex.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 001533440 _____ (Microsoft Corporation) C:\Windows\system32\wcnwiz.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 001502720 _____ (Microsoft Corporation) C:\Windows\system32\certmgr.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 001382912 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL 2009-09-24 10:13 - 2009-04-11 00:28 - 001342464 _____ (Microsoft Corporation) C:\Windows\system32\brcpl.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 001143296 _____ (Microsoft Corporation) C:\Windows\system32\wercon.exe 2009-09-24 10:13 - 2009-04-11 00:28 - 001107968 _____ (Microsoft Corporation) C:\Windows\system32\pidgenx.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 001020928 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000996352 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000971264 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000869888 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000860160 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe 2009-09-24 10:13 - 2009-04-11 00:28 - 000856064 _____ (Microsoft Corporation) C:\Windows\system32\mswdat10.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000852992 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000759296 _____ (Microsoft Corporation) C:\Windows\system32\ipsecsnp.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000757248 _____ (Microsoft Corporation) C:\Windows\system32\azroles.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000638976 _____ (Microsoft Corporation) C:\Windows\system32\Utilman.exe 2009-09-24 10:13 - 2009-04-11 00:28 - 000633856 _____ (Microsoft Corporation) C:\Windows\system32\CertEnrollUI.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000593408 _____ (Microsoft Corporation) C:\Windows\system32\comuid.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000592896 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000564224 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000560640 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000551936 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000507904 _____ (Microsoft Corporation) C:\Windows\system32\vdsdyn.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000485888 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000453120 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000450560 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000444416 _____ (Microsoft Corporation) C:\Windows\system32\dsound.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000413696 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000399360 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000396288 _____ (Microsoft Corporation) C:\Windows\system32\ipsmsnap.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000391680 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000385536 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe 2009-09-24 10:13 - 2009-04-11 00:28 - 000378368 _____ (Microsoft Corporation) C:\Windows\system32\devmgr.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000368640 _____ C:\Windows\system32\msjetoledb40.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000364032 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL 2009-09-24 10:13 - 2009-04-11 00:28 - 000342528 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000340992 _____ (Microsoft Corporation) C:\Windows\system32\RelMon.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000334848 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL 2009-09-24 10:13 - 2009-04-11 00:28 - 000324096 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000323584 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000314368 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2009-09-24 10:13 - 2009-04-11 00:28 - 000311808 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000310272 _____ (Microsoft Corporation) C:\Windows\system32\mtxclu.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000287744 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000286720 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000282624 _____ (Microsoft Corporation) C:\Windows\system32\w32time.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000274432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000273920 _____ (Microsoft Corporation) C:\Windows\system32\wow32.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000252928 _____ (Microsoft Corporation) C:\Windows\system32\iassdo.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000244224 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe 2009-09-24 10:13 - 2009-04-11 00:28 - 000242176 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000223744 _____ (Microsoft Corporation) C:\Windows\system32\wscntfy.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000222720 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000217088 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe 2009-09-24 10:13 - 2009-04-11 00:28 - 000216064 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000204288 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000199168 _____ (Microsoft Corporation) C:\Windows\system32\adsldpc.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000197632 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe 2009-09-24 10:13 - 2009-04-11 00:28 - 000194560 _____ (Microsoft Corporation) C:\Windows\system32\offfilt.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\iassam.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000181760 _____ (Microsoft Corporation) C:\Windows\system32\pnpsetup.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000180224 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000171008 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000158208 _____ (Microsoft Corporation) C:\Windows\system32\iasrad.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000153088 _____ (Microsoft Corporation) C:\Windows\system32\fundisc.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000150528 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000150528 _____ (Microsoft Corporation) C:\Windows\system32\iasnap.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000140800 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe 2009-09-24 10:13 - 2009-04-11 00:28 - 000130560 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000126976 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000122368 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000114688 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\imapi.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000107008 _____ (Microsoft Corporation) C:\Windows\system32\regsvc.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000103936 _____ (Microsoft Corporation) C:\Windows\system32\sysclass.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\ulib.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000091648 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL 2009-09-24 10:13 - 2009-04-11 00:28 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\msctfp.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\iashlpr.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\msjter40.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\SLUINotify.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingProxy.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\iasdatastore.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\msstrc.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\mimefilt.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\bthserv.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000038400 _____ (Microsoft Corporation) C:\Windows\system32\rtffilt.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\msscb.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000029184 _____ (Microsoft Corporation) C:\Windows\system32\wsepno.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\hidserv.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\spcmsg.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll 2009-09-24 10:13 - 2009-04-11 00:28 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\fdBthProxy.dll 2009-09-24 10:13 - 2009-04-11 00:27 - 001122304 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl 2009-09-24 10:13 - 2009-04-11 00:27 - 000704512 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr 2009-09-24 10:13 - 2009-04-11 00:27 - 000656896 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe 2009-09-24 10:13 - 2009-04-11 00:27 - 000643072 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe 2009-09-24 10:13 - 2009-04-11 00:27 - 000636416 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe 2009-09-24 10:13 - 2009-04-11 00:27 - 000627200 _____ (Microsoft Corporation) C:\Windows\system32\sethc.exe 2009-09-24 10:13 - 2009-04-11 00:27 - 000389632 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx 2009-09-24 10:13 - 2009-04-11 00:27 - 000241128 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll 2009-09-24 10:13 - 2009-04-11 00:27 - 000230912 _____ (Microsoft Corporation) C:\Windows\system32\diskraid.exe 2009-09-24 10:13 - 2009-04-11 00:27 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe 2009-09-24 10:13 - 2009-04-11 00:27 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2009-09-24 10:13 - 2009-04-11 00:27 - 000130024 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll 2009-09-24 10:13 - 2009-04-11 00:27 - 000119808 _____ (Microsoft Corporation) C:\Windows\system32\diskpart.exe 2009-09-24 10:13 - 2009-04-11 00:27 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\Kswdmcap.ax 2009-09-24 10:13 - 2009-04-11 00:27 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2009-09-24 10:13 - 2009-04-11 00:27 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\dwm.exe 2009-09-24 10:13 - 2009-04-11 00:27 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\reg.exe 2009-09-24 10:13 - 2009-04-11 00:27 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\findstr.exe 2009-09-24 10:13 - 2009-04-11 00:27 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe 2009-09-24 10:13 - 2009-04-11 00:23 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime 2009-09-24 10:13 - 2009-04-11 00:23 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime 2009-09-24 10:13 - 2009-04-11 00:23 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime 2009-09-24 10:13 - 2009-04-11 00:22 - 000413696 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime 2009-09-24 10:13 - 2009-04-11 00:22 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime 2009-09-24 10:13 - 2009-04-11 00:22 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime 2009-09-24 10:13 - 2009-04-10 22:45 - 000185856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys 2009-09-24 10:13 - 2009-02-18 12:39 - 000092918 _____ C:\Windows\system32\slmgr.vbs 2009-09-24 10:13 - 2009-02-18 12:38 - 000035168 _____ (Microsoft Corporation) C:\Windows\system32\infocardcpl.cpl 2009-09-24 10:12 - 2009-04-11 00:28 - 006103040 _____ (Microsoft Corporation) C:\Windows\system32\chtbrkr.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 003072000 _____ (Microsoft Corporation) C:\Windows\system32\networkmap.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 002515968 _____ (Microsoft Corporation) C:\Windows\system32\accessibilitycpl.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 002226688 _____ (Microsoft Corporation) C:\Windows\system32\networkexplorer.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 002225664 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 002153472 _____ (Microsoft Corporation) C:\Windows\system32\oobefldr.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 001671680 _____ (Microsoft Corporation) C:\Windows\system32\wlanpref.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 001645568 _____ (Microsoft Corporation) C:\Windows\system32\connect.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 001580544 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 001544704 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 001248768 _____ (Microsoft Corporation) C:\Windows\system32\PerfCenterCPL.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 001224192 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 001152000 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 001123840 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000825856 _____ (Microsoft Corporation) C:\Windows\system32\rasdlg.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000777216 _____ (Microsoft Corporation) C:\Windows\system32\slcc.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000723968 _____ (Microsoft Corporation) C:\Windows\system32\powercpl.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000657408 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL 2009-09-24 10:12 - 2009-04-11 00:28 - 000642560 _____ (Microsoft Corporation) C:\Windows\system32\rasgcw.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000547840 _____ (Microsoft Corporation) C:\Windows\system32\wiaaut.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000542720 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000542208 _____ (Microsoft Corporation) C:\Windows\system32\pnpui.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000533504 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000532992 _____ (Microsoft Corporation) C:\Windows\system32\wpcao.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\autoplay.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000481792 _____ (Microsoft Corporation) C:\Windows\system32\cmdial32.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\pcaui.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000445952 _____ (Microsoft Corporation) C:\Windows\system32\ncryptui.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000425472 _____ (Microsoft Corporation) C:\Windows\system32\shwebsvc.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000414208 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000378368 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000376832 _____ (Microsoft Corporation) C:\Windows\system32\rasplap.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000356864 _____ (Microsoft Corporation) C:\Windows\system32\MediaMetadataHandler.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000313344 _____ (Microsoft Corporation) C:\Windows\system32\thawbrkr.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000303616 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\modemui.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000281088 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000275968 _____ (Microsoft Corporation) C:\Windows\system32\SnippingTool.exe 2009-09-24 10:12 - 2009-04-11 00:28 - 000259584 _____ (Microsoft Corporation) C:\Windows\system32\rasppp.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000245760 _____ (Microsoft Corporation) C:\Windows\system32\scansetting.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000242688 _____ (Microsoft Corporation) C:\Windows\system32\tapisrv.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000218624 _____ (Microsoft Corporation) C:\Windows\system32\mscandui.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000217600 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000202752 _____ (Microsoft Corporation) C:\Windows\system32\wlanui.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000200704 _____ (Microsoft Corporation) C:\Windows\system32\input.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000185856 _____ (Microsoft Corporation) C:\Windows\system32\SLLUA.exe 2009-09-24 10:12 - 2009-04-11 00:28 - 000180736 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000178176 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000177664 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000177152 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000175616 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\tcpipcfg.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000166400 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000163328 _____ (Microsoft Corporation) C:\Windows\system32\msutb.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\rasmontr.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\fontext.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wpcsvc.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\dsprop.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000135168 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000134656 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000128000 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000127488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\softkbd.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000121344 _____ (Microsoft Corporation) C:\Windows\system32\ntmarta.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000114688 _____ (Microsoft Corporation) C:\Windows\system32\imm32.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000107008 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000105472 _____ (Microsoft Corporation) C:\Windows\system32\dmsynth.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000101888 _____ (Microsoft Corporation) C:\Windows\system32\dmusic.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\powrprof.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\oleprn.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\mprapi.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\SCardSvr.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\wshext.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000085504 _____ (Microsoft Corporation) C:\Windows\system32\msctfui.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\mstlsapi.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000083456 _____ (Microsoft) C:\Windows\system32\SMBHelperClass.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\wlgpclnt.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000079872 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\iassvcs.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\sendmail.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\PNPXAssoc.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000068608 _____ (Microsoft Corporation) C:\Windows\system32\mpr.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\fdSSDP.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\regapi.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000067072 _____ (Microsoft Corporation) C:\Windows\system32\fdWSD.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\tscupgrd.exe 2009-09-24 10:12 - 2009-04-11 00:28 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\iasads.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\Storprop.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000054272 _____ (Microsoft Corporation) C:\Windows\system32\feclient.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\fdeploy.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\mmci.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000049664 _____ (Microsoft Corporation) C:\Windows\system32\dot3cfg.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\l2nacp.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\bthci.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\dataclen.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000042496 _____ (Microsoft Corporation) C:\Windows\system32\slcinst.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\hbaapi.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000039936 _____ (Microsoft Corporation) C:\Windows\system32\networkitemfactory.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000038400 _____ (Microsoft Corporation) C:\Windows\system32\TSTheme.exe 2009-09-24 10:12 - 2009-04-11 00:28 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\iaspolcy.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\perfdisk.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\whealogr.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\msimtf.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\ifmon.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000029184 _____ (Microsoft Corporation) C:\Windows\system32\uxsms.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\msjint40.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\wsdchngr.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000020480 _____ (Microsoft Corporation) C:\Windows\system32\version.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000019456 _____ (Microsoft Corporation) C:\Windows\system32\MsCtfMonitor.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\wscisvif.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\msisip.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\mmcico.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\spwinsat.dll 2009-09-24 10:12 - 2009-04-11 00:28 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\CHxReadingStringIME.dll 2009-09-24 10:12 - 2009-04-11 00:27 - 001689600 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl 2009-09-24 10:12 - 2009-04-11 00:27 - 001102848 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl 2009-09-24 10:12 - 2009-04-11 00:27 - 000408064 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe 2009-09-24 10:12 - 2009-04-11 00:27 - 000407040 _____ (Microsoft Corporation) C:\Windows\system32\dpapimig.exe 2009-09-24 10:12 - 2009-04-11 00:27 - 000280064 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp 2009-09-24 10:12 - 2009-04-11 00:27 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\certreq.exe 2009-09-24 10:12 - 2009-04-11 00:27 - 000167424 _____ (Microsoft Corporation) C:\Windows\system32\wdmaud.drv 2009-09-24 10:12 - 2009-04-11 00:27 - 000128000 _____ (Microsoft Corporation) C:\Windows\system32\gpresult.exe 2009-09-24 10:12 - 2009-04-11 00:27 - 000094720 _____ (Microsoft Corporation) C:\Windows\system32\logagent.exe 2009-09-24 10:12 - 2009-04-11 00:27 - 000082944 _____ (Microsoft Corporation) C:\Windows\system32\nslookup.exe 2009-09-24 10:12 - 2009-04-11 00:27 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax 2009-09-24 10:12 - 2009-04-11 00:27 - 000080384 _____ (Microsoft Corporation) C:\Windows\system32\hdwwiz.exe 2009-09-24 10:12 - 2009-04-11 00:27 - 000074752 _____ (Microsoft Corporation) C:\Windows\system32\newdev.exe 2009-09-24 10:12 - 2009-04-11 00:27 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\conime.exe 2009-09-24 10:12 - 2009-04-11 00:27 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\PnPUnattend.exe 2009-09-24 10:12 - 2009-04-11 00:27 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\cipher.exe 2009-09-24 10:12 - 2009-04-11 00:27 - 000049152 _____ (Microsoft Corporation) C:\Windows\system32\cmmon32.exe 2009-09-24 10:12 - 2009-04-11 00:27 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\rekeywiz.exe 2009-09-24 10:12 - 2009-04-11 00:27 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\ftp.exe 2009-09-24 10:12 - 2009-04-11 00:27 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\ocsetup.exe 2009-09-24 10:12 - 2009-04-11 00:27 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\bthudtask.exe 2009-09-24 10:12 - 2009-04-11 00:27 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\PnPutil.exe 2009-09-24 10:12 - 2009-04-11 00:27 - 000026624 _____ (Microsoft Corporation) C:\Windows\system32\ipconfig.exe 2009-09-24 10:12 - 2009-04-11 00:27 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEject.exe 2009-09-24 10:12 - 2009-04-11 00:27 - 000021504 _____ (Microsoft Corporation) C:\Windows\system32\msacm32.drv 2009-09-24 10:12 - 2009-04-11 00:27 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\fc.exe 2009-09-24 10:12 - 2009-04-11 00:27 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\rasdial.exe 2009-09-24 10:12 - 2009-04-11 00:27 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\gpupdate.exe 2009-09-24 10:12 - 2009-04-11 00:23 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime 2009-09-24 10:12 - 2009-04-11 00:23 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime 2009-09-24 10:12 - 2009-04-10 22:46 - 000121344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys 2009-09-24 10:12 - 2009-04-10 22:46 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rassstp.sys 2009-09-24 10:12 - 2009-04-10 22:45 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys 2009-09-24 10:12 - 2009-04-10 22:45 - 000072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2009-09-24 10:12 - 2009-04-10 22:45 - 000072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys 2009-09-24 10:12 - 2009-04-10 22:45 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smb.sys 2009-09-24 10:12 - 2009-04-10 22:43 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys 2009-09-24 10:12 - 2009-04-10 22:42 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2009-09-24 10:12 - 2009-04-10 22:42 - 000025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys 2009-09-24 10:12 - 2009-04-10 22:42 - 000025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD.sys 2009-09-24 10:12 - 2009-04-10 22:42 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys 2009-09-24 10:12 - 2009-04-10 22:39 - 000067072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys 2009-09-24 10:12 - 2009-04-10 22:38 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys 2009-09-24 10:12 - 2009-04-10 22:22 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys 2009-09-24 10:12 - 2009-04-10 22:14 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys 2009-09-24 10:12 - 2009-04-10 22:13 - 000226816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys 2009-09-24 10:12 - 2009-04-10 22:13 - 000136704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys 2009-09-24 10:11 - 2009-04-11 00:28 - 000705536 _____ (Microsoft Corporation) C:\Windows\system32\SmiEngine.dll 2009-09-24 10:11 - 2009-04-11 00:28 - 000247808 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll 2009-09-24 10:11 - 2009-04-11 00:28 - 000218624 _____ (Microsoft Corporation) C:\Windows\system32\wdscore.dll 2009-09-24 10:11 - 2009-04-11 00:28 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll 2009-09-24 10:11 - 2009-04-11 00:28 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\bitsigd.dll 2009-09-24 10:11 - 2009-04-11 00:28 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\winrnr.dll 2009-09-24 10:11 - 2009-04-11 00:28 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\NcdProp.dll 2009-09-24 10:11 - 2009-04-11 00:28 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\vdmdbg.dll 2009-09-24 10:11 - 2009-04-11 00:28 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\midimap.dll 2009-09-24 10:11 - 2009-04-11 00:28 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll 2009-09-24 10:11 - 2009-04-11 00:28 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll 2009-09-24 10:11 - 2009-04-11 00:27 - 000130560 _____ (Microsoft Corporation) C:\Windows\system32\PkgMgr.exe 2009-09-24 10:11 - 2009-04-11 00:27 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\csrstub.exe 2009-09-24 10:11 - 2009-04-11 00:27 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\cbsra.exe 2009-09-24 10:11 - 2009-04-11 00:22 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\f3ahvoas.dll 2009-09-24 10:11 - 2009-04-10 23:42 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys 2009-09-24 10:11 - 2009-04-10 22:46 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys 2009-09-24 10:11 - 2009-04-10 22:46 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rndismpx.sys 2009-09-24 10:11 - 2009-04-10 22:46 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys 2009-09-24 10:11 - 2009-04-10 22:42 - 000052992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys 2009-09-24 10:11 - 2009-04-10 22:39 - 000019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys 2009-09-24 10:11 - 2009-04-10 22:39 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\iscsilog.dll 2009-09-24 10:11 - 2009-04-10 22:27 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll 2009-09-24 10:11 - 2009-04-10 22:23 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxg.sys 2009-09-24 10:11 - 2009-02-19 18:20 - 000009212 _____ C:\Windows\system32\RacUR.xml 2009-09-13 16:17 - 2010-05-30 10:26 - 000000007 _____ C:\Windows\system32\Class15 2009-09-13 16:17 - 2010-05-30 10:26 - 000000005 _____ C:\Windows\system32\Band4 2009-09-09 15:17 - 2009-08-14 07:49 - 000027136 _____ (Microsoft Corporation) C:\Windows\system32\NETSTAT.EXE 2009-09-09 15:17 - 2009-08-14 07:49 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\ARP.EXE 2009-09-09 15:17 - 2009-08-14 07:49 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\ROUTE.EXE 2009-09-09 15:17 - 2009-08-14 07:49 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\MRINFO.EXE 2009-09-09 15:17 - 2009-08-14 07:49 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\finger.exe 2009-09-09 15:17 - 2009-08-14 07:49 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\TCPSVCS.EXE 2009-09-09 15:17 - 2009-08-14 07:49 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\HOSTNAME.EXE 2009-09-09 15:17 - 2009-08-14 07:48 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\netiohlp.dll 2009-09-09 15:16 - 2009-07-11 13:01 - 000513536 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll 2009-09-09 15:16 - 2009-07-11 13:01 - 000302592 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll 2009-09-09 15:16 - 2009-07-11 13:01 - 000293376 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll 2009-09-09 15:16 - 2009-07-11 13:01 - 000065024 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll 2009-09-09 15:16 - 2009-07-11 11:03 - 002501921 _____ C:\Windows\system32\wlan.tmf 2009-09-09 15:16 - 2009-07-11 11:03 - 000127488 _____ (Microsoft Corporation) C:\Windows\system32\L2SecHC.dll 2009-09-09 15:16 - 2009-06-10 05:41 - 002386944 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL 2009-09-09 15:16 - 2009-04-11 00:28 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll 2009-09-09 15:16 - 2009-04-11 00:27 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2009-09-09 15:16 - 2009-04-11 00:27 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2009-09-09 15:16 - 2009-04-10 22:54 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2009-09-08 17:44 - 2009-09-08 17:44 - 000000000 ____D C:\ProgramData\Office Genuine Advantage 2009-09-08 14:10 - 2009-03-08 05:34 - 000208384 _____ (Microsoft Corporation) C:\Windows\system32\WinFXDocObj.exe 2009-09-08 10:07 - 2013-08-04 16:11 - 000000000 ____D C:\Users\Angela\AppData\Local\Microsoft Help 2009-08-12 10:07 - 2009-08-20 18:36 - 001268224 _____ C:\Users\Angela\Documents\vega for sheriff2.bro 2009-08-12 09:20 - 2009-07-17 07:54 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\atl.dll 2009-08-12 09:20 - 2009-06-10 05:42 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll 2009-08-12 09:20 - 2009-04-11 00:28 - 000136192 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll 2009-08-12 09:20 - 2009-04-11 00:28 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2009-08-12 09:17 - 2009-06-15 08:54 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2009-08-12 09:16 - 2009-07-15 06:39 - 000313344 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll 2009-08-12 09:16 - 2009-07-15 04:21 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.tlb 2009-08-12 09:16 - 2009-07-15 04:21 - 000018432 _____ (Microsoft Corporation) C:\Windows\system32\amcompat.tlb 2009-08-03 15:07 - 2009-08-03 15:07 - 000403816 _____ C:\Windows\system32\OGACheckControl.dll 2009-08-03 15:07 - 2009-08-03 15:07 - 000322928 _____ (Microsoft Corporation) C:\Windows\system32\OGAAddin.dll 2009-08-03 15:07 - 2009-08-03 15:07 - 000230768 _____ C:\Windows\system32\OGAEXEC.exe 2009-07-21 01:05 - 2009-07-21 01:05 - 001348432 _____ (Microsoft Corporation) C:\Windows\system32\msxml4.dll 2009-07-14 20:44 - 2018-10-30 18:06 - 000000000 ____D C:\Users\Angela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pogo Games 2009-07-14 20:44 - 2018-10-30 18:06 - 000000000 ____D C:\Program Files\Oberon Media 2009-07-14 20:44 - 2013-11-22 22:07 - 000000000 ____D C:\ProgramData\TEMP 2009-07-14 20:44 - 2010-02-14 20:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pogo Games 2009-07-14 17:58 - 2009-07-27 17:28 - 001268224 _____ C:\Users\Angela\Documents\vega for sheriff.bro 2009-07-14 17:31 - 2009-07-14 17:31 - 000000000 ____D C:\Users\Angela\AppData\Local\Broderbund Software 2009-07-14 17:26 - 2009-07-14 17:26 - 000000000 ____D C:\ProgramData\Broderbund Software 2009-07-14 17:26 - 1998-06-18 11:33 - 000598288 _____ (Microsoft Corporation) C:\Windows\system32\temp.001 2009-07-14 17:26 - 1998-06-16 19:45 - 000077878 _____ (Microsoft Corporation) C:\Windows\system32\temp.000 2009-07-14 17:26 - 1997-01-22 07:47 - 000018192 _____ (Microsoft Corporation) C:\Windows\system32\temp.002 2009-07-14 17:26 - 1997-01-13 09:18 - 000037136 _____ (Microsoft Corporation) C:\Windows\system32\MSJINT35.DLL 2009-07-14 17:26 - 1996-12-31 13:19 - 000254976 _____ (Microsoft Corporation) C:\Windows\system32\MSEXCL35.DLL 2009-07-14 17:26 - 1996-12-31 13:19 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\MSLTUS35.DLL 2009-07-14 17:26 - 1996-12-16 10:30 - 001039360 _____ (Microsoft Corporation) C:\Windows\system32\MSJET35.DLL 2009-07-14 17:26 - 1996-12-03 13:07 - 000403216 _____ (Microsoft Corporation) C:\Windows\system32\MSREPL35.DLL 2009-07-14 17:26 - 1996-12-02 18:44 - 000290816 _____ (Microsoft Corporation) C:\Windows\system32\MSXBSE35.DLL 2009-07-14 17:26 - 1996-12-02 18:44 - 000253952 _____ (Microsoft Corporation) C:\Windows\system32\MSPDOX35.DLL 2009-07-14 17:26 - 1996-12-02 18:44 - 000166912 _____ (Microsoft Corporation) C:\Windows\system32\MSTEXT35.DLL 2009-07-14 17:26 - 1996-12-02 10:44 - 000251664 _____ (Microsoft Corporation) C:\Windows\system32\MSRD2X35.DLL 2009-07-14 17:26 - 1996-12-02 10:44 - 000024336 _____ (Microsoft Corporation) C:\Windows\system32\MSJTER35.DLL 2009-07-14 17:26 - 1996-11-07 18:48 - 000368912 _____ (Microsoft Corporation) C:\Windows\system32\VBAR332.DLL 2009-07-14 17:25 - 2009-07-14 17:26 - 000000000 ____D C:\Program Files\Web Publish 2009-07-14 17:00 - 2018-10-30 18:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Print Shop 2009-07-14 16:59 - 2009-07-14 16:59 - 000000000 ____D C:\Program Files\Common Files\MSSoap 2009-07-14 16:59 - 2009-07-14 16:59 - 000000000 ____D C:\Program Files\Broderbund 2009-07-14 16:59 - 2001-07-30 17:40 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\msxml3a.dll 2009-07-14 16:59 - 1999-04-21 05:08 - 000029184 _____ (Blue Sky Software) C:\Windows\system32\Popup.ocx 2009-07-14 16:11 - 2009-06-15 08:52 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2009-07-14 16:11 - 2009-06-15 08:51 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2009-06-09 22:44 - 2009-06-09 22:44 - 000000000 ____D C:\Users\Angela\AppData\LocalLow\FunWebProducts 2009-05-25 19:38 - 2012-05-26 19:00 - 000013264 _____ C:\Users\Angela\Documents\puppy list sold.xlsx 2009-05-25 00:06 - 2009-05-25 00:06 - 000000540 _____ C:\Users\Angela\Desktop\Coat Color Genetics - Shortcut.lnk 2009-05-25 00:04 - 2007-03-20 01:49 - 000000000 ____D C:\Users\Angela\Documents\Coat Color Genetics 2009-05-20 11:03 - 2010-02-02 17:13 - 000000000 ____D C:\Users\Angela\AppData\LocalLow\Google 2009-05-19 12:08 - 2009-05-19 12:08 - 000000000 ____D C:\Users\Default\AppData\Local\Microsoft Help 2009-05-19 12:08 - 2009-05-19 12:08 - 000000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help 2009-05-18 22:02 - 2009-05-18 22:02 - 000000000 ____D C:\Windows\Sun 2009-05-18 18:14 - 2009-05-18 18:14 - 000000000 ____D C:\Users\Angela\AppData\Roaming\Macromedia 2009-05-18 18:10 - 2011-03-02 16:26 - 000000000 ____D C:\Users\Angela\Tracing 2009-05-18 18:00 - 2009-05-18 18:00 - 000005115 _____ C:\ProgramData\N360BUOptions.ini 2009-05-18 17:48 - 2009-05-18 17:48 - 000000000 ____D C:\Program Files\Windows Live Toolbar 2009-05-18 17:47 - 2009-05-18 17:47 - 000000000 ___HD C:\Windows\msdownld.tmp 2009-05-18 17:45 - 2009-05-18 17:45 - 000000762 _____ C:\Users\Angela\Documents\My Sharing Folders.lnk 2009-05-18 17:44 - 2011-03-31 03:04 - 000000000 ____D C:\Program Files\Windows Live 2009-05-18 17:43 - 2009-05-18 17:43 - 000000000 ____D C:\Program Files\Common Files\Windows Live 2009-05-18 17:42 - 2009-05-18 17:42 - 000000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition 2009-05-18 17:18 - 2018-10-30 12:28 - 000000000 ____D C:\Program Files\Common Files\supportsoft 2009-05-13 14:38 - 2009-05-13 14:38 - 000000000 ____D C:\Users\Angela\Documents\My Received Files 2009-05-12 14:34 - 2009-05-13 14:33 - 000000000 ____D C:\Users\Angela\AppData\Roaming\Google 2009-05-10 22:05 - 2013-11-22 22:28 - 000000000 ____D C:\Users\Angela\AppData\Local\Microsoft Games 2009-04-30 20:56 - 2009-04-30 20:56 - 000000000 ____D C:\Users\Angela\AppData\Roaming\PlayFirst 2009-04-30 20:56 - 2009-04-30 20:56 - 000000000 ____D C:\ProgramData\PlayFirst 2009-04-30 17:05 - 2010-10-23 14:52 - 000000000 ____D C:\Users\Angela\Documents\OneNote Notebooks 2009-04-29 22:14 - 2009-04-29 22:14 - 000000000 ____D C:\Users\Angela\AppData\Roaming\Ludia 2009-04-29 22:14 - 2009-04-29 22:14 - 000000000 ____D C:\ProgramData\Ludia 2009-04-29 18:57 - 2009-04-29 18:57 - 000000000 ____D C:\Users\Angela\AppData\Roaming\WildTangent 2009-04-29 01:07 - 2014-10-24 10:23 - 000010240 _____ C:\Users\Angela\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2009-04-29 00:34 - 2011-02-16 10:45 - 000091776 _____ C:\Users\Angela\AppData\Local\GDIPFONTCACHEV1.DAT 2009-04-29 00:34 - 2009-04-29 00:34 - 000000000 ____D C:\Users\Angela\Documents\My Google Gadgets 2009-04-29 00:34 - 2007-03-20 01:24 - 000000000 ____D C:\Users\Angela\AppData\Local\Google 2009-04-29 00:33 - 2009-04-29 18:59 - 000000000 ____D C:\Users\Angela\AppData\Local\VirtualStore 2009-04-29 00:33 - 2007-04-24 19:57 - 000000951 _____ C:\Users\Angela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2009-04-29 00:33 - 2007-04-24 19:57 - 000000946 _____ C:\Users\Angela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2009-04-29 00:33 - 2007-04-24 19:57 - 000000917 _____ C:\Users\Angela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk 2009-04-29 00:32 - 2011-03-02 18:08 - 000000000 ____D C:\ProgramData\Google 2009-04-29 00:32 - 2009-04-29 00:32 - 000000000 ____D C:\Program Files\eBay 2009-04-29 00:31 - 2014-10-03 11:57 - 000000000 ____D C:\Users\Angela 2009-04-29 00:31 - 2009-04-29 00:31 - 000000020 ___SH C:\Users\Angela\ntuser.ini 2009-04-29 00:31 - 2006-11-02 06:37 - 000000000 ____D C:\Users\Angela\AppData\Roaming\Media Center Programs 2009-03-11 22:50 - 2009-03-11 22:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go 2009-03-11 22:50 - 2009-03-11 22:50 - 000000000 ____D C:\Program Files\CyberLink 2009-03-11 22:50 - 2009-03-11 22:50 - 000000000 _____ C:\Windows\system32\Drivers\Gateway_ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ_N-A_ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ.MRK 2009-03-11 22:49 - 2009-03-11 22:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gateway 2009-03-11 22:48 - 2008-06-11 12:18 - 000487424 _____ C:\Windows\system32\INT15.dll 2009-03-11 22:48 - 2008-06-11 12:13 - 000017952 _____ (Acer, Inc.) C:\Windows\system32\Drivers\int15_64.sys 2009-03-11 22:48 - 2008-06-11 12:13 - 000015392 _____ (Acer, Inc.) C:\Windows\system32\Drivers\int15.sys 2009-03-11 22:48 - 2007-03-20 00:11 - 000000000 _____ C:\Windows\system32\LogConfigTemp.xml 2009-03-11 22:47 - 2009-03-11 22:47 - 000000000 ____D C:\Program Files\GATEWAY 2009-03-11 22:46 - 2009-03-11 22:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek USB 2.0 Card Reader Software 2009-03-11 22:46 - 2008-01-03 21:35 - 000059392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTSTOR.sys 2009-03-11 22:46 - 2007-08-02 23:32 - 005631520 _____ C:\Windows\system\DriveIcon.dll 2009-03-11 22:45 - 2009-03-11 22:45 - 000000000 ____D C:\Program Files\CONEXANT 2009-03-11 22:44 - 2009-03-11 22:44 - 000016052 _____ C:\Windows\system32\results.xml 2009-03-11 22:40 - 2007-08-06 06:16 - 000003432 _____ C:\Windows\system32\USBMediaReaderPatch.vbs 2009-03-11 22:36 - 2009-03-11 22:36 - 000000000 ____D C:\Windows\system32\Lang 2009-03-11 22:36 - 2008-09-08 23:19 - 000920088 _____ (Intel® Corporation) C:\Windows\system32\igxpun.exe 2009-02-23 20:51 - 2009-04-29 00:48 - 000000049 __RSH C:\Users\Public\Documents\HBEPGUID.TXT 2009-02-23 20:34 - 2008-04-22 14:35 - 000024536 _____ C:\Windows\system32\gateway.bmp 2009-02-23 20:33 - 2009-02-23 20:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gateway Documentation 2009-02-23 20:33 - 2009-02-23 20:34 - 000000000 ____D C:\book 2009-02-23 20:24 - 2009-05-18 23:33 - 000000000 ____D C:\ProgramData\WildTangent 2009-02-23 20:24 - 2009-05-18 23:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gateway Games 2009-02-23 20:24 - 2009-05-18 23:30 - 000000000 ____D C:\Program Files\Gateway Games 2009-02-23 20:23 - 2018-10-30 11:03 - 000000000 ____D C:\Windows\system32\Macromed 2009-02-23 20:23 - 2008-08-12 19:27 - 000001635 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EarthLink TotalAccess.lnk 2009-02-23 20:22 - 2009-02-23 20:23 - 000000000 ____D C:\Program Files\Preload 2009-02-23 20:22 - 2009-02-23 20:22 - 000001894 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetZero Internet.lnk 2009-02-23 20:20 - 2011-03-02 22:29 - 000000000 ____D C:\Program Files\Google 2009-02-23 20:15 - 2009-05-18 18:04 - 000000000 ____D C:\ProgramData\Symantec 2009-02-23 20:15 - 2007-03-20 00:34 - 000000000 ____D C:\Program Files\Common Files\Symantec Shared 2009-02-23 20:12 - 2013-08-04 16:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works 2009-02-23 20:12 - 2009-06-10 01:55 - 000001018 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works Task Launcher.lnk 2009-02-23 20:12 - 2009-02-23 20:12 - 000001924 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2007.lnk 2009-02-23 20:12 - 2009-02-23 20:12 - 000000000 ____D C:\Program Files\Microsoft Office Suite Activation Assistant 2009-02-23 20:10 - 2013-08-04 16:51 - 000000000 ____D C:\Program Files\Microsoft Works 2009-02-23 20:10 - 2009-04-30 16:57 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2009-02-23 20:10 - 2009-02-27 03:42 - 000031640 _____ (Microsoft Corporation) C:\Windows\system32\msonpmon.dll 2009-02-23 20:09 - 2009-02-23 20:09 - 000000000 ____D C:\Windows\PCHEALTH 2009-02-23 20:08 - 2013-12-18 01:33 - 000000000 ____D C:\Program Files\Microsoft Office 2009-02-23 20:08 - 2009-02-23 20:08 - 000000000 __RHD C:\MSOCache 2009-02-23 20:06 - 2007-05-23 19:37 - 000011776 _____ (Chicony Electronics Co., Ltd.) C:\Windows\system32\Drivers\UVCFTR_S.SYS 2009-02-23 20:04 - 2009-02-23 20:04 - 000000000 ____D C:\Program Files\Realtek 2009-02-23 20:04 - 2008-01-25 18:46 - 000106496 _____ (Realtek Corporation ) C:\Windows\system32\Drivers\Rtlh86.sys 2009-02-23 20:03 - 2018-10-30 18:50 - 000000000 ___HD C:\Program Files\InstallShield Installation Information 2009-02-23 20:03 - 2009-03-11 22:40 - 000000000 ____D C:\Program Files\IDT 2009-02-23 20:03 - 2009-02-23 20:03 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01000.Wdf 2009-02-23 20:03 - 2009-02-23 20:03 - 000000000 ____D C:\Program Files\Synaptics 2009-02-23 20:03 - 2007-07-26 19:50 - 000329728 _____ (IDT, Inc.) C:\Windows\system32\Drivers\stwrt.sys 2009-02-23 20:03 - 2007-07-26 19:48 - 000146944 _____ (IDT, Inc.) C:\Windows\system32\staco.dll 2009-02-23 19:57 - 2009-02-23 19:57 - 000000000 ____D C:\Program Files\Intel 2009-02-23 19:57 - 2009-02-23 19:57 - 000000000 ____D C:\Intel 2009-02-23 19:12 - 2008-05-26 22:59 - 000018904 _____ C:\Windows\system32\StructuredQuerySchemaTrivial.bin 2009-02-23 19:12 - 2007-11-08 03:04 - 011967524 _____ C:\Windows\system32\korwbrkr.lex 2009-02-23 18:58 - 2008-05-09 16:22 - 000000153 _____ C:\Windows\system32\RacUREx.xml 2009-02-23 18:45 - 2008-02-29 00:35 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\kbd106n.dll 2009-02-23 18:40 - 2009-02-23 18:40 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_00_00.Wdf 2009-02-23 18:35 - 2009-04-11 00:36 - 000333257 __RSH C:\bootmgr 2009-02-23 18:34 - 2007-01-11 03:50 - 000000023 _____ C:\Windows\system32\$Acer$.cmd 2009-02-23 18:32 - 2009-04-29 00:33 - 000000000 ___HD C:\ACER 2009-02-23 18:32 - 2007-10-31 12:36 - 002252800 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETw4v32.sys 2009-02-23 18:32 - 2007-08-27 12:12 - 002777088 _____ (Intel Corporation) C:\Windows\system32\NETw4r32.dll 2009-02-23 18:32 - 2007-08-27 12:12 - 000745472 _____ (Intel Corporation) C:\Windows\system32\NETw4c32.dll 2009-02-23 18:32 - 2007-01-29 07:23 - 000386560 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\XAudio.exe 2009-02-23 18:32 - 2007-01-29 07:23 - 000008704 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\XAudio.sys 2009-02-23 18:32 - 2006-12-21 10:04 - 000144201 _____ C:\Windows\system32\Drivers\HSFProf.cty 2009-02-23 18:32 - 2006-12-21 06:50 - 000985600 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\HSX_DPV.sys 2009-02-23 18:32 - 2006-12-21 06:49 - 000207360 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\HSXHWAZL.sys 2009-02-23 18:32 - 2006-12-21 06:48 - 000659968 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\HSX_CNXT.sys 2009-02-23 18:32 - 2006-12-19 12:37 - 000176128 _____ (Conexant Systems, Inc.) C:\Windows\system32\UCI32M16.dll 2009-02-23 18:32 - 2006-11-17 16:22 - 000181176 _____ (Synaptics, Inc.) C:\Windows\system32\Drivers\SynTP.sys 2009-02-23 18:32 - 2006-11-17 16:19 - 000110592 _____ (Synaptics, Inc.) C:\Windows\system32\SynTPCo4.dll 2009-02-23 18:32 - 2006-11-17 15:37 - 000143360 _____ (Synaptics, Inc.) C:\Windows\system32\SynTPAPI.dll 2009-02-23 18:32 - 2006-11-17 15:28 - 000196608 _____ (Synaptics, Inc.) C:\Windows\system32\SynCtrl.dll 2009-02-23 18:32 - 2006-11-17 15:28 - 000163840 _____ (Synaptics, Inc.) C:\Windows\system32\SynCOM.dll 2009-02-23 18:32 - 2006-06-18 09:26 - 000094208 _____ (Conexant) C:\Windows\system32\mdmxsdk.dll 2009-02-23 18:32 - 2006-06-18 09:26 - 000012672 _____ (Conexant) C:\Windows\system32\Drivers\mdmxsdk.sys 2009-02-23 18:32 - 2006-03-09 12:58 - 001060424 _____ C:\Windows\system32\WdfCoInstaller01000.dll 2009-01-12 03:01 - 2008-09-08 23:19 - 000670232 _____ (Intel Corporation) C:\Windows\system32\igfxcfg.exe 2009-01-12 03:01 - 2008-09-08 23:19 - 000256536 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe 2009-01-12 03:01 - 2008-09-08 23:19 - 000178712 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe 2009-01-12 03:01 - 2008-09-08 23:19 - 000178712 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe 2009-01-12 03:01 - 2008-09-08 23:19 - 000154136 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe 2009-01-12 03:01 - 2008-09-08 23:19 - 000150040 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe 2009-01-12 03:01 - 2008-09-02 00:36 - 000036064 _____ C:\Windows\system32\iglhxs32.vp 2009-01-12 03:01 - 2008-09-01 23:25 - 000147456 _____ C:\Windows\system32\igfxCoIn_v1554.dll 2009-01-12 03:01 - 2008-09-01 23:17 - 003379200 _____ (Intel Corporation) C:\Windows\system32\igdumd32.dll 2009-01-12 03:01 - 2008-09-01 23:17 - 002472448 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd32.sys 2009-01-12 03:01 - 2008-09-01 23:15 - 001498700 _____ C:\Windows\system32\igkrng400.bin 2009-01-12 03:01 - 2008-09-01 23:15 - 000536576 _____ (Intel Corporation) C:\Windows\system32\igdumdx32.dll 2009-01-12 03:01 - 2008-09-01 23:10 - 002195456 _____ (Intel Corporation) C:\Windows\system32\igd10umd32.dll 2009-01-12 03:01 - 2008-09-01 23:04 - 003878912 _____ (Intel Corporation) C:\Windows\system32\ig4icd32.dll 2009-01-12 03:01 - 2008-09-01 23:04 - 002342912 _____ (Intel Corporation) C:\Windows\system32\ig4dev32.dll 2009-01-12 03:01 - 2008-09-01 22:59 - 000270336 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc 2009-01-12 03:01 - 2008-09-01 22:59 - 000266240 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc 2009-01-12 03:01 - 2008-09-01 22:59 - 000258048 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc 2009-01-12 03:01 - 2008-09-01 22:59 - 000258048 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc 2009-01-12 03:01 - 2008-09-01 22:59 - 000253952 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc 2009-01-12 03:01 - 2008-09-01 22:59 - 000253952 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc 2009-01-12 03:01 - 2008-09-01 22:59 - 000237568 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc 2009-01-12 03:01 - 2008-09-01 22:58 - 000286720 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc 2009-01-12 03:01 - 2008-09-01 22:58 - 000278528 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc 2009-01-12 03:01 - 2008-09-01 22:58 - 000278528 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc 2009-01-12 03:01 - 2008-09-01 22:58 - 000278528 _____ (Intel Corporation) C:\Windows\system32\igfxresp.lrc 2009-01-12 03:01 - 2008-09-01 22:58 - 000278528 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc 2009-01-12 03:01 - 2008-09-01 22:58 - 000274432 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc 2009-01-12 03:01 - 2008-09-01 22:58 - 000266240 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc 2009-01-12 03:01 - 2008-09-01 22:58 - 000262144 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc 2009-01-12 03:01 - 2008-09-01 22:58 - 000262144 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc 2009-01-12 03:01 - 2008-09-01 22:58 - 000258048 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc 2009-01-12 03:01 - 2008-09-01 22:58 - 000258048 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc 2009-01-12 03:01 - 2008-09-01 22:58 - 000258048 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc 2009-01-12 03:01 - 2008-09-01 22:58 - 000253952 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc 2009-01-12 03:01 - 2008-09-01 22:58 - 000229376 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc 2009-01-12 03:01 - 2008-09-01 22:58 - 000225280 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc 2009-01-12 03:01 - 2008-09-01 22:58 - 000184320 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc 2009-01-12 03:01 - 2008-09-01 22:58 - 000180224 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc 2009-01-12 03:01 - 2008-09-01 22:58 - 000155648 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc 2009-01-12 03:01 - 2008-09-01 22:58 - 000155648 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc 2009-01-12 03:01 - 2008-09-01 22:56 - 000258048 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll 2009-01-12 03:01 - 2008-09-01 22:55 - 000217088 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll 2009-01-12 03:01 - 2008-09-01 22:55 - 000135168 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll 2009-01-12 03:01 - 2008-09-01 22:55 - 000126976 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl 2009-01-12 03:01 - 2008-09-01 22:55 - 000069632 _____ (Intel Corporation) C:\Windows\system32\oemdspif.dll 2009-01-12 03:01 - 2008-09-01 22:55 - 000052224 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll 2009-01-12 03:01 - 2008-09-01 22:55 - 000024576 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll 2009-01-12 03:01 - 2008-09-01 22:54 - 005672960 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll 2009-01-12 03:01 - 2008-09-01 22:54 - 000249856 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc 2009-01-12 03:01 - 2008-09-01 22:54 - 000221184 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll 2009-01-12 03:01 - 2008-09-01 22:54 - 000106496 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll 2009-01-12 03:01 - 2008-09-01 22:49 - 000002096 _____ C:\Windows\system32\iglhxo32.vp 2009-01-12 03:01 - 2008-09-01 22:49 - 000002096 _____ C:\Windows\system32\iglhxc32.vp 2008-02-01 03:21 - 2008-02-01 03:21 - 000245408 _____ (Microsoft Corporation) C:\Windows\system32\unicows.dll 2008-01-20 21:13 - 2008-01-20 20:23 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys 2008-01-20 21:11 - 2008-01-20 20:23 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\blbdrive.sys 2008-01-20 21:10 - 2008-01-20 20:23 - 000386616 _____ (LSI Corporation, Inc.) C:\Windows\system32\Drivers\MegaSR.sys 2008-01-20 20:25 - 2008-01-20 20:25 - 001642496 _____ (Microsoft Corporation) C:\Windows\system32\WMPEncEn.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 001329152 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL 2008-01-20 20:25 - 2008-01-20 20:25 - 001118720 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL 2008-01-20 20:25 - 2008-01-20 20:25 - 000767488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL 2008-01-20 20:25 - 2008-01-20 20:25 - 000758784 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL 2008-01-20 20:25 - 2008-01-20 20:25 - 000705536 _____ (Microsoft Corporation) C:\Windows\system32\imagesp1.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000616448 _____ (Microsoft Corporation) C:\Windows\system32\dsuiext.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000614400 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL 2008-01-20 20:25 - 2008-01-20 20:25 - 000464896 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe 2008-01-20 20:25 - 2008-01-20 20:25 - 000418304 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmdev.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000415232 _____ (Microsoft Corporation) C:\Windows\system32\msdri.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000403968 _____ (Microsoft Corporation) C:\Windows\system32\p2pcollab.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000394240 _____ (Microsoft Corporation) C:\Windows\system32\dsquery.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000347648 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmnet.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe 2008-01-20 20:25 - 2008-01-20 20:25 - 000318464 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2008-01-20 20:25 - 2008-01-20 20:25 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\azroleui.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\mswmdm.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000274944 _____ (Microsoft Corporation) C:\Windows\system32\srrstr.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000259584 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL 2008-01-20 20:25 - 2008-01-20 20:25 - 000259584 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL 2008-01-20 20:25 - 2008-01-20 20:25 - 000246272 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL 2008-01-20 20:25 - 2008-01-20 20:25 - 000244224 _____ (Microsoft Corporation) C:\Windows\system32\audiodev.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\WMASF.DLL 2008-01-20 20:25 - 2008-01-20 20:25 - 000216576 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL 2008-01-20 20:25 - 2008-01-20 20:25 - 000208896 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000203776 _____ (Microsoft Corporation) C:\Windows\system32\wpdwcn.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000202240 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000192000 _____ (Microsoft Corporation) C:\Windows\system32\p2phost.exe 2008-01-20 20:25 - 2008-01-20 20:25 - 000188928 _____ (Microsoft Corporation) C:\Windows\system32\lltdsvc.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000185856 _____ (Microsoft Corporation) C:\Windows\system32\adsldp.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000184320 _____ (Microsoft Corporation) C:\Windows\system32\wmpsrcwp.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000183808 _____ (Microsoft Corporation) C:\Windows\system32\duser.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000161792 _____ (Microsoft Corporation) C:\Windows\system32\raserver.exe 2008-01-20 20:25 - 2008-01-20 20:25 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL 2008-01-20 20:25 - 2008-01-20 20:25 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\msrdc.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000154624 _____ (Microsoft Corporation) C:\Windows\system32\wmidx.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000154624 _____ (Microsoft Corporation) C:\Windows\system32\nlmgp.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000153600 _____ (Microsoft Corporation) C:\Windows\system32\wmvdspa.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\rgb9rast.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000134144 _____ (Microsoft Corporation) C:\Windows\system32\p2pnetsh.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceWiaCompat.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000116736 _____ (Microsoft Corporation) C:\Windows\system32\sstpsvc.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\loadperf.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\wmpshell.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL 2008-01-20 20:25 - 2008-01-20 20:25 - 000082944 _____ (Microsoft Corporation) C:\Windows\system32\sdchange.exe 2008-01-20 20:25 - 2008-01-20 20:25 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\systeminfo.exe 2008-01-20 20:25 - 2008-01-20 20:25 - 000074240 _____ (Microsoft Corporation) C:\Windows\system32\nci.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000072192 _____ (Microsoft Corporation) C:\Windows\system32\wpclsp.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\cmifw.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\pnrpnsp.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\eapsvc.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\uexfat.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\Mcx2Svc.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\DfsShlEx.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000051712 _____ (Microsoft) C:\Windows\system32\esrb.rs 2008-01-20 20:25 - 2008-01-20 20:25 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\fphc.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\dssec.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\lodctr.exe 2008-01-20 20:25 - 2008-01-20 20:25 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe 2008-01-20 20:25 - 2008-01-20 20:25 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\vds_ps.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\unlodctr.exe 2008-01-20 20:25 - 2008-01-20 20:25 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\lltdapi.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\msdmo.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\srwmi.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\wmpcm.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000021504 _____ (Microsoft Corporation) C:\Windows\system32\HotStartUserAgent.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\msdtcVSp1res.dll 2008-01-20 20:25 - 2008-01-20 20:25 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\vdsldr.exe 2008-01-20 20:25 - 2008-01-20 20:25 - 000016896 _____ (Microsoft) C:\Windows\system32\grb.rs 2008-01-20 20:25 - 2008-01-20 20:25 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\srdelayed.exe 2008-01-20 20:25 - 2008-01-20 20:25 - 000007680 _____ (Microsoft Corporation) C:\Windows\system32\procinst.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 008322048 _____ (Microsoft Corporation) C:\Windows\system32\spwizimg.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 005714432 _____ (Microsoft Corporation) C:\Windows\system32\logon.scr 2008-01-20 20:24 - 2008-01-20 20:24 - 004595712 _____ (Microsoft Corporation) C:\Windows\system32\AuthFWSnapin.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 003104768 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0049.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 003104768 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0047.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 003104768 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0046.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 003104768 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0045.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 003104768 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0039.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 003104768 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0020.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 002585088 _____ (Microsoft Corporation) C:\Windows\system32\FirewallControlPanel.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 002249216 _____ (Microsoft Corporation) C:\Windows\system32\Firewall.cpl 2008-01-20 20:24 - 2008-01-20 20:24 - 001966592 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0027.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 001965056 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0026.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 001965056 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0024.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 001801216 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0022.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 001801216 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0021.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 001502208 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 001405952 _____ (Microsoft Corporation) C:\Windows\system32\ActiveContentWizard.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 001386496 _____ (Microsoft Corporation) C:\Windows\system32\msvbvm60.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 001295360 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 001291264 _____ (Microsoft Corporation) C:\Windows\system32\comres.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 001107456 _____ (Microsoft Corporation) C:\Windows\system32\ogldrv.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 001039360 _____ (Microsoft Corporation) C:\Windows\system32\d3d8.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000975360 _____ (Microsoft Corporation) C:\Windows\system32\RASMM.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000816128 _____ (Microsoft Corporation) C:\Windows\system32\d3dim700.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000736768 _____ (Microsoft Corporation) C:\Windows\system32\unbcl.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000686592 _____ (Microsoft Corporation) C:\Windows\system32\colorui.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000671232 _____ (Microsoft Corporation) C:\Windows\system32\dfrgui.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000604160 _____ (Microsoft Corporation) C:\Windows\system32\sqlceqp30.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000574976 _____ (Microsoft Corporation) C:\Windows\system32\XPSSHHDR.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000523776 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx 2008-01-20 20:24 - 2008-01-20 20:24 - 000523776 _____ (Microsoft Corporation) C:\Windows\system32\clbcatq.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000522752 _____ (Microsoft Corporation) C:\Windows\system32\ddraw.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000520704 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000509952 _____ (Microsoft Corporation) C:\Windows\system32\AuthFWGP.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000498176 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000487936 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000485376 _____ (Microsoft Corporation) C:\Windows\system32\mspaint.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000456704 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000451072 _____ (Microsoft Corporation) C:\Windows\system32\catsrv.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000431104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000429056 _____ (Microsoft Corporation) C:\Windows\system32\localsec.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000403968 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000388096 _____ (Microsoft Corporation) C:\Windows\system32\dmdlgs.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000384512 _____ (Microsoft Corporation) C:\Windows\system32\d3dim.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000376832 _____ (Microsoft Corporation) C:\Windows\system32\sxs.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\termmgr.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000352256 _____ (Microsoft Corporation) C:\Windows\system32\nshipsec.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000348160 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000344576 _____ (Microsoft Corporation) C:\Windows\system32\msdtckrm.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000334336 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000326656 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000319488 _____ (Microsoft Corporation) C:\Windows\system32\odbcjt32.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000308224 _____ (Microsoft Corporation) C:\Windows\system32\sqlcese30.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000305152 _____ (Microsoft Corporation) C:\Windows\system32\msdelta.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000301056 _____ (Microsoft Corporation) C:\Windows\system32\mmcbase.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000300032 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000297472 _____ (Microsoft Corporation) C:\Windows\system32\cmipnpinstall.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000296448 _____ (Microsoft Corporation) C:\Windows\system32\xwizards.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000289792 _____ (Microsoft Corporation) C:\Windows\system32\hnetcfg.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000282624 _____ (Microsoft Corporation) C:\Windows\system32\CompatUI.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000276480 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000275968 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000274432 _____ (Microsoft Corporation) C:\Windows\system32\netman.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000272896 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000259072 _____ (Microsoft Corporation) C:\Windows\system32\upnphost.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000258560 _____ (Microsoft Corporation) C:\Windows\system32\dpx.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\adsnt.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000252416 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000251904 _____ (Microsoft Corporation) C:\Windows\system32\sti_ci.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000251904 _____ (Microsoft Corporation) C:\Windows\system32\authfwcfg.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000242688 _____ (Microsoft Corporation) C:\Windows\system32\sysdm.cpl 2008-01-20 20:24 - 2008-01-20 20:24 - 000237056 _____ (Microsoft Corporation) C:\Windows\system32\netprofm.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000235520 _____ (Microsoft Corporation) C:\Windows\system32\dot3gpui.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000229888 _____ (Microsoft Corporation) C:\Windows\system32\mycomput.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000227840 _____ (Microsoft Corporation) C:\Windows\system32\msconfig.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000226816 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000222720 _____ (Microsoft Corporation) C:\Windows\system32\wavemsp.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000220160 _____ (Microsoft Corporation) C:\Windows\system32\comsnap.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000215040 _____ (Microsoft Corporation) C:\Windows\system32\msdtcuiu.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000215040 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000206336 _____ (Microsoft Corporation) C:\Windows\system32\mstask.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000205824 _____ (Microsoft Corporation) C:\Windows\system32\msoeacct.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000204800 _____ (Microsoft Corporation) C:\Windows\system32\activeds.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000201216 _____ (Microsoft Corporation) C:\Windows\system32\unattend.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000195584 _____ (Microsoft Corporation) C:\Windows\system32\upnp.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000191488 _____ (Microsoft Corporation) C:\Windows\system32\provthrd.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\dskquoui.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\mlang.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000184320 _____ (Microsoft Corporation) C:\Windows\system32\dmdskmgr.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000180224 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\lpksetup.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\els.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000178176 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000173568 _____ (Microsoft Corporation) C:\Windows\system32\dsdmo.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000172544 _____ (Microsoft Corporation) C:\Windows\system32\QAGENT.DLL 2008-01-20 20:24 - 2008-01-20 20:24 - 000171520 _____ (Microsoft Corporation) C:\Windows\system32\cic.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000167424 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000163840 _____ (Microsoft Corporation) C:\Windows\system32\taskmgr.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000163840 _____ (Microsoft Corp.) C:\Windows\system32\DfrgNtfs.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000163328 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl 2008-01-20 20:24 - 2008-01-20 20:24 - 000160768 _____ (Microsoft Corporation) C:\Windows\system32\DpiScaling.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\msdadiag.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\net1.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000157696 _____ (Microsoft Corporation) C:\Windows\system32\verifier.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000155704 _____ (Microsoft Corporation) C:\Windows\system32\dssenh.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000155648 _____ (Microsoft Corporation) C:\Windows\system32\ssdpsrv.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000154112 _____ (Microsoft Corporation) C:\Windows\system32\QSHVHOST.DLL 2008-01-20 20:24 - 2008-01-20 20:24 - 000153600 _____ (Microsoft Corporation) C:\Windows\system32\NAPMONTR.DLL 2008-01-20 20:24 - 2008-01-20 20:24 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000145455 _____ C:\Windows\system32\perfmon.msc 2008-01-20 20:24 - 2008-01-20 20:24 - 000145408 _____ (Microsoft Corporation) C:\Windows\system32\CompMgmtLauncher.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax 2008-01-20 20:24 - 2008-01-20 20:24 - 000142848 _____ (Microsoft Corporation) C:\Windows\system32\dot3ui.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000140800 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000139264 _____ (Microsoft Corporation) C:\Windows\system32\SmiInstaller.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\mydocs.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000135168 _____ (Microsoft Corporation) C:\Windows\system32\ndfapi.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000135168 _____ (Microsoft Corporation) C:\Windows\system32\dbnetlib.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000134656 _____ (Microsoft Corporation) C:\Windows\system32\rdpdd.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000134656 _____ (Microsoft Corporation) C:\Windows\system32\dps.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000134656 _____ (Microsoft Corporation) C:\Windows\regedit.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\fde.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000130560 _____ (Microsoft Corporation) C:\Windows\system32\uudf.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\McxDriv.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\MdSched.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000128000 _____ (Microsoft Corporation) C:\Windows\system32\shimgvw.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000127488 _____ (Microsoft Corporation) C:\Windows\system32\mmcshext.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000127488 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\mtstocom.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\mprmsg.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000123392 _____ (Microsoft Corporation) C:\Windows\system32\ifsutil.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000121856 _____ (Microsoft Corporation) C:\Windows\system32\dispdiag.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\msaatext.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000119808 _____ (Microsoft Corporation) C:\Windows\system32\netid.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\prntvpt.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000118272 _____ (Microsoft Corporation) C:\Windows\system32\RDPENCDD.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000117760 _____ (Microsoft Corporation) C:\Windows\system32\bcdsrv.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000114688 _____ (Microsoft Corporation) C:\Windows\system32\rtm.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\verifier.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000112128 _____ (Microsoft Corporation) C:\Windows\system32\netdiagfx.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000112128 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\activeds.tlb 2008-01-20 20:24 - 2008-01-20 20:24 - 000110592 _____ (Microsoft Corporation) C:\Windows\system32\msscript.ocx 2008-01-20 20:24 - 2008-01-20 20:24 - 000109056 _____ (Microsoft Corporation) C:\Windows\system32\SSShim.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\shrink.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\msdtc.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000105472 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE 2008-01-20 20:24 - 2008-01-20 20:24 - 000103936 _____ (Microsoft Corporation) C:\Windows\system32\NAPHLPR.DLL 2008-01-20 20:24 - 2008-01-20 20:24 - 000103936 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayApi.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000101888 _____ (Microsoft Corporation) C:\Windows\system32\oledlg.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\luainstall.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys 2008-01-20 20:24 - 2008-01-20 20:24 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\TapiMigPlugin.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\makecab.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irda.sys 2008-01-20 20:24 - 2008-01-20 20:24 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\xactsrv.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\diantz.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\vssadmin.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000093184 _____ (Microsoft Corporation) C:\Windows\system32\esentutl.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\ufat.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000091648 _____ (Microsoft Corporation) C:\Windows\system32\comrepl.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\rasauto.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\msdtclog.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\ntdsapi.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\dmview.ocx 2008-01-20 20:24 - 2008-01-20 20:24 - 000087552 _____ (Microsoft) C:\Windows\system32\Robocopy.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\msoert2.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TpmInit.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\efsadu.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\dskquota.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000085504 _____ (Microsoft Corporation) C:\Windows\system32\setupugc.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\cmstp.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys 2008-01-20 20:24 - 2008-01-20 20:24 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\usbui.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\QSVRMGMT.DLL 2008-01-20 20:24 - 2008-01-20 20:24 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\tasklist.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000079360 _____ (Microsoft Corporation) C:\Windows\system32\QUTIL.DLL 2008-01-20 20:24 - 2008-01-20 20:24 - 000078848 _____ (Microsoft Corporation) C:\Windows\system32\taskkill.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000078848 _____ (Microsoft Corporation) C:\Windows\system32\olecli32.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\olethk32.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys 2008-01-20 20:24 - 2008-01-20 20:24 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\trkwks.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000074240 _____ (Microsoft Corporation) C:\Windows\system32\IPBusEnum.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000073728 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000072704 _____ (Microsoft Corporation) C:\Windows\system32\cmdl32.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\msacm32.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\cabinet.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000071168 _____ (Microsoft Corporation) C:\Windows\system32\rasman.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\amstream.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\rasqec.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\QCLIPROV.DLL 2008-01-20 20:24 - 2008-01-20 20:24 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\vsstrace.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\GuidedHelp.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000068608 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\KMSVC.DLL 2008-01-20 20:24 - 2008-01-20 20:24 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\napdsnap.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\EAPQEC.DLL 2008-01-20 20:24 - 2008-01-20 20:24 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\MuiUnattend.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\driverquery.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\DHCPQEC.DLL 2008-01-20 20:24 - 2008-01-20 20:24 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000065024 _____ (Microsoft Corporation) C:\Windows\system32\w32tm.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000065024 _____ (Microsoft Corporation) C:\Windows\system32\getmac.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\spbcd.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\findnetprinters.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\dxva2.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\cmicryptinstall.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys 2008-01-20 20:24 - 2008-01-20 20:24 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\ntlanman.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000062976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspptp.sys 2008-01-20 20:24 - 2008-01-20 20:24 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\winethc.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys 2008-01-20 20:24 - 2008-01-20 20:24 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\colbact.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\dhcpsapi.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rspndr.sys 2008-01-20 20:24 - 2008-01-20 20:24 - 000060124 _____ C:\Windows\system32\tcpmon.ini 2008-01-20 20:24 - 2008-01-20 20:24 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\alg.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000058936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fileinfo.sys 2008-01-20 20:24 - 2008-01-20 20:24 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000058880 _____ (Microsoft Corporation) C:\Windows\bfsvc.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\remotepg.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\cryptdll.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\wscmisetup.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\vga256.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\tbssvc.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\graftabl.com 2008-01-20 20:24 - 2008-01-20 20:24 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000054272 _____ (Microsoft Corporation) C:\Windows\system32\fwcfg.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\l2gpstore.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\PNPXAssocPrx.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\msident.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\d3dxof.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\inetmib1.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\expand.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\NapiNSP.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\gacinstall.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000049664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys 2008-01-20 20:24 - 2008-01-20 20:24 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\net.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\ncobjapi.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\dnshc.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\bcdprov.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipfltdrv.sys 2008-01-20 20:24 - 2008-01-20 20:24 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\cmutil.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\syssetup.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\Sens.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lltdio.sys 2008-01-20 20:24 - 2008-01-20 20:24 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\cfgbkend.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\pdhui.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\NAPCRYPT.DLL 2008-01-20 20:24 - 2008-01-20 20:24 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\ucsvc.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\g711codc.ax 2008-01-20 20:24 - 2008-01-20 20:24 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\dot3dlg.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\mmcss.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\dot3api.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\sppnp.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\regini.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\rshx32.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\TimeDateMUICallback.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\dot3gpclnt.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000042496 _____ (Microsoft Corporation) C:\Windows\system32\osblprov.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\vdmredir.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\setupcl.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpremove.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\eappprxy.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\RegCtrl.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\psbase.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\lnkstub.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000039936 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\rasphone.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\xolehlp.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\sfc_os.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000038400 _____ (Microsoft Corporation) C:\Windows\system32\runonce.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\xcopy.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\esentprf.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\ComputerDefaults.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\UI0Detect.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys 2008-01-20 20:24 - 2008-01-20 20:24 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\SecEdit.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\mspatcha.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\dispci.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\waitfor.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\RpcPing.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\napipsec.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000032768 _____ (Microsoft Corporation) C:\Windows\system32\cmlua.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\modem.sys 2008-01-20 20:24 - 2008-01-20 20:24 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\cmcfg32.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\utildll.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\shutdown.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\dsauth.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000029184 _____ (Microsoft Corporation) C:\Windows\system32\profprov.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000029184 _____ (Microsoft Corporation) C:\Windows\system32\ndfetw.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys 2008-01-20 20:24 - 2008-01-20 20:24 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\odbcbcp.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\unattendedjoin.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\AzSqlExt.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000027648 _____ (Microsoft Corporation) C:\Windows\system32\olesvr32.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\filetrace.sys 2008-01-20 20:24 - 2008-01-20 20:24 - 000027136 _____ (Microsoft Corporation) C:\Windows\system32\sxstrace.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000027136 _____ (Microsoft Corporation) C:\Windows\system32\mtxlegih.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000027136 _____ (Microsoft Corporation) C:\Windows\system32\icacls.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000026624 _____ (Microsoft Corporation) C:\Windows\system32\wtsapi32.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000026624 _____ (Microsoft Corporation) C:\Windows\system32\mfcsubs.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\idndl.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\cmpbk32.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\netcfg.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\LangCleanupSysprepAction.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\userinit.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\Nlsdl.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vga.sys 2008-01-20 20:24 - 2008-01-20 20:24 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tape.sys 2008-01-20 20:24 - 2008-01-20 20:24 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\at.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000024120 _____ (Microsoft Corporation) C:\Windows\system32\BOOTVID.DLL 2008-01-20 20:24 - 2008-01-20 20:24 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\amxread.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\wmiprop.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\fmifs.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\upnpcont.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\netiougc.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\sxsstore.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\mtxdm.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000021504 _____ (Microsoft Corporation) C:\Windows\system32\vga64k.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000021504 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000021048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spldr.sys 2008-01-20 20:24 - 2008-01-20 20:24 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys 2008-01-20 20:24 - 2008-01-20 20:24 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys 2008-01-20 20:24 - 2008-01-20 20:24 - 000020480 _____ (Microsoft Corporation) C:\Windows\system32\RacAgent.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\perfnet.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\osbaseln.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\lsmproxy.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\eventcls.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\ias.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mcd.sys 2008-01-20 20:24 - 2008-01-20 20:24 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\dmutil.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000018432 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\PlaySndSrv.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdpipe.sys 2008-01-20 20:24 - 2008-01-20 20:24 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\capisp.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\perfts.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\iashost.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smclib.sys 2008-01-20 20:24 - 2008-01-20 20:24 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\asyncmac.sys 2008-01-20 20:24 - 2008-01-20 20:24 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\convert.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\cfgmgr32.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\WINSRPC.DLL 2008-01-20 20:24 - 2008-01-20 20:24 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\pots.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys 2008-01-20 20:24 - 2008-01-20 20:24 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\xmlprovi.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys 2008-01-20 20:24 - 2008-01-20 20:24 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\spopk.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sfc.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ws2ifsl.sys 2008-01-20 20:24 - 2008-01-20 20:24 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\rasctrs.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\PING.EXE 2008-01-20 20:24 - 2008-01-20 20:24 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TUNMP.SYS 2008-01-20 20:24 - 2008-01-20 20:24 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\winnsi.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\hnetmon.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\tsddd.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\cmstplua.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\localui.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\icsunattend.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\apilogen.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\mountvol.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\fdPHost.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxapi.sys 2008-01-20 20:24 - 2008-01-20 20:24 - 000013312 _____ (Microsoft Corporation) C:\Windows\fveupdate.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\batt.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\avrt.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\ktmw32.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000012198 _____ C:\Windows\system32\gatherWiredInfo.vbs 2008-01-20 20:24 - 2008-01-20 20:24 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\InfDefaultInstall.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\framebuf.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasacd.sys 2008-01-20 20:24 - 2008-01-20 20:24 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\usbperf.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\vga.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\txfw32.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\pnpts.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\KBDJPN.DLL 2008-01-20 20:24 - 2008-01-20 20:24 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\KBDKOR.DLL 2008-01-20 20:24 - 2008-01-20 20:24 - 000009216 _____ (Microsoft Corporation) C:\Windows\system32\WSHTCPIP.DLL 2008-01-20 20:24 - 2008-01-20 20:24 - 000009216 _____ (Microsoft Corporation) C:\Windows\system32\wship6.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000009216 _____ (Microsoft Corporation) C:\Windows\system32\LogonUI.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\rdpcfgex.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\msidle.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\riched32.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\nsi.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\iprtprio.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rootmdm.sys 2008-01-20 20:24 - 2008-01-20 20:24 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys 2008-01-20 20:24 - 2008-01-20 20:24 - 000007680 _____ (Microsoft Corporation) C:\Windows\system32\spwizres.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\CertEnrollCtrl.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPENCDD.sys 2008-01-20 20:24 - 2008-01-20 20:24 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPCDD.sys 2008-01-20 20:24 - 2008-01-20 20:24 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\csrss.exe 2008-01-20 20:24 - 2008-01-20 20:24 - 000006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mstee.sys 2008-01-20 20:24 - 2008-01-20 20:24 - 000005888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspclock.sys 2008-01-20 20:24 - 2008-01-20 20:24 - 000005504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspqm.sys 2008-01-20 20:24 - 2008-01-20 20:24 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\wertargets.wtl 2008-01-20 20:24 - 2008-01-20 20:24 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\dmdskres2.dll 2008-01-20 20:24 - 2008-01-20 20:24 - 000001820 _____ C:\Windows\system32\rasctrnm.h 2008-01-20 20:23 - 2013-10-29 20:13 - 001304064 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll 2008-01-20 20:23 - 2011-05-05 10:01 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\hcrstco.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 009847296 _____ (Microsoft Corporation) C:\Windows\system32\NlsData000a.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 008139264 _____ (Microsoft Corporation) C:\Windows\system32\ssBranded.scr 2008-01-20 20:23 - 2008-01-20 20:23 - 004875776 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0009.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 004497408 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0019.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 004495360 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0816.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 004495360 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0416.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 004495360 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0414.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 004495360 _____ (Microsoft Corporation) C:\Windows\system32\NlsData001d.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 004495360 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0010.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 003466752 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0013.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 003104768 _____ (Microsoft Corporation) C:\Windows\system32\NlsData004e.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 003104768 _____ (Microsoft Corporation) C:\Windows\system32\NlsData004c.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 003104768 _____ (Microsoft Corporation) C:\Windows\system32\NlsData004b.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 003104768 _____ (Microsoft Corporation) C:\Windows\system32\NlsData004a.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 002657280 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0011.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 002643456 _____ (Microsoft Corporation) C:\Windows\system32\NlsData000c.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 002599936 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0001.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 002588160 _____ (Microsoft Corporation) C:\Windows\system32\UIHub.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 002342912 _____ (Microsoft Corporation) C:\Windows\system32\NlsData000d.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 002243072 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0007.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 002225664 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETw3v32.sys 2008-01-20 20:23 - 2008-01-20 20:23 - 001965056 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0c1a.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 001965056 _____ (Microsoft Corporation) C:\Windows\system32\NlsData081a.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 001965056 _____ (Microsoft Corporation) C:\Windows\system32\NlsData001b.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 001965056 _____ (Microsoft Corporation) C:\Windows\system32\NlsData001a.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 001965056 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0018.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 001965056 _____ (Microsoft Corporation) C:\Windows\system32\NlsData000f.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 001965056 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0003.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 001965056 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0002.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 001801216 _____ (Microsoft Corporation) C:\Windows\system32\NlsData003e.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 001801216 _____ (Microsoft Corporation) C:\Windows\system32\NlsData002a.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 001675264 _____ (Microsoft Corporation) C:\Windows\system32\xpssvcs.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 001523712 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0000.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 001370624 _____ (Microsoft Corporation) C:\Windows\system32\Aurora.scr 2008-01-20 20:23 - 2008-01-20 20:23 - 001298432 _____ (Microsoft Corporation) C:\Windows\system32\TMM.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000987648 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\VSTDPV3.SYS 2008-01-20 20:23 - 2008-01-20 20:23 - 000913408 _____ (Microsoft Corporation) C:\Windows\system32\WlanMM.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000879616 _____ (Microsoft Corporation) C:\Windows\system32\Bubbles.scr 2008-01-20 20:23 - 2008-01-20 20:23 - 000805888 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000798208 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000730624 _____ (Microsoft Corporation) C:\Windows\system32\sdengin2.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000691200 _____ (Microsoft Corporation) C:\Windows\system32\TabletPC.cpl 2008-01-20 20:23 - 2008-01-20 20:23 - 000669696 _____ (Microsoft Corporation) C:\Windows\system32\netprof.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000654336 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\VSTCNXT3.SYS 2008-01-20 20:23 - 2008-01-20 20:23 - 000628224 _____ (Microsoft Corporation) C:\Windows\system32\WLanConn.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000531456 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000506880 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL 2008-01-20 20:23 - 2008-01-20 20:23 - 000498688 _____ (Microsoft Corporation) C:\Windows\system32\wlandlg.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000475648 _____ (Microsoft Corporation) C:\Windows\system32\msidcrl30.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000443904 _____ (Microsoft Corporation) C:\Windows\system32\wiashext.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000442368 _____ (Microsoft Corporation) C:\Windows\system32\joy.cpl 2008-01-20 20:23 - 2008-01-20 20:23 - 000442368 _____ (Microsoft Corporation) C:\Windows\system32\filemgmt.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000415744 _____ (Microsoft Corporation) C:\Windows\system32\wiadefui.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000396288 _____ (Microsoft Corporation) C:\Windows\system32\shrpubw.exe 2008-01-20 20:23 - 2008-01-20 20:23 - 000391680 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ADEC.DLL 2008-01-20 20:23 - 2008-01-20 20:23 - 000386560 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000383488 _____ (Microsoft Corporation) C:\Windows\system32\WinSATAPI.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000368640 _____ (Microsoft Corporation) C:\Windows\system32\desk.cpl 2008-01-20 20:23 - 2008-01-20 20:23 - 000357888 _____ (Microsoft Corporation) C:\Windows\system32\wbemcomn.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl 2008-01-20 20:23 - 2008-01-20 20:23 - 000318976 _____ (Microsoft Corporation) C:\Windows\system32\cmd.exe 2008-01-20 20:23 - 2008-01-20 20:23 - 000294912 _____ (Microsoft Corporation) C:\Windows\system32\ssText3d.scr 2008-01-20 20:23 - 2008-01-20 20:23 - 000281600 _____ (Microsoft Corporation) C:\Windows\system32\qdv.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000267264 _____ (Microsoft Corporation) C:\Windows\system32\NAPSTAT.EXE 2008-01-20 20:23 - 2008-01-20 20:23 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\qwave.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000240128 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000229888 _____ (Microsoft Corporation) C:\Windows\system32\lsm.exe 2008-01-20 20:23 - 2008-01-20 20:23 - 000221184 _____ (Microsoft Corporation) C:\Windows\system32\Mystify.scr 2008-01-20 20:23 - 2008-01-20 20:23 - 000220672 _____ (Microsoft Corporation) C:\Windows\system32\Ribbons.scr 2008-01-20 20:23 - 2008-01-20 20:23 - 000219648 _____ (Microsoft Corporation) C:\Windows\system32\apircl.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000218112 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgrade.exe 2008-01-20 20:23 - 2008-01-20 20:23 - 000212992 _____ (Microsoft Corporation) C:\Windows\system32\msdt.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\mdminst.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000204800 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000202240 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000200704 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\VSTAZL3.SYS 2008-01-20 20:23 - 2008-01-20 20:23 - 000198656 _____ (Microsoft Corporation) C:\Windows\system32\apss.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000193024 _____ (Microsoft Corporation) C:\Windows\system32\recdisc.exe 2008-01-20 20:23 - 2008-01-20 20:23 - 000192000 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe 2008-01-20 20:23 - 2008-01-20 20:23 - 000192000 _____ (Microsoft Corporation) C:\Windows\system32\qcap.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000192000 _____ (Microsoft Corporation) C:\Windows\system32\bitsadmin.exe 2008-01-20 20:23 - 2008-01-20 20:23 - 000178688 _____ (Microsoft Corporation) C:\Windows\system32\dmime.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000175616 _____ (Microsoft Corporation) C:\Windows\system32\syncui.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\WSTPager.ax 2008-01-20 20:23 - 2008-01-20 20:23 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\mssha.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000164864 _____ (Microsoft Corporation) C:\Windows\system32\VBICodec.ax 2008-01-20 20:23 - 2008-01-20 20:23 - 000162304 _____ (Microsoft Corporation) C:\Windows\system32\msdt.exe 2008-01-20 20:23 - 2008-01-20 20:23 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\MSAC3ENC.DLL 2008-01-20 20:23 - 2008-01-20 20:23 - 000159232 _____ (Microsoft Corporation) C:\Windows\system32\dinput8.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000157696 _____ (Microsoft Corporation) C:\Windows\system32\keymgr.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000146944 _____ (Microsoft Corporation) C:\Windows\system32\RstrtMgr.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000144909 _____ C:\Windows\system32\fsmgmt.msc 2008-01-20 20:23 - 2008-01-20 20:23 - 000142904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys 2008-01-20 20:23 - 2008-01-20 20:23 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\icsfiltr.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000141611 _____ C:\Windows\system32\Drivers\VSTProf.cty 2008-01-20 20:23 - 2008-01-20 20:23 - 000141572 _____ C:\Windows\system32\Drivers\VSTSProf.cty 2008-01-20 20:23 - 2008-01-20 20:23 - 000134016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys 2008-01-20 20:23 - 2008-01-20 20:23 - 000133972 _____ C:\Windows\system32\Drivers\VSTDProf.cty 2008-01-20 20:23 - 2008-01-20 20:23 - 000133528 _____ C:\Windows\system32\Drivers\VSTEProf.cty 2008-01-20 20:23 - 2008-01-20 20:23 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\dmvdsitf.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000127488 _____ (Microsoft Corporation) C:\Windows\system32\SoundRecorder.exe 2008-01-20 20:23 - 2008-01-20 20:23 - 000126976 _____ (Microsoft Corporation) C:\Windows\system32\msdart.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000120832 _____ (Microsoft Corporation) C:\Windows\system32\WLanHC.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000118784 _____ (Intel Corporation) C:\Windows\system32\Drivers\E1G60I32.sys 2008-01-20 20:23 - 2008-01-20 20:23 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\wiadss.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\iscsiexe.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000110592 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000110080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys 2008-01-20 20:23 - 2008-01-20 20:23 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\sdrsvc.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\sdshext.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000097280 _____ (Microsoft Corporation) C:\Windows\system32\OptionalFeatures.exe 2008-01-20 20:23 - 2008-01-20 20:23 - 000096768 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe 2008-01-20 20:23 - 2008-01-20 20:23 - 000096768 _____ (Microsoft Corp.) C:\Windows\system32\dfrgfat.exe 2008-01-20 20:23 - 2008-01-20 20:23 - 000096312 _____ (LSI Logic) C:\Windows\system32\Drivers\lsi_scsi.sys 2008-01-20 20:23 - 2008-01-20 20:23 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\xwtpw32.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\mobsync.exe 2008-01-20 20:23 - 2008-01-20 20:23 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\migisol.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000094776 _____ (Microsoft Corporation) C:\Windows\system32\MigAutoPlay.exe 2008-01-20 20:23 - 2008-01-20 20:23 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\Tabbtn.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\wlancfg.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000091648 _____ (Microsoft Corporation) C:\Windows\system32\btpanui.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\txflog.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\wiascanprofiles.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\wiaacmgr.exe 2008-01-20 20:23 - 2008-01-20 20:23 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\dmscript.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\bootcfg.exe 2008-01-20 20:23 - 2008-01-20 20:23 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\ACW.exe 2008-01-20 20:23 - 2008-01-20 20:23 - 000080384 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000074240 _____ (Microsoft Corporation) C:\Windows\system32\wlanext.exe 2008-01-20 20:23 - 2008-01-20 20:23 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\wzcdlg.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys 2008-01-20 20:23 - 2008-01-20 20:23 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\loghours.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\kstvtune.ax 2008-01-20 20:23 - 2008-01-20 20:23 - 000068608 _____ (Microsoft Corporation) C:\Windows\system32\shgina.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000068608 _____ (Microsoft Corporation) C:\Windows\system32\DFDWiz.exe 2008-01-20 20:23 - 2008-01-20 20:23 - 000067072 _____ (Microsoft Corporation) C:\Windows\system32\HelpPaneProxy.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\iscsiwmi.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000062976 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\tabcal.exe 2008-01-20 20:23 - 2008-01-20 20:23 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\dfrgifc.exe 2008-01-20 20:23 - 2008-01-20 20:23 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\vfwwdm32.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe 2008-01-20 20:23 - 2008-01-20 20:23 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys 2008-01-20 20:23 - 2008-01-20 20:23 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\extrac32.exe 2008-01-20 20:23 - 2008-01-20 20:23 - 000052792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys 2008-01-20 20:23 - 2008-01-20 20:23 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\brcplsdw.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\TabbtnEx.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\umb.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\takeown.exe 2008-01-20 20:23 - 2008-01-20 20:23 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\WavDest.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\ksxbar.ax 2008-01-20 20:23 - 2008-01-20 20:23 - 000042496 _____ (Microsoft Corporation) C:\Windows\system32\dmocx.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys 2008-01-20 20:23 - 2008-01-20 20:23 - 000041472 _____ (Microsoft) C:\Windows\system32\WlanMmHC.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys 2008-01-20 20:23 - 2008-01-20 20:23 - 000039936 _____ (Microsoft Corporation) C:\Windows\system32\dfdts.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000038400 _____ (Microsoft Corporation) C:\Windows\system32\dmloader.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000035384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys 2008-01-20 20:23 - 2008-01-20 20:23 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\dimsjob.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys 2008-01-20 20:23 - 2008-01-20 20:23 - 000034360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys 2008-01-20 20:23 - 2008-01-20 20:23 - 000032768 _____ (Microsoft Corporation) C:\Windows\system32\wiarpc.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000032768 _____ (Microsoft Corporation) C:\Windows\system32\dispex.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000031288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys 2008-01-20 20:23 - 2008-01-20 20:23 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\vbisurf.ax 2008-01-20 20:23 - 2008-01-20 20:23 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\qwavedrv.sys 2008-01-20 20:23 - 2008-01-20 20:23 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\rdrleakdiag.exe 2008-01-20 20:23 - 2008-01-20 20:23 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\sxproxy.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\iscsium.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\AtBroker.exe 2008-01-20 20:23 - 2008-01-20 20:23 - 000027648 _____ (Microsoft Corporation) C:\Windows\system32\syskey.exe 2008-01-20 20:23 - 2008-01-20 20:23 - 000026624 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000026624 _____ (Microsoft Corporation) C:\Windows\system32\cofiredm.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\vss_ps.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe 2008-01-20 20:23 - 2008-01-20 20:23 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vgapnp.sys 2008-01-20 20:23 - 2008-01-20 20:23 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\Netplwiz.exe 2008-01-20 20:23 - 2008-01-20 20:23 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\cacls.exe 2008-01-20 20:23 - 2008-01-20 20:23 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fdc.sys 2008-01-20 20:23 - 2008-01-20 20:23 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys 2008-01-20 20:23 - 2008-01-20 20:23 - 000021504 _____ (Microsoft Corporation) C:\Windows\system32\svchost.exe 2008-01-20 20:23 - 2008-01-20 20:23 - 000020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys 2008-01-20 20:23 - 2008-01-20 20:23 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys 2008-01-20 20:23 - 2008-01-20 20:23 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys 2008-01-20 20:23 - 2008-01-20 20:23 - 000017976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmilib.sys 2008-01-20 20:23 - 2008-01-20 20:23 - 000017976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelide.sys 2008-01-20 20:23 - 2008-01-20 20:23 - 000016440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys 2008-01-20 20:23 - 2008-01-20 20:23 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\wsock32.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\serialui.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\nbtstat.exe 2008-01-20 20:23 - 2008-01-20 20:23 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\bridgeunattend.exe 2008-01-20 20:23 - 2008-01-20 20:23 - 000015288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys 2008-01-20 20:23 - 2008-01-20 20:23 - 000015181 _____ C:\Windows\system32\gatherWirelessInfo.vbs 2008-01-20 20:23 - 2008-01-20 20:23 - 000014208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CmBatt.sys 2008-01-20 20:23 - 2008-01-20 20:23 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\ktmutil.exe 2008-01-20 20:23 - 2008-01-20 20:23 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\setupSNK.exe 2008-01-20 20:23 - 2008-01-20 20:23 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irenum.sys 2008-01-20 20:23 - 2008-01-20 20:23 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bdasup.sys 2008-01-20 20:23 - 2008-01-20 20:23 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\sbunattend.exe 2008-01-20 20:23 - 2008-01-20 20:23 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\wscproxystub.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\iscsied.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umpass.sys 2008-01-20 20:23 - 2008-01-20 20:23 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\sdspres.dll 2008-01-20 20:23 - 2008-01-20 20:23 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\beep.sys 2008-01-20 20:23 - 2008-01-20 20:23 - 000005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys 2008-01-20 20:23 - 2008-01-20 20:23 - 000004608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\null.sys 2008-01-20 20:23 - 2008-01-20 20:23 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\bootstr.dll 2008-01-20 20:03 - 2008-01-20 20:27 - 000458752 _____ C:\Windows\system32\InstallPackage_ETW.Log.perf 2008-01-20 20:03 - 2008-01-20 20:27 - 000458752 _____ C:\Windows\system32\InstallPackage_ETW.Log.dpx 2007-07-11 19:49 - 2018-10-30 18:35 - 000000000 ____D C:\Windows\Panther 2007-06-05 01:30 - 2007-06-05 01:30 - 000041296 ____R (Microsoft Corporation) C:\Windows\system32\hlp95en.dll 2007-04-24 19:51 - 2018-10-29 10:46 - 000000000 ____D C:\Temp 2007-04-23 10:50 - 2007-04-23 10:50 - 000025896 _____ (Windows ® Codename Longhorn DDK provider) C:\Windows\system32\Drivers\RtlProt.sys 2007-04-10 15:11 - 2007-04-10 15:11 - 000511328 _____ (Microsoft Corporation) C:\Windows\system32\capicom.dll 2007-03-25 20:10 - 2007-03-25 20:10 - 000000000 ____D C:\Windows\Quicky Translator 2007-03-25 20:08 - 2016-01-05 15:13 - 007001859 _____ C:\Users\Public\Documents\windows.exe 2007-03-25 17:18 - 2007-03-25 20:15 - 000000000 ____D C:\Users\Angela\AppData\Local\gmsd_us_005010200 2007-03-25 17:18 - 2007-03-25 20:11 - 000000000 ____D C:\Program Files\gmsd_us_005010200 2007-03-24 17:20 - 2007-03-24 17:24 - 000000000 ____D C:\Users\Angela\AppData\Local\gmsd_us_005010199 2007-03-24 17:20 - 2007-03-24 17:21 - 000000000 ____D C:\Program Files\gmsd_us_005010199 2007-03-24 17:18 - 2007-03-24 17:18 - 000000000 ____D C:\ProgramData\LolliScan 2007-03-24 17:17 - 2018-10-31 01:11 - 000000000 ____D C:\ProgramData\Service1291 2007-03-24 17:17 - 2007-03-24 17:17 - 000000000 ____D C:\ProgramData\28341ff220e0446c9fff27c4493d622e 2007-03-24 17:17 - 2007-03-20 00:11 - 000000344 ____H C:\Windows\Tasks\UOEJSMCMOGWSTARU.job 2007-03-20 03:32 - 2015-07-21 14:55 - 001206192 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2007-03-20 03:32 - 2015-07-21 10:07 - 003605440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2007-03-20 03:32 - 2015-07-21 10:07 - 003553216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2007-03-20 03:32 - 2015-07-21 10:07 - 000140224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys 2007-03-20 03:32 - 2015-07-21 10:07 - 000056256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2007-03-20 03:32 - 2015-07-21 10:03 - 000564224 _____ (Microsoft Corporation) C:\Windows\system32\emdmgmt.dll 2007-03-20 03:32 - 2015-07-21 10:03 - 000049664 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2007-03-20 03:32 - 2015-07-21 10:03 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll 2007-03-20 03:09 - 2015-07-18 10:03 - 000068608 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll 2007-03-20 02:19 - 2007-03-20 02:19 - 000000008 _____ C:\END 2007-03-20 02:18 - 2018-10-30 23:22 - 000000000 ____D C:\Program Files\74697254-1174378719-2D2D-2D2D-0003254135CB 2007-03-20 02:17 - 2007-03-20 02:17 - 000000000 ____D C:\Program Files\QualityChecker 2007-03-20 02:08 - 2018-10-29 21:10 - 000000000 ____D C:\ProgramData\c6b12a7f-37b5-0 2007-03-20 02:08 - 2018-10-29 21:10 - 000000000 ____D C:\ProgramData\c6b12a7f-0753-1 2007-03-20 02:06 - 2018-10-31 00:55 - 000000000 ____D C:\Users\Angela\AppData\Roaming\Genius 2007-03-20 02:05 - 2018-10-31 01:11 - 000000000 ____D C:\Users\Angela\AppData\Roaming\Sixth 2007-03-20 02:05 - 2018-10-31 01:11 - 000000000 ____D C:\Users\Angela\AppData\Roaming\Seventh 2007-03-20 02:05 - 2007-03-20 02:05 - 000000000 ____D C:\Users\Angela\AppData\Roaming\FunFeedr 2007-03-20 02:05 - 2007-03-20 02:05 - 000000000 ____D C:\Users\Angela\AppData\Roaming\Common 2007-03-20 01:56 - 2018-10-29 10:52 - 000000000 ____D C:\Users\Angela\AppData\Roaming\systweak 2007-03-20 01:56 - 2015-11-20 19:27 - 000017840 _____ () C:\Windows\system32\roboot.exe 2007-03-20 01:56 - 2007-03-20 01:56 - 050987008 _____ C:\Windows\ocsetup_install_OEMHelpCustomization.etl 2007-03-20 01:56 - 2007-03-20 01:56 - 000301936 _____ (Microsoft Corporation) C:\Windows\WLXPGSS.SCR 2007-03-20 01:56 - 2007-03-20 01:56 - 000196608 _____ C:\Windows\ocsetup_cbs_install_OEMHelpCustomization.perf 2007-03-20 01:56 - 2007-03-20 01:56 - 000065536 _____ C:\Windows\ocsetup_cbs_install_OEMHelpCustomization.dpx 2007-03-20 01:56 - 2007-03-20 01:56 - 000008192 ___RS C:\BOOTSECT.BAK 2007-03-20 01:56 - 2007-03-20 01:56 - 000002400 _____ C:\Windows\MOD01OPK0400860001.enc 2007-03-20 01:56 - 2007-03-20 01:56 - 000002060 _____ C:\Windows\MOD01SET0J00860005.enc 2007-03-20 01:56 - 2007-03-20 01:56 - 000001976 _____ C:\Windows\MOD01SET000000009E.enc 2007-03-20 01:56 - 2007-03-20 01:56 - 000000045 _____ C:\user.js 2007-03-20 01:56 - 2007-03-20 01:56 - 000000016 _____ C:\Windows\popcinfo.dat 2007-03-20 01:56 - 2007-03-20 01:56 - 000000010 _____ C:\Windows\CSUP.TXT 2007-03-20 01:50 - 2007-03-20 01:50 - 000000000 ___HD C:\Users\Public\Documents\SystemData 2007-03-20 01:50 - 2007-03-20 01:50 - 000000000 ____D C:\Program Files\Windows Network Services 2007-03-20 01:48 - 2018-10-30 17:20 - 000000000 ____D C:\Users\Angela\AppData\Local\gmsd_us_005010193 2007-03-20 01:48 - 2007-03-25 20:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP 2007-03-20 01:48 - 2007-03-20 01:49 - 000000000 ____D C:\Program Files\gmsd_us_005010193 2007-03-20 01:46 - 2007-03-20 01:46 - 000000000 ____D C:\ProgramData\Xoiihrsematu 2007-03-20 01:45 - 2018-10-29 21:10 - 000000000 ____D C:\ProgramData\ca85ed86-3fd5-1 2007-03-20 01:45 - 2018-10-29 21:10 - 000000000 ____D C:\ProgramData\ca85ed86-30a1-0 2007-03-20 01:42 - 2018-10-30 13:01 - 000000000 ____D C:\ProgramData\DataFile 2007-03-20 01:23 - 2018-10-30 13:13 - 000000000 ____D C:\Users\Angela\AppData\Roaming\chrome 2007-03-20 01:02 - 2007-03-20 01:03 - 000009977 _____ C:\Users\Angela\Desktop\FRST.txt 2007-03-20 01:02 - 2007-03-20 01:02 - 000000000 ____D C:\FRST 2007-03-20 01:01 - 2018-10-31 11:00 - 001774592 _____ (Farbar) C:\Users\Angela\Desktop\FRST.exe 2007-03-20 00:12 - 2007-03-20 00:12 - 000078032 ____N (Absolute Software Corp.) C:\Windows\system32\rpcnet.exe 2007-03-20 00:12 - 2007-03-20 00:12 - 000078032 _____ (Absolute Software Corp.) C:\Windows\system32\rpcnet.dll 2007-03-20 00:05 - 2007-03-20 00:12 - 000017408 _____ C:\Windows\system32\rpcnetp.exe 2007-03-20 00:05 - 2007-03-20 00:11 - 000017408 _____ C:\Windows\system32\rpcnetp.dll ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-10-31 01:34 - 2006-11-02 07:01 - 000032572 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2018-10-30 19:00 - 2006-11-02 05:18 - 000000000 ___SD C:\Windows\Downloaded Program Files 2018-10-30 16:17 - 2006-11-02 06:47 - 000345464 _____ C:\Windows\system32\FNTCACHE.DAT 2015-11-18 14:10 - 2006-11-02 06:37 - 000000000 ____D C:\Windows\system32\XPSViewer 2015-07-28 11:01 - 2006-11-02 04:24 - 129304528 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe 2015-06-12 03:52 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\rescache 2015-05-16 10:56 - 2006-11-02 06:37 - 000000000 ____D C:\Program Files\Windows Journal 2015-04-13 14:17 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\Resources 2015-03-04 19:00 - 2006-11-02 04:23 - 000000246 _____ C:\Windows\win.ini 2013-10-28 20:10 - 2006-11-02 06:37 - 000000000 ___RD C:\Users\Public\Recorded TV 2013-05-31 12:30 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\LiveKernelReports 2012-04-03 03:04 - 2006-11-02 05:18 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2012-02-23 11:36 - 2006-11-02 05:18 - 000000000 ___RD C:\Windows\Offline Web Pages 2012-02-23 11:36 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\PolicyDefinitions 2012-02-23 11:05 - 2006-11-02 00:32 - 000008798 _____ C:\Windows\system32\icrav03.rat 2012-02-23 11:05 - 2006-11-02 00:32 - 000001988 _____ C:\Windows\system32\ticrf.rat 2012-02-20 23:10 - 2006-11-02 04:22 - 042729472 _____ C:\Windows\system32\config\software_previous 2012-02-20 23:10 - 2006-11-02 04:22 - 021233664 _____ C:\Windows\system32\config\system_previous 2012-02-20 23:09 - 2006-11-02 05:18 - 000000000 __RSD C:\Windows\Media 2012-02-20 23:09 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\system32\spool 2012-02-20 23:09 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\system32\Msdtc 2012-02-20 23:09 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\registration 2012-02-20 23:04 - 2006-11-02 04:22 - 039845888 _____ C:\Windows\system32\config\components_previous 2012-02-20 23:04 - 2006-11-02 04:22 - 000262144 _____ C:\Windows\system32\config\sam_previous 2012-02-20 15:12 - 2006-11-02 04:22 - 000524288 _____ C:\Windows\system32\config\default_previous 2012-02-20 14:21 - 2006-11-02 04:22 - 000262144 _____ C:\Windows\system32\config\security_previous 2011-11-19 04:01 - 2006-11-02 05:18 - 000000000 ____D C:\Program Files\Common Files\System 2011-05-05 10:01 - 2006-11-02 02:55 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\hccoin.dll 2010-08-12 03:22 - 2006-11-02 06:37 - 000000000 ____D C:\Program Files\Movie Maker 2009-11-17 04:20 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\system32\lv-LV 2009-11-17 04:20 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\system32\lt-LT 2009-11-17 04:20 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\system32\et-EE 2009-10-30 15:03 - 2006-11-02 06:50 - 000001661 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk 2009-10-28 03:09 - 2006-11-02 06:37 - 000000000 ____D C:\Program Files\Windows Sidebar 2009-10-28 03:09 - 2006-11-02 06:37 - 000000000 ____D C:\Program Files\Windows Photo Gallery 2009-10-28 03:09 - 2006-11-02 06:37 - 000000000 ____D C:\Program Files\Windows Defender 2009-10-28 03:09 - 2006-11-02 06:37 - 000000000 ____D C:\Program Files\Windows Collaboration 2009-10-28 03:09 - 2006-11-02 06:37 - 000000000 ____D C:\Program Files\Windows Calendar 2009-10-28 03:09 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\system32\SLUI 2009-10-28 03:09 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\system32\setup 2009-10-28 03:09 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\system32\oobe 2009-10-28 03:09 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\system32\migwiz 2009-10-28 03:09 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\system32\manifeststore 2009-10-28 03:09 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\system32\AdvancedInstallers 2009-10-28 03:09 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\servicing 2009-10-28 03:09 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\IME 2009-07-14 17:26 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\Help 2009-05-13 14:29 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\system32\NDF 2009-04-11 00:32 - 2006-11-02 04:25 - 000177128 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll 2009-04-11 00:32 - 2006-11-02 02:30 - 000177128 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll 2009-04-11 00:32 - 2006-11-02 02:30 - 000140776 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll 2009-03-11 22:58 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\system32\sysprep 2009-03-11 22:46 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\system 2009-02-23 20:28 - 2006-11-02 06:37 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2009-02-23 20:09 - 2006-11-02 06:37 - 000000000 ____D C:\Windows\ShellNew 2009-02-23 18:35 - 2006-11-02 06:37 - 000262144 _____ C:\Windows\system32\config\BCD-Template 2008-01-20 21:14 - 2006-11-02 04:22 - 016846848 _____ C:\Windows\system32\config\COMPONENTS.SAV 2008-01-20 21:14 - 2006-11-02 04:22 - 000106496 _____ C:\Windows\system32\config\DEFAULT.SAV 2008-01-20 21:14 - 2006-11-02 04:22 - 000020480 _____ C:\Windows\system32\config\SECURITY.SAV 2008-01-20 20:58 - 2006-11-02 06:47 - 000039936 _____ C:\Windows\system32\umstartup.etl 2008-01-20 20:44 - 2006-11-02 06:47 - 000279552 _____ C:\Windows\system32\umstartup000.etl 2008-01-20 20:43 - 2006-11-02 06:50 - 000000749 ___RH C:\Windows\WindowsShell.Manifest 2008-01-20 20:42 - 2006-11-02 06:55 - 000001743 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk 2008-01-20 20:42 - 2006-11-02 05:18 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Extras and Upgrades 2008-01-20 20:34 - 2006-11-02 06:37 - 000000000 ____D C:\Windows\DigitalLocker 2008-01-20 20:34 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\system32\ras 2008-01-20 20:34 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\system32\icsxml 2008-01-20 20:34 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\system32\ias 2008-01-20 20:34 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\system32\com 2008-01-20 20:34 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\MSAgent 2008-01-20 20:34 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\L2Schemas 2008-01-20 20:26 - 2006-11-02 04:32 - 000101888 _____ (Infineon Technologies AG) C:\Windows\system32\ifxcardm.dll 2008-01-20 20:26 - 2006-11-02 04:32 - 000082432 _____ (Gemalto, Inc.) C:\Windows\system32\axaltocm.dll 2008-01-20 20:23 - 2006-11-02 03:04 - 000022632 _____ (Microsoft Corporation) C:\Windows\system32\streamci.dll 2008-01-20 20:23 - 2006-11-02 03:03 - 000248832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys 2008-01-20 20:23 - 2006-11-02 02:55 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\circlass.sys 2008-01-20 20:23 - 2006-11-02 02:54 - 000022072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wd.sys 2008-01-20 20:23 - 2006-11-02 02:52 - 000105016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys 2008-01-20 20:23 - 2006-11-02 02:52 - 000094776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys 2008-01-20 20:23 - 2006-11-02 02:52 - 000024632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crcdisk.sys 2008-01-20 20:23 - 2006-11-02 02:52 - 000019000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i2omgmt.sys 2008-01-20 20:23 - 2006-11-02 02:51 - 000030264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i2omp.sys 2008-01-20 20:23 - 2006-11-02 02:51 - 000020024 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viaide.sys 2008-01-20 20:23 - 2006-11-02 02:51 - 000019000 _____ (CMD Technology, Inc.) C:\Windows\system32\Drivers\cmdide.sys 2008-01-20 20:23 - 2006-11-02 02:51 - 000017976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdide.sys 2008-01-20 20:23 - 2006-11-02 02:51 - 000017464 _____ (Acer Laboratories Inc.) C:\Windows\system32\Drivers\aliide.sys 2008-01-20 20:23 - 2006-11-02 02:51 - 000016440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys 2008-01-20 20:23 - 2006-11-02 02:51 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys 2008-01-20 20:23 - 2006-11-02 02:51 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys 2008-01-20 20:23 - 2006-11-02 02:51 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffdisk.sys 2008-01-20 20:23 - 2006-11-02 02:51 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_mmc.sys 2008-01-20 20:23 - 2006-11-02 02:51 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys 2008-01-20 20:23 - 2006-11-02 02:42 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys 2008-01-20 20:23 - 2006-11-02 02:38 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\kbd106.dll 2008-01-20 20:23 - 2006-11-02 02:35 - 000109112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS 2008-01-20 20:23 - 2006-11-02 02:35 - 000061496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\GAGP30KX.SYS 2008-01-20 20:23 - 2006-11-02 02:35 - 000060984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS 2008-01-20 20:23 - 2006-11-02 02:35 - 000059448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UAGP35.SYS 2008-01-20 20:23 - 2006-11-02 02:35 - 000057400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AMDAGP.SYS 2008-01-20 20:23 - 2006-11-02 02:35 - 000056888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VIAAGP.SYS 2008-01-20 20:23 - 2006-11-02 02:35 - 000056376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys 2008-01-20 20:23 - 2006-11-02 02:35 - 000055864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\SISAGP.SYS 2008-01-20 20:23 - 2006-11-02 02:35 - 000049720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys 2008-01-20 20:23 - 2006-11-02 02:35 - 000028216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\battc.sys 2008-01-20 20:23 - 2006-11-02 02:35 - 000020792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\compbatt.sys 2008-01-20 20:23 - 2006-11-02 02:35 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys 2008-01-20 20:23 - 2006-11-02 02:30 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys 2008-01-20 20:23 - 2006-11-02 02:30 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\viac7.sys 2008-01-20 20:23 - 2006-11-02 02:30 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk7.sys 2008-01-20 20:23 - 2006-11-02 02:30 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys 2008-01-20 20:23 - 2006-11-02 02:30 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crusoe.sys 2008-01-20 20:23 - 2006-11-02 01:36 - 001122360 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql2300.sys 2008-01-20 20:23 - 2006-11-02 01:36 - 000422968 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adp94xx.sys 2008-01-20 20:23 - 2006-11-02 01:36 - 000342584 _____ (Emulex) C:\Windows\system32\Drivers\elxstor.sys 2008-01-20 20:23 - 2006-11-02 01:36 - 000300600 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpahci.sys 2008-01-20 20:23 - 2006-11-02 01:36 - 000238648 _____ (ULi Electronics Inc.) C:\Windows\system32\Drivers\uliahci.sys 2008-01-20 20:23 - 2006-11-02 01:36 - 000235064 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys 2008-01-20 20:23 - 2006-11-02 01:36 - 000149560 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpu320.sys 2008-01-20 20:23 - 2006-11-02 01:36 - 000130616 _____ (VIA Technologies Inc.,Ltd) C:\Windows\system32\Drivers\vsmraid.sys 2008-01-20 20:23 - 2006-11-02 01:36 - 000115816 _____ (Promise Technology, Inc.) C:\Windows\system32\Drivers\ulsata2.sys 2008-01-20 20:23 - 2006-11-02 01:36 - 000102968 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys 2008-01-20 20:23 - 2006-11-02 01:36 - 000101432 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpu160m.sys 2008-01-20 20:23 - 2006-11-02 01:36 - 000096312 _____ (LSI Logic) C:\Windows\system32\Drivers\lsi_fc.sys 2008-01-20 20:23 - 2006-11-02 01:36 - 000089656 _____ (LSI Logic) C:\Windows\system32\Drivers\lsi_sas.sys 2008-01-20 20:23 - 2006-11-02 01:36 - 000079928 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arcsas.sys 2008-01-20 20:23 - 2006-11-02 01:36 - 000079416 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arc.sys 2008-01-20 20:23 - 2006-11-02 01:36 - 000074808 _____ (Silicon Integrated Systems) C:\Windows\system32\Drivers\sisraid4.sys 2008-01-20 20:23 - 2006-11-02 01:36 - 000045112 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys 2008-01-20 20:23 - 2006-11-02 01:36 - 000041016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sisraid2.sys 2008-01-20 20:23 - 2006-11-02 01:36 - 000040504 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\HpCISSs.sys 2008-01-20 20:23 - 2006-11-02 01:36 - 000031288 _____ (LSI Corporation) C:\Windows\system32\Drivers\megasas.sys 2007-03-20 00:53 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\ModemLogs 2007-03-20 00:42 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\inf 2007-03-20 00:42 - 2006-11-02 04:33 - 000759582 _____ C:\Windows\system32\PerfStringBackup.INI 2007-03-20 00:11 - 2006-11-02 06:47 - 000004384 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2007-03-20 00:11 - 2006-11-02 06:47 - 000004384 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2007-03-20 00:10 - 2006-11-02 07:01 - 000000006 ____H C:\Windows\Tasks\SA.DAT ==================== Files in the root of some directories ======= 2009-11-25 14:35 - 2009-11-25 14:35 - 000087608 _____ () C:\Users\Angela\AppData\Roaming\inst.exe 2009-11-25 14:35 - 2009-11-25 14:35 - 000007887 _____ () C:\Users\Angela\AppData\Roaming\pcouffin.cat 2009-11-25 14:35 - 2009-11-25 14:35 - 000001144 _____ () C:\Users\Angela\AppData\Roaming\pcouffin.inf 2009-11-25 14:36 - 2009-11-25 14:36 - 000000034 _____ () C:\Users\Angela\AppData\Roaming\pcouffin.log 2009-11-25 14:35 - 2009-11-25 14:35 - 000047360 _____ (VSO Software) C:\Users\Angela\AppData\Roaming\pcouffin.sys 2018-10-29 10:54 - 2018-10-30 16:22 - 000000680 _____ () C:\Users\Angela\AppData\Local\d3d9caps.dat 2009-04-29 01:07 - 2014-10-24 10:23 - 000010240 _____ () C:\Users\Angela\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-10-28 20:10 - 2013-10-28 20:10 - 000000079 _____ () C:\Users\Angela\AppData\Local\DVDPATH.TXT Files to move or delete: ==================== C:\Windows\Tasks\{05040C47-0805-0C05-0B11-0B0E05041109}.job C:\Windows\Tasks\{080A7E47-0B08-0B0F-0411-0A047D0E1178}.job ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2007-03-20 00:16 ==================== End of FRST.txt ============================ Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24.10.2018 Ran by Angela (20-03-2007 01:04:22) Running from C:\Users\Angela\Desktop Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2009-03-12 04:40:50) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2860630475-1531993715-2310474269-500 - Administrator - Disabled) Angela (S-1-5-21-2860630475-1531993715-2310474269-1000 - Administrator - Enabled) => C:\Users\Angela Guest (S-1-5-21-2860630475-1531993715-2310474269-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Malwarebytes (Disabled - Out of date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Disabled - Out of date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) CyberLink Power2Go (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.5.4316 - CyberLink Corp.) D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Gateway Games (HKLM\...\WildTangent gateway Master Uninstall) (Version: 1.0.0.71 - WildTangent) Gateway Recovery Management (HKLM\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 3.1.3003 - Acer Incorporated) IDT Audio (HKLM\...\{07D8511D-C9FE-4A93-933F-EAA5C8F20095}) (Version: 5.10.5303.0 - IDT) Illustrated Guide to Veterinary Medical Terminology, 3e (HKLM\...\Illustrated Guide to Veterinary Medical Terminology, 3e_is1) (Version: - Cengage Delmar Learning) ImTOO DVD Creator (HKLM\...\ImTOO DVD Creator) (Version: 3.0.45.1127 - ImTOO) Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation) Magic DVD Copier Version 5.0.1 (HKLM\...\Magic DVD Copier_is1) (Version: - Magic DVD Software, Inc.) Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Web Publishing Wizard 1.52 (HKLM\...\WebPost) (Version: - ) Microsoft Works (HKLM\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation) MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) NETGEAR WNA1000M Wireless USB 2.0 Adapter (HKLM\...\{62F7B391-E2B2-4714-BBAA-A14E4FAAB95C}) (Version: 1.01.10 - NETGEAR) Hidden NETGEAR WNA1000M Wireless USB 2.0 Adapter (HKLM\...\InstallShield_{62F7B391-E2B2-4714-BBAA-A14E4FAAB95C}) (Version: 1.01.10 - NETGEAR) OGA Notifier 2.0.0048.0 (HKLM\...\{B2544A03-10D0-4E5E-BA69-0362FFC20D18}) (Version: 2.0.0048.0 - Microsoft Corporation) Hidden Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek) Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: - Realtek Semiconductor Corp.) Segoe UI (HKLM\...\{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}) (Version: 15.4.2271.0615 - Microsoft Corp) Hidden Setup (HKLM\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) <==== ATTENTION Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 9.1.3.0 - Synaptics) Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live Sync (HKLM\...\{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}) (Version: 14.0.8064.206 - Microsoft Corporation) WLTB Custom Buttons (HKLM\...\{C6522325-92ED-4312-A45A-04E45896C130}) (Version: 1.0.0 - Microsoft) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2008-09-01] (Intel Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {00FF43E5-657C-4B78-B399-7ACBEF0A3292} - System32\Tasks\Seventh => C:\Users\Angela\AppData\Roaming\Seventh\Seventh.exe <==== ATTENTION Task: {022DEE05-561E-4CA8-9E66-5E15E40FA6C9} - System32\Tasks\DNSTANNERSVILLE => dnstannersville.exe <==== ATTENTION Task: {033CCE13-BDD9-4CB1-9DA7-D727FDDC0E42} - System32\Tasks\avayvaxvaa => C:\Users\Angela\AppData\Local\avayvaxvaa\avayvaxvaa.exe [2015-02-19] () <==== ATTENTION Task: {2C48990D-9649-4BD7-8E9F-DD99174E6408} - System32\Tasks\Genius_Interval => C:\Users\Angela\AppData\Roaming\Genius\Genius.exe Task: {38F1B313-1F9E-486F-81E2-B88C8BA48973} - System32\Tasks\Genius => C:\Users\Angela\AppData\Roaming\Genius\Genius.exe <==== ATTENTION Task: {4A7287A7-CBDE-4977-BBA9-40E905E65DC6} - System32\Tasks\UOEJSMCMOGWSTARU => C:\ProgramData\Service1291\Service1291.exe <==== ATTENTION Task: {7473E943-FB5B-440C-9CD4-744ADF747E12} - System32\Tasks\Xoiihrsematu => C:\ProgramData\Xoiihrsematu\1.0.7.1\boofssix.exe Task: {A241D5E1-D344-4097-8319-D5932BEE465A} - System32\Tasks\{05040C47-0805-0C05-0B11-0B0E05041109} => C:\Windows\system32\WindowsPowershell\v1.0\powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand JABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQA9ACIAcwB0AG8AcAAiADsAJABzAGMAPQAiAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAIgA7ACQAVwBhAHIAbgBpAG4AZwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFAAcgBvAGcA (the data entry has 9364 more characters). <==== ATTENTION Task: {B35A6A11-D772-4D2D-B6D3-7664D58A3EE5} - System32\Tasks\One System Care Task => C:\PROGRA~1\ONESYS~1\SYSTEM~1.EXE <==== ATTENTION Task: {B643A498-2E30-4C67-B841-A7AEDD004C4B} - System32\Tasks\Sixth => C:\Users\Angela\AppData\Roaming\Sixth\Sixth.exe <==== ATTENTION Task: {DC5A0A70-9FE1-4847-8DC5-34F54A2B5E3B} - System32\Tasks\System Healer Task => C:\PROGRA~1\SYSTEM~1\RESCUE~1.EXE <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\UOEJSMCMOGWSTARU.job => C:\ProgramData\Service1291\Service1291.exe <==== ATTENTION Task: C:\Windows\Tasks\{05040C47-0805-0C05-0B11-0B0E05041109}.job => powershell exe Task: C:\Windows\Tasks\{080A7E47-0B08-0B0F-0411-0A047D0E1178}.job => powershell exe ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-08-24 10:03 - 2015-08-24 10:03 - 000482816 _____ () C:\Program Files\74697254-1425516543-2D2D-2D2D-0003254135CB\knsj6E67.tmp 2009-03-11 22:48 - 2008-06-11 12:18 - 000024576 _____ () C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe 2009-03-11 22:48 - 2009-03-11 22:48 - 000032768 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Model.Controller\3.0.3009.0__14bcaafdb44b5951\Framework.Model.Controller.dll 2009-03-11 22:48 - 2009-03-11 22:48 - 000009216 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3009.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll 2009-03-11 22:48 - 2009-03-11 22:48 - 000061440 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3009.0__3036420f80dd6947\Framework.Library.dll 2009-03-11 22:48 - 2009-03-11 22:48 - 000015360 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Host\3.0.3009.0__672b450de5a7e94a\Framework.Host.dll 2009-03-11 22:48 - 2009-03-11 22:48 - 000006144 _____ () C:\Windows\assembly\GAC_MSIL\Framework.PluginInterface\3.0.3009.0__9ecdf03bb2054f94\Framework.PluginInterface.dll 2009-03-11 22:48 - 2009-03-11 22:48 - 000036864 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3009.0__4df5dcab8860d239\Framework.Utility.dll 2015-03-04 18:49 - 2015-03-04 18:49 - 000193536 _____ () C:\Users\Angela\AppData\Roaming\74697254-1425516543-2D2D-2D2D-0003254135CB\jnsqBF1A.tmp 2011-01-27 15:13 - 2011-01-27 15:13 - 000226624 _____ () C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe 2011-06-30 22:23 - 2011-06-30 22:23 - 000167936 _____ () C:\Program Files\NETGEAR\WNA1000M\WlanWpsSvc.exe 2011-01-27 15:13 - 2011-01-27 15:13 - 000673088 _____ () C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:7631EA83 [118] AlternateDataStreams: C:\ProgramData\TEMP:9AB56A06 [122] AlternateDataStreams: C:\ProgramData\TEMP:C46995DA [286] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2006-11-02 04:23 - 2007-03-20 02:16 - 000000904 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2860630475-1531993715-2310474269-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Angela\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg DNS Servers: 75.75.75.75 - 75.75.76.76 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 0) Windows Firewall is disabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. MSCONFIG\Services: sprtsvc_quickcare => 2 MSCONFIG\Services: SupportSoft RemoteAssist => 3 MSCONFIG\Services: tgsrvc_quickcare => 2 MSCONFIG\Services: wbsvc => 2 ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe ==================== Restore Points ========================= 30-10-2018 23:39:08 Removed Itibiti RTC ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== System errors: ============= Error: (03/20/2007 12:26:02 AM) (Source: W32Time) (EventID: 34) (User: ) Description: The time service has detected that the system time needs to be changed by +366631237 seconds. The time service will not change the system time by more than +54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->13.65.245.138:123) is working properly. CodeIntegrity: =================================== Date: 2007-03-20 01:04:16.776 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system. Date: 2007-03-20 01:04:15.903 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system. Date: 2007-03-20 01:04:15.060 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system. Date: 2007-03-20 01:04:14.202 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system. Date: 2007-03-20 01:03:23.221 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system. Date: 2007-03-20 01:03:22.239 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system. Date: 2007-03-20 01:03:21.381 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system. Date: 2007-03-20 01:03:20.460 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel® Pentium® Dual CPU T3400 @ 2.16GHz Percentage of memory in use: 51% Total physical RAM: 2037.69 MB Available physical RAM: 981.96 MB Total Virtual: 4314.66 MB Available Virtual: 3269.61 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:222.88 GB) (Free:162.68 GB) NTFS ==>[drive with boot components (obtained from BCD)] \\?\Volume{b27fdb1c-0ebe-11de-9864-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:10 GB) (Free:3.18 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 232.9 GB) (Disk ID: 88A5A4A5) Partition 1: (Not Active) - (Size=10 GB) - (Type=27) Partition 2: (Active) - (Size=222.9 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================ # ------------------------------- # Malwarebytes AdwCleaner 7.2.4.0 # ------------------------------- # Build: 09-25-2018 # Database: 2018-09-21.1 (Local) # Support: Customer Support & Help Center # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 03-20-2007 # Duration: 00:00:13 # OS: Windows Vista Home Premium # Cleaned: 144 # Failed: 23 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** Deleted C:\Program Files\SearchProtect Deleted C:\ProgramData\SERVICE1291 Deleted C:\ProgramData\CA85ED86-4687-1 Deleted C:\ProgramData\CA85ED86-3FD5-1 Deleted C:\ProgramData\CA85ED86-30A1-0 Deleted C:\ProgramData\C6B12A7F-37B5-0 Deleted C:\ProgramData\C6B12A7F-08A7-1 Deleted C:\ProgramData\C6B12A7F-0753-1 Deleted C:\ProgramData\LolliScan Deleted C:\Users\Angela\AppData\LocalLow\FunWebProducts Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pogo Games Deleted C:\Users\Angela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pogo Games Deleted C:\Program Files\QualityChecker Deleted C:\Users\Angela\AppData\Roaming\FunFeedr Deleted C:\Users\Angela\AppData\Roaming\Sixth Deleted C:\Users\Angela\AppData\Roaming\Seventh Deleted C:\Users\Angela\AppData\Roaming\Common\LuaRT Deleted C:\Users\Angela\AppData\Local\avayvaxvaa Deleted C:\Program Files\WSE_Binkiland Deleted C:\Windows\System32\config\systemprofile\AppData\Local\WebBar Deleted C:\Program Files\predm Deleted C:\Program Files\globalUpdate Deleted C:\Users\Angela\AppData\Local\globalUpdate Deleted C:\Windows\Quicky Translator Deleted C:\Users\Angela\AppData\Roaming\Systweak Deleted C:\Users\Angela\AppData\LocalLow\COMPANY\PRODUCT Deleted C:\Windows\System32\config\systemprofile\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A} Deleted C:\Users\Angela\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A} Deleted C:\Program Files\SHOPPERZ Deleted C:\Program Files\GMSD_US_005010200 Deleted C:\Program Files\GMSD_US_005010199 Deleted C:\Program Files\GMSD_US_005010193 ***** [ Files ] ***** Deleted C:\Windows\System32\drivers\{A55667F1-A319-4629-A8B6-A68D9D3313EE}GT.SYS Deleted C:\Windows\System32\roboot.exe Deleted C:\END Deleted C:\Windows\System32\drivers\sp_rsdrv2.sys Deleted C:\Windows\System32\drivers\SPPD.sys Deleted C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb Deleted C:\Windows\System32\BasementDusterOff.ini ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** Deleted C:\Windows\Tasks\{080A7E47-0B08-0B0F-0411-0A047D0E1178}.job Deleted C:\Windows\Tasks\{05040C47-0805-0C05-0B11-0B0E05041109}.job Deleted C:\Windows\Tasks\UOEJSMCMOGWSTARU.job Deleted C:\Windows\System32\Tasks\{05040C47-0805-0C05-0B11-0B0E05041109} Deleted C:\Windows\System32\Tasks\UOEJSMCMOGWSTARU Deleted C:\Windows\System32\Tasks\DNSTANNERSVILLE Deleted C:\Windows\System32\Tasks\Genius_Interval Deleted C:\Windows\System32\Tasks\avayvaxvaa Deleted C:\Windows\System32\Tasks\One System Care Task Deleted C:\Windows\System32\Tasks\System Healer Task Deleted C:\Windows\System32\Tasks\Sixth Deleted C:\Windows\System32\Tasks\Seventh Deleted C:\Windows\System32\Tasks\Genius ***** [ Registry ] ***** Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564 Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchProtect Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{05040C47-0805-0C05-0B11-0B0E05041109} Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UOEJSMCMOGWSTARU Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{022DEE05-561E-4CA8-9E66-5E15E40FA6C9} Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{022DEE05-561E-4CA8-9E66-5E15E40FA6C9} Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DNSTANNERSVILLE Deleted HKLM\Software\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5} Deleted HKLM\Software\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB} Deleted HKLM\Software\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66} Deleted HKLM\Software\Classes\AppID\{A5BBB804-8009-4246-BED3-2D3335981EF6} Deleted HKLM\Software\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Deleted HKCU\Software\Reg\Clean Deleted HKLM\Software\Reg\Clean Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Consumer Input Installer Deleted HKLM\Software\CompeteInc Deleted HKCU\Software\AppDataLow\Software\{3BDFD1D7-7A9B-4D29-80B3-D00E66E62885} Deleted HKCU\Software\{3BDFD1D7-7A9B-4D29-80B3-D00E66E62885} Deleted HKLM\Software\{3BDFD1D7-7A9B-4D29-80B3-D00E66E62885} Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FlashBeat Deleted HKCU\Software\AppDataLow\Software\Crossrider Deleted HKLM\Software\AppDataLow\Software\Crossrider Deleted HKU\S-1-5-18\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_ Deleted HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_ Deleted HKU\S-1-5-18\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_ Deleted HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_ Deleted HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E Deleted HKCU\Software\AppDataLow\Software\DynConIE Deleted HKCU\Software\AppDataLow\Sams.Browser Deleted HKCU\Software\FunFeedr Deleted HKCU\Software\AppDataLow\Software\FunWebProducts Deleted HKLM\Software\GAMESDESKTOP Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2C48990D-9649-4BD7-8E9F-DD99174E6408} Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C48990D-9649-4BD7-8E9F-DD99174E6408} Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Genius_Interval Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SpaceSoundPro Deleted HKCU\Software\SpaceSoundPro Deleted HKCU\Software\CoinisRS Deleted HKCU\Software\FFUPD Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SU Deleted HKCU\Software\YahooPartnerToolbar Deleted HKCU\Software\powerpack Deleted HKCU\Software\GlobalUpdate Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Deleted HKLM\Software\WebBar Deleted HKCU\Software\WSE_Binkiland Deleted HKLM\Software\SPPDCOM Deleted HKCU\Software\QualityChecker Deleted HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_reporter_tool.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb Deleted HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_removal_tool.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb Deleted HKLM\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Custom\iexplore.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb Deleted HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\firefox.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb Deleted HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\chrome.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\SetupDataMngr_iMesh.exe Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\SetupDataMngr_iLivid.exe Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\SearchProtectionStub.exe Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\SearchProtectionSetup.exe Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\Layers\VC32Ldr Deleted HKLM\Software\Classes\CLSID\{8FF10FED-2F0A-4F7F-BE87-B04F1DCD4319} Deleted HKLM\Software\Classes\AppID\{4AC9981D-592D-4044-8C0A-8F6FE843D683} Deleted HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{21FA44EF-376D-4D53-9B0F-8A89D3229068} Deleted HKLM\Software\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8} Deleted HKLM\Software\Classes\AppID\{425F4ABF-B8E4-402D-9E49-06E494EB8DBF} Deleted HKLM\Software\Classes\TypeLib\{B5C4833B-847B-49CD-8EBE-CDD9B43C882F} Deleted HKLM\Software\Classes\TypeLib\{14EF423E-3EE8-44AE-9337-07AC3F27B744} Deleted HKLM\Software\Classes\Interface\{EE0D8859-2ED4-4B0D-9812-16865B9AFD65} Deleted HKLM\Software\Classes\Interface\{A9582D7B-F24A-441D-9D26-450D58F3CD17} Deleted HKLM\Software\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6} Deleted HKLM\Software\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762} Deleted HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{033CCE13-BDD9-4CB1-9DA7-D727FDDC0E42} Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{033CCE13-BDD9-4CB1-9DA7-D727FDDC0E42} Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avayvaxvaa Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B35A6A11-D772-4D2D-B6D3-7664D58A3EE5} Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B35A6A11-D772-4D2D-B6D3-7664D58A3EE5} Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\One System Care Task Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DC5A0A70-9FE1-4847-8DC5-34F54A2B5E3B} Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC5A0A70-9FE1-4847-8DC5-34F54A2B5E3B} Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\System Healer Task Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\services\wbsvc Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes|DoNotAskAgain Deleted HKLM\Software\Microsoft\Internet Explorer\SearchScopes|DoNotAskAgain Deleted HKCU\Software\tstamptoken Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC} Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\OneSystemCare Deleted HKCU\Software\PROPCCleanerLanguage Deleted HKCU\Software\PRODUCTSETUP Deleted HKCU\Software\REG\CLEAN\pro Deleted HKLM\Software\REG\CLEAN\pro Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\InstalledsDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd} Deleted HKCU\Software\Genius Deleted HKCU\Software\Classes\Software\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09} Deleted HKU\S-1-5-18\Software\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09} Deleted HKCU\Software\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09} Deleted HKU\S-1-5-20\Software\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09} Deleted HKU\S-1-5-19\Software\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09} Deleted HKU\.DEFAULT\Software\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09} Deleted HKU\S-1-5-18\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\shopperz Deleted HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\shopperz Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B643A498-2E30-4C67-B841-A7AEDD004C4B} Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Sixth Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{00FF43E5-657C-4B78-B399-7ACBEF0A3292} Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Seventh Deleted HKCU\Software\systweak Deleted HKLM\Software\systweak Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SystemHealer Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38F1B313-1F9E-486F-81E2-B88C8BA48973} Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Genius Deleted HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\explorer.xxx|{8A4D5A43-C64A-45AB-BDF4-804FE18CEAFD}.SDB Deleted HKCU\Software\TutoTag Deleted HKCU\Software\Tutorials Deleted HKLM\Software\Tutorials Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage Deleted HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|wb.exe ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[s00].txt - [17358 octets] - [20/03/2007 01:11:07] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ########## Quote "Confucius could give answer to that. Unfortunately, Confucius not here at moment.”
ExTS Admin Starbuck Posted October 31, 2018 ExTS Admin Posted October 31, 2018 Hi Rustys, You've got a good one there lol. It's been well and truly abused. First thing to do is to set the clock. Both FRST and AdwCleaner are both showing: Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24.10.2018 Ran by Angela (administrator) on ANGELA-PC (20-03-2007 01:02:34) ----------------- Malwarebytes AdwCleaner 7.2.4.0 # ------------------------------- # Build: 09-25-2018 # Database: 2018-09-21.1 (Local) # Support: Customer Support & Help Center # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 03-20-2007 Before trying to clean up the report, we need to hit this system with something a bit harder than AdwCleaner. Step 1 Please uninstall the following program: Setup (HKLM\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) <==== ATTENTION Step 2 Please download RogueKiller Anti-malware (Free) onto your desktop.Close all open programs and internet browsers. Double click on RogueKiller Anti-malware to install the tool. Vista/Windows 7/8/10 users right-click and select Run As Administrator. Select Accept the User Agreement then continue to click Next then finally click Install Click Finish . When the program opens..... click Scan Click Start Scan Double check anything found and tick to select items to be removed Click Remove Selected When the items have been removed.... Click Open Report >> Open TXT. Copy and paste that report into your next reply. Step 3 Re-run FRST and let me have a fresh set of reports ( after running Rogue Killer) In your next reply, please submit: Rogue Killer report Fresh set of FRST reports. Thanks. Quote Member of:UNITE
Rustys Posted October 31, 2018 Author Posted October 31, 2018 You've got a good one there lol. It's been well and truly abused. Step 1 Please uninstall the following program: Setup (HKLM\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) <==== ATTENTION Can not find any where want me to do the other scans now that the Clock and date are set (need to replace CMOS battery). Quote "Confucius could give answer to that. Unfortunately, Confucius not here at moment.”
ExTS Admin Starbuck Posted October 31, 2018 ExTS Admin Posted October 31, 2018 Yes, move on to the next steps. Quote Member of:UNITE
Rustys Posted October 31, 2018 Author Posted October 31, 2018 Hope they help... RogueKiller Anti-Malware V13.0.5.0 [Oct 31 2018] (Free) by Adlice Software mail : Contact - Adlice Software Website : RogueKiller Anti-Malware Free Download - Official Website Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits Started in : Normal mode User : Angela [Administrator] Started from : C:\Program Files\RogueKiller\RogueKiller.exe Mode : Standard Scan, Delete -- Date : 2018/10/31 17:12:41 (Duration : 00:51:19) Delete [PUP.Gen0 (Potentially Malicious)] knsj6E67.tmp -- %ProgramFiles%\74697254-1425516543-2D2D-2D2D-0003254135CB\knsj6E67.tmp -> Killed [TermThr] [PUP.Gen0 (Potentially Malicious)] jnsqBF1A.tmp -- %_Angela_appdata%\74697254-1425516543-2D2D-2D2D-0003254135CB\jnsqBF1A.tmp -> Killed [TermThr] [VT.Detected (Malicious)] AudioSrv.exe [Hefei Hejunzhengce Info Tech Co., Ltd.] -- %ProgramFiles%\Windows Audio\R1\AudioSrv.exe -> Killed [TermThr] [VT.Detected (Malicious)] wmnserv.exe -- %ProgramFiles%\Windows Network Services\v9\wmnserv.exe -> Killed [TermThr] [bad.Extension (Malicious)] igfxrENU.lrc [Microsoft Windows Hardware Compatibility Publisher] -- %SystemRoot%\System32\igfxrenu.lrc -> Unloaded [Adw.NetFilter (Malicious)] cherimoya -- %SystemRoot%\System32\drivers\cherimoya.sys -> Stopped [PUP.Gen0 (Potentially Malicious)] cyriryvo -- %ProgramFiles%\74697254-1425516543-2D2D-2D2D-0003254135CB\knsj6E67.tmp -> Stopped [PUP.Gen0 (Potentially Malicious)] gyviboxy -- %_Angela_appdata%\74697254-1425516543-2D2D-2D2D-0003254135CB\jnsqBF1A.tmp -> Stopped [VT.Detected (Malicious)] WinAudioSrv_R1 [Hefei Hejunzhengce Info Tech Co., Ltd.] -- %ProgramFiles%\Windows Audio\R1\AudioSrv.exe -> Stopped [VT.Detected (Malicious)] wmmserv_r11 -- %ProgramFiles%\Windows Network Services\v9\wmnserv.exe -> Stopped [suspicious.Path (Potentially Malicious)] \Xoiihrsematu -- "C:\ProgramData\Xoiihrsematu\1.0.7.1\boofssix.exe" ("/e=L3A9MjY0NjAxXi91PWE3OGRhMWI4MDU5YTQ4NDg4YTJmNjUzNzI4NjkxOGQ0Xi9kPWRvd25sb2FkdHZ0aW1lLmNvbV4vbj1UVlRNXi9hPVRWVGltZV4vdA==") -> Deleted [suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|LocalServiceNoNetwork -- PLA DPS BFE mpssvc ehstart -> Deleted [PUP.Gen0 (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\cherimoya -- -> Deleted [PUP.Gen0 (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\cyriryvo -- -> Deleted [PUP.Gen0 (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\gyviboxy -- -> Deleted [PUP.Gen0 (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\protect -- -> Deleted [PUP.Gen0 (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\cherimoya -- -> Deleted [PUP.Gen0 (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\cyriryvo -- -> Deleted [PUP.Gen0 (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\gyviboxy -- -> Deleted [PUP.Gen0 (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\protect -- -> Deleted [PUM.StartMenu (Potentially Malicious)] HKEY_USERS\S-1-5-21-2860630475-1531993715-2310474269-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowPrinters -- 0 -> Replaced (1) [PUM.StartMenu (Potentially Malicious)] HKEY_USERS\S-1-5-21-2860630475-1531993715-2310474269-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowRun -- 0 -> Replaced (1) [PUM.StartMenu (Potentially Malicious)] HKEY_USERS\S-1-5-21-2860630475-1531993715-2310474269-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowRecentDocs -- 0 -> Replaced (1) [PUM.StartMenu (Potentially Malicious)] HKEY_USERS\S-1-5-21-2860630475-1531993715-2310474269-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_TrackProgs -- 0 -> Replaced (1) [PUP.FlashBeat|PUP.Gen0|PUP.Gen1 (Potentially Malicious)] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs -- C:\ProgramData\FlashBeat\THIHPQ32.dll __C:\PROGRA~1\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL -> Replaced () [PUP.Gen0 (Potentially Malicious)] jnsqBF1A.tmp -- %_Angela_appdata%\74697254-1425516543-2D2D-2D2D-0003254135CB\jnsqBF1A.tmp -> Deleted [PUP.Gen1 (Potentially Malicious)] Genius -- %_Angela_appdata%\Genius -> Deleted [bitMiner.Gen0 (Malicious)] Optimizer -- %programdata%\Optimizer -> Deleted [PUP.Gen0 (Potentially Malicious)] 74697254-1174378719-2D2D-2D2D-0003254135CB -- %ProgramFiles%\74697254-1174378719-2D2D-2D2D-0003254135CB -> Deleted [PUP.Gen0 (Potentially Malicious)] 74697254-1425516543-2D2D-2D2D-0003254135CB -- %ProgramFiles%\74697254-1425516543-2D2D-2D2D-0003254135CB -> Deleted [PUP.Gen0 (Potentially Malicious)] 74697254-1174378719-2D2D-2D2D-0003254135CB -- %ProgramFiles%\74697254-1174378719-2D2D-2D2D-0003254135CB -> Removed at reboot [2] [PUP.Gen0 (Potentially Malicious)] 74697254-1425516543-2D2D-2D2D-0003254135CB -- %ProgramFiles%\74697254-1425516543-2D2D-2D2D-0003254135CB -> Removed at reboot [2] [PUP.Gen1 (Potentially Malicious)] Genius -- %_Angela_appdata%\Genius -> Removed at reboot [2] [Hj.Shortcut (Malicious)] N/A -- {2AA82634-4FEB-407B-8C66-59F04CC7B66A} -> Deleted Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24.10.2018 Ran by Angela (administrator) on ANGELA-PC (31-10-2018 17:17:20) Running from C:\Users\Angela\Desktop Loaded Profiles: Angela (Available Profiles: Angela) Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: English (United States) Internet Explorer Version 9 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Windows\System32\SLsvc.exe () C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe (Absolute Software Corp.) C:\Windows\System32\rpcnet.exe (SupportSoft, Inc.) C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe () C:\Program Files\NETGEAR\WNA1000M\WlanWpsSvc.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation) C:\Windows\ehome\ehtray.exe (Microsoft Corporation) C:\Windows\ehome\ehmsas.exe (Microsoft Corporation) C:\Windows\System32\mobsync.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKU\S-1-5-21-2860630475-1531993715-2310474269-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-20] (Microsoft Corporation) HKU\S-1-5-21-2860630475-1531993715-2310474269-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Aurora.scr [1370624 2008-01-20] (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 Tcpip\..\Interfaces\{4FBC5B6D-A7DA-42E7-B33A-E7180E83D7D1}: [DhcpNameServer] 75.75.75.75 75.75.76.76 Tcpip\..\Interfaces\{B70AE2D1-D67F-4712-BEEC-16719D97668E}: [DhcpNameServer] 75.75.75.75 75.75.76.76 Internet Explorer: ================== HKU\S-1-5-21-2860630475-1531993715-2310474269-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp SearchScopes: HKU\S-1-5-21-2860630475-1531993715-2310474269-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Toolbar: HKU\S-1-5-21-2860630475-1531993715-2310474269-1000 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation) FireFox: ======== FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-07] [Legacy] [not signed] FF HKLM\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension FF Extension: (Default Manager) - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2011-01-07] [Legacy] [not signed] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-10-30] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-10-30] (Google Inc.) Chrome: ======= StartMenuInternet: Google Chrome.L7J5TMSOM5SFHPIGRLQDE2HRWY - C:\Users\Angela\AppData\Local\Microsoft\Internet Explorer\Application\46.10.2479.3\switcher_ie.exe ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 ETService; C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe [24576 2008-06-11] () [File not signed] S3 GameConsoleService; C:\Program Files\Gateway Games\Gateway Game Console\GameConsoleService.exe [250616 2009-03-30] (WildTangent, Inc.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4753104 2018-05-09] (Malwarebytes) R2 rpcnet; C:\Windows\system32\rpcnet.exe [78032 2007-03-20] (Absolute Software Corp.) R2 sprtlisten; C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe [1213728 2008-01-08] (SupportSoft, Inc.) S2 WinAudioSrv_R1; C:\Program Files\Windows Audio\R1\AudioSrv.exe [4024920 2015-04-07] (Hefei Hejunzhengce Info Tech Co., Ltd.) R2 WlanWpsSvc; C:\Program Files\NETGEAR\WNA1000M\WlanWpsSvc.exe [167936 2011-06-30] () [File not signed] S2 wmmserv_r11; C:\Program Files\Windows Network Services\v9\wmnserv.exe [3402752 2015-11-17] (@Microsoft Corporation) [File not signed] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [128736 2018-04-26] (Malwarebytes) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [165088 2007-03-20] (Malwarebytes) R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [40160 2018-10-31] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [220896 2018-10-31] (Malwarebytes) R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [70264 2018-10-31] (Malwarebytes) S3 pneteth; C:\Windows\System32\DRIVERS\pneteth.sys [13440 2011-11-25] (June Fabrics Technology Inc.) S3 RTL8192cu; C:\Windows\System32\DRIVERS\WNA1000M.sys [700520 2011-01-31] (Realtek Semiconductor Corporation ) R1 RtlProt; C:\Windows\System32\DRIVERS\rtlprot.sys [25896 2007-04-23] (Windows ® Codename Longhorn DDK provider) R0 SymDS; C:\Windows\System32\drivers\NAV\1302000.00A\SYMDS.SYS [340088 2011-07-25] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\NAV\1302000.00A\SYMEFA.SYS [897656 2011-09-26] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [127096 2011-12-29] (Symantec Corporation) S1 SymIRON; C:\Windows\system32\drivers\NAV\1302000.00A\Ironx86.SYS [149624 2011-07-25] (Symantec Corporation) R1 SYMTDIv; C:\Windows\System32\Drivers\NAV\1302000.00A\SYMTDIV.SYS [344184 2011-07-25] (Symantec Corporation) S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [43520 2012-02-15] (Apple, Inc.) [File not signed] S3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [11776 2007-05-23] (Chicony Electronics Co., Ltd.) S3 IpInIp; system32\DRIVERS\ipinip.sys [X] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] S1 qrnfd_1_10_0_9; system32\drivers\qrnfd_1_10_0_9.sys [X] S1 swsedrvr_vt_1_10_0_29; system32\drivers\swsedrvr_vt_1_10_0_29.sys [X] S3 vzandnetdiag; system32\DRIVERS\lgvzandnetdiag.sys [X] S3 vzandnetdiag2; system32\DRIVERS\lgvzandnetdiag2.sys [X] S3 vzandnetmodem; system32\DRIVERS\lgvzandnetmdm.sys [X] S3 vzandnetndis; system32\DRIVERS\lgvzandnetndis.sys [X] S1 {a55667f1-a319-4629-a8b6-a68d9d3313ee}Gt; system32\drivers\{a55667f1-a319-4629-a8b6-a68d9d3313ee}Gt.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-10-31 17:16 - 2018-10-31 17:17 - 000018280 _____ C:\Users\Angela\Desktop\Addition.txt 2018-10-31 17:15 - 2018-10-31 17:17 - 000008979 _____ C:\Users\Angela\Desktop\FRST.txt 2018-10-31 17:13 - 2018-10-31 17:13 - 000010724 _____ C:\Users\Angela\Desktop\RogueKiller.txt 2018-10-31 16:13 - 2018-10-31 17:14 - 000000000 ____D C:\ProgramData\RogueKiller 2018-10-31 16:12 - 2018-10-31 17:15 - 000000000 ____D C:\Program Files\RogueKiller 2018-10-31 16:12 - 2018-10-31 16:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller 2018-10-31 16:12 - 2018-10-31 15:36 - 029185344 _____ (Adlice Software ) C:\Users\Angela\Desktop\RogueKiller_setup.exe 2018-10-31 00:40 - 2018-10-31 00:40 - 000001857 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2018-10-31 00:40 - 2018-10-31 00:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2018-10-31 00:40 - 2018-10-31 00:40 - 000000000 ____D C:\ProgramData\Malwarebytes 2018-10-31 00:40 - 2018-10-31 00:40 - 000000000 ____D C:\Program Files\Malwarebytes 2018-10-31 00:40 - 2018-04-26 05:36 - 000128736 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys 2018-10-31 00:39 - 2018-10-31 00:39 - 076534856 _____ (Malwarebytes ) C:\Users\Angela\Desktop\mb3-setup-legacywos-3.5.1.2522-1.0.365-1.0.5292.exe 2018-10-31 00:35 - 2018-10-31 00:35 - 007592144 _____ (Malwarebytes) C:\Users\Angela\Desktop\AdwCleaner.exe 2018-10-30 22:25 - 2018-10-30 22:25 - 000068072 _____ (Absolute Software Corp.) C:\Windows\system32\agremove.exe 2018-10-30 22:16 - 2018-10-30 22:16 - 000000302 _____ C:\3C4D.tmp 2018-10-30 16:39 - 2018-10-30 22:27 - 000000000 ____D C:\Users\Angela\Desktop\New Folder 2018-10-30 11:46 - 2018-10-30 13:15 - 000000000 ____D C:\Windows\pss 2018-10-29 10:54 - 2018-10-30 16:22 - 000000680 _____ C:\Users\Angela\AppData\Local\d3d9caps.dat ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-10-31 17:17 - 2007-03-20 01:02 - 000000000 ____D C:\FRST 2018-10-31 17:12 - 2015-03-04 18:49 - 000000000 ____D C:\Users\Angela\AppData\Roaming\74697254-1425516543-2D2D-2D2D-0003254135CB 2018-10-31 16:13 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\inf 2018-10-31 16:13 - 2006-11-02 04:33 - 000759582 _____ C:\Windows\system32\PerfStringBackup.INI 2018-10-31 16:02 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\ModemLogs 2018-10-31 15:34 - 2007-03-20 01:18 - 000070264 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2018-10-31 15:22 - 2009-03-11 22:48 - 000000000 _____ C:\Windows\system32\LogConfigTemp.xml 2018-10-31 15:22 - 2007-03-20 01:18 - 000220896 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2018-10-31 15:22 - 2007-03-20 01:18 - 000040160 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2018-10-31 15:22 - 2007-03-20 00:12 - 000078032 _____ (Absolute Software Corp.) C:\Windows\system32\rpcnet.dll 2018-10-31 15:22 - 2007-03-20 00:05 - 000017408 _____ C:\Windows\system32\rpcnetp.exe 2018-10-31 15:22 - 2006-11-02 07:01 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-10-31 15:22 - 2006-11-02 06:47 - 000004384 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2018-10-31 15:22 - 2006-11-02 06:47 - 000004384 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2018-10-31 11:00 - 2007-03-20 01:01 - 001774592 _____ (Farbar) C:\Users\Angela\Desktop\FRST.exe 2018-10-31 00:36 - 2015-06-25 09:42 - 000000000 _____ C:\Users\Angela\Documents\IE11-Windows6.1-x86-en-us.exe 2018-10-31 00:14 - 2010-01-05 15:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX320 series Manual 2018-10-30 23:47 - 2013-11-27 19:22 - 000000000 ____D C:\Users\Angela\AppData\Local\Downloaded Installations 2018-10-30 19:00 - 2006-11-02 05:18 - 000000000 ___SD C:\Windows\Downloaded Program Files 2018-10-30 18:50 - 2009-02-23 20:03 - 000000000 ___HD C:\Program Files\InstallShield Installation Information 2018-10-30 18:49 - 2009-07-14 17:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Print Shop 2018-10-30 18:35 - 2015-05-16 11:16 - 000000000 ____D C:\Windows\Minidump 2018-10-30 18:35 - 2014-01-27 12:10 - 000000000 ____D C:\Users\Angela\AppData\Local\CrashDumps 2018-10-30 18:35 - 2007-07-11 19:49 - 000000000 ____D C:\Windows\Panther 2018-10-30 18:27 - 2014-10-03 12:00 - 000000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 2018-10-30 18:18 - 2010-10-23 14:23 - 000000000 ___HD C:\ProgramData\CanonIJScan 2018-10-30 18:06 - 2009-07-14 20:44 - 000000000 ____D C:\Program Files\Oberon Media 2018-10-30 17:20 - 2007-03-20 01:48 - 000000000 ____D C:\Users\Angela\AppData\Local\gmsd_us_005010193 2018-10-30 16:17 - 2006-11-02 06:47 - 000345464 _____ C:\Windows\system32\FNTCACHE.DAT 2018-10-30 13:13 - 2015-04-07 12:10 - 000000000 ____D C:\Program Files\Internet Explorer 11 2018-10-30 13:13 - 2007-03-20 01:23 - 000000000 ____D C:\Users\Angela\AppData\Roaming\chrome 2018-10-30 13:01 - 2007-03-20 01:42 - 000000000 ____D C:\ProgramData\DataFile 2018-10-30 12:28 - 2009-05-18 17:18 - 000000000 ____D C:\Program Files\Common Files\supportsoft 2018-10-30 11:03 - 2010-10-04 13:02 - 000000000 ____D C:\Users\Angela\AppData\LocalLow\Macromedia 2018-10-30 11:03 - 2009-02-23 20:23 - 000000000 ____D C:\Windows\system32\Macromed 2018-10-29 10:54 - 2010-11-09 18:26 - 000000000 ____D C:\Users\Angela\AppData\Roaming\FrostWire 2018-10-29 10:46 - 2007-04-24 19:51 - 000000000 ____D C:\Temp ==================== Files in the root of some directories ======= 2009-11-25 14:35 - 2009-11-25 14:35 - 000087608 _____ () C:\Users\Angela\AppData\Roaming\inst.exe 2009-11-25 14:35 - 2009-11-25 14:35 - 000007887 _____ () C:\Users\Angela\AppData\Roaming\pcouffin.cat 2009-11-25 14:35 - 2009-11-25 14:35 - 000001144 _____ () C:\Users\Angela\AppData\Roaming\pcouffin.inf 2009-11-25 14:36 - 2009-11-25 14:36 - 000000034 _____ () C:\Users\Angela\AppData\Roaming\pcouffin.log 2009-11-25 14:35 - 2009-11-25 14:35 - 000047360 _____ (VSO Software) C:\Users\Angela\AppData\Roaming\pcouffin.sys 2018-10-29 10:54 - 2018-10-30 16:22 - 000000680 _____ () C:\Users\Angela\AppData\Local\d3d9caps.dat 2009-04-29 01:07 - 2014-10-24 10:23 - 000010240 _____ () C:\Users\Angela\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-10-28 20:10 - 2013-10-28 20:10 - 000000079 _____ () C:\Users\Angela\AppData\Local\DVDPATH.TXT ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2018-10-31 15:27 ==================== End of FRST.txt ============================ Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24.10.2018 Ran by Angela (31-10-2018 17:18:02) Running from C:\Users\Angela\Desktop Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2009-03-12 04:40:50) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2860630475-1531993715-2310474269-500 - Administrator - Disabled) Angela (S-1-5-21-2860630475-1531993715-2310474269-1000 - Administrator - Enabled) => C:\Users\Angela Guest (S-1-5-21-2860630475-1531993715-2310474269-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) CyberLink Power2Go (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.5.4316 - CyberLink Corp.) D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Gateway Games (HKLM\...\WildTangent gateway Master Uninstall) (Version: 1.0.0.71 - WildTangent) Gateway Recovery Management (HKLM\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 3.1.3003 - Acer Incorporated) IDT Audio (HKLM\...\{07D8511D-C9FE-4A93-933F-EAA5C8F20095}) (Version: 5.10.5303.0 - IDT) Illustrated Guide to Veterinary Medical Terminology, 3e (HKLM\...\Illustrated Guide to Veterinary Medical Terminology, 3e_is1) (Version: - Cengage Delmar Learning) ImTOO DVD Creator (HKLM\...\ImTOO DVD Creator) (Version: 3.0.45.1127 - ImTOO) Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation) Magic DVD Copier Version 5.0.1 (HKLM\...\Magic DVD Copier_is1) (Version: - Magic DVD Software, Inc.) Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Web Publishing Wizard 1.52 (HKLM\...\WebPost) (Version: - ) Microsoft Works (HKLM\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation) MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) NETGEAR WNA1000M Wireless USB 2.0 Adapter (HKLM\...\{62F7B391-E2B2-4714-BBAA-A14E4FAAB95C}) (Version: 1.01.10 - NETGEAR) Hidden NETGEAR WNA1000M Wireless USB 2.0 Adapter (HKLM\...\InstallShield_{62F7B391-E2B2-4714-BBAA-A14E4FAAB95C}) (Version: 1.01.10 - NETGEAR) OGA Notifier 2.0.0048.0 (HKLM\...\{B2544A03-10D0-4E5E-BA69-0362FFC20D18}) (Version: 2.0.0048.0 - Microsoft Corporation) Hidden Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek) Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: - Realtek Semiconductor Corp.) RogueKiller version 13.0.5.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 13.0.5.0 - Adlice Software) Segoe UI (HKLM\...\{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}) (Version: 15.4.2271.0615 - Microsoft Corp) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 9.1.3.0 - Synaptics) Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live Sync (HKLM\...\{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}) (Version: 14.0.8064.206 - Microsoft Corporation) WLTB Custom Buttons (HKLM\...\{C6522325-92ED-4312-A45A-04E45896C130}) (Version: 1.0.0 - Microsoft) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2008-09-01] (Intel Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {00FF43E5-657C-4B78-B399-7ACBEF0A3292} - \Seventh -> No File <==== ATTENTION Task: {022DEE05-561E-4CA8-9E66-5E15E40FA6C9} - \DNSTANNERSVILLE -> No File <==== ATTENTION Task: {033CCE13-BDD9-4CB1-9DA7-D727FDDC0E42} - \avayvaxvaa -> No File <==== ATTENTION Task: {2C48990D-9649-4BD7-8E9F-DD99174E6408} - \Genius_Interval -> No File <==== ATTENTION Task: {38F1B313-1F9E-486F-81E2-B88C8BA48973} - \Genius -> No File <==== ATTENTION Task: {4A7287A7-CBDE-4977-BBA9-40E905E65DC6} - \UOEJSMCMOGWSTARU -> No File <==== ATTENTION Task: {A241D5E1-D344-4097-8319-D5932BEE465A} - \{05040C47-0805-0C05-0B11-0B0E05041109} -> No File <==== ATTENTION Task: {B35A6A11-D772-4D2D-B6D3-7664D58A3EE5} - \One System Care Task -> No File <==== ATTENTION Task: {B643A498-2E30-4C67-B841-A7AEDD004C4B} - \Sixth -> No File <==== ATTENTION Task: {DC5A0A70-9FE1-4847-8DC5-34F54A2B5E3B} - \System Healer Task -> No File <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2009-03-11 22:48 - 2008-06-11 12:18 - 000024576 _____ () C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe 2009-03-11 22:48 - 2009-03-11 22:48 - 000032768 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Model.Controller\3.0.3009.0__14bcaafdb44b5951\Framework.Model.Controller.dll 2009-03-11 22:48 - 2009-03-11 22:48 - 000009216 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3009.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll 2009-03-11 22:48 - 2009-03-11 22:48 - 000061440 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3009.0__3036420f80dd6947\Framework.Library.dll 2009-03-11 22:48 - 2009-03-11 22:48 - 000015360 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Host\3.0.3009.0__672b450de5a7e94a\Framework.Host.dll 2009-03-11 22:48 - 2009-03-11 22:48 - 000006144 _____ () C:\Windows\assembly\GAC_MSIL\Framework.PluginInterface\3.0.3009.0__9ecdf03bb2054f94\Framework.PluginInterface.dll 2009-03-11 22:48 - 2009-03-11 22:48 - 000036864 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3009.0__4df5dcab8860d239\Framework.Utility.dll 2011-06-30 22:23 - 2011-06-30 22:23 - 000167936 _____ () C:\Program Files\NETGEAR\WNA1000M\WlanWpsSvc.exe 2018-10-31 00:40 - 2018-04-25 13:16 - 001930960 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2018-10-31 00:40 - 2018-04-30 12:54 - 001913552 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:7631EA83 [118] AlternateDataStreams: C:\ProgramData\TEMP:9AB56A06 [122] AlternateDataStreams: C:\ProgramData\TEMP:C46995DA [286] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2006-11-02 04:23 - 2007-03-20 02:16 - 000000904 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2860630475-1531993715-2310474269-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Angela\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg DNS Servers: 75.75.75.75 - 75.75.76.76 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 0) Windows Firewall is disabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. MSCONFIG\Services: sprtsvc_quickcare => 2 MSCONFIG\Services: SupportSoft RemoteAssist => 3 MSCONFIG\Services: tgsrvc_quickcare => 2 ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe ==================== Restore Points ========================= 30-10-2018 23:39:08 Removed Itibiti RTC ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (10/31/2018 03:23:40 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. System errors: ============= Error: (10/31/2018 05:12:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Windows Network Services (WVN11) service terminated unexpectedly. It has done this 1 time(s). Error: (10/31/2018 05:12:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Windows Audio Services (R1) service terminated unexpectedly. It has done this 1 time(s). Error: (10/31/2018 05:12:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Ppm Advertisement service terminated unexpectedly. It has done this 1 time(s). Error: (10/31/2018 05:12:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Burn Email Provider service terminated unexpectedly. It has done this 1 time(s). Error: (10/31/2018 03:23:40 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: cherimoya qrnfd_1_10_0_9 swsedrvr_vt_1_10_0_29 SymIRON {a55667f1-a319-4629-a8b6-a68d9d3313ee}Gt Error: (10/31/2018 03:23:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. Error: (10/31/2018 03:22:04 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 412) (User: NT AUTHORITY) Description: Event-ID 412 Error: (10/31/2018 03:22:04 PM) (Source: HTTP) (EventID: 15021) (User: ) Description: An error occured while using SSL configuration for socket address 70.164.133.242:63331. The error status code is contained within the returned data. CodeIntegrity: =================================== Date: 2018-10-31 17:17:58.396 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2018-10-31 17:17:57.476 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2018-10-31 17:17:56.602 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2018-10-31 17:17:55.697 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2018-10-31 17:17:41.235 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system. Date: 2018-10-31 17:17:40.346 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system. Date: 2018-10-31 17:17:39.441 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system. Date: 2018-10-31 17:17:38.568 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel® Pentium® Dual CPU T3400 @ 2.16GHz Percentage of memory in use: 52% Total physical RAM: 2037.69 MB Available physical RAM: 966.01 MB Total Virtual: 4312.66 MB Available Virtual: 3208.39 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:222.88 GB) (Free:161.61 GB) NTFS ==>[drive with boot components (obtained from BCD)] \\?\Volume{b27fdb1c-0ebe-11de-9864-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:10 GB) (Free:3.18 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 232.9 GB) (Disk ID: 88A5A4A5) Partition 1: (Not Active) - (Size=10 GB) - (Type=27) Partition 2: (Active) - (Size=222.9 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================ Quote "Confucius could give answer to that. Unfortunately, Confucius not here at moment.”
ExTS Admin Starbuck Posted November 1, 2018 ExTS Admin Posted November 1, 2018 Hi Rustys, Looks like Rogue Killer has cleaned up quite a bit for us. Let's deal with a few more items now. Please download the attached fixlist.txt file (bottom of this post) and save it to the Desktop. NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system Re-run FRST/FRST64 (which ever is installed ) and press the Fix button just once and wait. The tool will make a log on the Desktop (Fixlog.txt). Please post this in your next reply. In your next reply, also give me an update on how the system is running now. Thanksfixlist.txt Quote Member of:UNITE
Rustys Posted November 1, 2018 Author Posted November 1, 2018 How are we looking? As far as running better just need to fix some windows issues when we give it a clean bill of health. Fix result of Farbar Recovery Scan Tool (x86) Version: 24.10.2018 Ran by Angela (01-11-2018 14:19:42) Run:1 Running from C:\Users\Angela\Desktop Loaded Profiles: Angela (Available Profiles: Angela) Boot Mode: Normal ============================================== fixlist content: ***************** CloseProcesses: SearchScopes: HKU\S-1-5-21-2860630475-1531993715-2310474269-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Toolbar: HKU\S-1-5-21-2860630475-1531993715-2310474269-1000 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File S3 IpInIp; system32\DRIVERS\ipinip.sys [X] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] S1 qrnfd_1_10_0_9; system32\drivers\qrnfd_1_10_0_9.sys [X] S1 swsedrvr_vt_1_10_0_29; system32\drivers\swsedrvr_vt_1_10_0_29.sys [X] S3 vzandnetdiag; system32\DRIVERS\lgvzandnetdiag.sys [X] S3 vzandnetdiag2; system32\DRIVERS\lgvzandnetdiag2.sys [X] S3 vzandnetmodem; system32\DRIVERS\lgvzandnetmdm.sys [X] S3 vzandnetndis; system32\DRIVERS\lgvzandnetndis.sys [X] S1 {a55667f1-a319-4629-a8b6-a68d9d3313ee}Gt; system32\drivers\{a55667f1-a319-4629-a8b6-a68d9d3313ee}Gt.sys [X] Task: {00FF43E5-657C-4B78-B399-7ACBEF0A3292} - \Seventh -> No File <==== ATTENTION Task: {022DEE05-561E-4CA8-9E66-5E15E40FA6C9} - \DNSTANNERSVILLE -> No File <==== ATTENTION Task: {033CCE13-BDD9-4CB1-9DA7-D727FDDC0E42} - \avayvaxvaa -> No File <==== ATTENTION Task: {2C48990D-9649-4BD7-8E9F-DD99174E6408} - \Genius_Interval -> No File <==== ATTENTION Task: {38F1B313-1F9E-486F-81E2-B88C8BA48973} - \Genius -> No File <==== ATTENTION Task: {4A7287A7-CBDE-4977-BBA9-40E905E65DC6} - \UOEJSMCMOGWSTARU -> No File <==== ATTENTION Task: {A241D5E1-D344-4097-8319-D5932BEE465A} - \{05040C47-0805-0C05-0B11-0B0E05041109} -> No File <==== ATTENTION Task: {B35A6A11-D772-4D2D-B6D3-7664D58A3EE5} - \One System Care Task -> No File <==== ATTENTION Task: {B643A498-2E30-4C67-B841-A7AEDD004C4B} - \Sixth -> No File <==== ATTENTION Task: {DC5A0A70-9FE1-4847-8DC5-34F54A2B5E3B} - \System Healer Task -> No File <==== ATTENTION AlternateDataStreams: C:\ProgramData\TEMP:7631EA83 [118] AlternateDataStreams: C:\ProgramData\TEMP:9AB56A06 [122] AlternateDataStreams: C:\ProgramData\TEMP:C46995DA [286] CMD: ipconfig /flushdns Hosts: EmptyTemp: ***************** Processes closed successfully. "HKU\S-1-5-21-2860630475-1531993715-2310474269-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully. "HKU\S-1-5-21-2860630475-1531993715-2310474269-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C}" => removed successfully. HKLM\Software\Classes\CLSID\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} => not found HKLM\System\CurrentControlSet\Services\IpInIp => removed successfully. IpInIp => service removed successfully. HKLM\System\CurrentControlSet\Services\NwlnkFlt => removed successfully. NwlnkFlt => service removed successfully. HKLM\System\CurrentControlSet\Services\NwlnkFwd => removed successfully. NwlnkFwd => service removed successfully. HKLM\System\CurrentControlSet\Services\qrnfd_1_10_0_9 => removed successfully. qrnfd_1_10_0_9 => service removed successfully. HKLM\System\CurrentControlSet\Services\swsedrvr_vt_1_10_0_29 => removed successfully. swsedrvr_vt_1_10_0_29 => service removed successfully. HKLM\System\CurrentControlSet\Services\vzandnetdiag => removed successfully. vzandnetdiag => service removed successfully. HKLM\System\CurrentControlSet\Services\vzandnetdiag2 => removed successfully. vzandnetdiag2 => service removed successfully. HKLM\System\CurrentControlSet\Services\vzandnetmodem => removed successfully. vzandnetmodem => service removed successfully. HKLM\System\CurrentControlSet\Services\vzandnetndis => removed successfully. vzandnetndis => service removed successfully. HKLM\System\CurrentControlSet\Services\{a55667f1-a319-4629-a8b6-a68d9d3313ee}Gt => removed successfully. {a55667f1-a319-4629-a8b6-a68d9d3313ee}Gt => service removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{00FF43E5-657C-4B78-B399-7ACBEF0A3292}" => removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{00FF43E5-657C-4B78-B399-7ACBEF0A3292}" => removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Seventh" => removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{022DEE05-561E-4CA8-9E66-5E15E40FA6C9}" => removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{022DEE05-561E-4CA8-9E66-5E15E40FA6C9}" => removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DNSTANNERSVILLE" => removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{033CCE13-BDD9-4CB1-9DA7-D727FDDC0E42}" => removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{033CCE13-BDD9-4CB1-9DA7-D727FDDC0E42}" => removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avayvaxvaa" => removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2C48990D-9649-4BD7-8E9F-DD99174E6408}" => removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C48990D-9649-4BD7-8E9F-DD99174E6408}" => removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Genius_Interval" => removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{38F1B313-1F9E-486F-81E2-B88C8BA48973}" => removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38F1B313-1F9E-486F-81E2-B88C8BA48973}" => removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Genius" => removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4A7287A7-CBDE-4977-BBA9-40E905E65DC6}" => removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A7287A7-CBDE-4977-BBA9-40E905E65DC6}" => removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UOEJSMCMOGWSTARU" => removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A241D5E1-D344-4097-8319-D5932BEE465A}" => removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A241D5E1-D344-4097-8319-D5932BEE465A}" => removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{05040C47-0805-0C05-0B11-0B0E05041109}" => removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B35A6A11-D772-4D2D-B6D3-7664D58A3EE5}" => removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B35A6A11-D772-4D2D-B6D3-7664D58A3EE5}" => removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\One System Care Task" => removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B643A498-2E30-4C67-B841-A7AEDD004C4B}" => removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B643A498-2E30-4C67-B841-A7AEDD004C4B}" => removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Sixth" => removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DC5A0A70-9FE1-4847-8DC5-34F54A2B5E3B}" => removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC5A0A70-9FE1-4847-8DC5-34F54A2B5E3B}" => removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\System Healer Task" => removed successfully. C:\ProgramData\TEMP => ":7631EA83" ADS removed successfully. C:\ProgramData\TEMP => ":9AB56A06" ADS removed successfully. C:\ProgramData\TEMP => ":C46995DA" ADS removed successfully. ========= ipconfig /flushdns ========= Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========= End of CMD: ========= C:\Windows\System32\Drivers\etc\hosts => moved successfully Hosts restored successfully. =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 2179257 B Java, Flash, Steam htmlcache => 523 B Windows/system/drivers => 2702 B Edge => 0 B Chrome => 0 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Users => 0 B Default => 66600 B Public => 0 B ProgramData => 0 B systemprofile => 50869435 B LocalService => 132244 B NetworkService => 66228 B Angela => 417160 B RecycleBin => 0 B EmptyTemp: => 59.2 MB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 14:20:20 ==== Quote "Confucius could give answer to that. Unfortunately, Confucius not here at moment.”
ExTS Admin Starbuck Posted November 1, 2018 ExTS Admin Posted November 1, 2018 Hi Rustys, The FRST fix did it's job. :) Looking a lot better now. You might want to look into this.... Windows Firewall is disabled. Click Start... Control Panel Then click on the Security button. Under Windows Firewall... click on Turn Windows Firewall on or off. Make sure the ON (recommended) is selected.... then click Apply and Ok. Let's run a double check on things now. I'd like us to scan your machine with ESET OnlineScan This process may may take several hours, that is normal. Download esetsmartinstaller_enu.exe and save it to your Desktop Double click the icon Check YES, I accept the Terms of Use Click the Start button Accept any security warnings from your browser Click Advanced settings Check the following items Enable detection of potentially unwanted applications Remove found threats Scan archives Scan for potentially unsafe applications Enable Anti-Stealth technology Click Start ESET will then download updates and begin scanning your computer If no threats are found simply click Uninstall application on close and hit Finish If threats are found click List of found threats Click Export to text file Save the file on your Desktop as ESET.txt Click Back Click Finish Close the ESET Online Scanner window Copy and paste the contents of ESET.txt in your next reply Quote Member of:UNITE
ExTS Admin Starbuck Posted November 1, 2018 ExTS Admin Posted November 1, 2018 Have just double checked the FRST report and have noticed that I've missed a few leftover entries for Norton AV. These should be removed. Please download the attached fixlist.txt file (bottom of this post) and save it to the Desktop. NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system Re-run FRST/FRST64 (which ever is installed ) and press the Fix button just once and wait. The tool will make a log on the Desktop (Fixlog.txt). Please post this in your next reply.fixlist.txt Quote Member of:UNITE
Rustys Posted November 1, 2018 Author Posted November 1, 2018 Here is the log for FRST Currently running the Eset Online scan Fix result of Farbar Recovery Scan Tool (x86) Version: 24.10.2018 Ran by Angela (01-11-2018 21:08:00) Run:2 Running from C:\Users\Angela\Desktop Loaded Profiles: Angela (Available Profiles: Angela) Boot Mode: Normal ============================================== fixlist content: ***************** CloseProcesses: R0 SymDS; C:\Windows\System32\drivers\NAV\1302000.00A\SYMDS.SYS [340088 2011-07-25] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\NAV\1302000.00A\SYMEFA.SYS [897656 2011-09-26] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [127096 2011-12-29] (Symantec Corporation) S1 SymIRON; C:\Windows\system32\drivers\NAV\1302000.00A\Ironx86.SYS [149624 2011-07-25] (Symantec Corporation) R1 SYMTDIv; C:\Windows\System32\Drivers\NAV\1302000.00A\SYMTDIV.SYS [344184 2011-07-25] (Symantec Corporation) EmptyTemp: ***************** Processes closed successfully. SymDS => Unable to stop service. HKLM\System\CurrentControlSet\Services\SymDS => removed successfully. SymDS => service removed successfully. SymEFA => Unable to stop service. HKLM\System\CurrentControlSet\Services\SymEFA => removed successfully. SymEFA => service removed successfully. SymEvent => Unable to stop service. HKLM\System\CurrentControlSet\Services\SymEvent => removed successfully. SymEvent => service removed successfully. HKLM\System\CurrentControlSet\Services\SymIRON => removed successfully. SymIRON => service removed successfully. SYMTDIv => Unable to stop service. HKLM\System\CurrentControlSet\Services\SYMTDIv => removed successfully. SYMTDIv => service removed successfully. =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4270674 B Java, Flash, Steam htmlcache => 0 B Windows/system/drivers => 1796 B Edge => 0 B Chrome => 0 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Users => 0 B Default => 0 B Public => 0 B ProgramData => 0 B systemprofile => 66228 B LocalService => 0 B NetworkService => 0 B Angela => 32658 B RecycleBin => 0 B EmptyTemp: => 12.2 MB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 21:08:30 ==== Quote "Confucius could give answer to that. Unfortunately, Confucius not here at moment.”
ExTS Admin Starbuck Posted November 1, 2018 ExTS Admin Posted November 1, 2018 Ok, that's good. Sorry I missed those entries earlier. Let's see if Eset finds anything. Quote Member of:UNITE
Rustys Posted November 1, 2018 Author Posted November 1, 2018 Sorry I missed those entries earlier. Do not worry about it, Let's see if Eset finds anything. Yes it did according to it found a few. C:\Users\All Users\DataFile\Downloads\Windi.exe a variant of MSIL/FakeAlert.P trojan C:\Users\All Users\Windows VXM\program\newver_572_1.8.5.0.exe multiple threats C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\SearchProtect\bin\cltmng.exe#E16E56491663406A a variant of Win32/Conduit.SearchProtect.Y potentially unwanted application cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\SearchProtect\bin\RN32.dll#D4C94DF112260BFA a variant of Win32/ClientConnect.A potentially unwanted application cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\SearchProtect\bin\SPtool64.exe#B365561379F9BB51 a variant of Win32/ClientConnect.A potentially unwanted application cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\SearchProtect\bin\VC32.dll#9E8236F8E2B7DEFA a variant of Win32/ClientConnect.A potentially unwanted application cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\SearchProtect\bin\VC32Loader.dll#02CB9F4AAFAD6069 a variant of Win32/ClientConnect.A potentially unwanted application cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\SearchProtect\bin\VC64.dll#69638C6E380DA9F4 a variant of Win32/ClientConnect.A potentially unwanted application cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\SearchProtect\bin\VC64Loader.dll#63D391BD3A5E9589 a variant of Win32/ClientConnect.A potentially unwanted application cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\UI\bin\cltmngui.exe#314EBA5B2CB6F56F a variant of Win32/Conduit.SearchProtect.Y potentially unwanted application cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\UI\dialogs\settings.html#1A39B34BBAE6D0AF Win32/Conduit.SearchProtect.AQ potentially unwanted application cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\UI\dialogs\Consent\consent.html#2D79354157F663CA Win32/Conduit.SearchProtect.AM potentially unwanted application cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\UI\dialogs\Consent\consent.js#5757C82C452F190B JS/Conduit.SearchProtect.A potentially unwanted application cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\UI\dialogs\libs\DialogAPI.js#C5E0379AB542E171 JS/Conduit.SearchProtect.I potentially unwanted application cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\UI\dialogs\libs\main.js#D80A8417BB4CCA58 JS/Conduit.SearchProtect.A potentially unwanted application cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\UI\dialogs\protection\protection.html#7EE8F346FFF3316B Win32/Conduit.SearchProtect.AZ potentially unwanted application cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\UI\dialogs\protection\protection.js#507A060638D671CE JS/Conduit.SearchProtect.A potentially unwanted application cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\UI\dialogs\protectionDS\protectionDS.html#EC62508BC21E7D47 Win32/Conduit.SearchProtect.AZ potentially unwanted application cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\UI\dialogs\protectionDS\protectionDS.js#68C64C2C3F4EFBDF JS/Conduit.SearchProtect.A potentially unwanted application cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\UI\dialogs\settings\settings.html#1A39B34BBAE6D0AF Win32/Conduit.SearchProtect.AR potentially unwanted application cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\UI\dialogs\settings\settings.js#446DAEB85E650D3D JS/Conduit.SearchProtect.A potentially unwanted application cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\UI\dialogs\uninstall\uninstall.html#FD7EF4923717CB8A Win32/Conduit.SearchProtect.AN potentially unwanted application cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\UI\dialogs\uninstall\uninstall.js#67A6EA7E226CC2B8 JS/Conduit.SearchProtect.D potentially unwanted application cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\10\Seventh\userid.dll#38B3CD4460CD32E5 a variant of Win32/Adware.Snoozer.T application cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\105\LolliScan\NSISHelper.dll#9AE7A58C7F87AA87 a variant of Win32/Adware.CouponMarvel.Q application cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\13\QualityChecker\loader.exe#EAEA871AE1693D63 Win32/TrojanProxy.Agent.NZV trojan cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\13\QualityChecker\QC.exe#E9226A7F8645D4F6 Win32/TrojanProxy.Agent.NZV trojan cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\13\QualityChecker\qc.sys#E2D1CD4D697ECD7F Win32/TrojanProxy.Agent.NZV trojan cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\13\QualityChecker\uninstall.exe#5A462DAA1FEC4A84 Win32/Adware.ConvertAd.AKJ application cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\141\SHOPPERZ\krios.dll#CDE5F7F0893CD4E7 a variant of Win32/Toolbar.Perion.V potentially unwanted application cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\142\GMSD_US_005010193\gamesdesktop_widget.exe#A8E2C064354C9ABB a variant of Win32/AdWare.EoRezo.AU application cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\142\GMSD_US_005010193\gmsd_us_005010193.exe#EECCC429DA04DE2E a variant of Win32/AdWare.EoRezo.AU application cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\142\GMSD_US_005010193\predm.exe#F0074EFFBCAC8F97 a variant of Win32/Adware.EoRezo.BG application cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\143\GMSD_US_005010199\gamesdesktop_widget.exe#A8E2C064354C9ABB a variant of Win32/AdWare.EoRezo.AU application cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\143\GMSD_US_005010199\gmsd_us_005010199.exe#C060911A56151F03 a variant of Win32/AdWare.EoRezo.AU application cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\143\GMSD_US_005010199\predm.exe#F0074EFFBCAC8F97 a variant of Win32/Adware.EoRezo.BG application cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\144\GMSD_US_005010200\gamesdesktop_widget.exe#A8E2C064354C9ABB a variant of Win32/AdWare.EoRezo.AU application cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\144\GMSD_US_005010200\gmsd_us_005010200.exe#45874345B3084777 a variant of Win32/AdWare.EoRezo.AU application cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\144\GMSD_US_005010200\predm.exe#F0074EFFBCAC8F97 a variant of Win32/Adware.EoRezo.BG application cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\151\{05040C47-0805-0C05-0B11-0B0E05041109}#6B57E743D23A6AD3 XML/Adware.Adposhel.A application cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\154\{05040C47-0805-0C05-0B11-0B0E05041109}.job#C5D640FC51327471 PowerShell/Adware.Adposhel.A application cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\155\{080A7E47-0B08-0B0F-0411-0A047D0E1178}.job#824E8D4D5F04C48B PowerShell/Adware.Adposhel.A application cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\16\SPPD.sys#3568F526C3A3DD83 a variant of Win32/ClientConnect.C potentially unwanted application cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\163\{A55667F1-A319-4629-A8B6-A68D9D3313EE}GT.SYS#446F43D9D9D40BA5 a variant of Win32/BrowseFox.AR potentially unwanted application cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\8\avayvaxvaa\avayvaxvaa.exe#27AED5D865681F8D a variant of Win32/Conduit.SearchProtect.Y potentially unwanted application cleaned by deleting C:\AdwCleaner\Quarantine\v1\20070320.011634\8\avayvaxvaa\pbqrmvbub#8837EC338DA3662C a variant of Win32/ClientConnect.A potentially unwanted application cleaned by deleting C:\Program Files\Windows Audio\R1\AudioSrv.exe a variant of Win32/Adware.Dowsserve.A application cleaned by deleting C:\Program Files\Windows Audio\R1\WmiPrvSD.exe a variant of Win32/Adware.Dowsserve.B application cleaned by deleting C:\Program Files\Windows Network Accelerater\v3\vxmclient.exe a variant of Win32/Adware.Dowsserve.E application cleaned by deleting C:\Program Files\Windows Network Accelerater\v3\winvxm.exe a variant of Win32/Adware.Dowsserve.C application cleaned by deleting C:\Program Files\Windows Network Accelerater\v5\vxmclient.exe a variant of Win32/Adware.Dowsserve.E application cleaned by deleting C:\Program Files\Windows Network Accelerater\v5\winvxm.exe a variant of Win32/Adware.Dowsserve.C application cleaned by deleting C:\Program Files\Windows Network Services\v9\network.exe a variant of Win32/Adware.Dowsserve.F application cleaned by deleting C:\Program Files\Windows Network Services\v9\wmnserv.exe a variant of Win32/Adware.Dowsserve.F application cleaned by deleting (after the next restart) C:\ProgramData\DataFile\Downloads\Windi.exe a variant of MSIL/FakeAlert.P trojan cleaned by deleting C:\ProgramData\Malwarebytes\MBAMService\09875aec-dcd9-11e8-ba93-0003254135cb Win32/TrojanProxy.Agent.NZV trojan cleaned by deleting (after the next restart) C:\ProgramData\Windows VXM\program\newver_572_1.8.5.0.exe multiple threats cleaned by deleting C:\Users\All Users\Malwarebytes\MBAMService\09875aec-dcd9-11e8-ba93-0003254135cb Win32/TrojanProxy.Agent.NZV trojan cleaned by deleting (after the next restart) C:\Users\Angela\AppData\Local\gmsd_us_005010193\upgmsd_us_005010193.exe a variant of Win32/Adware.EoRezo.AJ application cleaned by deleting C:\Users\Angela\AppData\Local\gmsd_us_005010193\Download\myoffergroup_us6.exe multiple threats cleaned by deleting C:\Users\Angela\AppData\Local\gmsd_us_005010199\upgmsd_us_005010199.exe a variant of Win32/Adware.EoRezo.AJ application cleaned by deleting C:\Users\Angela\AppData\Local\gmsd_us_005010199\Download\myoffergroup_us6.exe multiple threats cleaned by deleting C:\Users\Angela\AppData\Local\gmsd_us_005010200\upgmsd_us_005010200.exe a variant of Win32/Adware.EoRezo.AJ application cleaned by deleting C:\Users\Angela\AppData\Roaming\74697254-1425516543-2D2D-2D2D-0003254135CB\rnsqAFCB.exe a variant of Win32/Adware.ConvertAd.GM application cleaned by deleting C:\Users\Angela\AppData\Roaming\74697254-1425516543-2D2D-2D2D-0003254135CB\Uninstall.exe Win32/Adware.ConvertAd.EB application cleaned by deleting C:\Users\Angela\AppData\Roaming\FrostWire\.AppSpecialShare\frostwire-4.21.3.windows.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application cleaned by deleting Quote "Confucius could give answer to that. Unfortunately, Confucius not here at moment.”
ExTS Admin Starbuck Posted November 1, 2018 ExTS Admin Posted November 1, 2018 Seems that Eset did get those last 2 entries: C:\ProgramData\DataFile\Downloads\Windi.exe a variant of MSIL/FakeAlert.P trojan cleaned by deleting C:\ProgramData\Windows VXM\program\newver_572_1.8.5.0.exe multiple threats cleaned by deleting So everything malicious that can be seen, has now been removed. Give the system awhile to run and if nothing untoward is thrown up I'll finish off tomorrow evening. Quote Member of:UNITE
Rustys Posted November 2, 2018 Author Posted November 2, 2018 Thank you for all that you have done. Take some extra vacation days out of the vacation fund. Quote "Confucius could give answer to that. Unfortunately, Confucius not here at moment.”
ExTS Admin Starbuck Posted November 2, 2018 ExTS Admin Posted November 2, 2018 Thank you for all that you have done. No problem at all. Take some extra vacation days out of the vacation fund. Funny you should say that .... I leave in a few hours lol. Let's finish the cleaning process and remove the tools we have used. Step 1 FRST can now be removed: Right click on the FRST icon and select delete. Right click on any fixlog.txt or fixlist.txt files and select delete. Navigate to: C:\frst and delete the frst folder Step 2 RogueKiller AntiMalware can be removed using the add/Remove Programs feature in Control Panel. Step 3 To remove AdwCleaner Restart AdwCleaner ... click on the Uninstall button from the main screen. This will remove all the files created and the program. Step 4 Eset can be removed using the add/Remove Programs feature in Control Panel. Glad I was able to help. Safe surfing. Quote Member of:UNITE
Rustys Posted November 2, 2018 Author Posted November 2, 2018 Thank you for all the assist. Now just need to update and patch. Quote "Confucius could give answer to that. Unfortunately, Confucius not here at moment.”
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.